From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55005+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55005+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814465; cv=none; d=zohomail.com; s=zohoarc; b=GV1gLVPQRqqzlBhNcsgFxsWH4zkwSWFa0nVPbwcxvjhCJz8hfmDz1UMk19bDF2dCh8IOnsdpMB5+hGp3IYsqpp2Qpe0INlMNPRA63NX6jDTXnLCilNNFVXfuu1RwmwDd1cipaYelfGSBP3Z7kplu/HmlqvHy5AmDpfzeShT4MRM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814465; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=3mBSwbWeB09rgRVb0Anhc4R+Pqjn5zRDBe5yeHXF+kw=; b=KZEbscnpdnl2I19WvC9umfU0Wdsj0FM4wHc+1EEs1I0okdGmI8LG+ghg3j8JjcFrf47k+nRAOUurFkGDN8zqQs2k6C4IHJryTeAzkqCuqDM+YFKXhef4c8VJ3Zji7ahyf4GHuo0QeZyah6W2qxVDDks0+B+37TvfEATh4aeuz0c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55005+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814465320777.1735417973315; Thu, 27 Feb 2020 06:41:05 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 43fDYY1788612xJ7a48sObQz; Thu, 27 Feb 2020 06:41:03 -0800 X-Received: from mail-wr1-f67.google.com (mail-wr1-f67.google.com [209.85.221.67]) by mx.groups.io with SMTP id smtpd.web12.4817.1582814462354879202 for ; Thu, 27 Feb 2020 06:41:02 -0800 X-Received: by mail-wr1-f67.google.com with SMTP id v2so3610033wrp.12 for ; Thu, 27 Feb 2020 06:41:02 -0800 (PST) X-Gm-Message-State: GJo05VUqQLW7xvkNXTIBACm8x1787277AA= X-Google-Smtp-Source: APXvYqx2vEWhL99zzhkocNshgQlyANAU62A1VYcwq4Iru/xFF0V0DDbcmx6ejut/13Yl5G6qrIcCCw== X-Received: by 2002:a5d:6604:: with SMTP id n4mr4990006wru.136.1582814460636; Thu, 27 Feb 2020 06:41:00 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.40.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:40:59 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 01/11] OvmfPkg/Tcg2ConfigPei: introduce a signalling PPI to depex on Date: Thu, 27 Feb 2020 15:40:46 +0100 Message-Id: <20200227144056.56988-2-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814463; bh=TBfoRVgHZp7fYKBRetAKr5Yw+zO7a52OlIRTIM+ECis=; h=Cc:Date:From:Reply-To:Subject:To; b=YTBlWe7wyIboi0AqsyjIiL/OUGBxqnjXSAuu+g3qP3rVlwrzawgcc90oVoHl1Pzj4Nw 3mRAnyz3pYkQIN7Yf0DVLA56dKqbA7p8AoGs+Tuz/DTxUDbsTwFgCb7vuJ3eNiILcV6HB BHm3haxZUyK+0iRKu4tCWh1o2NTbK5VEN14= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" On ARM systems, the TPM does not live at a fixed address, and so we need the platform to discover it first. So introduce a PPI that signals that the TPM address has been discovered and recorded in the appropriate PCD, and make Tcg2ConfigPei depex on it when built for ARM or AARCH64. Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- OvmfPkg/OvmfPkg.dec | 5 +++++ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf | 6 +++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec index 4c5b6511cb97..30faecb7a5c8 100644 --- a/OvmfPkg/OvmfPkg.dec +++ b/OvmfPkg/OvmfPkg.dec @@ -87,6 +87,11 @@ [Guids] gEfiLegacyBiosGuid =3D {0x2E3044AC, 0x879F, 0x490F, {0x= 97, 0x60, 0xBB, 0xDF, 0xAF, 0x69, 0x5F, 0x50}} gEfiLegacyDevOrderVariableGuid =3D {0xa56074db, 0x65fe, 0x45f7, {0x= bd, 0x21, 0x2d, 0x2b, 0xdd, 0x8e, 0x96, 0x52}} =20 +[Ppis] + # PPI whose presence in the PPI database signals that the TPM base addre= ss + # has been discovered and recorded + gOvmfTpmDiscoveredPpiGuid =3D {0xb9a61ad0, 0x2802, 0x41f3, {0x= b5, 0x13, 0x96, 0x51, 0xce, 0x6b, 0xd5, 0x75}} + [Protocols] gVirtioDeviceProtocolGuid =3D {0xfa920010, 0x6785, 0x4941, {0x= b6, 0xec, 0x49, 0x8c, 0x57, 0x9f, 0x16, 0x0a}} gXenBusProtocolGuid =3D {0x3d3ca290, 0xb9a5, 0x11e3, {0x= b7, 0x5d, 0xb8, 0xac, 0x6f, 0x7d, 0x65, 0xe6}} diff --git a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf b/OvmfPkg/Tcg/Tcg2Con= fig/Tcg2ConfigPei.inf index e34cd6210611..55684ba045b3 100644 --- a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +++ b/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf @@ -25,6 +25,7 @@ [Sources] [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec + OvmfPkg/OvmfPkg.dec SecurityPkg/SecurityPkg.dec =20 [LibraryClasses] @@ -43,5 +44,8 @@ [Ppis] [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## PROD= UCES =20 -[Depex] +[Depex.IA32, Depex.X64] TRUE + +[Depex.ARM, Depex.AARCH64] + gOvmfTpmDiscoveredPpiGuid --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55005): https://edk2.groups.io/g/devel/message/55005 Mute This Topic: https://groups.io/mt/71587885/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55006+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55006+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814466; cv=none; d=zohomail.com; s=zohoarc; b=flM8ygKTJM5Ui7j0HTH3j/edmGPQRw8W9OkRe3nVq3h3gIV9fEcsJrwn6p/yjrre/Y48Tr0QXQPaE6BE9lmgMrL6Cx0JnI9vqc5zwFxbD7qIhKdM3RmnmbGmr0zEzFR3vUyc+/qcrU2dUNQuijtU+3FcGbZBOWCRwxEgij8YJCA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814466; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=aySe1jJbQ4CAIA+cst/+VQR9TaNdtVd5H9YOYjP20LQ=; b=O/qTQzDJ4G6xBbwFV25ds6dSq6sp+xMOytHcPy9KEBrVpxonA9FERJXZvqQVVfaZG+8yrAzJoRGMGKk/lNUceEsnGDu+AHJhQdk5NcofogpeWcENuK8DrzI3F35ec7P6tIIqH/IZqggoDvz5fOcMsAD18R2yhffqHaQd3sqzlOY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55006+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814466750240.90711504736998; Thu, 27 Feb 2020 06:41:06 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id iAT2YY1788612xhAkeTdQDE6; Thu, 27 Feb 2020 06:41:04 -0800 X-Received: from mail-wm1-f66.google.com (mail-wm1-f66.google.com [209.85.128.66]) by mx.groups.io with SMTP id smtpd.web11.4837.1582814463904636028 for ; Thu, 27 Feb 2020 06:41:04 -0800 X-Received: by mail-wm1-f66.google.com with SMTP id c84so3716417wme.4 for ; Thu, 27 Feb 2020 06:41:03 -0800 (PST) X-Gm-Message-State: gfsQObWkiwNHM1Q1ODVt9yHpx1787277AA= X-Google-Smtp-Source: APXvYqzOqefVOFC5FZ66tqTMXpSHzz7CQDzAWO1ASS7MXDUW6xekZUX+MJNVfApYKcC3MBedYQIneQ== X-Received: by 2002:a1c:a382:: with SMTP id m124mr5580630wme.90.1582814462222; Thu, 27 Feb 2020 06:41:02 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:01 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 02/11] ArmVirtPkg/PlatformPeiLib: make PcdLib dependency explicit in .INF Date: Thu, 27 Feb 2020 15:40:47 +0100 Message-Id: <20200227144056.56988-3-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814464; bh=P0tMscCXllnKipAltDTm8wIhMmuCEWDZe8UeXw1oiUU=; h=Cc:Date:From:Reply-To:Subject:To; b=b0cpynrD56fjqutyJSG+YxFfSsbobP559kClkFjEBL9DaBYwm8nFCmOubnBIFTKbBUR rGIkEaFRZtUkJWXWscKFGv0Ko1kANA0mPBrS0S9H+QpYzTtYvKxaf87hF/lMwHVGvQqFa Phv664htr8zOb2BdeZSwDf+vFpgXnbqXHgE= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" We currently include PcdLib.h in PlatformPeiLib, without declaring this dependency in its .INF description. Since all the PCDs we use resolve to fixed type in practice, this does not really matter at the moment, but since we will be adding dynamic PCD references in a subsequent patch, let's make the PcdLib dependency explicit, so that its dispatch is guaranteed to be ordered correctly with respect to the provider of the dynamic PCD PPI. Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek Reviewed-by: Philippe Mathieu-Daude --- ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf | 1 + 1 file changed, 1 insertion(+) diff --git a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf b/ArmVirt= Pkg/Library/PlatformPeiLib/PlatformPeiLib.inf index 46db117ac28e..5428040f121d 100644 --- a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf +++ b/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf @@ -29,6 +29,7 @@ [LibraryClasses] DebugLib HobLib FdtLib + PcdLib =20 [FixedPcd] gArmTokenSpaceGuid.PcdFvSize --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55006): https://edk2.groups.io/g/devel/message/55006 Mute This Topic: https://groups.io/mt/71587886/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55007+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55007+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814467; cv=none; d=zohomail.com; s=zohoarc; b=foZZE53FrAnCDa50Kv3A1kEyCz9C1233xYVwaofeOiHql1uLLmzCvdNFOwGZDy8k1RlGLJpOe6EsIX7+jQD1uZ+uo8Bw4jtGT9IVfNsl+L5frbl2vEku+ByhdeDl3nWH2iKkGBwFaOQpLuhdwtg7Jxhe4gebCGcOtEc9/IWZP0M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814467; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=HQ1zvqOQaMHjShkNuE4sfr8ZOe8gbwWPfxJmoLZoDmg=; b=ZeO18r827M85obHyJL2Ys+dh6ALgYgcZLFuh6LG+pQaA0Y9SXijEY8l0vfwVll6yTxFSTgVdBUc5tZvLGjzJeT4whoqOaqInqw4YQKZqGbQUnF7csyzVXKccJLbjL3mVNJC1bv82Syf62UcSghyFFNfZfcfO6y9cqBbxlWx7Br0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55007+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814467425806.2706387947682; Thu, 27 Feb 2020 06:41:07 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 3rH3YY1788612xVshy9NK50t; Thu, 27 Feb 2020 06:41:06 -0800 X-Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) by mx.groups.io with SMTP id smtpd.web10.5080.1582814465682787071 for ; Thu, 27 Feb 2020 06:41:06 -0800 X-Received: by mail-wm1-f67.google.com with SMTP id t23so3872292wmi.1 for ; Thu, 27 Feb 2020 06:41:05 -0800 (PST) X-Gm-Message-State: VG2O86VoWuyoZHZoBmtCqoQ8x1787277AA= X-Google-Smtp-Source: APXvYqxGaVdvWA/WjDVM8bESJcGVgldaJQRVNwKFGYD67zYQiXyPLUAYBpfLdJzQK5DeE+M0JnVU/Q== X-Received: by 2002:a7b:c957:: with SMTP id i23mr5742254wml.174.1582814463665; Thu, 27 Feb 2020 06:41:03 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:02 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 03/11] ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT Date: Thu, 27 Feb 2020 15:40:48 +0100 Message-Id: <20200227144056.56988-4-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814466; bh=GNoze+tJUt3nRypRv1vRphK2b7MGpYpSyfquO9HmIVw=; h=Cc:Date:From:Reply-To:Subject:To; b=B5IDmQvUoDSkID5REo9p8ftZc19t6a6YCGb6V8MJm7W71QKhvQboK5efiYy7GFGcF5u 0YAV0hJ6TmrsfUB3MH/9V45/yq7Mwqi+ujdldJabzVR9KPQChuzQXKQvsTXB9RUtZZzgS VnIOQklE8Reqb7QUm0Qgs+cLNhp6/6/NV1g= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" Introduce a boolean PCD that tells us whether TPM support is enabled in the build, and if it is, record the TPM base address in the existing routine that traverses the device tree in the platform PEIM. If a TPM is found, install the gOvmfTpmDiscoveredPpiGuid signalling PPI that will unlock the dispatch of OvmfPkg's Tcg2ConfigPei. If TPM2 support is enabled in the build but no TPM2 device is found, install the gPeiTpmInitializationDonePpiGuid PPI, which is normally installed by Tcg2ConfigPei if no TPM2 is found, but in our case Tcg2ConfigPei will never run so let's do it here instead. Signed-off-by: Ard Biesheuvel Acked-by: Laszlo Ersek --- ArmVirtPkg/ArmVirtPkg.dec | 6 ++ ArmVirtPkg/ArmVirtQemu.dsc | 5 + ArmVirtPkg/ArmVirtQemuKernel.dsc | 6 ++ ArmVirtPkg/ArmVirtXen.dsc | 6 ++ ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c | 101 +++++++++++++++= +++-- ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf | 19 +++- 6 files changed, 129 insertions(+), 14 deletions(-) diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec index a019cc269d10..08ddd68a863e 100644 --- a/ArmVirtPkg/ArmVirtPkg.dec +++ b/ArmVirtPkg/ArmVirtPkg.dec @@ -36,6 +36,12 @@ [Guids.common] [Protocols] gFdtClientProtocolGuid =3D { 0xE11FACA0, 0x4710, 0x4C8E, { 0xA7, 0xA2, 0= x01, 0xBA, 0xA2, 0x59, 0x1B, 0x4C } } =20 +[PcdsFeatureFlag] + # + # Feature Flag PCD that defines whether TPM2 support is enabled + # + gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|FALSE|BOOLEAN|0x00000004 + [PcdsFixedAtBuild, PcdsPatchableInModule] # # This is the physical address where the device tree is expected to be s= tored diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 7ae6702ac1f0..7d05415d0f93 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -237,6 +237,11 @@ [PcdsDynamicDefault.common] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 + # + # TPM2 support + # + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 + [PcdsDynamicHii] gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGui= d|0x0|FALSE|NV,BS =20 diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKerne= l.dsc index 3b0f04967a4b..720f8fa78b3d 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -172,6 +172,12 @@ [PcdsFixedAtBuild.common] gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|3 =20 [PcdsPatchableInModule.common] + # we need to provide a resolution for this PCD that supports PcdSet64() + # being called from ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c, + # even though that call will be compiled out on this platform as it does + # not (and cannot) support the TPM2 driver stack + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 + # # This will be overridden in the code # diff --git a/ArmVirtPkg/ArmVirtXen.dsc b/ArmVirtPkg/ArmVirtXen.dsc index 1b42a9a81323..baa21f389947 100644 --- a/ArmVirtPkg/ArmVirtXen.dsc +++ b/ArmVirtPkg/ArmVirtXen.dsc @@ -95,6 +95,12 @@ [PcdsFixedAtBuild.common] gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvModeEnable|TRUE =20 [PcdsPatchableInModule.common] + # we need to provide a resolution for this PCD that supports PcdSet64() + # being called from ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c, + # even though that call will be compiled out on this platform as it does + # not (and cannot) support the TPM2 driver stack + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 + # # This will be overridden in the code # diff --git a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c b/ArmVirtPk= g/Library/PlatformPeiLib/PlatformPeiLib.c index 0a1469550db0..8b5b3dd5dc1c 100644 --- a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c +++ b/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c @@ -1,7 +1,7 @@ /** @file * * Copyright (c) 2011-2014, ARM Limited. All rights reserved. -* Copyright (c) 2014, Linaro Limited. All rights reserved. +* Copyright (c) 2014-2020, Linaro Limited. All rights reserved. * * SPDX-License-Identifier: BSD-2-Clause-Patent * @@ -13,11 +13,24 @@ #include #include #include +#include #include =20 #include #include =20 +STATIC CONST EFI_PEI_PPI_DESCRIPTOR mTpm2DiscoveredPpi =3D { + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gOvmfTpmDiscoveredPpiGuid, + NULL +}; + +STATIC CONST EFI_PEI_PPI_DESCRIPTOR mTpm2InitializationDonePpi =3D { + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gPeiTpmInitializationDonePpiGuid, + NULL +}; + EFI_STATUS EFIAPI PlatformPeim ( @@ -31,14 +44,18 @@ PlatformPeim ( UINT64 *FdtHobData; UINT64 *UartHobData; INT32 Node, Prev; + INT32 Parent, Depth; CONST CHAR8 *Compatible; CONST CHAR8 *CompItem; CONST CHAR8 *NodeStatus; INT32 Len; + INT32 RangesLen; INT32 StatusLen; CONST UINT64 *RegProp; + CONST UINT32 *RangesProp; UINT64 UartBase; - + UINT64 TpmBase; + EFI_STATUS Status; =20 Base =3D (VOID*)(UINTN)PcdGet64 (PcdDeviceTreeInitialBaseAddress); ASSERT (Base !=3D NULL); @@ -58,18 +75,18 @@ PlatformPeim ( ASSERT (UartHobData !