[SeaBIOS] [PATCH 2/8] tpm: No need to check the return status of measurements
Xu, Quan
quan.xu at intel.com
Fri Jan 1 10:52:32 CET 2016
On 31.12.2015 at 8:10am, <stefanb at linux.vnet.ibm.com> wrote:
> On 12/30/2015 02:31 PM, Kevin O'Connor wrote:
> > The low-level measurement functions already handle error conditions,
> > there is no need to check for the errors in the high level measurement
> > functions.
> >
> > Signed-off-by: Kevin O'Connor <kevin at koconnor.net>
> > ---
>
> > @@ -507,7 +478,12 @@ tpm_setup(void)
> > if (runningOnXen())
> > return;
>
> This looks like a for Xen where we will be missing too much. Cc'in Xu Quan for
> this. I think Xen likely only wants to skip the TPM_Startup in
> tpm_startup() but not the retrieval of the durations and timeouts and so on. This
> part may need to move.
>
IMO, I think it is still need these code for Xen vtpm.
HVM virtual machine's tpm_tis driver and PV virtual machine's xen_tpmfront driver get the timeout/durations based on 'TPM_GetCapability' cmd.
It doesn't base on seabios.
Now the seabios provides 2 functions for xen vtpm:
1. ACPI
2.Initialize some registers.
Cced Graaf for double check.
> >
> > - tpm_startup();
> > + ret = tpm_startup();
> > + if (ret)
> > + return;
> > +
> > + tpm_smbios_measure();
> > + tpm_add_action(2, "Start Option ROM Scan");
> > }
>
So for, it does not support passing on TPM cmd to vTPM in seabios. It can't extend/write these measure to vTPM on Xen.
So It does not necessary for Xen vtpm now.
-Quan
More information about the SeaBIOS
mailing list