[SLOF] [PATCH v2 02/20] Add TPM initialization support
Stefan Berger
stefanb at linux.vnet.ibm.com
Fri Nov 20 05:33:09 AEDT 2015
On 11/19/2015 04:04 AM, Thomas Huth wrote:
> I'm having a hard time to imagine what "unassert physical presence"
> means ... could you please add a comment here to explain what this
> function does?
The TCG specs talk a lot about 'assertion' of physical presence. A
function that does that is added later in the patch series, when it is
needed for executing certain TPM functionality using the menu. So this
function does the opposite and we 'give up' physical presence. If I
described this in some text above the function, is that sufficient or
should I rename the function as well (tpm_giveup_physical_presence) ?
Stefan
>> +uint32_t tpm_unassert_physical_presence(void)
>> +{
>> + uint32_t rc;
>> + uint32_t return_code;
>> +
>> + if (!has_working_tpm())
>> + return TCGBIOS_GENERAL_ERROR;
>> +
>> + rc = build_and_send_cmd(TPM_ORD_PHYSICAL_PRESENCE,
>> + physical_presence_cmd_enable,
>> + sizeof(physical_presence_cmd_enable),
>> + NULL, 0, &return_code,
>> + TPM_DURATION_TYPE_SHORT);
>> +
>> + dprintf("Return code from TPM_PhysicalPresence(CMD_ENABLE) = 0x%08x\n",
>> + return_code);
>> +
>> + if (rc || return_code)
>> + goto err_exit;
>> +
>> + rc = build_and_send_cmd(TPM_ORD_PHYSICAL_PRESENCE,
>> + physical_presence_not_present_lock,
>> + sizeof(physical_presence_not_present_lock),
>> + NULL, 0, &return_code,
>> + TPM_DURATION_TYPE_SHORT);
>> +
>> + dprintf("Return code from TPM_PhysicalPresence(NOT_PRESENT_LOCK) = 0x%08x\n",
>> + return_code);
>> +
>> + if (rc || return_code)
>> + goto err_exit;
>> +
>> + return 0;
>> +
>> +err_exit:
>> + dprintf("TPM malfunctioning (line %d).\n", __LINE__);
>> +
>> + tpm_set_failure();
>> + if (rc)
>> + return rc;
>> + return TCGBIOS_COMMAND_ERROR;
>> +}
More information about the SLOF
mailing list