=3D NULL); *UartHobData =3D 0; =20 - // - // Look for a UART node - // - for (Prev =3D 0;; Prev =3D Node) { - Node =3D fdt_next_node (Base, Prev, NULL); + TpmBase =3D 0; + + for (Prev =3D Depth =3D 0;; Prev =3D Node) { + Node =3D fdt_next_node (Base, Prev, &Depth); if (Node < 0) { break; } =20 - // - // Check for UART node - // + if (Depth =3D=3D 1) { + Parent =3D Node; + } + Compatible =3D fdt_getprop (Base, Node, "compatible", &Len); =20 // @@ -93,10 +110,74 @@ PlatformPeim ( =20 *UartHobData =3D UartBase; break; + } else if (FeaturePcdGet (PcdTpm2SupportEnabled) && + AsciiStrCmp (CompItem, "tcg,tpm-tis-mmio") =3D=3D 0) { + + RegProp =3D fdt_getprop (Base, Node, "reg", &Len); + ASSERT (Len =3D=3D 8 || Len =3D=3D 16); + if (Len =3D=3D 8) { + TpmBase =3D fdt32_to_cpu (RegProp[0]); + } else if (Len =3D=3D 16) { + TpmBase =3D fdt64_to_cpu (ReadUnaligned64 ((UINT64 *)RegProp)); + } + + if (Depth > 1) { + // + // QEMU/mach-virt may put the TPM on the platform bus, in which = case + // we have to take its 'ranges' property into account to transla= te the + // MMIO address. This consists of a + // tuple, where the child base and the size use the same number = of + // cells as the 'reg' property above, and the parent base uses 2= cells + // + RangesProp =3D fdt_getprop (Base, Parent, "ranges", &RangesLen); + ASSERT (RangesProp !=3D NULL); + + // + // a plain 'ranges' attribute without a value implies a 1:1 mapp= ing + // + if (RangesLen !=3D 0) { + // + // assume a single translated range with 2 cells for the paren= t base + // + if (RangesLen !=3D Len + 2 * sizeof (UINT32)) { + DEBUG ((DEBUG_WARN, + "%a: 'ranges' property has unexpected size %d\n", + __FUNCTION__, RangesLen)); + break; + } + + if (Len =3D=3D 8) { + TpmBase -=3D fdt32_to_cpu (RangesProp[0]); + } else { + TpmBase -=3D fdt64_to_cpu (ReadUnaligned64 ((UINT64 *)Ranges= Prop)); + } + + // + // advance RangesProp to the parent bus address + // + RangesProp =3D (UINT32 *)((UINT8 *)RangesProp + Len / 2); + TpmBase +=3D fdt64_to_cpu (ReadUnaligned64 ((UINT64 *)RangesPr= op)); + } + } + break; } } } =20 + if (FeaturePcdGet (PcdTpm2SupportEnabled)) { + if (TpmBase !=3D 0) { + DEBUG ((DEBUG_INFO, "%a: TPM @ 0x%lx\n", __FUNCTION__, TpmBase)); + + Status =3D (EFI_STATUS)PcdSet64S (PcdTpmBaseAddress, TpmBase); + ASSERT_EFI_ERROR (Status); + + Status =3D PeiServicesInstallPpi (&mTpm2DiscoveredPpi); + } else { + Status =3D PeiServicesInstallPpi (&mTpm2InitializationDonePpi); + } + ASSERT_EFI_ERROR (Status); + } + BuildFvHob (PcdGet64 (PcdFvBaseAddress), PcdGet32 (PcdFvSize)); =20 return EFI_SUCCESS; diff --git a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf b/ArmVirt= Pkg/Library/PlatformPeiLib/PlatformPeiLib.inf index 5428040f121d..3f97ef080520 100644 --- a/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf +++ b/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf @@ -1,7 +1,7 @@ #/** @file # # Copyright (c) 2011-2015, ARM Limited. All rights reserved. -# Copyright (c) 2014, Linaro Limited. All rights reserved. +# Copyright (c) 2014-2020, Linaro Limited. All rights reserved. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -11,7 +11,7 @@ [Defines] INF_VERSION =3D 0x00010005 BASE_NAME =3D PlatformPeiLib FILE_GUID =3D 59C11815-F8DA-4F49-B4FB-EC1E41ED1F06 - MODULE_TYPE =3D SEC + MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D PlatformPeiLib =20 @@ -21,15 +21,21 @@ [Sources] [Packages] ArmPkg/ArmPkg.dec ArmVirtPkg/ArmVirtPkg.dec - MdePkg/MdePkg.dec - MdeModulePkg/MdeModulePkg.dec EmbeddedPkg/EmbeddedPkg.dec + MdeModulePkg/MdeModulePkg.dec + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + SecurityPkg/SecurityPkg.dec + +[FeaturePcd] + gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled =20 [LibraryClasses] DebugLib HobLib FdtLib PcdLib + PeiServicesLib =20 [FixedPcd] gArmTokenSpaceGuid.PcdFvSize @@ -38,6 +44,11 @@ [FixedPcd] [Pcd] gArmTokenSpaceGuid.PcdFvBaseAddress gArmVirtTokenSpaceGuid.PcdDeviceTreeInitialBaseAddress + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## SOMETIMES_PRO= DUCES + +[Ppis] + gOvmfTpmDiscoveredPpiGuid ## SOMETIMES_PRO= DUCES + gPeiTpmInitializationDonePpiGuid ## SOMETIMES_PRO= DUCES =20 [Guids] gEarlyPL011BaseAddressGuid --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55007): https://edk2.groups.io/g/devel/message/55007 Mute This Topic: https://groups.io/mt/71587887/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55008+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55008+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814469; cv=none; d=zohomail.com; s=zohoarc; b=OQmF/L9IEWTbpgbNY5TKvRj5MoJngvAOOfNaTdFKhxk4s57AWxPVhOsJX65EGHio+FeOOQDX2Bu9cforeEwiZkKlZtebZKp54RbRBsVEW5F2mpCpift8Sren5AaOe6W4tJ6gK93xAkOTZpjeYF2TFjBPURkxWmY8e9LMlvtcew0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814469; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=h6EUcpzf5rIu24OiPay4JreyuMsLhpQAxQdFTEVvCws=; b=eQgoo1u+9aMp3urJvApCNiGyU2ZmcUMYECuf0Fmgvd1CNmrqiy5kgJq0BGKfA0jDASciWkR4A9LrOGiCZXrURsuyKzQtayxcGHn2ckxzrloOT63t5tN10BfYiDIS9UlIot1N89/vuLCIa4OF6IpfAiu/pYeAwtA2dX2bTkCB+iQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55008+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814469225276.5294046732996; Thu, 27 Feb 2020 06:41:09 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id OSuhYY1788612xKPuEP7HJGC; Thu, 27 Feb 2020 06:41:08 -0800 X-Received: from mail-wr1-f45.google.com (mail-wr1-f45.google.com [209.85.221.45]) by mx.groups.io with SMTP id smtpd.web09.5018.1582814467316478975 for ; Thu, 27 Feb 2020 06:41:07 -0800 X-Received: by mail-wr1-f45.google.com with SMTP id m16so3614668wrx.11 for ; Thu, 27 Feb 2020 06:41:07 -0800 (PST) X-Gm-Message-State: fXruXpZCVBy5ZSdN6hieGU4Rx1787277AA= X-Google-Smtp-Source: APXvYqxaWchD4eHt1pXQPxm+NK8krp56yaHJUqk43scy0eg1gZvhf+Cen48J9mmlqG1u3m021BXhDw== X-Received: by 2002:a5d:4384:: with SMTP id i4mr5076023wrq.215.1582814465246; Thu, 27 Feb 2020 06:41:05 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:04 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 04/11] ArmVirtPkg: implement ArmVirtPsciResetSystemPeiLib Date: Thu, 27 Feb 2020 15:40:49 +0100 Message-Id: <20200227144056.56988-5-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814468; bh=JRfl5EVjPz4gByGYytULggrHB1hUU9ovj2bNb6ODdRA=; h=Cc:Date:From:Reply-To:Subject:To; b=D2cAXgdfwqSQhVrvzdpTgeqVVR3O8eNNJy21M+j7g+LyB1norVQ+QPC8zXq7Ldpq9wE mIIOwMyMnqt/6ISStAcDBSuETWvBDBiRBGqfz9MZSb39Ph2gjT8zKcUoVOCS3Ab9VvD1V xxPoSh0VhLp/skLCzhBf/0jfW2+5fJn0/cY= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" Implement a ArmVirtPkg specific version of the PSCI ResetSystemLib that is usable in the PEI phase, as the existing one relies on the FDT client protocol, making it unsuitable. Note that accessing the device tree passed by QEMU via its initial base address is guaranteed to be safe at any time during the PEI phase, so we can defer discovery of the PSCI method until the time the reset library is actually invoked (which is rarely) Signed-off-by: Ard Biesheuvel Acked-by: Laszlo Ersek --- ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiL= ib.c | 232 ++++++++++++++++++++ ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiL= ib.inf | 39 ++++ 2 files changed, 271 insertions(+) diff --git a/ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciRes= etSystemPeiLib.c b/ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtP= sciResetSystemPeiLib.c new file mode 100644 index 000000000000..394a04e3c384 --- /dev/null +++ b/ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSyste= mPeiLib.c @@ -0,0 +1,232 @@ +/** @file + Reset System lib using PSCI hypervisor or secure monitor calls + + Copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+ Copyright (c) 2013, ARM Ltd. All rights reserved.
+ Copyright (c) 2014-2020, Linaro Ltd. All rights reserved.
