From nobody Mon Aug 14 08:17:40 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RPS1x1T8gz4q7FL; Mon, 14 Aug 2023 08:17:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RPS1x1CVcz4FMR; Mon, 14 Aug 2023 08:17:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1692001061; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JrtYeO2NCRo1wtwQ3jhm9w/DXD9GmIVvtrY+FAHitLo=; b=YdCb5SA/e5EMoYn1G7sLXuVtAUDg+yvDmz5G1rxM+p0B062YBVs8S0C1loiNdkwsM9aKbe Z/0uT+hBfHEJRyKDWxksSqJ/f5uNBYUjssN5eXzMHjeqF9UjsaK7BgSpYP1jx51X6b6QHc vusbD3USgqs5shOb8rWBJnzArXCg8St6FP66jv4OAiTyUrGejopiMoBBsOhu/HBKwy5qKw GJ1Ee7fC5+YaVyv+Bxl+qI59kdXsWZ0uzvfT6gf8opoaIosfxntixuu7oLdp2dnvKQ48F4 9vAmXx8aSFq2zhZ9K2HZCkVAX5C1s53LZkwEePSuhnjRnUDqjA/Qm5j31ZJPYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1692001061; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JrtYeO2NCRo1wtwQ3jhm9w/DXD9GmIVvtrY+FAHitLo=; b=qyxnoCKMcpAdWMmOBGIMjIPHkjMWc0Eo1llA0ZyWgjE/BjRXTm1NlyqSN9chqcEE81nYuS D7Ela7fwY6QUekLi+qpNXzK4N2Dq4pZeQE9JzmppPCV2EJb/xjRptLBfpBNv66qtO/WLCQ nGoHP9zksT6Ef3GrYrg+wNHu4Fnny86Rrf8cCThqRzl2h+kHRaCwhoLRiSsn/veJdksEUP JplnJgybflxNFpuCOxs63vMv5nXPPlGM5BmEoDkS+Jc48BSbs0RZVAc2q/pqI2lb07zExr xpYHuxpSMdiPOi/31e73ETDIBSOPDPkihsXNvH2FiQIetDbQM9fB3IIt7mDrTg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1692001061; a=rsa-sha256; cv=none; b=Oje7BN5xASVULFjvBTEjVtlAVoBh8u6dUSU95CV7HvTJdmdwuMCoExDNkQa+BJBBu835ZY c02YgCvJYIF5vCk/5Fioy2c2XQPZwm6gqtsb9F03RL2I9cbPG/1FYTzTQa9VktqY6W9eLB 7pLy4mbc/1mCANx6Ver59eEtTSgA1qaxwUYIQNJDcXHymd9yA8VeYxcd8HOnucm6kPQDsf 6/GGzwfM6iJdd9+/0wWKw0SUfgCK6BEmHclBxxxPi+xHM+5evwtWPBa59RboEJlskzAS9s JCNGPp0nybOpzLNZdsjbkkgPIZ01Z5lF3mbCZeIypOfQF6ZDViBCRo8K1OobPg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RPS1x0HlTz5ZY; Mon, 14 Aug 2023 08:17:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 37E8HeUq095767; Mon, 14 Aug 2023 08:17:40 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 37E8Hex6095764; Mon, 14 Aug 2023 08:17:40 GMT (envelope-from git) Date: Mon, 14 Aug 2023 08:17:40 GMT Message-Id: <202308140817.37E8Hex6095764@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Corvin =?utf-8?Q?K=C3=B6hne?= Subject: git: 85a775e61b98 - main - bhyve: add Qemu PPI emulation for TPM devices List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: corvink X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 85a775e61b98f4c49abe437fb66b205a39f7581f Auto-Submitted: auto-generated The branch main has been updated by corvink: URL: https://cgit.FreeBSD.org/src/commit/?id=85a775e61b98f4c49abe437fb66b205a39f7581f commit 85a775e61b98f4c49abe437fb66b205a39f7581f Author: Corvin Köhne AuthorDate: 2022-08-29 10:10:47 +0000 Commit: Corvin Köhne CommitDate: 2023-08-14 08:17:36 +0000 bhyve: add Qemu PPI emulation for TPM devices Windows requires a physical presence interface to recognize the TPM device. Qemu's OVMF has an implementation for the PPI which can be reused. Using the Qemu PPI makes it very easy because we don't have to implement new PPI functionality into our OVMF. The Qemu implementation is already there. Reviewed by: markj MFC after: 1 week Sponsored by: Beckhoff Automation GmbH & Co. KG Differential Revision: https://reviews.freebsd.org/D40462 --- usr.sbin/bhyve/Makefile | 1 + usr.sbin/bhyve/tpm_device.c | 76 +++++++ usr.sbin/bhyve/tpm_ppi.h | 20 ++ usr.sbin/bhyve/tpm_ppi_qemu.c | 476 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 573 insertions(+) diff --git a/usr.sbin/bhyve/Makefile b/usr.sbin/bhyve/Makefile index 9b8a7274d793..ef7bc01f83ee 100644 --- a/usr.sbin/bhyve/Makefile +++ b/usr.sbin/bhyve/Makefile @@ -78,6 +78,7 @@ SRCS= \ tpm_device.c \ tpm_emul_passthru.c \ tpm_intf_crb.c \ + tpm_ppi_qemu.c \ uart_emul.c \ usb_emul.c \ usb_mouse.c \ diff --git a/usr.sbin/bhyve/tpm_device.c b/usr.sbin/bhyve/tpm_device.c index 421d10dafb75..4c40db419380 100644 --- a/usr.sbin/bhyve/tpm_device.c +++ b/usr.sbin/bhyve/tpm_device.c @@ -14,17 +14,20 @@ #include #include +#include "acpi.h" #include "acpi_device.h" #include "config.h" #include "tpm_device.h" #include "tpm_emul.h" #include "tpm_intf.h" +#include "tpm_ppi.h" #define TPM_ACPI_DEVICE_NAME "TPM" #define TPM_ACPI_HARDWARE_ID "MSFT0101" SET_DECLARE(tpm_emul_set, struct tpm_emul); SET_DECLARE(tpm_intf_set, struct tpm_intf); +SET_DECLARE(tpm_ppi_set, struct tpm_ppi); struct tpm_device { struct vmctx *vm_ctx; @@ -33,6 +36,8 @@ struct tpm_device { void *emul_sc; struct tpm_intf *intf; void *intf_sc; + struct tpm_ppi *ppi; + void *ppi_sc; }; static int @@ -47,10 +52,57 @@ tpm_build_acpi_table(const struct acpi_device *const dev) return (tpm->intf->build_acpi_table(tpm->intf_sc, tpm->vm_ctx)); } +static int +tpm_write_dsdt(const struct acpi_device *const dev) +{ + int error; + + const struct tpm_device *const tpm = acpi_device_get_softc(dev); + const struct tpm_ppi *const ppi = tpm->ppi; + + /* + * packages for returns + */ + dsdt_line("Name(TPM2, Package(2) {0, 0})"); + dsdt_line("Name(TPM3, Package(3) {0, 0, 0})"); + + if (ppi->write_dsdt_regions) { + error = ppi->write_dsdt_regions(tpm->ppi_sc); + if (error) { + warnx("%s: failed to write ppi dsdt regions\n", + __func__); + return (error); + } + } + + /* + * Device Specific Method + * Arg0: UUID + * Arg1: Revision ID + * Arg2: Function Index + * Arg3: Arguments + */ + dsdt_line("Method(_DSM, 4, Serialized)"); + dsdt_line("{"); + dsdt_indent(1); + if (ppi->write_dsdt_dsm) { + error = ppi->write_dsdt_dsm(tpm->ppi_sc); + if (error) { + warnx("%s: failed to write ppi dsdt dsm\n", __func__); + return (error); + } + } + dsdt_unindent(1); + dsdt_line("}"); + + return (0); +} + static const struct acpi_device_emul tpm_acpi_device_emul = { .name = TPM_ACPI_DEVICE_NAME, .hid = TPM_ACPI_HARDWARE_ID, .build_table = tpm_build_acpi_table, + .write_dsdt = tpm_write_dsdt, }; void @@ -59,6 +111,8 @@ tpm_device_destroy(struct tpm_device *const dev) if (dev == NULL) return; + if (dev->ppi != NULL && dev->ppi->deinit != NULL) + dev->ppi->deinit(dev->ppi_sc); if (dev->intf != NULL && dev->intf->deinit != NULL) dev->intf->deinit(dev->intf_sc); if (dev->emul != NULL && dev->emul->deinit != NULL) @@ -75,6 +129,7 @@ tpm_device_create(struct tpm_device **const new_dev, struct vmctx *const vm_ctx, struct tpm_device *dev = NULL; struct tpm_emul **ppemul; struct tpm_intf **ppintf; + struct tpm_ppi **pp_ppi; const char *value; int error; @@ -84,6 +139,7 @@ tpm_device_create(struct tpm_device **const new_dev, struct vmctx *const vm_ctx, } set_config_value_node_if_unset(nvl, "intf", "crb"); + set_config_value_node_if_unset(nvl, "ppi", "qemu"); value = get_config_value_node(nvl, "version"); assert(value != NULL); @@ -147,6 +203,26 @@ tpm_device_create(struct