"Kevin O'Connor" <[email protected]> wrote on 01/08/2016 11:41:13 AM:
> > On Thu, Jan 07, 2016 at 03:39:13PM -0500, Stefan Berger wrote: > > "Kevin O'Connor" <[email protected]> wrote on 01/07/2016 03:14:37 PM: > > > I don't have input on what TPM2 organization should look like, mainly > > > because I don't know what TPM2 entails. I gather the TIS commands are > > > changing, but what else changes? Does the ACPI log, BIOS interface, > > > or tpm menu change? Do you have a pointer to the TPM2 spec (when I > > > last looked it seemed that TPM2 was still being worked on). > > > > The TIS got more registers; some flags allow detection of the TPM version. > > > > All commands changed -- no backwards compatibility. The header 'fields' > > are the same, their ordinal and tag values are not. > > > > Spec: > > http://www.trustedcomputinggroup.org/resources/tpm_library_specification > > Thanks. Does the hardware interface change as well (ie, is it still > the same reads/writes to MMIO at 0xfed40000)? > It has the same address, but one or two more registers. > My initial thought would be to do what you've proposed - have wrapper > functions around the TPM commands (eg, tpm_extend, tpm_get_capability, > read_permanent_flags) and teach those functions how to send the two > different styles of commands (and translate the responses if > necessary). So the good thing is that some of the code can be shared between 1.2 and 2.0, to a certain 'depth' at least. An example of a shared function would be this one. static void tpm_add_event_separators(void) { static const u8 evt_separator[] = {0xff,0xff,0xff,0xff}; u32 pcrIndex; for (pcrIndex = 0; pcrIndex <= 7; pcrIndex++) tpm_add_measurement_to_log(pcrIndex, EV_SEPARATOR, NULL, 0, evt_separator, sizeof(evt_separator)); } Following this function further down: tpm_add_measurement_to_log() [on current master] can be completely shared as well. tpm_log_extend_event would need to become a function that branches into tpm12_log_extend_event and tpm2_log_extend_event, depending on detected version of TPM. tpm_log_event could again be shared since ACPI logging is the same. Same for tpm_fill_hash for as long as we only support sha1. Basically all functions where commands are created cannot be shared. Also TPM 2's initialization is a bit different and it supports more hashes. So it actually speaks against splitting this up into different files, but the outcome may be that the code would show a mix of tpm12_*, tpm2_*, and tpm_* functions in the format of tpm12_foo() { [...] } tpm2_foo() { [...] } tpm_foo() { switch (tpmversion) { 1.2: return tpm12_foo() 2: return tpm2_foo() } } tpm_xyz() { [...] } tpm12_bar() { [...] } tpm2_bar() { [...] } [...] That's what I did before... If none of the code could be shared the decision to split it up completely would be a lot easier. Stefan > > -Kevin >
_______________________________________________ SeaBIOS mailing list [email protected] http://www.seabios.org/mailman/listinfo/seabios
