Jarkko Sakkinen <jarkko.sakki...@linux.intel.com> wrote on 09/20/2016 
06:04:23 AM:

> On Mon, Sep 19, 2016 at 10:50:15AM -0400, Stefan Berger wrote:
> >    > You also fail to explain how this should work with ACPI even 
> >    > we know that there does not exist any kind for event log through 
> >    > with TPM 2.0 hardware. I.e. just by reading the commits I 
> >    > see that you are doing major untested code path changes.
> > 
> >    That's true there there's not spec for a BIOS at the moment and I 
> >    expect that TCG will likely not write one. Likely all vendors have 
> >    on to (U)EFI. We realized this also while implementing TPM 2 
support for
> >    SeaBIOS and I ended up reusing the ACPI TCPA table but adopted the 
> >    specified log format with that special first entry. Can we 
> accomodate that
> >    ?
> Does that match to "SHA1 Event Log Entry Format" defined in [1]? In
> addition "Crypto Agile Log Entry Format" must be supported.

SeaBIOS supports the SHA1 Event Log Entry Format [5.1 in that spec]. It 
uses it for TPM 1.2.


In case of TPM 2 it will write the first log entry in the format of the 
Event Log Header [5.3].


All subsequent entries in the log will be written in Crypto Agile Log 
Entry Format [5.2].


UEFI may write into some special buffer that the OS can get to via an API 
call. In case of SeaBIOS this buffer is just in the TCPA ACPI table, as in 
TPM 1.2.

> Philip: what was the UEFI handover procedure that was discussed in
> TPM BoF at LSS 2016?
> >       Stefan
> [1] http://www.trustedcomputinggroup.org/wp-content/uploads/EFI-
> Protocol-Specification-rev13-160330final.pdf
> /Jarkko

tpmdd-devel mailing list

Reply via email to