[coreboot] SeaBIOS TPM support on Chromebook Acer C720
Stefan Berger
stefanb at linux.vnet.ibm.com
Mon Jul 14 12:14:24 CEST 2014
Hello!
I added support from the TPM to SeaBIOS and have parts of the BIOS
functionality successfully running on a Chromebook Acer C720 (as example
hardware). Here are some findings on the Acer:
The TPM is successfully detected but sending TPM_Startup(ST_Clear) to
the TPM fails since either coreboot or some other firmware seems to
already have initialized the TPM, which is fine, and also extended PCR 0
with at least one hash. Ideally there would be a TCPA ACPI table
containing information about what was logged, since otherwise the state
of the PCR seems not that useful. SeaBIOS's TPM extensions could then
also use this TCPA table and add its own logs into it along with
extending PCRs in the TPM. So, in this case the TPM SeaBIOS extensions
don't log anything and adding additional ACPI tables to the existing
coreboot tables seems 'impractical'. I was wondering if coreboot could
add such a table if a TPM was found to be present?
The latest set of TPM patches can be found here:
http://www.seabios.org/pipermail/seabios/2014-July/008178.html
Regards,
Stefan
More information about the coreboot
mailing list