[SeaBIOS] SeaBIOS Digest, Vol 72, Issue 33
Stefan Berger
stefanb at us.ibm.com
Tue Dec 22 18:52:28 CET 2015
"Kevin O'Connor" <kevin at koconnor.net> wrote on 12/22/2015 11:06:17 AM:
>
> On Tue, Dec 22, 2015 at 11:03:09AM -0500, Stefan Berger wrote:
> > "Kevin O'Connor" <kevin at koconnor.net> wrote on 12/22/2015 10:40:03 AM:
> > > On Mon, Dec 21, 2015 at 11:50:07AM -0500, Stefan Berger wrote:
> > > > tpm_foo()
> > > > {
> > > > [...]
> > > >
> > > > switch (tpmversion) {
> > > > case TPM_VERSION_1_2:
> > > > tpm12_foo()
> > > > break;
> > > > case TPM_VERSION_2:
> > > > tpm2_foo();
> > > > break;
> > > > }
> > > >
> > > > [...]
> > > > }
> > >
> > > Is the difference between 1.2 and 2.0 so large that the above is
> > > needed?
> >
> > TPM 2 and TPM 1.2 have completely different commands, so yes,
> > unfortunately it's needed.
>
> Okay. Just so I understand, is TPM 2.0 a new interface to the
> hardware, new BIOS API, or both?
TPM 2.0 is a new device with incompatible commands compared to TPM 1.2.
The TPM TIS interface has been extended with a few registers for TPM 2 and
TPM 2 can be recognized by a flag in one of those registers. In terms of
API I am not sure whether TCG has defined a BIOS API for TPM 2 (UEFI for
sure). However, I have been trying with an implementation of trusted Grub
and the current BIOS API is abstract enough so that it works with both TPM
1.2 and TPM 2. So from that perspective there is at least not necessarily
a need to disable the API for the TPM 2 case.
Stefan
>
> -Kevin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.seabios.org/pipermail/seabios/attachments/20151222/a5041384/attachment.html>
More information about the SeaBIOS
mailing list