+ Copyright (c) 2019, Intel Corporation. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include +#include +#include +#include + +#include + +typedef enum { + PsciMethodUnknown, + PsciMethodSmc, + PsciMethodHvc, +} PSCI_METHOD; + +STATIC +PSCI_METHOD +DiscoverPsciMethod ( + VOID + ) +{ + VOID *DeviceTreeBase; + INT32 Node, Prev; + INT32 Len; + CONST CHAR8 *Compatible; + CONST CHAR8 *CompatibleItem; + CONST VOID *Prop; + + DeviceTreeBase =3D (VOID*)(UINTN)PcdGet64 (PcdDeviceTreeInitialBaseAddre= ss); + ASSERT (fdt_check_header (DeviceTreeBase) =3D=3D 0); + + // + // Enumerate all FDT nodes looking for the PSCI node and capture the met= hod + // + for (Prev =3D 0;; Prev =3D Node) { + Node =3D fdt_next_node (DeviceTreeBase, Prev, NULL); + if (Node < 0) { + break; + } + + Compatible =3D fdt_getprop (DeviceTreeBase, Node, "compatible", &Len); + if (Compatible =3D=3D NULL) { + continue; + } + + // + // Iterate over the NULL-separated items in the compatible string + // + for (CompatibleItem =3D Compatible; CompatibleItem < Compatible + Len; + CompatibleItem +=3D 1 + AsciiStrLen (CompatibleItem)) { + + if (AsciiStrCmp (CompatibleItem, "arm,psci-0.2") !=3D 0) { + continue; + } + + Prop =3D fdt_getprop (DeviceTreeBase, Node, "method", NULL); + if (!Prop) { + DEBUG ((DEBUG_ERROR, "%a: Missing PSCI method property\n", + __FUNCTION__)); + return PsciMethodUnknown; + } + + if (AsciiStrnCmp (Prop, "hvc", 3) =3D=3D 0) { + return PsciMethodHvc; + } else if (AsciiStrnCmp (Prop, "smc", 3) =3D=3D 0) { + return PsciMethodSmc; + } else { + DEBUG ((DEBUG_ERROR, "%a: Unknown PSCI method \"%a\"\n", __FUNCTIO= N__, + Prop)); + return PsciMethodUnknown; + } + } + } + return PsciMethodUnknown; +} + +STATIC +VOID +PerformPsciAction ( + IN UINTN Arg0 + ) +{ + ARM_SMC_ARGS ArmSmcArgs; + ARM_HVC_ARGS ArmHvcArgs; + + ArmSmcArgs.Arg0 =3D Arg0; + ArmHvcArgs.Arg0 =3D Arg0; + + switch (DiscoverPsciMethod ()) { + case PsciMethodHvc: + ArmCallHvc (&ArmHvcArgs); + break; + + case PsciMethodSmc: + ArmCallSmc (&ArmSmcArgs); + break; + + default: + DEBUG ((DEBUG_ERROR, "%a: no PSCI method defined\n", __FUNCTION__)); + ASSERT (FALSE); + } +} + +/** + This function causes a system-wide reset (cold reset), in which + all circuitry within the system returns to its initial state. This type = of reset + is asynchronous to system operation and operates without regard to + cycle boundaries. + + If this function returns, it means that the system does not support cold= reset. +**/ +VOID +EFIAPI +ResetCold ( + VOID + ) +{ + // Send a PSCI 0.2 SYSTEM_RESET command + PerformPsciAction (ARM_SMC_ID_PSCI_SYSTEM_RESET); +} + +/** + This function causes a system-wide initialization (warm reset), in which= all processors + are set to their initial state. Pending cycles are not corrupted. + + If this function returns, it means that the system does not support warm= reset. +**/ +VOID +EFIAPI +ResetWarm ( + VOID + ) +{ + // Map a warm reset into a cold reset + ResetCold (); +} + +/** + This function causes the system to enter a power state equivalent + to the ACPI G2/S5 or G3 states. + + If this function returns, it means that the system does not support shut= down reset. +**/ +VOID +EFIAPI +ResetShutdown ( + VOID + ) +{ + // Send a PSCI 0.2 SYSTEM_OFF command + PerformPsciAction (ARM_SMC_ID_PSCI_SYSTEM_OFF); +} + +/** + This function causes a systemwide reset. The exact type of the reset is + defined by the EFI_GUID that follows the Null-terminated Unicode string = passed + into ResetData. If the platform does not recognize the EFI_GUID in Reset= Data + the platform must pick a supported reset type to perform.The platform may + optionally log the parameters from any non-normal reset that occurs. + + @param[in] DataSize The size, in bytes, of ResetData. + @param[in] ResetData The data buffer starts with a Null-terminated str= ing, + followed by the EFI_GUID. +**/ +VOID +EFIAPI +ResetPlatformSpecific ( + IN UINTN DataSize, + IN VOID *ResetData + ) +{ + // Map the platform specific reset as reboot + ResetCold (); +} + +/** + The ResetSystem function resets the entire platform. + + @param[in] ResetType The type of reset to perform. + @param[in] ResetStatus The status code for the reset. + @param[in] DataSize The size, in bytes, of ResetData. + @param[in] ResetData For a ResetType of EfiResetCold, EfiResetWarm,= or EfiResetShutdown + the data buffer starts with a Null-terminated = string, optionally + followed by additional binary data. The string= is a description + that the caller may use to further indicate th= e reason for the + system reset. +**/ +VOID +EFIAPI +ResetSystem ( + IN EFI_RESET_TYPE ResetType, + IN EFI_STATUS ResetStatus, + IN UINTN DataSize, + IN VOID *ResetData OPTIONAL + ) +{ + switch (ResetType) { + case EfiResetWarm: + ResetWarm (); + break; + + case EfiResetCold: + ResetCold (); + break; + + case EfiResetShutdown: + ResetShutdown (); + return; + + case EfiResetPlatformSpecific: + ResetPlatformSpecific (DataSize, ResetData); + return; + + default: + return; + } +} diff --git a/ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciRes= etSystemPeiLib.inf b/ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVir= tPsciResetSystemPeiLib.inf new file mode 100644 index 000000000000..3a65706e8dc6 --- /dev/null +++ b/ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSyste= mPeiLib.inf @@ -0,0 +1,39 @@ +#/** @file +# Reset System lib using PSCI hypervisor or secure monitor calls +# +# Copyright (c) 2008, Apple Inc. All rights reserved.
+# Copyright (c) 2014-2020, Linaro Ltd. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# +#**/ + +[Defines] + INF_VERSION =3D 1.27 + BASE_NAME =3D ArmVirtPsciResetSystemPeiLib + FILE_GUID =3D 551cfb98-c185-41a3-86bf-8cdb7e2a530c + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D ResetSystemLib|PEIM + +[Sources] + ArmVirtPsciResetSystemPeiLib.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmVirtPkg/ArmVirtPkg.dec + EmbeddedPkg/EmbeddedPkg.dec + MdeModulePkg/MdeModulePkg.dec + MdePkg/MdePkg.dec + +[LibraryClasses] + ArmSmcLib + ArmHvcLib + BaseLib + DebugLib + FdtLib + HobLib + +[Pcd] + gArmVirtTokenSpaceGuid.PcdDeviceTreeInitialBaseAddress --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55008): https://edk2.groups.io/g/devel/message/55008 Mute This Topic: https://groups.io/mt/71587888/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55009+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55009+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814469; cv=none; d=zohomail.com; s=zohoarc; b=k7hG7jtyniayiDWX4UnhPHWeM3H+pWPeWIzn9ViWEdVItZkLfXpr6L58zDDx6L1qsEe3PPS/hbfx5Q5s5osywIVzS/0UCWlk67pptFgvKHoltq0rH1079itkaCOZgytZzZDHvEh01plociwEVnomDxcMG33y3i4ouRDV3WINb9k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814469; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=W+RnVEBYVc+UKxZkTmEnNvCpemwMBNkBNoZoZS3v+Z4=; b=SU0M2UnyAstypGOtEICwBM7IV6GpIEETfB4CVVdudTojG3mhALOYE/7wPUhyVrPgVc+TqonqSkRy757a5jFMQNSMSsQV6En7Fb00I9nRD9G0c1fehDShkdeXmRLm1nV3/lvBEx9+ql/YvPP/ZHbg+j/xJV0oXDSeCzhtq2cv6u8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55009+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814469721704.2061359288828; Thu, 27 Feb 2020 06:41:09 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id v070YY1788612x9aWA2tIt6t; Thu, 27 Feb 2020 06:41:08 -0800 X-Received: from mail-wm1-f66.google.com (mail-wm1-f66.google.com [209.85.128.66]) by mx.groups.io with SMTP id smtpd.web10.5081.1582814467982427719 for ; Thu, 27 Feb 2020 06:41:08 -0800 X-Received: by mail-wm1-f66.google.com with SMTP id