Re: [SeaBIOS] [PATCH 0/2] Improve reboot races during post and reboot

On Tue, Jan 12, 2016 at 02:57:25PM -0500, Kevin O'Connor wrote: > This is a follow up to an email chain that in November: > > http://www.seabios.org/pipermail/seabios/2015-November/009887.html > > It was possible for the SeaBIOS code to get confused if an external > reboot request occurs while

Re: [SeaBIOS] [PATCH 1/2] kbd: Don't treat scancode and asciicode as separate values

On Tue, Jan 12, 2016 at 01:13:36PM -0500, Kevin O'Connor wrote: > The scancode/asciicode pair can be more easily handled as a single > 16bit value. FYI, I committed this series. -Kevin ___ SeaBIOS mailing list SeaBIOS@seabios.org

Re: [SeaBIOS] [PATCH] biostables: Support SMBIOS 2.6+ UUID format

On Thu, Jan 14, 2016 at 12:24:29PM -0500, Cole Robinson wrote: > On 01/14/2016 12:22 PM, Kevin O'Connor wrote: > > According to SMBIOS v2.6 the first three fields are encoded in > > little-endian format. Versions prior to v2.6 did not specify the > > encoding, but we follow dmidecode and assume

[SeaBIOS] [PATCH v2] biostables: Support SMBIOS 2.6+ UUID format

SMBIOS 2.6+ stores the UUID in a different format, with the first 3 fields in little endian format. This is what modern qemu delivers and what dmidecode also handles, so let's follow suit too. More info at this thread: http://www.seabios.org/pipermail/seabios/2015-November/010031.html The only

Re: [SeaBIOS] [PATCH v2] biostables: Support SMBIOS 2.6+ UUID format

On Fri, Jan 15, 2016 at 10:49:32AM -0500, Cole Robinson wrote: > SMBIOS 2.6+ stores the UUID in a different format, with the first 3 > fields in little endian format. This is what modern qemu delivers > and what dmidecode also handles, so let's follow suit too. Thanks - committed. Gerd, I'm

[SeaBIOS] [RFC PATCH v1 8/9] tpm: Implement tpm2_menu

From: Stefan Berger In the TPM 2 menu we currently only allow to run the TPM2_Clear operation. For this we follow the TCG Physical Presence Interface Specification to be found here:

[SeaBIOS] [RFC PATCH v1 3/9] tpm: Prepare code for TPM 2 functions

From: Stefan Berger This patch prepares the tcgbios.c file for extension with TPM 2 specific code by: o prefixing all TPM 1.2 specific functions with tpm12_ o where necessary, introduce switch statements in tpm_ - prefixed functions; here we branch into TPM

[SeaBIOS] [RFC PATCH v1 4/9] tpm: Implement tpm2_startup and tpm2_s3_resume

From: Stefan Berger Implement tpm2_startup and tpm2_s3_resume and their dependencies. We follow this specification: TCG PC Client Specific Platform Firmware Profile for TPM 2.0 Systems Revision 1.0 Version 21 It can be found on this page:

[SeaBIOS] [RFC PATCH v1 7/9] tpm: Implement tpm2_extend

From: Stefan Berger Implement the tpm2_extend function. We use it with only SHA1. Signed-off-by: Stefan Berger --- src/std/tcg.h | 17 + src/tcgbios.c | 34 -- 2 files changed, 49

[SeaBIOS] [RFC PATCH v1 6/9] tpm: Implement tpm2_prepboot

From: Stefan Berger Implement tpm2_preboot. Here we set the platform password to a random password that prevents higher layers (OS) to get this password. This avoids bad things like users clearing the TPM, erasing EK (primary key) certificates, changing the primary

[SeaBIOS] [RFC PATCH v1 1/9] tpm: Extend TPM TIS with TPM 2 support.

