On 09/08/2011 03:45 PM, Sven Schnelle wrote:
Hi Stefan,
Stefan Bergerstefanb@linux.vnet.ibm.com writes:
On 09/08/2011 02:47 AM, Sven Schnelle wrote:
Stefan Bergerstefanb@linux.vnet.ibm.com writes:
Would anybody be interested in testing the TPM support I added to
SeaBIOS. I unfortunately don't have a motherboard myself where I could try it. I have added the support to SeaBIOS for the TPM device model in Qemu. What you would need for trying it is a motherboard with a TPM 1.2 on it. The SeaBIOS TPM support should recognize it, initialize the TPM and allow the user to enter another SeaBIOS menu.
I have coreboot + seabios running on Thinkpad X60s and T60p. IIRC both models have TPM onboard. I could give it a try, but i don't know if i have to add any code to coreboot for HW initialization. Actually i have no clue how TPM works, never played with it so far... :)
Could you pick up the patches from the SeaBIOS mailing list and try them? The latest patches were posted in this thread:
http://www.seabios.org/pipermail/seabios/2011-August/002252.html
I've applied your TPM/TCG patches to seabios. I've seen that CONFIG_TCGBIOS depends on !COREBOOT. Is there a specific reason for this?
I believe the reason for this is that SeaBIOS's ACPI table support is not compiled in if compiled for COREBOOT. At least some part of the TPM support does depend on the ACPI tables, i.e., for all the logging.
tis_probe() failed to read the Device/Vendor ID from the MMIO space. Linux detects the TPM device and can read the register:
[ 0.549893] tpm_tis 00:0a: 1.2 TPM (device-id 0x3202, rev-id 5)
After i added the following, seabios was able to read the DID_VID register:
diff --git a/src/tpm_drivers.c b/src/tpm_drivers.c index e03c9bd..7103d54 100644 --- a/src/tpm_drivers.c +++ b/src/tpm_drivers.c @@ -28,6 +28,8 @@ static u32 tpm_default_durations[3] = { static u32 tis_probe(void) { u32 rc = 0;
- writeb(TIS_REG(0, TIS_REG_ACCESS), TIS_ACCESS_REQUEST_USE);
I suppose reading 'didvid' returned 0xFFFFFFFF before? I am surprised that these most basic registers are 'hidden' if the locality is not in use. This for sure isn't the case for registers of other localities where one can read at least the state if another locality is currently active.
u32 didvid = readl(TIS_REG(0, TIS_REG_DID_VID)); if ((didvid != 0)&& (didvid != 0xffffffff))
After that i was able to read the IDs. However, this made my Thinkpad take about 15s until seabios showed the SeaBIOS version line on the screen. SeaBIOS also didn't show the F11 message.
I haven't tried to debug that further - fear that this will have to wait for the weekend. Just want to send you the results from the first (short) test.
Let me know how this went. Maybe enabling the debugging messages shows something useful. Try setting the DEBUG_tcg to 0 in src/config.h.
Stefan
Sven