On Tue, Jan 16, 2018 at 11:41:03AM -0500, Stefan Berger wrote: > Implement more functions of the TPM Physical Presence interface. > Some of the added functions will automatically reboot the machine. > Thus we need to save the next step after the reboot in an additional > variable. > > Signed-off-by: Stefan Berger <[email protected]> > --- > src/std/tcg.h | 7 ++++++ > src/tcgbios.c | 69 > ++++++++++++++++++++++++++++++++++++++++++++++++++++++----- > 2 files changed, 71 insertions(+), 5 deletions(-) > > diff --git a/src/std/tcg.h b/src/std/tcg.h > index 22353a9..aeee689 100644 > --- a/src/std/tcg.h > +++ b/src/std/tcg.h > @@ -548,8 +548,15 @@ struct pcctes_romex > #define TPM_PPI_OP_ACTIVATE 3 > #define TPM_PPI_OP_DEACTIVATE 4 > #define TPM_PPI_OP_CLEAR 5 > +#define TPM_PPI_OP_ENABLE_ACTIVATE 6 > +#define TPM_PPI_OP_DEACTIVATE_DISABLE 7 > #define TPM_PPI_OP_SET_OWNERINSTALL_TRUE 8 > #define TPM_PPI_OP_SET_OWNERINSTALL_FALSE 9 > +#define TPM_PPI_OP_ENABLE_ACTIVATE_SET_OWNERINSTALL_TRUE 10 > +#define TPM_PPI_OP_SET_OWNERINSTALL_FALSE_DEACTIVATE_DISABLE 11 > +#define TPM_PPI_OP_CLEAR_ENABLE_ACTIVATE 14 > +#define TPM_PPI_OP_ENABLE_ACTIVATE_CLEAR 21 > +#define TPM_PPI_OP_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE 22 > > struct tpm_ppi { > u8 ppin; /* 0: 1 = initialized */ > diff --git a/src/tcgbios.c b/src/tcgbios.c > index c8e6ca2..e074d42 100644 > --- a/src/tcgbios.c > +++ b/src/tcgbios.c > @@ -1655,7 +1655,8 @@ tpm12_set_owner_install(int allow, int verbose, u32 > *returnCode) > } > > static int > -tpm12_process_cfg(tpm_ppi_code msgCode, int verbose, u32 *returnCode) > +tpm12_process_cfg(tpm_ppi_code msgCode, int verbose, u32 *returnCode, > + u8 *nextStep) > { > int ret = 0; > > @@ -1683,6 +1684,18 @@ tpm12_process_cfg(tpm_ppi_code msgCode, int verbose, > u32 *returnCode) > ret = tpm12_force_clear(1, 0, verbose, returnCode); > break; > > + case TPM_PPI_OP_ENABLE_ACTIVATE: > + ret = tpm12_enable_tpm(1, verbose, returnCode); > + if (!ret) > + ret = tpm12_activate_tpm(1, 1, verbose, returnCode); > + break; > + > + case TPM_PPI_OP_DEACTIVATE_DISABLE: > + ret = tpm12_activate_tpm(0, 1, verbose, returnCode); > + if (!ret) > + ret = tpm12_enable_tpm(0, verbose, returnCode); > + break; > + > case TPM_PPI_OP_SET_OWNERINSTALL_TRUE: > ret = tpm12_set_owner_install(1, verbose, returnCode); > break; > @@ -1691,6 +1704,43 @@ tpm12_process_cfg(tpm_ppi_code msgCode, int verbose, > u32 *returnCode) > ret = tpm12_set_owner_install(0, verbose, returnCode); > break; > > + case TPM_PPI_OP_ENABLE_ACTIVATE_SET_OWNERINSTALL_TRUE: > + *nextStep = TPM_PPI_OP_SET_OWNERINSTALL_TRUE; > + ret = tpm12_enable_activate(1, verbose, returnCode); > + if (!ret) > + ret = tpm12_set_owner_install(1, verbose, returnCode); > + break; > + > + case TPM_PPI_OP_SET_OWNERINSTALL_FALSE_DEACTIVATE_DISABLE: > + ret = tpm12_set_owner_install(0, verbose, returnCode); > + if (!ret) > + ret = tpm12_activate_tpm(0, 0, verbose, returnCode); > + if (!ret) > + ret = tpm12_enable_tpm(0, verbose, returnCode); > + break; > + > + case TPM_PPI_OP_CLEAR_ENABLE_ACTIVATE: > + ret = tpm12_force_clear(0, 1, verbose, returnCode); > + break; > + > + case TPM_PPI_OP_ENABLE_ACTIVATE_CLEAR: > + *nextStep = TPM_PPI_OP_CLEAR; > + ret = tpm12_enable_activate(1, verbose, returnCode); > + /* no reboot happened */ > + if (!ret) > + ret = tpm12_force_clear(0, 0, verbose, returnCode); > + break; > + > + case TPM_PPI_OP_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE: > + *nextStep = TPM_PPI_OP_CLEAR_ENABLE_ACTIVATE;
I'm strugging to understand "nextStep". I think it would be clearer if the code could do a switch on the request and then execute all the details of that request without the need to set flags indicating the function should be rerun. tpm12_process_cfg() can call itself recursively if it needs to. -Kevin _______________________________________________ SeaBIOS mailing list [email protected] https://mail.coreboot.org/mailman/listinfo/seabios
