[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 1/2] acpi: Make TPM version configurable.

  • To: Jennifer Herbert <jennifer.herbert@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Wed, 3 May 2023 09:08:32 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YXcIHP4+HOvaIqGF7aCScNCByN18B1j4dRBfMEacL2A=; b=BwWCOiblj89GykKEQ5z5Xm7VKnXVNbac7bOQjzjqfwHMxpMsrEg034IOT02SP3Gx66hzFdqrQTlplV73YPwBYK+u54vLEY0uAXUM/RW52Nvm/SaheplQElVE5YN4ceXwgaBIIHboRg7wVvy28RDQUcp+qIinVlzdW31z4R5TLscjC3PUZJhwc9qafkpFmlUSziNnSr/7v6Y0BqoBoUJ4mZPwtdS4cgd7wf9D4GZKDDkzAXkq5BuaWZJvC2pVE4Q9LUcdJZqpVkfHlM5tlenwn4kLSmvI2HomwRO6nTMsS/maFjaqYB3yyz3XZpl8MX6k31M1aPHOoWEWqahQ3Jy3nw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Jonfv+56iCepjnplQOTpQC1sb/vsZZNPYpco53+O1LLm1se8t5n1//JF2kKOYY06Amz7F1tkEEWGHwawegiaMCcyNS1850gYO4gqUXuuksLx6D+ajDS/A/OhLRXkBI4p/HE7D3sG+PhMkGuaNUIHO8NROg6Nz8IXcX4iJr3mcb9KU+Io8XrrObwQWjNZHovgtKyyswgTsOPKlzr8r0peGDXBC973EXmJ2FDgPf551doE8M35Wy3gLCEdenrz+wK2F7JhWLH0kDvBpED9v/RL5u+ln8758sE64lPaH2j94I5gaVk28uHG1wwagAjdniweWVPwHwi7s9uFHOMuo9QABA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Wed, 03 May 2023 07:08:59 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 03.05.2023 00:40, Jennifer Herbert wrote:
> On 02/05/2023 12:54, Jan Beulich wrote:
>> On 25.04.2023 19:47, Jennifer Herbert wrote:
>>> --- a/tools/firmware/hvmloader/util.c
>>> +++ b/tools/firmware/hvmloader/util.c
>>> @@ -994,13 +994,22 @@ void hvmloader_acpi_build_tables(struct acpi_config 
>>> *config,
>>>       if ( !strncmp(xenstore_read("platform/acpi_laptop_slate", "0"), "1", 
>>> 1)  )
>>>           config->table_flags |= ACPI_HAS_SSDT_LAPTOP_SLATE;
>>>   
>>> -    config->table_flags |= (ACPI_HAS_TCPA | ACPI_HAS_IOAPIC |
>>> -                            ACPI_HAS_WAET | ACPI_HAS_PMTIMER |
>>> -                            ACPI_HAS_BUTTONS | ACPI_HAS_VGA |
>>> -                            ACPI_HAS_8042 | ACPI_HAS_CMOS_RTC);
>>> +    config->table_flags |= (ACPI_HAS_IOAPIC | ACPI_HAS_WAET |
>>> +                            ACPI_HAS_PMTIMER | ACPI_HAS_BUTTONS |
>>> +                            ACPI_HAS_VGA | ACPI_HAS_8042 |
>>> +                            ACPI_HAS_CMOS_RTC);
>>>       config->acpi_revision = 4;
>>>   
>>> -    config->tis_hdr = (uint16_t *)ACPI_TIS_HDR_ADDRESS;
>>> +    s = xenstore_read("platform/tpm_version", "1");
>>> +    config->tpm_version = strtoll(s, NULL, 0);
>> Due to field width, someone specifying 257 will also get a 1.2 TPM,
>> if I'm not mistaken.
> 
> Seems likely.   And i few other wacky values would give you 1.2 as well 
> I'd think.   There could also be trailing junk on the version number.
> 
> I was a bit phased by the lack of any real error cases in 
> hvmloader_acpi_build_tables.  It seemed the approch was if you put in 
> junk, you'll get something, but possibly not what your expecting.
> 
> Do I take it you'd prefer it to only accept a strict '1' for 1.2 and any 
> other value would result in no TPM being probed?  Or is it only the 
> overflow cases your concerned about?

