Hi,
I'll try modifying the Setup/Miscs/Setup.ini from CustomizationSample/Boards/Qemu to enable ftpm
and generate an external payload but when boot with this coreboot.rom flashed I only get a black
screen once the tianocore is executed with the next traces:
BS: BS_PAYLOAD_LOAD times (us): entry 0 run 101395 exit 0 Jumping to boot code at 006009a0(8fe0f000) CPU0: stack: 8ff20000 - 8ff21000, lowest used address 8ff205e0, stack used: 2592 bytes PROGRESS CODE: V03020003 I0 PROGRESS CODE: V03020002 I0 PROGRESS CODE: V03020003 I0 PROGRESS CODE: V03020002 I0 PROGRESS CODE: V03020003 I0 PROGRESS CODE: V03021001 I0 PROGRESS CODE: V03040003 I0 PROGRESS CODE: V03040002 I0 PROGRESS CODE: V03040003 I0 PROGRESS CODE: V03040002 I0
I've tried mixing the dsc, dec and fdf files from the edk2-staging and the CorebootPayloadPkg ones but
no TPM menu in the device manager menu is shown. I'm using
NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
instead of
NULL|UefiPayloadPkg/Library/Tpm2InstanceLib/Tpm2InstanceLib.inf
Is it correct? Or I have to integrate this library in the CorebootPayloadPkg?
Now I'm trying with the tianocore master version instead of the stable one.
Do you know if there is a TPM menu shown in the device manager menu once is detected? How the TPM2 is detected?
Do you have a "generic" CustomizationSample/Board?
I think it's more complicated that I expected!
Any hint is welcome!
Jorge ________________________________ De: coreboot coreboot-bounces@coreboot.org en nombre de Jorge Fernandez Monteagudo jorgefm@cirsa.com Enviado: jueves, 20 de septiembre de 2018 10:31:20 Para: You, Benjamin; coreboot@coreboot.org Asunto: Re: [coreboot] Tianocore and TPM
Hi Ben,
Adding the 'generic' board it's an interesting option as a starting point to develop/porting to new boards.
I'll try your suggestion to incorporate the changes from dsc and fdf files to my current working Tianocore coreboot payload.
I'll report back the results!
Thanks!
Jorge
________________________________ De: You, Benjamin benjamin.you@intel.com Enviado: jueves, 20 de septiembre de 2018 10:21:55 Para: Jorge Fernandez Monteagudo; coreboot@coreboot.org Asunto: RE: [coreboot] Tianocore and TPM
Hi Jorge,
You could use UEFI Payload's .dsc and .fdf files as a reference and modify the TianoCore CorebootPayload's .dsc and .fdf files accordingly for those TPM related modules.
UEFI Payload is under development (in staging area) and hasn't reached the quality standard required by EDKII master.
On CustomizationSample/Boards, yes it is required. However, a board's content may be trivial (as in the Qemu folder). Per your suggestion, probably we can add a board named "generic" that has all the minimalized settings so user won't have to create a new one if the "generic" one meets the needs.
Thanks!
- ben
From: Jorge Fernandez Monteagudo [mailto:jorgefm@cirsa.com] Sent: Thursday, September 20, 2018 3:24 PM To: You, Benjamin benjamin.you@intel.com; coreboot@coreboot.org Subject: Re: Tianocore and TPM
Hi Ben!
Thanks for the info! I have one question. Have I to implement a CustomizationSample/Boards for my board? With the current tianocore payload I don't have to implement nothing to have a working UEFI...
Thanks! Jorge
________________________________________ De: You, Benjamin benjamin.you@intel.com Enviado: jueves, 20 de septiembre de 2018 3:42:33 Para: Jorge Fernandez Monteagudo; coreboot@coreboot.org Asunto: RE: Tianocore and TPM
Hi,
Another note is on the use of NULL|UefiPayloadPkg/Library/Tpm2InstanceLib/Tpm2InstanceLib.inf. This lib is not fully populated right now.
Please consider using NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf depending on your needs.
Thanks,
- ben
From: coreboot [mailto:coreboot-bounces@coreboot.org] On Behalf Of You, Benjamin Sent: Thursday, September 20, 2018 8:44 AM To: Jorge Fernandez Monteagudo jorgefm@cirsa.com; coreboot@coreboot.org Subject: Re: [coreboot] Tianocore and TPM
Hi Jorge,
The staging UEFI Payload project (https://github.com/tianocore/edk2-staging/tree/UEFIPayload) has TPM support (although turned off by default, and using "FTPM" as the name (which needs to be fixed)).
Please have a look at UefiPayloadPkgIA32X64.dsc for the components under tag "$(FTPM_ENABLE)". These components mainly do the measuring of firmware components and log the results.
Also there is parsing logic in Library/PlatformInfoParseLib/ParseLib.c that parses TPM info in ACPI table passed from Coreboot. (This logic hasn't been sufficiently verified as this is still a "staging" project).
You might have a try. Please let us know if you see any bugs / problems in these. You might also use the EDKII mailing list for discussing issues with the UEFI Payload.
Thanks,
- ben
From: coreboot [mailto:coreboot-bounces@coreboot.org] On Behalf Of Jorge Fernandez Monteagudo Sent: Wednesday, September 19, 2018 5:24 PM To: coreboot@coreboot.org Subject: [coreboot] Tianocore and TPM
Hi all!
I'm trying to enable the TPM2 support in the tianocore payload. The TPM2 device is working, because I've enabled the DEBUG_TPM and coreboot reports is up. I guess that I have to modify the 'CorebootPayloadPkgIa32X64.dsc' file to enable the TPM support but there are so many dependencies. Anybody has a working tianocore payload with TPM?
Thanks!