Hi Stefan,
I've been reading through the tcgbios and tpm_drivers code in SeaBIOS. I have a couple of questions:
Why does the driver sometimes use tpm_sha1_calc() and sometimes use sha1()? It seems the software sha1 implementation is always superior, so why bothering implementing the hardware version? (The spec seems to agree with this as well.) It seems like dropping tpm_sha1_calc() would simplify the code.
What is SCALAR in tpm_drivers() for - it seems like all the timeouts in the spec are increased by 10? Also, it seems like tpm_drivers.c uses durations and timeouts in milliseconds, while tcgbios.c:determine_timeouts() uses values in microseconds.
I don't understand the error handling in tpm_extend_acpi_log() and tpm_extend(). Why does a log overflow in tpm_extend_acpi_log() shutdown the tpm chip (via tpm_set_failure() )? In particular, tpm_extend_acpi_log can be called from clients via the 16bit BIOS interface, and it's the only way a client could cause the tpm chip to shutdown. Why does tpm_extend() call reset_acpi_log() on failure? It seems odd that a failure in communication with the TPM chip would result in an ACPI log reset - no other TPM chip failure does that.
Is it expected that the tcpa ACPI table could move or be modified at runtime? The code rescans for the table twice on every call to tpm_extend_acpi_log() - if it can't move or be modified then I think it would be simpler to cache the values.
-Kevin