From: Stefan Berger Extend the probing of the interface with TPM 2 specifics. Use the new interface ID register of the TIS to check whether a TPM 1.2 or a TPM 2 is underneath. We select the TIS if possible and lock it so we can issue commands during S3 for example

[SeaBIOS] [RFC PATCH v1 2/9] tpm: Factor out tpm_extend

From: Stefan Berger In preparation for TPM 2 code support, factor out the TPM 1.2 specific code from tpm_log_extend_event and put it into tpm_extend(). Signed-off-by: Stefan Berger --- src/tcgbios.c | 18 ++ 1 file

[SeaBIOS] [RFC PATCH v1 5/9] tpm: Implement tpm2_set_timeouts

From: Stefan Berger The TIS timeouts for TPM 2 are different than for TPM 1.2. Also the timeouts indicating a failed TPM 2 command are different. Further, the command durations and timeouts cannot be read from the device. We take the command timeout values for

[SeaBIOS] [RFC PATCH v1 0/9] Add TPM 2 support

This series of patches adds TPM 2 support to SeaBIOS in the way previously proposed. TPM 2 support also changes the log entry format, which I have not addressed at all so far, and would append to the end of the series. Stefan Stefan Berger (9): tpm: Extend TPM TIS with TPM 2 support.

[SeaBIOS] [RFC PATCH v1 9/9] tpm: Implement TPM 2's set_failure

From: Stefan Berger Implement TPM 2's set failure. We follow this specification: TCG PC Client Specific Platform Firmware Profile for TPM 2.0 Systems Revision 1.0 Version 21 It can be found on this page:

Re: [SeaBIOS] SeaBIOS security feature roadmap?

On 01/12/2016 11:36 AM, Kevin O'Connor wrote: [...] > As far as a roadmap, I understand there is a plan to add TPM 2.0 > support to SeaBIOS. > > I'm not aware of any new consumer devices shipping with the support, > and I understand that KVM/QEMU have had TPM support for some time > already. > >

Re: [SeaBIOS] SeaBIOS security feature roadmap?

Blibbet wrote: > It sounds like some Chromebooks have SeaBIOS with TPMv1 As far as I know all Chromebooks use their own payload which implements verified boot. The root of trust is the write-protected SPI flash. It is very well documented on the chromium website, you would only have to do very

Re: [SeaBIOS] SeaBIOS security feature roadmap?

On 01/15/2016 01:14 PM, Peter Stuge wrote: > [...] It is very well documented on the chromium website, you > would only have to do very basic research to find it, which makes it > very difficult for anyone to take your effort seriously. Please move > along. Yes, I don't own a Chromebook, and I

Re: [SeaBIOS] SeaBIOS security feature roadmap?

On Fri, Jan 15, 2016 at 12:38:12PM -0800, Blibbet wrote: > On 01/12/2016 11:36 AM, Kevin O'Connor wrote: > [...] > > As far as a roadmap, I understand there is a plan to add TPM 2.0 > > support to SeaBIOS. > > > > I'm not aware of any new consumer devices shipping with the support, > > and I

Re: [SeaBIOS] [PATCH 0/2] Improve reboot races during post and reboot

> > On Tue, Jan 12, 2016 at 02:57:25PM -0500, Kevin O'Connor wrote: > > This is a follow up to an email chain that in November: > > > > http://www.seabios.org/pipermail/seabios/2015-November/009887.html > > > > It was possible for the SeaBIOS code to get confused if an external > > reboot

Re: [SeaBIOS] [SEABIOS] Plans for either 1.9.1 or 1.10.0?

On Do, 2016-01-14 at 12:11 -0500, Kevin O'Connor wrote: > There were a bunch of fixes that I think should be considered for > 1.9.1: > > aa34e4e5 - xhci: Check for device disconnects during USB2 reset > polling > c01b41c5 - xhci: Wait for port enable even for USB3 devices > 460e9aac - sdcard:

Re: [SeaBIOS] [SEABIOS] Plans for either 1.9.1 or 1.10.0?

Hi, > It's been suggested (by you :)) that > 76327b9f32a009245c215f4a3c5d58a01b5310ae be cherry-picked into 1.9.1 as > well, perhaps. Yes, right. Thanks for the reminder. Picked up. cheers, Gerd ___ SeaBIOS mailing list SeaBIOS@seabios.org