[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v3 4/4] tpm: add a fake ACPI memory clear interf

From: Stefan Berger
Subject: Re: [Qemu-devel] [PATCH v3 4/4] tpm: add a fake ACPI memory clear interface
Date: Thu, 21 Jun 2018 09:59:29 -0400
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0

On 06/21/2018 09:24 AM, Marc-André Lureau wrote:

On Thu, Jun 21, 2018 at 3:02 PM, Igor Mammedov <address@hidden> wrote:
On Tue, 15 May 2018 14:14:33 +0200
Marc-André Lureau <address@hidden> wrote:

This allows to pass the last failing test from the Windows HLK TPM 2.0
TCG PPI 1.3 tests.

The interface is described in the "TCG Platform Reset Attack
Mitigation Specification", chapter 6 "ACPI _DSM Function". Whether or
not we should have a real implementation remains an open question to me.
might it cause security issues?
Good question. If the guest assumes success of this operation perhaps.
I'll check the spec.
We could reserve a flag in the PPI interface where the firmware can indicate that it supports it. ACPI would read that flag and it hide this interface if not supported.

What are implications of faking it and how hard it's to implement thing
per spec?
Laszlo answerd that in "[Qemu-devel] investigating TPM for
OVMF-on-QEMU"  2f2b) TCG Memory Clear Interface

Signed-off-by: Marc-André Lureau <address@hidden>
  hw/i386/acpi-build.c | 9 +++++++++
  1 file changed, 9 insertions(+)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 95be4f0710..392a1e50bd 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -2072,6 +2072,15 @@ build_tpm_ppi(Aml *dev)
              aml_append(ifctx, aml_return(aml_buffer(1, zerobyte)));
          aml_append(method, ifctx);
+       /* dummy MOR Memory Clear for the sake of WLK PPI test */
+        ifctx = aml_if(
+            aml_equal(aml_arg(0),
+                      aml_touuid("376054ED-CC13-4675-901C-4756D7F2D45D")));
+        {
+            aml_append(ifctx, aml_return(aml_int(0)));
+        }
+        aml_append(method, ifctx);
      aml_append(dev, method);

reply via email to

[Prev in Thread] Current Thread [Next in Thread]