[U-Boot] (Mixed security state) Re: [PATCH 1/6] tpm: add AUTH1 cmds for LoadKey2 and GetPubKey
Tom Rini
trini at ti.com
Tue Apr 23 16:47:34 CEST 2013
On Tue, Apr 23, 2013 at 02:12:52PM +0200, Pfau, Reinhard wrote:
>
> Hi,
>
> > -----Original Message-----
> > From: u-boot-bounces at lists.denx.de
> > [mailto:u-boot-bounces at lists.denx.de] On Behalf Of Tom Rini
> > Sent: Monday, April 22, 2013 8:37 PM
> > To: Eibach, Dirk
> > Cc: u-boot at lists.denx.de
> > Subject: (Mixed security state) Re: [U-Boot] [PATCH 1/6] tpm:
> > add AUTH1 cmds for LoadKey2 and GetPubKey
> >
> > On Mon, Apr 22, 2013 at 01:06:40PM +0200, Dirk Eibach wrote:
> >
> > > From: Reinhard Pfau <pfau at gdsys.de>
[snip]
> > [snip]
> > > /**
> > > + * TPM return codes as defined in the TCG Main specification
> > > + * (TPM Main Part 2 Structures; Specification version 1.2)
> > > + */
> > > +enum tpm_return_code {
> > > + TPM_BASE = 0x00000000,
> > > + TPM_NON_FATAL = 0x00000800,
> > > + TPM_SUCCESS = TPM_BASE,
> > > + /* TPM-defined fatal error codes */
> > > + TPM_AUTHFAIL = TPM_BASE + 1,
> > [snip]
> > > + TPM_BADINDEX = TPM_BASE + 2,
> >
> > I don't like this form, and it's not what we usually use. It
> > should be,
> > roughly:
> > enum tpm_return_code {
> > TPM_SUCCESS = 0,
> > /* TPM-defined fatal error codes. */
> > TPM_BAD_PARAMETER,
> > TPM_AUDITFAILURE,
> > ...
> > /* TPM-defined non-fatal error codes. */
> > TPM_RETRY = 0x800,
> > TPM_NEEDS_SELFTEST,
> > ...
> > }
>
> Well, the way I wrote the constants is intentionally since the return
> codes are defined like this in the TCG specification.
> In the spec the return codes are found in a table with name and value;
> and the value is expressed as sum based on TPM_BASE.
> (See TCG published spec: "TPM Main Part 2 TPM Structures; Specification
> version 1.2" chapter 16 ("Return Codes").)
>
> This way it might be easier to keep the constants in sync with (future)
> versions of the TCG spec :-)
> So I would like to keep it as it is.
OK, I pulled up the doc and I see what you mean. Yes, it's OK to do
that in this case here. Thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20130423/f09d57df/attachment.pgp>
More information about the U-Boot
mailing list