Comments (2)
Thank you for the detailed response @BradL-Msft! greatly appreciated :)
from ms-tpm-20-ref.
TL;DR; 16kB was a convenient size for the reference code to use for example.
Long Answer:
The Reference code handling of NV data is very implementation specific. A separate implementation could choose to do things differently. Thus NV_MEMORY_SIZE is also implementation specific. Specifically, the reference code stores all NV data within this single large NV area, though that isn't required. For example, a specific implementation could store different index types in separate storage, subject to the minimums for other capabilities. E.g. TPM_PT_NV_COUNTERS_MAX has a minimum of 6 counters in the PC Platform spec, but a non-PC TPM could do something yet different. And even a PC implementation could create a new NV_COUNTER_MEMORY_SIZE definition of physical space solely for counters. It's not required that a TPM use the reference code in its implementation, so an implementation could store those counters in a separate NV region if it chose to.
Since the reference code stores everything within the same 16kB region reflected in NV_MEMORY_SIZE, there is a lot of additional "overhead" beyond the data called out in Section 4.5.1 Table 4. See 4.5.1 "Note: The sizes indicated in the table are the maximum size of the data area only and do not address the overhead. TPM vendors need to account for the overhead." In particular, Table 4 doesn't account for the various global data objects in the reference code, or does it account for TPM_PT_HR_PERSISTENT_MIN. These require a fair-sized block of NV space. Note also that the actual number of bytes required to support TPM_PT_HR_PERSISTENT_MIN == 7 (Section 4.1 Table 1) depends on the list of enabled algorithms. E.g. enabling RSA4k vs RSA2k will increase the number of required bytes for the same number of persistent objects. This is why the PC Platform spec doesn't specify bytes directly, but rather defines requirements in terms of capabilities.
Thus, an implementation can tweak NV_MEMORY_SIZE to fit its needs or do something differently. 16KB is a reasonable size for a minimal implementation using the reference code's NV storage strategy (everything in a big bucket), consistent with the PC platform spec while leaving a reasonable amount of space available for application use.
The official requirements for any given implementation are based on the specific requirements in the platform specs, which based on enabled options will result in an implementation-specific byte count.
from ms-tpm-20-ref.
Related Issues (20)
- Build fails
- the DFStart function may has two lines of code implementation that may be incorrect
- Table-driven marshalling code is not type-safe
- OP-TEE fTPM crashes with persistent storage HOT 3
- Execution of test cases failed on macOS
- Cooperative Checkpointing Implementation HOT 3
- How to enable MEASURED_BOOT macro using a yocto recipe HOT 1
- TPM2_LoadExternal does not validate authPolicy size if private area is not loaded. HOT 1
- This repo is missing important files
- Default branch changed from `master` to `main`
- NO_LONGJMP doesn't work - TpmFail() and _plat__Fail() do not use TPM_FAIL_RETURN as return attribute HOT 10
- Code formatting for TPM reference implementation HOT 1
- Is the generator for the TPM sources available? HOT 8
- fTPM usage of RTC HOT 2
- Where to find the TPM 2.0 Spec
- Does not build with OpenSSL 3 HOT 1
- WolfSSL reference outdated
- Missing dependencies break parallel fTPM builds HOT 1
- bad substitution when configuring TPMCmd in Windows Subsystem for Ubuntu Linux HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ms-tpm-20-ref.