[SeaBIOS] Questions on SeaBIOS TPM
kevin at koconnor.net
Fri Nov 20 17:12:53 CET 2015
I've been reading through the tcgbios and tpm_drivers code in
SeaBIOS. I have a couple of questions:
Why does the driver sometimes use tpm_sha1_calc() and sometimes use
sha1()? It seems the software sha1 implementation is always superior,
so why bothering implementing the hardware version? (The spec seems
to agree with this as well.) It seems like dropping tpm_sha1_calc()
would simplify the code.
What is SCALAR in tpm_drivers() for - it seems like all the timeouts
in the spec are increased by 10? Also, it seems like tpm_drivers.c
uses durations and timeouts in milliseconds, while
tcgbios.c:determine_timeouts() uses values in microseconds.
I don't understand the error handling in tpm_extend_acpi_log() and
tpm_extend(). Why does a log overflow in tpm_extend_acpi_log()
shutdown the tpm chip (via tpm_set_failure() )? In particular,
tpm_extend_acpi_log can be called from clients via the 16bit BIOS
interface, and it's the only way a client could cause the tpm chip to
shutdown. Why does tpm_extend() call reset_acpi_log() on failure? It
seems odd that a failure in communication with the TPM chip would
result in an ACPI log reset - no other TPM chip failure does that.
Is it expected that the tcpa ACPI table could move or be modified at
runtime? The code rescans for the table twice on every call to
tpm_extend_acpi_log() - if it can't move or be modified then I think
it would be simpler to cache the values.
More information about the SeaBIOS