tpm_device **const new_dev, struct vmctx *const vm_ctx, goto err_out; } + value = get_config_value_node(nvl, "ppi"); + SET_FOREACH(pp_ppi, tpm_ppi_set) { + if (strcmp(value, (*pp_ppi)->name)) { + continue; + } + dev->ppi = *pp_ppi; + break; + } + if (dev->ppi == NULL) { + warnx("TPM PPI \"%s\" not found\n", value); + error = EINVAL; + goto err_out; + } + + if (dev->ppi->init) { + error = dev->ppi->init(&dev->ppi_sc); + if (error) + goto err_out; + } + *new_dev = dev; return (0); diff --git a/usr.sbin/bhyve/tpm_ppi.h b/usr.sbin/bhyve/tpm_ppi.h new file mode 100644 index 000000000000..3c54c2f6c223 --- /dev/null +++ b/usr.sbin/bhyve/tpm_ppi.h @@ -0,0 +1,20 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2022 Beckhoff Automation GmbH & Co. KG + * Author: Corvin Köhne + */ + +#pragma once + +#include "config.h" + +struct tpm_ppi { + const char *name; + + int (*init)(void **sc); + void (*deinit)(void *sc); + int (*write_dsdt_regions)(void *sc); + int (*write_dsdt_dsm)(void *sc); +}; +#define TPM_PPI_SET(x) DATA_SET(tpm_ppi_set, x) diff --git a/usr.sbin/bhyve/tpm_ppi_qemu.c b/usr.sbin/bhyve/tpm_ppi_qemu.c new file mode 100644 index 000000000000..8bea45ea3208 --- /dev/null +++ b/usr.sbin/bhyve/tpm_ppi_qemu.c @@ -0,0 +1,476 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2022 Beckhoff Automation GmbH & Co. KG + * Author: Corvin Köhne + */ + +#include +#include +#include +#include +#include + +#include + +#include +#include +#include +#include + +#include "acpi.h" +#include "acpi_device.h" +#include "config.h" +#include "mem.h" +#include "qemu_fwcfg.h" +#include "tpm_ppi.h" + +#define TPM_PPI_ADDRESS 0xFED45000 +#define TPM_PPI_SIZE 0x1000 + +#define TPM_PPI_FWCFG_FILE "etc/tpm/config" + +#define TPM_PPI_QEMU_NAME "qemu" + +struct tpm_ppi_qemu { + uint8_t func[256]; // FUNC + uint8_t in; // PPIN + uint32_t ip; // PPIP + uint32_t response; // PPRP + uint32_t request; // PPRQ + uint32_t request_parameter; // PPRM + uint32_t last_request; // LPPR + uint32_t func_ret; // FRET + uint8_t _reserved1[0x40]; // RES1 + uint8_t next_step; // next_step +} __packed; +static_assert(sizeof(struct tpm_ppi_qemu) <= TPM_PPI_SIZE, + "Wrong size of tpm_ppi_qemu"); + +struct tpm_ppi_fwcfg { + uint32_t ppi_address; + uint8_t tpm_version; + uint8_t ppi_version; +} __packed; + +static int +tpm_ppi_mem_handler(struct vcpu *const vcpu __unused, const int dir, + const uint64_t addr, const int size, uint64_t *const val, void *const arg1, + const long arg2 __unused) +{ + struct tpm_ppi_qemu *ppi; + uint8_t *ptr; + uint64_t off; + + if ((addr & (size - 1)) != 0) { + warnx("%s: unaligned %s access @ %16lx [size = %x]", __func__, + (dir == MEM_F_READ) ? "read" : "write", addr, size); + } + + ppi = arg1; + + off = addr - TPM_PPI_ADDRESS; + ptr = (uint8_t *)ppi + off; + + if (off > TPM_PPI_SIZE || off + size > TPM_PPI_SIZE) { + return (EINVAL); + } + + assert(size == 1 || size == 2 || size == 4 || size == 8); + if (dir == MEM_F_READ) { + memcpy(val, ptr, size); + } else { + memcpy(ptr, val, size); + } + + return (0); +} + +static struct mem_range ppi_mmio = { + .name = "ppi-mmio", + .base = TPM_PPI_ADDRESS, + .size = TPM_PPI_SIZE, + .flags = MEM_F_RW, + .handler = tpm_ppi_mem_handler, +}; + +static int +tpm_ppi_init(void **sc) +{ + struct tpm_ppi_qemu *ppi = NULL; + struct