From nobody Sun Feb  8 10:50:21 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as
 permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+40167+1787277+3901457@groups.io;
 helo=web01.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted
 sender)  smtp.mailfrom=bounce+27952+40167+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1557284521; cv=none;
	d=zoho.com; s=zohoarc;
	b=ieslGDtv3AZ+0Zmbr4Or4XJdgZ0Hpc6mKhWx8BnzeozNP8BqVhDlnP+cbJQwcdUBNjKsCVYSVa4yoFD2gHK/1xCWa3440rASFvRbEodpOmSTcU4VSFx73KENIwPxZZgHZWtOuAki26KHMCgJraltJ6O3aItNImr0GpPlrWiJndc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1557284521;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=aLwFRCFz7+QvvsgLYBhwJchRdBceryOUDh/5WS5H/Uw=;
	b=JHji3SGWv7DyDa8Sl65fJ5qaFP+FHqStn+dq6AaBRXf9txJ9pWjkyBwOfopcrWAwwssU1zF7QBRqwH82HVENML9bXAZFGd/Rf4j/WNObRfp1hkJ+JDVyzUZDzR7NsHTm1VvjOkMm3zyMUoGG0b3usSIvAebT7c9p3nujD25ktiQ=
ARC-Authentication-Results: i=1; mx.zoho.com;
	dkim=pass;
	spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted
 sender)  smtp.mailfrom=bounce+27952+40167+1787277+3901457@groups.io;
	dmarc=fail header.from=<eric.dong@intel.com> (p=none dis=none)
 header.from=<eric.dong@intel.com>
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 155728452081360.69666036281092;
 Tue, 7 May 2019 20:02:00 -0700 (PDT)
Return-Path: <bounce+27952+40167+1787277+3901457@groups.io>
X-Received: from mga03.intel.com (mga03.intel.com [])
 by groups.io with SMTP; Tue, 07 May 2019 20:02:00 -0700
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
X-Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 07 May 2019 20:01:53 -0700
X-ExtLoop1: 1
X-Received: from ydong10-win10.ccr.corp.intel.com ([10.239.158.133])
  by fmsmga008.fm.intel.com with ESMTP; 07 May 2019 20:01:53 -0700
From: "Dong, Eric" <eric.dong@intel.com>
To: devel@edk2.groups.io
Cc: Hao Wu <hao.a.wu@intel.com>
Subject: [edk2-devel] [Patch v2 1/3] SecurityPkg/SecurityPkg.dec: Change
 default value.
Date: Wed,  8 May 2019 11:01:48 +0800
Message-Id: <20190508030150.3968-2-eric.dong@intel.com>
In-Reply-To: <20190508030150.3968-1-eric.dong@intel.com>
References: <20190508030150.3968-1-eric.dong@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,eric.dong@intel.com
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1557284520;
 bh=o0rC5ROM8WsoiIxNqOP4XSE2CNQli3owPb3KlWA6Zwc=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=gNDq3YE2ScW+PdaKUaXUSxzlC74Apns9hZkbmJNlh/HXArV892GceD0VzJWsEz5gbk+
 evRHf+/LpLJmDZsD6lblvp/uLiGrIDkEMcTOTs8ucVVqfWOMF8fzrXnIrHzVYvdjbTnjX
 ZalYV7dt+jIuis767TSqmiQHPMj6XIBriXc=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Type: text/plain; charset="utf-8"

https://bugzilla.tianocore.org/show_bug.cgi?id=3D1782

Change BlockSID default policy, default enable BlockSid.

Signed-off-by: Eric Dong <eric.dong@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
---
 SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h | 3 ++-
 SecurityPkg/SecurityPkg.dec                           | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h b/Securi=
tyPkg/Include/Library/Tcg2PhysicalPresenceLib.h
index d9eee7f3e8..8da3deaf86 100644
--- a/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h
+++ b/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h
@@ -51,7 +51,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 // Default value
 //
 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT (TCG2_BIOS_STORAGE_MANAG=
EMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID | \
-                                                   TCG2_BIOS_STORAGE_MANAG=
EMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID)
+                                                   TCG2_BIOS_STORAGE_MANAG=
EMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID |\
+                                                   TCG2_BIOS_STORAGE_MANAG=
EMENT_FLAG_ENABLE_BLOCK_SID)
=20
 /**
   Check and execute the pending TPM request.
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 6e4c4c3a02..3314f1854b 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -410,7 +410,7 @@
   # PCD can be configured for different settings in different scenarios
   # Default setting is TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_S=
TORAGE_MANAGEMENT_FLAG_DEFAULT
   # @Prompt Initial setting of TCG2 Persistent Firmware Management Flags
-  gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags|0x300E2|UINT3=
2|0x0001001B
+  gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags|0x700E2|UINT3=
2|0x0001001B
=20
   ## Indicate current TPM2 Interrupt Number reported by _CRS control metho=
d.<BR><BR>
   # TPM2 Interrupt feature is disabled If the pcd is set to 0.<BR>
--=20
2.21.0.windows.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#40167): https://edk2.groups.io/g/devel/message/40167
Mute This Topic: https://groups.io/mt/31539610/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-