[SeaBIOS] [PATCH v8 0/8] Add TPM support to SeaBIOS
Stefan Berger
stefanb at us.ibm.com
Wed Jul 2 17:38:44 CEST 2014
This is a repost of a series of patches providing TPM support to SeaBIOS.
As an addition, this patch series now works on the Acer C720 Chromebook
with limitations (S3 not getting invoked; no logging into TCPA table).
The patch series cleanly applies to a checkout of tags/rel-1.7.5.
The following set of patches add TPM and Trusted Computing support to SeaBIOS.
In particular the patches add:
- a TPM driver for the Qemu's TPM TIS emulation (not yet in Qemu git)
- ACPI support for the TPM device (SSDT table)
- ACPI support for measurement logging (TCPA table)
- Support for initialzation of the TPM
- Support for the TCG BIOS extensions (1ah handler [ah = 0xbb])
(used by trusted grub; http://trousers.sourceforge.net/grub.html)
- Static Root of Trusted for Measurement (SRTM) support
- Support for S3 resume (sends command to TPM upon resume)
- TPM-specific menu for controlling aspects of the TPM
All implementations necessarily follow specifications.
When all patches are applied the following services are available
- SSDT ACPI table for TPM support
- initialization of the TPM upon VM start and S3 resume
- Static root of trust for measurements (SRTM) that measures (some) data
of SeaBIOS in TCPA ACPI table
- 1ah interrupt handler offering APIs for measuring and sending commands to
the TPM (trusted grub uses them)
- User menu for controlling aspects of the state of the TPM
Stefan Berger (8):
Add an implementation of a TPM TIS driver
Provide ACPI SSDT table for TPM device + S3 resume support
Implementation of the TCG BIOS extensions
Support for BIOS interrupt handler
Add 'measurement' code to the BIOS
Add a menu for TPM control
Add a menu item for displaying TPM diagnostics
Make the TPM menu work on a Chromebook (Acer C720)
Makefile | 12 +-
src/Kconfig | 15 +
src/boot.c | 28 +-
src/cdrom.c | 10 +
src/clock.c | 12 +
src/config.h | 1 +
src/fw/acpi-tpm-ssdt.dsl | 24 +
src/fw/acpi-tpm-ssdt.hex | 27 +
src/fw/acpi.c | 41 +
src/hw/tpm_drivers.c | 273 ++++++
src/hw/tpm_drivers.h | 91 ++
src/optionroms.c | 4 +
src/post.c | 9 +
src/resume.c | 2 +
src/sha1.c | 145 +++
src/sha1.h | 8 +
src/std/acpi.h | 20 +
src/tcgbios.c | 2208 ++++++++++++++++++++++++++++++++++++++++++++++
src/tcgbios.h | 431 +++++++++
src/util.h | 32 +
20 files changed, 3388 insertions(+), 5 deletions(-)
create mode 100644 src/fw/acpi-tpm-ssdt.dsl
create mode 100644 src/fw/acpi-tpm-ssdt.hex
create mode 100644 src/hw/tpm_drivers.c
create mode 100644 src/hw/tpm_drivers.h
create mode 100644 src/sha1.c
create mode 100644 src/sha1.h
create mode 100644 src/tcgbios.c
create mode 100644 src/tcgbios.h
--
1.8.1.4
More information about the SeaBIOS
mailing list