tpm_ppi_fwcfg *fwcfg = NULL; + int error; + + ppi = calloc(1, sizeof(*ppi)); + if (ppi == NULL) { + warnx("%s: failed to allocate acpi region for ppi", __func__); + error = ENOMEM; + goto err_out; + } + + fwcfg = calloc(1, sizeof(struct tpm_ppi_fwcfg)); + if (fwcfg == NULL) { + warnx("%s: failed to allocate fwcfg item", __func__); + error = ENOMEM; + goto err_out; + } + + fwcfg->ppi_address = htole32(TPM_PPI_ADDRESS); + fwcfg->tpm_version = 2; + fwcfg->ppi_version = 1; + + error = qemu_fwcfg_add_file(TPM_PPI_FWCFG_FILE, + sizeof(struct tpm_ppi_fwcfg), fwcfg); + if (error) { + warnx("%s: failed to add fwcfg file", __func__); + goto err_out; + } + + /* + * We would just need to create some guest memory for the PPI region. + * Sadly, bhyve has a strange memory interface. We can't just add more + * memory to the VM. So, create a trap instead which reads and writes to + * the ppi region. It's very slow but ppi shouldn't be used frequently. + */ + ppi_mmio.arg1 = ppi; + error = register_mem(&ppi_mmio); + if (error) { + warnx("%s: failed to create trap for ppi accesses", __func__); + goto err_out; + } + + *sc = ppi; + + return (0); + +err_out: + free(fwcfg); + free(ppi); + + return (error); +} + +static void +tpm_ppi_deinit(void *sc) +{ + struct tpm_ppi_qemu *ppi; + int error; + + if (sc == NULL) + return; + + ppi = sc; + + error = unregister_mem(&ppi_mmio); + assert(error = 0); + + free(ppi); +} + +static int +tpm_ppi_write_dsdt_regions(void *sc __unused) +{ + /* + * struct tpm_ppi_qemu + */ + /* + * According to qemu the Windows ACPI parser has a bug that DerefOf is + * broken for SYSTEM_MEMORY. Due to that bug, qemu uses a dynamic + * operation region inside a method. + */ + dsdt_line("Method(TPFN, 1, Serialized)"); + dsdt_line("{"); + dsdt_line(" If(LGreaterEqual(Arg0, 0x100))"); + dsdt_line(" {"); + dsdt_line(" Return(Zero)"); + dsdt_line(" }"); + dsdt_line( + " OperationRegion(TPP1, SystemMemory, Add(0x%8x, Arg0), One)", + TPM_PPI_ADDRESS); + dsdt_line(" Field(TPP1, ByteAcc, NoLock, Preserve)"); + dsdt_line(" {"); + dsdt_line(" TPPF, 8,"); + dsdt_line(" }"); + dsdt_line(" Return(TPPF)"); + dsdt_line("}"); + dsdt_line("OperationRegion(TPP2, SystemMemory, 0x%8x, 0x%x)", + TPM_PPI_ADDRESS + 0x100, 0x5A); + dsdt_line("Field(TPP2, AnyAcc, NoLock, Preserve)"); + dsdt_line("{"); + dsdt_line(" PPIN, 8,"); + dsdt_line(" PPIP, 32,"); + dsdt_line(" PPRP, 32,"); + dsdt_line(" PPRQ, 32,"); + dsdt_line(" PPRM, 32,"); + dsdt_line(" LPPR, 32,"); + dsdt_line("}"); + /* + * Used for TCG Platform Reset Attack Mitigation + */ + dsdt_line("OperationRegion(TPP3, SystemMemory, 0x%8x, 1)", + TPM_PPI_ADDRESS + sizeof(struct tpm_ppi_qemu)); + dsdt_line("Field(TPP3, ByteAcc, NoLock, Preserve)"); + dsdt_line("{"); + dsdt_line(" MOVV, 8,"); + dsdt_line("}"); + + return (0); +} + +static int +tpm_ppi_write_dsdt_dsm(void *sc __unused) +{ + /* + * Physical Presence Interface + */ + dsdt_line( + "If(LEqual(Arg0, ToUUID(\"3DDDFAA6-361B-4EB4-A424-8D10089D1653\"))) /* UUID */"); + dsdt_line("{"); + /* + * Function 0 - _DSM Query Function + * Arguments: + * Empty Package + * Return: + * Buffer - Index field of supported functions + */ + dsdt_line(" If(LEqual(Arg2, 0)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Return(Buffer(0x02)"); + dsdt_line(" {"); + dsdt_line(" 0xFF, 