I saw a feature enhancement request go in about supporting the TCG TPM chip in LinuxBIOS. We're interested in helping that effort. Is there anyone leading the charge? Or, by virtue of mentioning it, do I become the defacto lead ;-) ? Are there any thoughts as to how to best measure the LinuxBIOS and FILO portions and extend them into the PCRs?
Regards,
Mike
On Thu, May 03, 2007 at 01:27:01PM -0400, Mike Anderson wrote:
I saw a feature enhancement request go in about supporting the TCG TPM chip in LinuxBIOS. We're interested in helping that effort. Is there anyone leading the charge? Or, by virtue of mentioning it, do I become the defacto lead ;-) ?
I think so, hehe. :)
Are there any thoughts as to how to best measure the LinuxBIOS and FILO portions and extend them into the PCRs?
Seems this is covered by the TCG PC Specific Implementation Specification.
--8<-- TCG PC spec p6 This document serves as implementation reference document for the 32-bit PC architecture. Specifically, this document defines:
· Usage of PCR registers in the Pre-Boot state through the transition to Post-Boot state.
· How the BIOS, or a component thereof, functions as the Core Root of Trust for Measurement (CRTM).
· Programmatic Interfaces to the BIOS as it performs the functions of the TCG Subsystem (TSS and access to the TPM)
· Behavior entering, during, and exiting power and initialization states.
· Guidelines for Option ROMS. -->8--
https://www.trustedcomputinggroup.org/specs/PCClient/
//Peter
* Mike Anderson mike@theptrgroup.com [070503 19:27]:
Are there any thoughts as to how to best measure the LinuxBIOS and FILO portions and extend them into the PCRs?
One spontaneous note: FILO will probably become obsolete pretty soon and be replaced by GRUB2.
Stefan
Stefan Reinauer wrote:
- Mike Anderson mike@theptrgroup.com [070503 19:27]:
Are there any thoughts as to how to best measure the LinuxBIOS and FILO portions and extend them into the PCRs?
One spontaneous note: FILO will probably become obsolete pretty soon and be replaced by GRUB2.
Where can I get GRUB2 and does it support USB booting?
Thanks!
-- Al
On Thu, May 03, 2007 at 01:27:01PM -0400, Mike Anderson wrote:
I saw a feature enhancement request go in about supporting the TCG TPM chip in LinuxBIOS. We're interested in helping that effort. Is there anyone leading the charge? Or, by virtue of mentioning it, do I become the defacto lead ;-) ?
The latter ;-)
Are there any thoughts as to how to best measure the LinuxBIOS and FILO portions and extend them into the PCRs?
Haven't yet thought about this. But one question is more interesting for me at the moment -- what early hardware initialization is needed for the setup (if at all)? Is the setup documented somewhere? Is there a standard (for the low-level init, mind you!) or is this completely vendor-dependent?
Does the init have to work before the RAM is initialized, or can it be done after RAM works?
Do we have public datasheets for this stuff? Any datasheets at all?
Uwe.
* Uwe Hermann uwe@hermann-uwe.de [070505 00:08]:
Do we have public datasheets for this stuff? Any datasheets at all?
There are Linux drivers for it.
On Sat, May 05, 2007 at 12:57:23AM +0200, Stefan Reinauer wrote:
- Uwe Hermann uwe@hermann-uwe.de [070505 00:08]:
Do we have public datasheets for this stuff? Any datasheets at all?
There are Linux drivers for it.
Device drivers, yes. But do we need to initialize anything before Linux can use the hardware? If so, do we have good enough datasheets for that?
Sorry, I don't currently own hardware with a TPM chip, so I cannot help directly.
Uwe.
Do we have public datasheets for this stuff? Any datasheets at all?
There are Linux drivers for it.
Device drivers, yes. But do we need to initialize anything before Linux can use the hardware?
Yes. You need to first configure the TPM's address and interrupt, and then tell the TPM to start up.
If so, do we have good enough datasheets for that?
The second part is the same for all TPM chips and described in the TPM spec; the first part you might be able to derive from the Linux drivers.
Segher
-
Al Boldi -
Mike Anderson -
Peter Stuge -
Segher Boessenkool -
Stefan Reinauer -
Uwe Hermann