On Tue, May 26, 2015 at 03:48:34PM -0400, Stefan Berger wrote:
This patch implements the specification found here:
It adds the necessary BIOS code so that for example an administrator can send
messages from the OS to the BIOS for the BIOS to change the state of the TPM
upon reboot. With the help of this interface, an administrator does not have
to manually interact with the BIOS.
As an example, on Linux the root use can send an opcode to the BIOS through the
TPM's sysfs entries following the opcodes listed in table 2 of the above
specs. To for example disable and deactivate the TPM, the root user would
send opcode '7' to the BIOS:
#> cd /sys/devices/pnp0/00:0?/ppi
#> echo 7 > request
Given that this patch is dependent on upstream QEMU changes, I think
it needs to wait until the upstream support is committed.