Re: [PATCH v4 6/6] ibmvtpm: Add support for trusted boot using a vTPM 2.0

[Robbie Harwood <rharwood@redhat.com>]

[-- Attachment #1: Type: text/plain, Size: 1280 bytes --]

Stefan Berger <stefanb@linux.ibm.com> writes:

> Add support for trusted boot using a vTPM 2.0 on the IBM IEEE1275
> PowerPC platform. With this patch grub now measures text and binary data
> into the TPM's PCRs 8 and 9 in the same way as the x86_64 platform
> does.
>
> This patch requires Daniel Axtens's patches for claiming more memory.
>
> Note: The tpm_init() function cannot be called from GRUB_MOD_INIT() since
> it does not find the device nodes upon module initialization and
> therefore the call to tpm_init() must be deferred to grub_tpm_measure().
>
> For vTPM support to work on PowerVM, system driver levels 1010.30
> or 1020.00 are required.
>
> Note: Previous versions of firmware levels with the 2hash-ext-log
> API call have a bug that, once this API call is invoked, has the
> effect of disabling the vTPM driver under Linux causing an error
> message to be displayed in the Linux kernel log. Those users will
> have to update their machines to the firmware levels mentioned
> above.
>
> Cc: Eric Snowberg <eric.snowberg@oracle.com>
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> Signed-off-by: Daniel Axtens <dja@axtens.net>
> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

Reviewed-by: Robbie Harwood <rharwood@redhat.com>

Be well,
--Robbie

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 861 bytes --]