z12so3840860wmi.4 for ; Thu, 27 Feb 2020 06:41:07 -0800 (PST) X-Gm-Message-State: GXSY95gb84jana1A7tCFSJxhx1787277AA= X-Google-Smtp-Source: APXvYqyTsc85qs1t69Evoy1zuGh3yXdx4Mm4KN/CZv6e3qm+69TV/RKgH3MuEbkNU0CCPK7+oWHhBg== X-Received: by 2002:a1c:e007:: with SMTP id x7mr5482048wmg.3.1582814466299; Thu, 27 Feb 2020 06:41:06 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:05 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 05/11] ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2 support Date: Thu, 27 Feb 2020 15:40:50 +0100 Message-Id: <20200227144056.56988-6-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814468; bh=NIV1Y3ViWgPFTxytj/oeRinJLjW5iGpku3ny5SI+tdU=; h=Cc:Date:From:Reply-To:Subject:To; b=HckMzit4A6II4vSlYP+KOYx2pIQh3US1XlAtfqU97pqi0ZMRdx8Y9uADFQbByZLpi/N a7X3AdGZ+6GztxYXXDiVJ1X46tH4T4kaFKbwNqv0NrvbK0vcy6yKCvmAPosRyI2A51mno hpo7BEYl9BovwDeIAz1D8nU1X6NFUuu8Kuk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" As a first step in gradually adding TPM2 support to ArmVirtQemu, add the TPM2_ENABLE configurable to the [Defines] section, and if it is set, add the ResetSystem PEIM to the build, along with the library class references that we will need to support it: - wire ArmVirtPsciResetSystemPeiLib into the ResetSystem PEIM itself, which will be in charge of performing the actual reset - add PeiResetSystemLib as the common ResetSystemLib resolution for PEIM class modules, so that other PEIMs will invoke the PPI published by the ResetSystem PEIM. Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- ArmVirtPkg/ArmVirtQemu.dsc | 14 ++++++++++++++ ArmVirtPkg/ArmVirtQemu.fdf | 4 ++++ 2 files changed, 18 insertions(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 7d05415d0f93..d1757cdba671 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -29,6 +29,7 @@ [Defines] # DEFINE TTY_TERMINAL =3D FALSE DEFINE SECURE_BOOT_ENABLE =3D FALSE + DEFINE TPM2_ENABLE =3D FALSE =20 # # Network definition @@ -77,6 +78,10 @@ [LibraryClasses.common] [LibraryClasses.common.PEIM] ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoP= eiLib.inf =20 +!if $(TPM2_ENABLE) =3D=3D TRUE + ResetSystemLib|MdeModulePkg/Library/PeiResetSystemLib/PeiResetSystemLib.= inf +!endif + [LibraryClasses.common.DXE_DRIVER] ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRepor= tStatusCodeLib.inf =20 @@ -100,6 +105,8 @@ [PcdsFeatureFlag.common] =20 gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE =20 + gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE) + [PcdsFixedAtBuild.common] !if $(ARCH) =3D=3D AARCH64 gArmTokenSpaceGuid.PcdVFPEnabled|1 @@ -266,6 +273,13 @@ [Components.common] =20 MdeModulePkg/Universal/Variable/Pei/VariablePei.inf =20 +!if $(TPM2_ENABLE) =3D=3D TRUE + MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf { + + ResetSystemLib|ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVi= rtPsciResetSystemPeiLib.inf + } +!endif + MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf { NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompre= ssLib.inf diff --git a/ArmVirtPkg/ArmVirtQemu.fdf b/ArmVirtPkg/ArmVirtQemu.fdf index 2c8936a1ae15..f55918d26b06 100644 --- a/ArmVirtPkg/ArmVirtQemu.fdf +++ b/ArmVirtPkg/ArmVirtQemu.fdf @@ -113,6 +113,10 @@ [FV.FVMAIN_COMPACT] INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf =20 +!if $(TPM2_ENABLE) =3D=3D TRUE + INF MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf +!endif + FILE FV_IMAGE =3D 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRE= D =3D TRUE { SECTION FV_IMAGE =3D FVMAIN --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55009): https://edk2.groups.io/g/devel/message/55009 Mute This Topic: https://groups.io/mt/71587889/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55010+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55010+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814471; cv=none; d=zohomail.com; s=zohoarc; b=Lvtry4TMLAvP8gY6MGS7gIc9PVkeLR8P9OZ6zhYF8vU0OOPIf0Iw2HOhT3Zv+aJiQ+HZJS4gL1SAexAMawj1p3bQtEOc6L8FK5KPs+atFR0IW3h3HX7xKX47FDOBzNTSn0BmWtiCjGOeodvMuSqSthsx9BDLJ/H4ZD4J7SXh6NU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814471; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=nd2dO8ZwmKjta79Va+Uw9GymPzYfX7hyX+MhRm6WLnA=; b=SN+Si98SdpWnI8i/QCUP0fzkos4Vj6d3lvelqCPbApqd+mD6r5fzCuDUlPyUxZK+wIDtQXusEZ6iqe3uy1ajX+URRH8xeCuw5l48Q9hpP+M2/WTub1jrKBl/HO4W/D2hVeTpclS/iUvKZ7S5k3PEzhmXh1nxMrpQj6g3dhvhcGQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55010+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814471012507.6933051490904; Thu, 27 Feb 2020 06:41:11 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id guVjYY1788612xbueDzk0Hq7; Thu, 27 Feb 2020 06:41:09 -0800 X-Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by mx.groups.io with SMTP id smtpd.web12.4819.1582814469224315424 for ; Thu, 27 Feb 2020 06:41:09 -0800 X-Received: by mail-wm1-f43.google.com with SMTP id t23so3872509wmi.1 for ; Thu, 27 Feb 2020 06:41:09 -0800 (PST) X-Gm-Message-State: nSB8dVOLlFyEYl9NF8yxzE1Mx1787277AA= X-Google-Smtp-Source: APXvYqzEsszjGVVXrBj0B7Kv/tKB1GvQQy5r+2bEoRc1+jMGnqck5AItcBULVILFQWVfJAoarshWEQ== X-Received: by 2002:a7b:cb93:: with SMTP id m19mr5876714wmi.133.1582814467487; Thu, 27 Feb 2020 06:41:07 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:06 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 06/11] ArmVirtPkg/ArmVirtQemu: enable TPM2 support in the PEI phase Date: Thu, 27 Feb 2020 15:40:51 +0100 Message-Id: <20200227144056.56988-7-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814469; bh=Om8uVcDiJZ4BStXf4026kWD+ijs9wSJPhbUzBTv0h88=; h=Cc:Date:From:Reply-To:Subject:To; b=qEswdysHyf0xlCgxTtdf3xPp7ccsVqVj8BN13EeYl5pI8bNmgdNLMOrNxsjrDuAl0zf Lip6HT8Dht5RWhltNZIj7ZVy2XxnIQCo9AIw0BVWnkcNtymNzTvspncsuv8yxQqqybmfg dron7iEHJBDEjY3v/BBO7Ro/UYx6sYxXca0= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" Incorporate the PEI components and the associated library class resolutions and PCD declarations to enable TPM2 support in the PEI phase. This patch ports (parts of) the following OvmfPkg commits to ArmVirtQemu: - 6cf1880fb5b6 ("OvmfPkg: add customized Tcg2ConfigPei clone", 2018-03-09) - 4672a4892867 ("OvmfPkg: include Tcg2Pei module", 2018-03-09) - b9130c866dc0 ("OvmfPkg: link Sha384 and Sha512 support into Tcg2Pei and Tcg2Dxe", 2018-08-16) - 5d3ef15da7c3 ("OvmfPkg: link SM3 support into Tcg2Pei and Tcg2Dxe", 2019-07-19) gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask defaults to 0x0 so that the TPM init code adopts the currently active PCR banks as the ones that are enabled by default. Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- ArmVirtPkg/ArmVirtQemu.dsc | 20 ++++++++++++++++++++ ArmVirtPkg/ArmVirtQemu.fdf | 2 ++ 2 files changed, 22 insertions(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index d1757cdba671..8950116dacab 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -75,11 +75,17 @@ [LibraryClasses.common] PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.i= nf PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridge= Lib.inf =20 +!if $(TPM2_ENABLE) =3D=3D TRUE + Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf +!endif + [LibraryClasses.common.PEIM] ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoP= eiLib.inf =20 !if $(TPM2_ENABLE) =3D=3D TRUE + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf ResetSystemLib|MdeModulePkg/Library/PeiResetSystemLib/PeiResetSystemLib.