0x01"); + dsdt_line(" })"); + dsdt_line(" }"); + /* + * Function 1 - Get Physical Presence Interface Version + * Arguments: + * Empty Package + * Return: + * String - Supported Physical Presence Interface revision + */ + dsdt_line(" If(LEqual(Arg2, 1)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Return(\"1.3\")"); + dsdt_line(" }"); + /* + * Function 2 - Submit TPM Operation Request to Pre-OS Environment + * !!!DEPRECATED BUT MANDATORY!!! + * Arguments: + * Integer - Operation Value of the Request + * Return: + * Integer - Function Return Code + * 0 - Success + * 1 - Operation Value of the Request Not Supported + * 2 - General Failure + */ + dsdt_line(" If(LEqual(Arg2, 2)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Store(DerefOf(Index(Arg3, 0)), Local0)"); + dsdt_line(" Store(TPFN(Local0), Local1)"); + dsdt_line(" If (LEqual(And(Local1, 7), 0))"); + dsdt_line(" {"); + dsdt_line(" Return(1)"); + dsdt_line(" }"); + dsdt_line(" Store(Local0, PPRQ)"); + dsdt_line(" Store(0, PPRM)"); + dsdt_line(" Return(0)"); + dsdt_line(" }"); + /* + * Function 3 - Get Pending TPM Operation Request By the OS + * Arguments: + * Empty Package + * Return: + * Package + * Integer 1 - Function Return Code + * 0 - Success + * 1 - General Failure + * Integer 2 - Pending operation requested by the OS + * 0 - None + * >0 - Operation Value of the Pending Request + * Integer 3 - Optional argument to pending operation requested by + * the OS + * 0 - None + * >0 - Argument of the Pending Request + */ + dsdt_line(" If(LEqual(Arg2, 3)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" If(LEqual(Arg1, 1)) /* Revision */"); + dsdt_line(" {"); + dsdt_line(" Store(PPRQ, Index(TPM2, 1))"); + dsdt_line(" Return(TPM2)"); + dsdt_line(" }"); + dsdt_line(" If(LEqual(Arg1, 2)) /* Revision */"); + dsdt_line(" {"); + dsdt_line(" Store(PPRQ, Index(TPM3, 1))"); + dsdt_line(" Store(PPRM, Index(TPM3, 2))"); + dsdt_line(" Return(TPM3)"); + dsdt_line(" }"); + dsdt_line(" }"); + /* + * Function 4 - Get Platform-Specific Action to Transition to Pre-OS + * Environment + * Arguments: + * Empty Package + * Return: + * Integer - Action that the OS should take to transition to the + * pre-OS environment for execution of a requested operation + * 0 - None + * 1 - Shutdown + * 2 - Reboot + * 3 - OS Vendor-specific + */ + dsdt_line(" If(LEqual(Arg2, 4)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Return(2)"); + dsdt_line(" }"); + /* + * Function 5 - Return TPM Operation Response to OS Environment + * Arguments: + * Empty Package + * Return: + * Package + * Integer 1 - Function Return Code + * 0 - Success + * 1 - General Failure + * Integer 2 - Most recent operation request + * 0 - None + * >0 - Operation value of the most recent request + * Integer 3 - Response to the most recent operation request + * 0 - Success + * 0x00000001..0x000000FF - Corresponding TPM error code + * 0xFFFFFFF0 - User Abort or timeout of dialog + * 0xFFFFFFF1 - firmware failure + */ + dsdt_line(" If(LEqual(Arg2, 5)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Store(LPPR, Index(TPM3, 1))"); + dsdt_line(" Store(PPRP, Index(TPM3, 2))"); + dsdt_line(" Return(TPM3)"); + dsdt_line(" }"); + /* + * Function 6 - Submit preferred user language + * !!!DEPRECATED BUT MANDATORY!!! + * Arguments: + * Package + * String - Preferred language code + * Return: + * Integer + * 3 - Not implemented + */ + dsdt_line(" If(LEqual(Arg2, 6)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Return(3)"); + dsdt_line(" }"); + /* + * Function 7 - Submit TPM Operation Request to Pre-OS Environment 2 + * Arguments: + * Package + * Integer 1 - Operation Value of the Request + * Integer 2 - Argument for Operation + * Return: + * Integer - Function Return Code + * 0 - Success + * 1 - Not Implemented + * 2 - General Failure + * 3 - Operation blocked by current firmware settings + */ + dsdt_line(" If(LEqual(Arg2, 7)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Store(DerefOf(Index(Arg3, 0)), Local0)"); + dsdt_line(" Store(TPFN(Local0), Local1)"); + dsdt_line(" If (LEqual(And(Local1, 7), 0)) /* Not Implemented */"); + dsdt_line(" {"); + dsdt_line(" Return(1)"); + dsdt_line(" }"); + dsdt_line(" If (LEqual(And(Local1, 7), 2)) /* Blocked */ "); + dsdt_line(" {"); + dsdt_line(" Return(3)"); + dsdt_line(" }"); + dsdt_line(" If(LEqual(Arg1, 1)) /* Revision */"); + dsdt_line(" {"); + dsdt_line(" Store(Local0, PPRQ)"); + dsdt_line(" Store(0, PPRM)"); + dsdt_line(" }"); + dsdt_line(" If(LEqual(Arg1, 2)) /* Revision */"); + dsdt_line(" {"); + dsdt_line(" Store(Local0, PPRQ)"); + dsdt_line(" Store(DerefOf(Index(Arg3, 1)), PPRM)"); + dsdt_line(" }"); + dsdt_line(" Return(0)"); + dsdt_line(" }"); + /* + * Function 8 - Get User Confirmation Status for Operation + * Arguments: + * Package + * Integer - Operation Value that may need user confirmation + * Return: + * Integer - Function Return Code + * 0 - Not implemented + * 1 - Firmware only + * 2 - Blocked for OS by firmware configuration + * 3 - Allowed and physically present user required + * 4 - Allowed and physically present user not required + */ + dsdt_line(" If(LEqual(Arg2, 8)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Store(DerefOf(Index(Arg3, 0)), Local0)"); + dsdt_line(" Store(TPFN(Local0), Local1)"); + dsdt_line(" Return(And(Local1, 7))"); + dsdt_line(" }"); + /* + * Unknown function + */ + dsdt_line(" Return(Buffer(1)"); + dsdt_line(" {"); + dsdt_line(" 0x00"); + dsdt_line(" })"); + dsdt_line("}"); + + /* + * TCG Platform Reset Attack Mitigation + */ + dsdt_line( + "If(LEqual(Arg0, ToUUID(\"376054ED-CC13-4675-901C-4756D7F2D45D\"))) /* UUID */"); + dsdt_line("{"); + /* + * Function 0 - _DSM Query Function + * Arguments: + * Empty Package + * Return: + * Buffer - Index field of supported functions + */ + dsdt_line(" If(LEqual(Arg2, 0)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Return(Buffer(1)"); + dsdt_line(" {"); + dsdt_line(" 0x03"); + dsdt_line(" })"); + dsdt_line(" }"); + /* + * Function 1 - Memory Clear + * Arguments: + * Package + * Integer - Operation Value of the Request + * Return: + * Integer - Function Return Code + * 0 - Success + * 1 - General Failure + */ + dsdt_line(" If(LEqual(Arg2, 1)) /* Function */"); + dsdt_line(" {"); + dsdt_line(" Store(DerefOf(Index(Arg3, 0)), Local0)"); + dsdt_line(" Store(Local0, MOVV)"); + dsdt_line(" Return(0)"); + dsdt_line(" }"); + dsdt_line("}"); + + return (0); +} + +static struct tpm_ppi tpm_ppi_qemu = { + .name = TPM_PPI_QEMU_NAME, + .init = tpm_ppi_init, + .deinit = tpm_ppi_deinit, + .write_dsdt_regions = tpm_ppi_write_dsdt_regions, + .write_dsdt_dsm = tpm_ppi_write_dsdt_dsm, +}; +TPM_PPI_SET(tpm_ppi_qemu);