From: "Stefan Berger" <stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Jarkko Sakkinen
<jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
Cc: tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: Re: [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
Date: Tue, 20 Sep 2016 08:27:11 -0400 [thread overview]
Message-ID: <OF5845BD05.5A60A8A0-ON00258034.00438FB6-85258034.004479CA@notes.na.collabserv.com> (raw)
In-Reply-To: <20160920100423.GB32433-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
[-- Attachment #1.1: Type: text/plain, Size: 2032 bytes --]
Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote on 09/20/2016
06:04:23 AM:
>
> On Mon, Sep 19, 2016 at 10:50:15AM -0400, Stefan Berger wrote:
> > > You also fail to explain how this should work with ACPI even
though
> > > we know that there does not exist any kind for event log through
ACPI
> > > with TPM 2.0 hardware. I.e. just by reading the commits I
canobviously
> > > see that you are doing major untested code path changes.
> >
> > That's true there there's not spec for a BIOS at the moment and I
would
> > expect that TCG will likely not write one. Likely all vendors have
moved
> > on to (U)EFI. We realized this also while implementing TPM 2
support for
> > SeaBIOS and I ended up reusing the ACPI TCPA table but adopted the
EFI
> > specified log format with that special first entry. Can we
> accomodate that
> > ?
>
> Does that match to "SHA1 Event Log Entry Format" defined in [1]? In
> addition "Crypto Agile Log Entry Format" must be supported.
SeaBIOS supports the SHA1 Event Log Entry Format [5.1 in that spec]. It
uses it for TPM 1.2.
https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521
In case of TPM 2 it will write the first log entry in the format of the
Event Log Header [5.3].
https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521
All subsequent entries in the log will be written in Crypto Agile Log
Entry Format [5.2].
Again:
https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521
UEFI may write into some special buffer that the OS can get to via an API
call. In case of SeaBIOS this buffer is just in the TCPA ACPI table, as in
TPM 1.2.
>
> Philip: what was the UEFI handover procedure that was discussed in
> TPM BoF at LSS 2016?
>
> > Stefan
>
> [1] http://www.trustedcomputinggroup.org/wp-content/uploads/EFI-
> Protocol-Specification-rev13-160330final.pdf
>
> /Jarkko
>
[-- Attachment #1.2: Type: text/html, Size: 3130 bytes --]
[-- Attachment #2: Type: text/plain, Size: 79 bytes --]
------------------------------------------------------------------------------
[-- Attachment #3: Type: text/plain, Size: 192 bytes --]
_______________________________________________
tpmdd-devel mailing list
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
prev parent reply other threads:[~2016-09-20 12:27 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-30 4:50 [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support Nayna Jain
[not found] ` <1472532619-22170-1-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-08-30 4:50 ` [PATCH v3 1/7] tpm: Define a generic open() method for ascii & bios measurements Nayna Jain
[not found] ` <1472532619-22170-2-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-08-30 7:49 ` Jarkko Sakkinen
2016-08-30 17:03 ` Jason Gunthorpe
[not found] ` <20160830170345.GA6373-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-08-31 19:09 ` Nayna
2016-08-30 4:50 ` [PATCH v3 2/7] tpm: Replace the dynamically allocated bios_dir as struct dentry array Nayna Jain
[not found] ` <1472532619-22170-3-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-08-30 8:05 ` Jarkko Sakkinen
2016-08-30 17:11 ` Jason Gunthorpe
2016-08-30 4:50 ` [PATCH v3 3/7] tpm: Validate the eventlog access before tpm_bios_log_setup Nayna Jain
[not found] ` <1472532619-22170-4-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-08-30 8:15 ` Jarkko Sakkinen
2016-08-30 17:52 ` Jason Gunthorpe
[not found] ` <20160830175213.GC6373-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-09-09 17:24 ` Nayna
[not found] ` <57D2F049.4040707-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-09 17:28 ` Jason Gunthorpe
2016-08-30 4:50 ` [PATCH v3 4/7] tpm: Redefine the read_log method to check for ACPI/OF properties sequentially Nayna Jain
[not found] ` <1472532619-22170-5-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-08-30 17:54 ` Jason Gunthorpe
[not found] ` <20160830175409.GD6373-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-08-31 19:09 ` Nayna
[not found] ` <57C72B7A.8040108-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-06 19:47 ` Jason Gunthorpe
[not found] ` <20160906194737.GD28416-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-09-06 20:08 ` Peter Huewe
2016-08-30 4:50 ` [PATCH v3 5/7] tpm: Replace the of_find_node_by_name() with dev of_node property Nayna Jain
[not found] ` <1472532619-22170-6-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-08-30 17:55 ` Jason Gunthorpe
2016-08-30 4:50 ` [PATCH v3 6/7] tpm: Moves the eventlog init functions to tpm_eventlog_init.c Nayna Jain
[not found] ` <1472532619-22170-7-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-08-30 8:18 ` Jarkko Sakkinen
2016-08-30 4:50 ` [PATCH v3 7/7] tpm: Adds securityfs support for TPM2.0 eventlog Nayna Jain
[not found] ` <1472532619-22170-8-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-08-30 8:21 ` Jarkko Sakkinen
2016-08-30 17:59 ` Jason Gunthorpe
2016-08-30 7:10 ` [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support Jarkko Sakkinen
[not found] ` <20160830071032.GB6215-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-08-31 17:56 ` Nayna
[not found] ` <57C71A48.8020505-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-01 13:45 ` Jarkko Sakkinen
[not found] ` <20160901134501.GA14627-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-09-01 14:52 ` Jarkko Sakkinen
[not found] ` <20160901145250.GA19529-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-09-28 8:49 ` Nayna
[not found] ` <57EB8425.6000005-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-30 19:27 ` Jarkko Sakkinen
2016-09-01 16:51 ` Jason Gunthorpe
2016-08-30 10:16 ` Jarkko Sakkinen
[not found] ` <20160830101611.GA11819-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-08-30 16:16 ` Jarkko Sakkinen
2016-09-19 14:50 ` Stefan Berger
[not found] ` <OFFF1DBFC5.1719C0A6-ON00258033.00514374-85258033.005192C5-8eTO7WVQ4XIsd+ienQ86orlN3bxYEBpz@public.gmane.org>
2016-09-20 10:04 ` Jarkko Sakkinen
[not found] ` <20160920100423.GB32433-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-09-20 12:27 ` Stefan Berger [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=OF5845BD05.5A60A8A0-ON00258034.00438FB6-85258034.004479CA@notes.na.collabserv.com \
--to=stefanb-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.