<tt><font size=2>"Kevin O'Connor" <kevin@koconnor.net>
wrote on 01/05/2016 11:03:00 PM:<br><br>> <br>> On Tue, Jan 05, 2016 at 10:07:54PM -0500, Stefan Berger wrote:<br>> > "Kevin O'Connor" <kevin@koconnor.net> wrote on
01/05/2016 08:55:51 PM:<br>> > > Then it sounds like the only time we need to call tpm_set_failure
is<br>> > > on a failure of a TPM_ORD_Extend command. It might
also make sense to<br>> > > deactivate the TPM if we detect the hardware but don't have
the acpi<br>> > > tables present.<br>> > <br>> > I would also deactivate it if it returned an error to<br>> > TPM_ORD_Startup, TPM_ORD_SelfTestFull. Since the menu is
written in<br>> > such a way that the user only has the choices that are valid
for the<br>> > current state, also those commands have to work, unless the TPM
is<br>> > defective. Or is that too strict?<br>> <br>> Attempting to deactivate if TPM_ORD_Startup or TPM_ORD_SelfTestFull<br>> fail makes sense.<br>> <br>> I wonder if the code could attempt to assert physical presence in<br>> tpm_startup() and only enable the tpm menu if that succeeds.</font></tt><br><br><tt><font size=2>There are two ways to assert physical presence, one
is via software, the other via hardware.</font></tt><br><br><tt><font size=2>For hardware assertion there's a PIN on the chip that
indicates the state of a dip switch</font></tt><br><tt><font size=2>for example. Problem is, this assertion cannot easily
be read as a flag. We have to infer this</font></tt><br><tt><font size=2>via a command. So the trick seems to be to send TPM_PhysicalEnable/TPM_PhysicalDisable</font></tt><br><tt><font size=2>with the value that's already there.</font></tt><br><br><tt><font size=2>The software assertion can be done, unless prevented,
the way we do it now.</font></tt><br><tt><font size=2><br>> <br>> BTW, if I'm reading the specs correctly, CMD_ENABLE is likely to fail<br>> on real hardware as manufacturers are supposed to set LifetimeLock
at<br>> the factory. It also appears that CMD_ENABLE alters non volatile</font></tt><br><br><tt><font size=2>I'll try to rework that.</font></tt><br><br><tt><font size=2> Stefan</font></tt><br><tt><font size=2><br>> memory, so writing it on every boot may cause wear on the device?<br>> <br>> -Kevin<br>> <br></font></tt><BR>