[SeaBIOS] Saving a few bytes across a reboot

[Marc-André Lureau]

Hi

----- Original Message -----
> 
> BTW, from the "TCG PC Client Platform TPM Profile (PTP) Specification",
> it seems like the FIFO (TIS) interface is hard-coded *in the spec* at
> FED4_0000h – FED4_4FFFh. So we don't even have to make that dynamic.
> 
> Regarding CRB (as an alternative to TIS+Cancel), I'm trying to wrap my
> brain around the exact resources that the CRB interface requries.
> Marc-André, can you summarize those?

The device is a relatively simple MMIO-only device on the sysbus:
https://github.com/stefanberger/qemu-tpm/commit/2f9d06f93b285d4b39966a80867584c487035db9#diff-1ef22a0d46031cf2701a185aed8ae40eR282

The region is registered at the same address as TIS (it's not entirely clear from the spec it is supposed to be there, but my laptop tpm use the same). And it uses a size of 0x1000, although it's also unclear to me what should be the size of the command buffer (that size can also be defined at run-time now, iirc, I should adapt the code).

My experiments so far running some Windows tests indicate that for TPM2, CRB+UEFI is required (and I managed to get an ovmf build with TPM2 support). A few test failed, it seems the "Physical Presence Interface" (PPI) is also required. I think that ACPI interface allows to run TPM commands during reboot, by having the firmware taking care of the security aspects. I think that's what Stefan is working on for Seabios and the safe memory region (sorry I haven't read the whole discussion, as I am not working on TPM atm)

thanks