Iirc xs convention is that numeric values can be spelled out in arbitrary
ways. So limiting to strictly "1" may be too restrictive. Anything that
evaluates to 1 without overflow nor trailing junk ought to be taken to
mean 1, I think.

>>> --- a/tools/libacpi/build.c
>>> +++ b/tools/libacpi/build.c
>>> @@ -409,38 +409,47 @@ static int construct_secondary_tables(struct 
>>> acpi_ctxt *ctxt,
>>>           memcpy(ssdt, ssdt_laptop_slate, sizeof(ssdt_laptop_slate));
>>>           table_ptrs[nr_tables++] = ctxt->mem_ops.v2p(ctxt, ssdt);
>>>       }
>>> -
>>> -    /* TPM TCPA and SSDT. */
>>> -    if ( (config->table_flags & ACPI_HAS_TCPA) &&
>>> -         (config->tis_hdr[0] != 0 && config->tis_hdr[0] != 0xffff) &&
>>> -         (config->tis_hdr[1] != 0 && config->tis_hdr[1] != 0xffff) )
>>> +    /* TPM and its SSDT. */
>>> +    if ( config->table_flags & ACPI_HAS_TPM )
>>>       {
>>> -        ssdt = ctxt->mem_ops.alloc(ctxt, sizeof(ssdt_tpm), 16);
>>> -        if (!ssdt) return -1;
>>> -        memcpy(ssdt, ssdt_tpm, sizeof(ssdt_tpm));
>>> -        table_ptrs[nr_tables++] = ctxt->mem_ops.v2p(ctxt, ssdt);
>>> -
>>> -        tcpa = ctxt->mem_ops.alloc(ctxt, sizeof(struct acpi_20_tcpa), 16);
>>> -        if (!tcpa) return -1;
>>> -        memset(tcpa, 0, sizeof(*tcpa));
>>> -        table_ptrs[nr_tables++] = ctxt->mem_ops.v2p(ctxt, tcpa);
>>> -
>>> -        tcpa->header.signature = ACPI_2_0_TCPA_SIGNATURE;
>>> -        tcpa->header.length    = sizeof(*tcpa);
>>> -        tcpa->header.revision  = ACPI_2_0_TCPA_REVISION;
>>> -        fixed_strcpy(tcpa->header.oem_id, ACPI_OEM_ID);
>>> -        fixed_strcpy(tcpa->header.oem_table_id, ACPI_OEM_TABLE_ID);
>>> -        tcpa->header.oem_revision = ACPI_OEM_REVISION;
>>> -        tcpa->header.creator_id   = ACPI_CREATOR_ID;
>>> -        tcpa->header.creator_revision = ACPI_CREATOR_REVISION;
>>> -        if ( (lasa = ctxt->mem_ops.alloc(ctxt, ACPI_2_0_TCPA_LAML_SIZE, 
>>> 16)) != NULL )
>>> +        switch ( config->tpm_version )
>>>           {
>>> -            tcpa->lasa = ctxt->mem_ops.v2p(ctxt, lasa);
>>> -            tcpa->laml = ACPI_2_0_TCPA_LAML_SIZE;
>>> -            memset(lasa, 0, tcpa->laml);
>>> -            set_checksum(tcpa,
>>> -                         offsetof(struct acpi_header, checksum),
>>> -                         tcpa->header.length);
>>> +        case 0: /* Assume legacy code wanted tpm 1.2 */
>> Along the lines of what Jason said: Unless this is known to be needed for
>> anything, I'd prefer if it was omitted.
> 
> I'm not awair of anything, but your comment 2 lines down  from version 2 
> made me think you knew of some.  So if your happy with me removing this 
> line, I am!

I'm afraid I can't make the connection to that comment (assuming I fished
out the right one). In any event, especially with Jason's observation that
ACPI_HAS_TPM won't be set alongside ->tpm_version being zero, I see no
use for keeping the "case 0:".

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.