From nobody Sun Feb 8 14:51:57 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+40089+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40089+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1557216100; cv=none; d=zoho.com; s=zohoarc; b=WpvdkyDt+8xS5fTBX7dsajN6syT9fb+lWBrzL+FEs94rcWcqcFktBSZ0h/S+tCsNBZSglzcF+C13ufibBXU4WTln/TUcBLhnykCFPlGNCoEbfiFN7PnsTOLJczEub0TnL8HTZRRz/yvj/L0z+0UOqVFd5J3Iw4Yfok9pDkES6aI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557216100; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=sv0WINJ23t2S03kQ7V5FgauGB43yhOgfVF24+UmPHZ0=; b=jwupo0bHCq+sVLWk152kMGALALLav+W2HdhC71qcqLBJioixjg/z/q1i/jgRlM2NDd4O57IR0XGfUZRD5IZVM9EHDj9u3WzvBJjDlgiFC1C3o1GuyVZ1bAFqe80mm9FDSN5qqsfEznMjVeOUIEWhoEmTaS0lFFm3WrnWo13dzoA= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40089+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1557216100105480.94735119036727; Tue, 7 May 2019 01:01:40 -0700 (PDT) Return-Path: X-Received: from mga01.intel.com (mga01.intel.com []) by groups.io with SMTP; Tue, 07 May 2019 01:01:38 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 May 2019 01:01:38 -0700 X-ExtLoop1: 1 X-Received: from ydong10-win10.ccr.corp.intel.com ([10.239.158.133]) by fmsmga006.fm.intel.com with ESMTP; 07 May 2019 01:01:38 -0700 From: "Dong, Eric" To: devel@edk2.groups.io Subject: [edk2-devel] [Patch 1/3] SecurityPkg/SecurityPkg.dec: Change default value. Date: Tue, 7 May 2019 16:00:51 +0800 Message-Id: <20190507080053.15056-2-eric.dong@intel.com> In-Reply-To: <20190507080053.15056-1-eric.dong@intel.com> References: <20190507080053.15056-1-eric.dong@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,eric.dong@intel.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1557216099; bh=77VX8A/mD82Oa1lwA1EQ6Slr6KVsI8uGaZLczFt5pvg=; h=Date:From:Reply-To:Subject:To; b=q3fIWZtNa4Bg/ht/J0vP2f1qdupXDNo8VbUVZyHzJvXIog6Qp93H+2vdl8SnwSOwKmI YUS9wBMElAqcQ0BxvuFq3tmaeU7xh3x9IStVsneR4yvnPGohzBCzp3/PUcUnEk2CXzNyT zpMUxLHvIOqkUCsg+wYBTxCNQ4Vd7MpFbXs= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" For safe concern, change BlockSID default policy. Signed-off-by: Eric Dong --- SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h | 3 ++- SecurityPkg/SecurityPkg.dec | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h b/Securi= tyPkg/Include/Library/Tcg2PhysicalPresenceLib.h index e08719003d..d8aedf1e4c 100644 --- a/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h +++ b/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h @@ -57,7 +57,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. // Default value // #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT (TCG2_BIOS_STORAGE_MANAG= EMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID | \ - TCG2_BIOS_STORAGE_MANAG= EMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) + TCG2_BIOS_STORAGE_MANAG= EMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID |\ + TCG2_BIOS_STORAGE_MANAG= EMENT_FLAG_ENABLE_BLOCK_SID) =20 /** Check and execute the pending TPM request. diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 8d64b4fefe..edb31a1456 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -428,7 +428,7 @@ # PCD can be configured for different settings in different scenarios # Default setting is TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_S= TORAGE_MANAGEMENT_FLAG_DEFAULT # @Prompt Initial setting of TCG2 Persistent Firmware Management Flags - gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags|0x300E2|UINT3= 2|0x0001001B + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags|0x700E2|UINT3= 2|0x0001001B =20 ## Indicate current TPM2 Interrupt Number reported by _CRS control metho= d.

# TPM2 Interrupt feature is disabled If the pcd is set to 0.
--=20 2.15.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#40089): https://edk2.groups.io/g/devel/message/40089 Mute This Topic: https://groups.io/mt/31529814/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-