From patchwork Mon Jan 14 22:27:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Marc-Andr=C3=A9_Lureau?= X-Patchwork-Id: 1024805 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43dpJd3G79z9s2P for ; Tue, 15 Jan 2019 09:37:53 +1100 (AEDT) Received: from localhost ([127.0.0.1]:53662 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gjArf-0003pq-9i for incoming@patchwork.ozlabs.org; Mon, 14 Jan 2019 17:37:51 -0500 Received: from eggs.gnu.org ([209.51.188.92]:58983) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gjAov-00024R-ND for qemu-devel@nongnu.org; Mon, 14 Jan 2019 17:35:02 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gjAou-0006E0-Sl for qemu-devel@nongnu.org; Mon, 14 Jan 2019 17:35:01 -0500 Received: from mx1.redhat.com ([209.132.183.28]:42662) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gjAou-0006Dr-NO for qemu-devel@nongnu.org; Mon, 14 Jan 2019 17:35:00 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5D1878666D; Mon, 14 Jan 2019 22:28:03 +0000 (UTC) Received: from localhost (ovpn-112-47.ams2.redhat.com [10.36.112.47]) by smtp.corp.redhat.com (Postfix) with ESMTP id C2EBC19C7C; Mon, 14 Jan 2019 22:27:57 +0000 (UTC) From: =?utf-8?q?Marc-Andr=C3=A9_Lureau?= To: qemu-devel@nongnu.org Date: Tue, 15 Jan 2019 02:27:48 +0400 Message-Id: <20190114222754.21701-1-marcandre.lureau@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Mon, 14 Jan 2019 22:28:03 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v17 0/6] Add support for TPM Physical Presence interface X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , stefanb@linux.vnet.ibm.com, "Michael S. Tsirkin" , f4bug@amsat.org, Igor Mammedov , Paolo Bonzini , Richard Henderson , Stefan Berger Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" Hi, The following patches implement the TPM Physical Presence Interface that allows a user to set a command via ACPI (sysfs entry in Linux) that, upon the next reboot, the firmware looks for and acts upon by sending sequences of commands to the TPM. A dedicated memory region is added to the TPM CRB & TIS devices, at address/size 0xFED45000/0x400. A new "etc/tpm/config" fw_cfg entry holds the location for that PPI region and some version details, to allow for future flexibility. With the associated edk2/ovmf firmware, the Windows HLK "PPI 1.3" test now runs successfully. It is based on previous work from Stefan Berger ("[PATCH v2 0/4] Implement Physical Presence interface for TPM 1.2 and 2") The edk2 support is merged upstream. v17: - rebased, minor conflicts - modify commit message in "acpi: add ACPI memory clear interface" to add a link to the specification. - add some r-b v16: - minor comments and stylistic changes - add r-b & t-b tags v15: - fix crash on reset when PPI is disabled v14: - rebased, fixing conflicts after compat-props refactoring - fix build regression from v13 with --disable-tpm v13: - removed needless error handling in tpm_ppi_init() - splitted "add ACPI memory clear interface" - moved acpi build function in dedicated hw/acpi/tpm.c - added some function documentation in headers - various code cleanups suggested by Philippe - rebased Marc-André Lureau (3): tpm: add a "ppi" boolean property acpi: add ACPI memory clear interface tpm: clear RAM when "memory overwrite" requested Stefan Berger (3): tpm: allocate/map buffer for TPM Physical Presence interface acpi: expose TPM/PPI configuration parameters to firmware via fw_cfg acpi: build TPM Physical Presence interface hw/tpm/tpm_ppi.h | 46 +++++ include/hw/acpi/tpm.h | 21 ++ hw/acpi/tpm.c | 459 ++++++++++++++++++++++++++++++++++++++++++ hw/core/machine.c | 2 + hw/i386/acpi-build.c | 29 ++- hw/tpm/tpm_crb.c | 13 ++ hw/tpm/tpm_ppi.c | 53 +++++ hw/tpm/tpm_tis.c | 13 ++ stubs/tpm.c | 5 + docs/specs/tpm.txt | 104 ++++++++++ hw/acpi/Makefile.objs | 1 + hw/tpm/Makefile.objs | 1 + hw/tpm/trace-events | 3 + 13 files changed, 748 insertions(+), 2 deletions(-) create mode 100644 hw/tpm/tpm_ppi.h create mode 100644 hw/acpi/tpm.c create mode 100644 hw/tpm/tpm_ppi.c