[SeaBIOS] [PATCH 2/8] tpm: No need to check the return status of measurements

Xu, Quan quan.xu at intel.com
Fri Jan 1 10:52:32 CET 2016


On 31.12.2015 at 8:10am, <stefanb at linux.vnet.ibm.com> wrote:
> On 12/30/2015 02:31 PM, Kevin O'Connor wrote:
> > The low-level measurement functions already handle error conditions,
> > there is no need to check for the errors in the high level measurement
> > functions.
> >
> > Signed-off-by: Kevin O'Connor <kevin at koconnor.net>
> > ---
> 
> > @@ -507,7 +478,12 @@ tpm_setup(void)
> >       if (runningOnXen())
> >           return;
> 
> This looks like a for Xen where we will be missing too much. Cc'in Xu Quan for
> this. I think Xen likely only wants to skip the TPM_Startup in
> tpm_startup() but not the retrieval of the durations and timeouts and so on. This
> part may need to move.
> 

IMO, I think it is still need these code for Xen vtpm.
HVM virtual machine's tpm_tis driver and PV virtual machine's xen_tpmfront driver get the timeout/durations based on 'TPM_GetCapability' cmd.
It doesn't base on seabios.

Now the seabios provides 2 functions for xen vtpm:
  1. ACPI
  2.Initialize some registers.

Cced Graaf for double check.

> >
> > -    tpm_startup();
> > +    ret = tpm_startup();
> > +    if (ret)
> > +        return;
> > +
> > +    tpm_smbios_measure();
> > +    tpm_add_action(2, "Start Option ROM Scan");
> >   }
> 

So for, it does not support passing on TPM cmd to vTPM in seabios. It can't extend/write these measure to vTPM on Xen. 
So It does not necessary for Xen vtpm now.


-Quan






More information about the SeaBIOS mailing list