= inf + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf !endif =20 [LibraryClasses.common.DXE_DRIVER] @@ -248,6 +254,10 @@ [PcdsDynamicDefault.common] # TPM2 support # gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 +!if $(TPM2_ENABLE) =3D=3D TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00= , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0 +!endif =20 [PcdsDynamicHii] gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGui= d|0x0|FALSE|NV,BS @@ -278,6 +288,16 @@ [Components.common] ResetSystemLib|ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVi= rtPsciResetSystemPeiLib.inf } + OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { + + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } !endif =20 MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf { diff --git a/ArmVirtPkg/ArmVirtQemu.fdf b/ArmVirtPkg/ArmVirtQemu.fdf index f55918d26b06..b5e2253295fe 100644 --- a/ArmVirtPkg/ArmVirtQemu.fdf +++ b/ArmVirtPkg/ArmVirtQemu.fdf @@ -115,6 +115,8 @@ [FV.FVMAIN_COMPACT] =20 !if $(TPM2_ENABLE) =3D=3D TRUE INF MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf + INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf + INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf !endif =20 FILE FV_IMAGE =3D 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55010): https://edk2.groups.io/g/devel/message/55010 Mute This Topic: https://groups.io/mt/71587891/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55011+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55011+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814472; cv=none; d=zohomail.com; s=zohoarc; b=kGVegxM17AlKDTH+L8W0Gjpjx7/6SXvzxOVEJorKQRmloA6+3Pm9+MdCu1YBEMLDTGs712PlUuAEuYimCuV1CSNDH29eUN12ChJp/DlZ8JltK3lXbw6XQJW1q+rC9J4WtOzv55oIUjhisjR3szv9VBtXdlj90svaKQzit672M3c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814472; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=SKeZoAABsXKHmoaKhygyFuNfWPEZOY2YGJJkPyVRMAs=; b=KzALfk1MvP/Radg/lXnik8mqH2jW4b63rsINbLllCu32/fi1kvRsEt3r2/dU6fDShTIj5zY0skbXqBl4A/10gnqg8ViO8JDeTxzqmHJuiZwalobKCS1oBC1fq+6A6fR/P6ViR+ae0GtldhsMvTwmaJqvTZNU5/qQzlemI2KkutQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55011+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814472914331.976269955101; Thu, 27 Feb 2020 06:41:12 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id WDwcYY1788612xGu63DBiAK6; Thu, 27 Feb 2020 06:41:11 -0800 X-Received: from mail-wm1-f65.google.com (mail-wm1-f65.google.com [209.85.128.65]) by mx.groups.io with SMTP id smtpd.web11.4841.1582814470630124893 for ; Thu, 27 Feb 2020 06:41:10 -0800 X-Received: by mail-wm1-f65.google.com with SMTP id z12so3841033wmi.4 for ; Thu, 27 Feb 2020 06:41:10 -0800 (PST) X-Gm-Message-State: sqLxQunvfWpd0kWoOaQhgwP0x1787277AA= X-Google-Smtp-Source: APXvYqze/7d6ugevIus52W3E0AziKJGRFE0NEfO+I59l4z5KNq5bmMGjQnWpYTkQ+ODBsABdQvLZDA== X-Received: by 2002:a1c:bb82:: with SMTP id l124mr5552703wmf.176.1582814468716; Thu, 27 Feb 2020 06:41:08 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:07 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 07/11] ArmVirtPkg; avoid DxeTpmMeasurementLib in shared .DSC Date: Thu, 27 Feb 2020 15:40:52 +0100 Message-Id: <20200227144056.56988-8-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814471; bh=ErSGrFSL2hiheAxnpe0XS7099AI29KcJR7M+i0GuaNQ=; h=Cc:Date:From:Reply-To:Subject:To; b=DvZ+KZXq6sq3Fg8Hgnz2PZVsv+VL31yFWLo0lE3RZrl2bu3B9pFIz+eQXOVLej1bwKQ jK0SHwLSawrZPSrsjOck2TAkOQCBOYWGDQW6YSzbnnvgadEgn3W1RWswb5N1BMPGVp24D mEjTDP/MdCKhpjDWhEWQrhlf6u2F662Vbyk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" DxeTpmMeasurementLib should only be used on platforms that implement measured boot, which we will do in a future patch, but only for ArmVirtQemu, as the remaining ones are fundamentally incompatible, given that they do not implement a PEI phase. So use TpmMeasurementLibNull as the default resolution for all ArmVirtPkg platforms, regardless of how they are built. This mirrors commit 1ec05b81e59f ("OvmfPkg: use DxeTpmMeasurementLib if and only if TPM2_ENABLE", 2019-07-04). Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- ArmVirtPkg/ArmVirt.dsc.inc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 10037c938eb8..8f9617359607 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -165,15 +165,14 @@ [LibraryClasses.common] # Secure Boot dependencies # !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE - TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf =20 # re-use the UserPhysicalPresent() dummy implementation from the ovmf tr= ee PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf !else - TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf !endif + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManag= erLib.inf =20 --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55011): https://edk2.groups.io/g/devel/message/55011 Mute This Topic: https://groups.io/mt/71587892/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55012+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55012+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814473; cv=none; d=zohomail.com; s=zohoarc; b=EjCZk5MFStIuMzF8j3QqeJzDOmbLpV6u3NQvpWhZKVyIrCY3vzitlvTWsiNgciOUd/8BuArndzTfF5lkGFuwVtYHKyZcvJG94aUrxBNIbPF1sWoOOTBUER52qiwR+JXh5Z8GaSKi6uXu9Qt3+/l3WH9wiC4yXZL3q1CA5YA2jRc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814473; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=AInBH6U+tC9X923caV3BbH3p4HOq2wjitiL3e888gRI=; b=WYPyxyUYSZTug0CzitEbFuDC5mPpf8ireCCA2zAJZq52Bj7HxloPwO7zoCnGjNyMTcV42fiV+tHMAODkaxJNthVuvHp2k3S5yZfzTP0gEbZc5mCdUTqHj4i7ETXcAoaKbItHl1ipppRZ9dPbKeqSXd8z5N/90TaDvMTBX61ElN0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55012+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 158281447363525.47223785487631; Thu, 27 Feb 2020 06:41:13 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id Jhz4YY1788612xgOvwDR7Jws; Thu, 27 Feb 2020 06:41:12 -0800 X-Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) by mx.groups.io with SMTP id smtpd.web10.5082.1582814471778587364 for ; Thu, 27 Feb 2020 06:41:12 -0800 X-Received: by mail-wr1-f46.google.com with SMTP id j7so3600781wrp.13 for ; Thu, 27 Feb 2020 06:41:11 -0800 (PST) X-Gm-Message-State: BSbIzGilCq4he1yVMriDChvtx1787277AA= X-Google-Smtp-Source: APXvYqyWDa6YECm+ioYHTU5yAadGNGwpYDJihfxsbuFTc8QvIZqeG5SPZPR8keiJJIyxBfmXGLL1xQ== X-Received: by 2002:adf:de12:: with SMTP id b18mr5076878wrm.268.1582814470139; Thu, 27 Feb 2020 06:41:10 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:09 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 08/11] ArmVirtPkg: unshare TpmMeasurementLib resolution between platforms Date: Thu, 27 Feb 2020 15:40:53 +0100 Message-Id: <20200227144056.56988-9-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814472; bh=Nt8qCO+x7uvuEy2/jTzNhk8ddzoYGxGWIgeXhhmv8hY=; h=Cc:Date:From:Reply-To:Subject:To; b=DzYtrP1gdjtV9gZ2A+4dhO3gCPm38krd6pmvwzVRAwlgCK5gIIDxyTixxBs1o9rhqht AZSEy4monlyR37UjKQMwyYBrWHQRyF70n2kSQE5iAkTPWvHsT2DKTSBSTH5Uxghj3SCRt A5zCZ4bQcYXJJuyjLoTafej7BoskA5IVIa4= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" In preparation of conditializing the choice of resolution based on TPM2_ENABLE for ArmVirtQemu, move the TpmMeasurementLib out of the shared .DSC include and into the individual DSCs. Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- ArmVirtPkg/ArmVirt.dsc.inc | 1 - ArmVirtPkg/ArmVirtQemu.dsc | 1 + ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 + ArmVirtPkg/ArmVirtXen.dsc | 1 + 4 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 8f9617359607..0a28d3a610d6 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -172,7 +172,6 @@ [LibraryClasses.common] !else AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf !endif - TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManag= erLib.inf =20 diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 8950116dacab..2f0aac5f1cb8 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -74,6 +74,7 @@ [LibraryClasses.common] PciPcdProducerLib|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProdu= cerLib.inf PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.i= nf PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridge= Lib.inf + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf =20 !if $(TPM2_ENABLE) =3D=3D TRUE Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKerne= l.dsc index 720f8fa78b3d..37e19dfbd0db 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -73,6 +73,7 @@ [LibraryClasses.common] PciPcdProducerLib|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProdu= cerLib.inf PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.i= nf PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridge= Lib.inf + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf =20 [LibraryClasses.common.DXE_DRIVER] ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRepor= tStatusCodeLib.inf diff --git a/ArmVirtPkg/ArmVirtXen.dsc b/ArmVirtPkg/ArmVirtXen.dsc index baa21f389947..8a489b253684 100644 --- a/ArmVirtPkg/ArmVirtXen.dsc +++ b/ArmVirtPkg/ArmVirtXen.dsc @@ -47,6 +47,7 @@ [LibraryClasses] BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf PlatformBootManagerLib|ArmPkg/Library/PlatformBootManagerLib/PlatformBoo= tManagerLib.inf CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Customize= dDisplayLib.inf + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf =20 [LibraryClasses.common.UEFI_DRIVER] UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55012): https://edk2.groups.io/g/devel/message/55012 Mute This Topic: https://groups.io/mt/71587893/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55013+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55013+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814474; cv=none; d=zohomail.com; s=zohoarc; b=Mqp5uneczgm42k6HbTjZjglZKBA+JNCSIoGIyF4nO1ZFLyKOlsbXuCOi61mS+6+wcUImoj7S/QI3rqRGihoopv51osH146ZK81LKWeZaoOkHl89eO+bXc3SYAipzmk0YOZ3RExTHR/QGmrAXABpAWGtq85ReJuIVxvk0mq2G9Co= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814474; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=bIgu2yFpxm6kkoLbF3TNHVdJ0TS5nHbVsGDBMvq2/sE=; b=gugyOwg0JvHkWllTp3qPJFMnhGVAEBfEZvJzVcpIYm8p7gC0u7XU/9aX2TAqPCmSqYmYsQi6QgyyOBknWMMxGb/yqS6B17XqYhMT+6ZFSQquuUr02W0D0tIYwaVDWTWHOByspiaP78/qTpw3RBsuwqmwpF4I5hE+lG83LA4n/hg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55013+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814474774338.880594142792; Thu, 27 Feb 2020 06:41:14 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id CgCIYY1788612xUlWxU23lCe; Thu, 27 Feb 2020 06:41:13 -0800 X-Received: from mail-wr1-f47.google.com (mail-wr1-f47.google.com [209.85.221.47]) by mx.groups.io with SMTP id smtpd.web09.5021.1582814473001050299 for ; Thu, 27 Feb 2020 06:41:13 -0800 X-Received: by mail-wr1-f47.google.com with SMTP id c13so3626431wrq.10 for ; Thu, 27 Feb 2020 06:41:12 -0800 (PST) X-Gm-Message-State: FGIS6K2uM3OkkQuxp9HFay2Dx1787277AA= X-Google-Smtp-Source: APXvYqzg6buVlrEEHXlThiGwXTsg9QfIedflkLUJpUwd7LFNzCZxKhNDen2MmFovHvl8OLDbEmcPpg== X-Received: by 2002:adf:ea91:: with SMTP id s17mr5103260wrm.129.1582814471323; Thu, 27 Feb 2020 06:41:11 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:10 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 09/11] ArmVirtPkg/ArmVirtQemu: enable the DXE phase TPM2 support module Date: Thu, 27 Feb 2020 15:40:54 +0100 Message-Id: <20200227144056.56988-10-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814473; bh=zsq54aB/kyAHI7DmIf8tglHBcZ2NQ0hItoMQxERF+2M=; h=Cc:Date:From:Reply-To:Subject:To; b=LrQ6njuyWFIbpye60NlpsA6fElSHp6D0zDcxY9/uVRj57o6m+wAuX2s+iJJK+QbC8El vUCGVoqB750VBRatdPlWMt10qNQ+mXTbYNCerKaCGaegsOIKUKwcXMkWoBTfGH2O6iSCI ED8i60D0ZWMnaspvudUDylOgWOfYqe4cflk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" Enable the TPM2 support module in the DXE phase, and the associated libraries and PCDs that it requires. This will be wired into the measured boot support code in a subsequent patch. Note that Tcg2Dxe.inf is added to ArmVirtQemuFvMain.fdf.inc, which is shared with other platforms in ArmVirtPkg, but as those will not set the TPM2_ENABLE define, this change does not affect them. This patch ports (parts of) the following OvmfPkg commits to ArmVirtQemu: - 0c0a50d6b3ff ("OvmfPkg: include Tcg2Dxe module", 2018-03-09) - b9777bb42e4f ("OvmfPkg: add Tcg2PhysicalPresenceLibQemu", 2018-05-22) -- only to match OVMF's current lib class resolutions - 1ec05b81e59f ("OvmfPkg: use DxeTpmMeasurementLib if and only if TPM2_ENABLE", 2019-07-04) - b9130c866dc0 ("OvmfPkg: link Sha384 and Sha512 support into Tcg2Pei and Tcg2Dxe", 2018-08-16) - 5d3ef15da7c3 ("OvmfPkg: link SM3 support into Tcg2Pei and Tcg2Dxe", 2019-07-19) Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- ArmVirtPkg/ArmVirtQemu.dsc | 26 +++++++++++++++++++- ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 7 ++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 2f0aac5f1cb8..598ac49b3c40 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -74,10 +74,13 @@ [LibraryClasses.common] PciPcdProducerLib|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProdu= cerLib.inf PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.i= nf PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridge= Lib.inf - TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf =20 !if $(TPM2_ENABLE) =3D=3D TRUE Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf + TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf +!else + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf !endif =20 [LibraryClasses.common.PEIM] @@ -92,6 +95,10 @@ [LibraryClasses.common.PEIM] [LibraryClasses.common.DXE_DRIVER] ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRepor= tStatusCodeLib.inf =20 +!if $(TPM2_ENABLE) =3D=3D TRUE + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +!endif + [LibraryClasses.common.UEFI_DRIVER] UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf =20 @@ -470,6 +477,23 @@ [Components.common] MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf =20 + # + # TPM2 support + # +!if $(TPM2_ENABLE) =3D=3D TRUE + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { + + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf + NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } +!endif + # # ACPI Support # diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuF= vMain.fdf.inc index 31f615a9d0f9..a93a9970c8d2 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -173,6 +173,13 @@ [FV.FvMain] INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf =20 + # + # TPM2 support + # +!if $(TPM2_ENABLE) =3D=3D TRUE + INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +!endif + # # TianoCore logo (splash screen) # --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55013): https://edk2.groups.io/g/devel/message/55013 Mute This Topic: https://groups.io/mt/71587894/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55014+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55014+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814476; cv=none; d=zohomail.com; s=zohoarc; b=KkyXu3X68u4rPDH68SlDqsgv2aOYD/brwhQHGlWMXqa3+D5hdTANWZVtTnvNQOPk3lAJvPr+vQ4VjpEC3ofhGz7DZmXD5YJz08VtJkzDXySOgE0Vx094F4gxtzCQziw6qVENpji8KsR4AUN6XHdgZDE9GmH23rNPcb7fnrkuB4w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814476; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=SwesYDe333ztkV1OEbRgCsn932flhWUDI6kzCv3FhwM=; b=TGaGDmsy4jELzFUIdtOwTmJf5OOKgqt+PZ6aVRrxfSX/kRcWH8s4xrPL6mmnxcjHdOKlBrCTN9Q8xlwUPnBxUNEPIme5Ye+0ioOLP/gn3w543FedMKmANaBI0OJ+r+eQkLIXIdLHv+CKV67QVILVLqWIdEq1DEdcUwa8rnXqfp0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55014+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1582814476243936.2184698672961; Thu, 27 Feb 2020 06:41:16 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id tBiUYY1788612xkOsdY0deQZ; Thu, 27 Feb 2020 06:41:15 -0800 X-Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) by mx.groups.io with SMTP id smtpd.web10.5085.1582814474337228013 for ; Thu, 27 Feb 2020 06:41:14 -0800 X-Received: by mail-wr1-f49.google.com with SMTP id z15so3694775wrl.1 for ; Thu, 27 Feb 2020 06:41:14 -0800 (PST) X-Gm-Message-State: uKVABywgUQGAKCwM9rgECvw1x1787277AA= X-Google-Smtp-Source: APXvYqyEROhYPl241SmpOZtiWRR6eUluNU6VH2E20TEVI6V7V+twlyPTBmMhZ6kIi5st5PjWNz7Gww== X-Received: by 2002:a05:6000:1142:: with SMTP id d2mr5122377wrx.62.1582814472667; Thu, 27 Feb 2020 06:41:12 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:11 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 10/11] ArmVirtPkg/ArmVirtQemu: enable the TPM2 configuration module Date: Thu, 27 Feb 2020 15:40:55 +0100 Message-Id: <20200227144056.56988-11-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814475; bh=yvr/wCRYLViVat72Ag2rVoMPVkDSCiTwwAKEXcrfu2A=; h=Cc:Date:From:Reply-To:Subject:To; b=OwbXIYvT6rKKwzPL93MNCv3ZVvNd8lNofTEE7xFFFBVfTvhYgp9CAPQ0ghSYXJk1RJL nABumRdiBLtl3wfw4BTxf46jPm88ppl4AqtmmoJIBchdveoatygU8zP738kuzqEiaTxfO Ffa9fdj4cVCVXGy4d/2FKEcSjB0JLTlq11E= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" Enable the DXE phase component that publishes the HII pages and associated logic to enable TPM2 parameters to be configured by the user via the setup menu. This patch ports (parts of) the following commits to ArmVirtQemu: - 3103389043bd ("OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu", 2019-02-11) - cf3ad972a210 ("OvmfPkg: reorganize TPM2 support in DSC/FDF files", 2020-01-09) - f55477fe2d62 ("OvmfPkg: use HII type PCDs for TPM2 config related variables", 2020-01-09) Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- ArmVirtPkg/ArmVirtQemu.dsc | 9 +++++++++ ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 3 +++ 2 files changed, 12 insertions(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 598ac49b3c40..f93e13987db4 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -30,6 +30,7 @@ [Defines] DEFINE TTY_TERMINAL =3D FALSE DEFINE SECURE_BOOT_ENABLE =3D FALSE DEFINE TPM2_ENABLE =3D FALSE + DEFINE TPM2_CONFIG_ENABLE =3D FALSE =20 # # Network definition @@ -270,6 +271,11 @@ [PcdsDynamicDefault.common] [PcdsDynamicHii] gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGui= d|0x0|FALSE|NV,BS =20 +!if $(TPM2_CONFIG_ENABLE) =3D=3D TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_= VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2C= onfigFormSetGuid|0x8|3|NV,BS +!endif + ##########################################################################= ###### # # Components Section - list of all EDK II Modules needed by this Platform @@ -492,6 +498,9 @@ [Components.common] NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } +!if $(TPM2_CONFIG_ENABLE) =3D=3D TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif =20 # diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuF= vMain.fdf.inc index a93a9970c8d2..211f7aeb6f62 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -178,6 +178,9 @@ [FV.FvMain] # !if $(TPM2_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +!if $(TPM2_CONFIG_ENABLE) =3D=3D TRUE + INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif =20 # --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55014): https://edk2.groups.io/g/devel/message/55014 Mute This Topic: https://groups.io/mt/71587897/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 16:39:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+55015+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55015+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1582814477; cv=none; d=zohomail.com; s=zohoarc; b=CCBqvbVxwDX/f/Wsa0ZgCc6tktBByz/KVmX3UrebCaus4Jm29Db8c+b04wf/6N44Hn/FkfzxwHSBmTZ7QHUcWkyEEWQ15h5hywR7co3CJ+vVuL23Gj5H5ISsqpL0ZUXhKYuMKiqPuQFh5zxK/ofMbMHpt81E6fTVEvd+C7EIf7Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582814477; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=EExZ94V8I7vN38lt0kK50+2j1mwWGbPjJMeWp78FPiw=; b=TKPd8XIf8WlbFhTNezVyy7Ku+xdt5w3yYeQapECCMT0lFeAKkRDErRUJdIrsRcgyjrKRGIN0B/jf+CGg9LJ16Q23O3KJQCS/op2PWesE1uXJKBKJmg4MSFRMVNKXeyNEbSDhhg+gc+wF8zAFyZwuvm+5il752/vMT/eVviUzx2M= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+55015+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 158281447766666.52014414903067; Thu, 27 Feb 2020 06:41:17 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 8ligYY1788612xFwTBfk0PJw; Thu, 27 Feb 2020 06:41:16 -0800 X-Received: from mail-wr1-f66.google.com (mail-wr1-f66.google.com [209.85.221.66]) by mx.groups.io with SMTP id smtpd.web10.5086.1582814475656288346 for ; Thu, 27 Feb 2020 06:41:15 -0800 X-Received: by mail-wr1-f66.google.com with SMTP id v4so3642056wrs.8 for ; Thu, 27 Feb 2020 06:41:15 -0800 (PST) X-Gm-Message-State: qDBy5nJ4NwraZJh4UQsIsjuLx1787277AA= X-Google-Smtp-Source: APXvYqz2JdauFvzeKHt1p2ksXgzW/qhBxbFpZclaj3QfWVDjDddGoXPOq1T7AjvEvV6CaAeiqPt96w== X-Received: by 2002:a05:6000:100d:: with SMTP id a13mr4995558wrx.330.1582814473974; Thu, 27 Feb 2020 06:41:13 -0800 (PST) X-Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142]) by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 06:41:13 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [edk2-devel] [PATCH v4 11/11] ArmVirtPkg/ArmVirtQemu: enable TPM2 based measured boot Date: Thu, 27 Feb 2020 15:40:56 +0100 Message-Id: <20200227144056.56988-12-ard.biesheuvel@linaro.org> In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org> References: <20200227144056.56988-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1582814476; bh=Mzi5DYu2JqRyO4uh8rT7zKqt6o2juZpR4pYuY6csg2k=; h=Cc:Date:From:Reply-To:Subject:To; b=kmDxqzyozFNIgHl/GJi+DpCqDjJQ/wgostiK5hYNdUFsYoaIrsYQU5VV5AJPV9FQLdR DYZoc7XPb7I6PpgnZKUyAXAi+phspodh81NTKJwWW5yZX4H1kcPcseDaYuTRGKO9dTTan Ab7OlR6EZleflcUWFBY9Z6s2Dn3QxB1RXW0= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" Now that all the TPM2 related plumbing is in place, we can add the final piece that performs the measurements of loaded images into the appropriate PCRs. This patch ports commit d5a002aba0aa ("OvmfPkg: plug DxeTpm2MeasureBootLib into SecurityStubDxe", 2018-03-09) to ArmVirtQemu. Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- ArmVirtPkg/ArmVirtQemu.dsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index f93e13987db4..5e5f71e7fe8a 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -348,6 +348,9 @@ [Components.common] MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificatio= nLib.inf +!if $(TPM2_ENABLE) =3D=3D TRUE + NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib= .inf +!endif } SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDx= e.inf OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf --=20 2.20.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#55015): https://edk2.groups.io/g/devel/message/55015 Mute This Topic: https://groups.io/mt/71587898/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-