On Tue, May 26, 2015 at 03:48:34PM -0400, Stefan Berger wrote:
This patch implements the specification found here:
http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interfa...
It adds the necessary BIOS code so that for example an administrator can send messages from the OS to the BIOS for the BIOS to change the state of the TPM upon reboot. With the help of this interface, an administrator does not have to manually interact with the BIOS.
As an example, on Linux the root use can send an opcode to the BIOS through the TPM's sysfs entries following the opcodes listed in table 2 of the above specs. To for example disable and deactivate the TPM, the root user would send opcode '7' to the BIOS:
#> cd /sys/devices/pnp0/00:0?/ppi
#> echo 7 > request
#> reboot
Given that this patch is dependent on upstream QEMU changes, I think it needs to wait until the upstream support is committed.
-Kevin