qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v3 4/4] tpm: add a fake ACPI memory clear interf

From: Igor Mammedov
Subject: Re: [Qemu-devel] [PATCH v3 4/4] tpm: add a fake ACPI memory clear interface
Date: Tue, 26 Jun 2018 14:34:04 +0200 
On Tue, 26 Jun 2018 11:22:26 +0200
Marc-André Lureau <address@hidden> wrote:

> On Thu, Jun 21, 2018 at 4:33 PM, Igor Mammedov <address@hidden> wrote:
> > On Thu, 21 Jun 2018 15:24:44 +0200
> > Marc-André Lureau <address@hidden> wrote:
> >  
> >> Hi
> >>
> >> On Thu, Jun 21, 2018 at 3:02 PM, Igor Mammedov <address@hidden> wrote:  
> >> > On Tue, 15 May 2018 14:14:33 +0200
> >> > Marc-André Lureau <address@hidden> wrote:
> >> >  
> >> >> This allows to pass the last failing test from the Windows HLK TPM 2.0
> >> >> TCG PPI 1.3 tests.
> >> >>
> >> >> The interface is described in the "TCG Platform Reset Attack
> >> >> Mitigation Specification", chapter 6 "ACPI _DSM Function". Whether or
> >> >> not we should have a real implementation remains an open question to 
> >> >> me.  
> >> > might it cause security issues?  
> >>
> >> Good question. If the guest assumes success of this operation perhaps.
> >> I'll check the spec.
> >>  
> >> > What are implications of faking it and how hard it's to implement thing
> >> > per spec?  
> >>
> >> Laszlo answerd that in "[Qemu-devel] investigating TPM for
> >> OVMF-on-QEMU"  2f2b) TCG Memory Clear Interface  
> > I get that it's optional, but we probably shouldn't advertise/fake
> > feature if it's not supported.  
> 
> As said in the commit message, the objective was to pass the Windows
> HLK test. If we don't want to advertize a fake interface, I am fine
> droping this patch. We'll have to revisit with Laszlo the work needed
> in the firmware to support it.
I think it would be safer to drop this patch.


> >  
> >>  
> >> >
> >> >  
> >> >> Signed-off-by: Marc-André Lureau <address@hidden>
> >> >> ---
> >> >>  hw/i386/acpi-build.c | 9 +++++++++
> >> >>  1 file changed, 9 insertions(+)
> >> >>
> >> >> diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> >> >> index 95be4f0710..392a1e50bd 100644
> >> >> --- a/hw/i386/acpi-build.c
> >> >> +++ b/hw/i386/acpi-build.c
> >> >> @@ -2072,6 +2072,15 @@ build_tpm_ppi(Aml *dev)
> >> >>              aml_append(ifctx, aml_return(aml_buffer(1, zerobyte)));
> >> >>          }
> >> >>          aml_append(method, ifctx);
> >> >> +
> >> >> +       /* dummy MOR Memory Clear for the sake of WLK PPI test */
> >> >> +        ifctx = aml_if(
> >> >> +            aml_equal(aml_arg(0),
> >> >> +                      
> >> >> aml_touuid("376054ED-CC13-4675-901C-4756D7F2D45D")));
> >> >> +        {
> >> >> +            aml_append(ifctx, aml_return(aml_int(0)));
> >> >> +        }
> >> >> +        aml_append(method, ifctx);
> >> >>      }
> >> >>      aml_append(dev, method);
> >> >>  }  
> >> >
> >> >  
> >>
> >>
> >>  
> >  
> 
> 
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]