[SeaBIOS] [PATCH v2 3/3] Add a menu for TPM control

Stefan Berger stefanb at linux.vnet.ibm.com
Tue Jun 2 19:05:47 CEST 2015

On 06/01/2015 12:54 PM, Kevin O'Connor wrote:
> On Tue, May 26, 2015 at 03:48:35PM -0400, Stefan Berger wrote:
>> This patch provides an addtional menu entry that enables the user to control
>> certain aspects of the TPM's state.
>> If a working TPM has been detected, the boot menu will look like this:
>> Select boot device:
>> 1. ata0-1: QEMU HARDDISK ATA-7 Hard-Disk (6144 MiBytes)
>> 2. Legacy option rom
>> 3. iPXE (PCI 00:03.0)
>> t. TPM Menu
>> Upon pressing t the TPM menu will be shown:
>> 1. Enable TPM
>> 2. Disable TPM
>> 3. Activate TPM
>> 4. Deactivate TPM
>> 5. Clear ownership
>> 6. Allow installation of owner
>> 7. Prevent installation of owner
>> Escape for previous menu.
>> TPM is enabled, active, does not have an owner but one can be installed.
> I'm okay with adding a "t" to the boot menu.  However, I think this
> sub-menu is too complex and cryptic.  (For example, I suspect most
> users wont even know what "TPM" means.)
> I think I'd prefer something like:
> t. TPM Configuration
> Upon pressing t the TPM menu will be shown:
> The Trusted Platform Module (TPM) is a hardware device in this
> machine.  It can help verify the integrity of system software.
> The current state of the TPM is:
>    Enabled

Well, there are two independent state bits indicating enabled/disable 
and activated/deactivated.

>    No ownership key has been installed

No ownership password has been set.

>    System software can install an ownership key

The system owner can take ownership of the TPM.

> Available options are:
>    d) Disable TPM and clear any ownership key settings

I think the disablement and clearing of ownership should be separated. 
The thing with the TPM 1.2 is that all keys that one has created (after 
taking ownership of it) depend on the ownership of the TPM. Once one 
gives up ownership, one looses all keys. Also, the device becomes 
disabled and deactivated, so one has to enable and activate it again, 
which even requires a reboot.

> If no change is desired or if this menu was reached by mistake, press
> ESC and this machine will be rebooted without change.

There's no need to reboot if we only leave the menu. If the user 
activates the device from it being deactivated, a reboot will 
automatically happen.

> Specifically, I think the menu should be a little more verbose (for
> users that just explore the menu), it should only be reached if the
> given hardware is present, and menu options should only be shown if
> they are actually available and make sense to invoke.

Ok. I'll rework this and will probably put this in front of the physical 
presence patch.

> -Kevin

More information about the SeaBIOS mailing list