Testing TPM Physical Presence Interface in OS

[miczyg1]

Test environment version
Current

Dasharo version
Any

Dasharo variant
Any/UEFI

Question text
While we already know how PPI works in FW setup more or less (switching PCR banks. clearing TPM, hierarchy management, etc.), TPM PPI is also used by the OS runtime to pass requests to the pre-OS environment (i.e. FW). SOme TPM operations may require platform hierarchy which is taken by the FW itself, so OS has to have meanings to perform these operations. That is why PPI exists.

We should analyze how Linux (and Windows?) can be used to test if PPI works.

TPM PPI specs: https://trustedcomputinggroup.org/resource/tcg-physical-presence-interface-specification/

[miczyg1]

Okay, it seems trivial. Linux exposes everything we need in sysfs. For example disabling PCR SHA1 i SHA256 banks:
echo 23 3 | sudo tee /sys/class/tpm/tpm0/ppi/request

FIrst param is a PPI function: https://trustedcomputinggroup.org/wp-content/uploads/Physical-Presence-Interface_1-30_0-52.pdf (table 2 for TPM 2.0), SetPCRBanks (23) in this case.
Second parameter is a bitfield with algorithms https://trustedcomputinggroup.org/wp-content/uploads/TCG-Algorithm-Registry-Revision-1.34_pub-1.pdf (table 26). In this case enabling SHA1 i SHA256 ( 1 << 0 | 1 << 1 = 3).

Next a reboot and EDK2 welcomes us with a promptto change PCR banks in TPM. Works only before: Dasharo/edk2#194

Example disabling SHA1 bank: echo 23 2 | sudo tee /sys/class/tpm/tpm0/ppi/request

TPM PPI sysfs documentation: https://www.kernel.org/doc/Documentation/ABI/testing/sysfs-driver-ppi

All that is left is to debug issues with platforms that cannot preserve RAM content after reboot (Protectli ADL platforms, VP2410 and all others where the RAM PPI did not work for some reasons).

[mkopec]

all others where the RAM PPI did not work for some reasons

also affects novacustom meteorlake platforms