From nobody Wed May 1 03:00:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+79045+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79045+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1628617153; cv=none; d=zohomail.com; s=zohoarc; b=g1aOj5YOt4ufvoAh5eIN09926nD8umVRRT4qg7aNG7CzY7iPEx9ZDS/vR+UIOJzGon4UI6r7+dlSCGSvnIIETTvvtMjQfL2tF9MzDJ/lB42+j4GNXvpWVgPtm0sMKXSzU0W075tcJSIQp+WabVCa57r/ZkPLP5GY6rnCSeh5Ybw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1628617153; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=qH577Ktd3IHR3Qr/RjDCV7A3DUfqG5GJASGGSAiTtk0=; b=Rgkv8xCmtRNPDkzxKPf7EBSknLnnyPYJ7eLxOP0R82GKhnMtWNRnnVJJxEB4a9ELCoYJDJtp20nbzEk2KQOp/my2ZlIuUmfWUqFl0/h8ifcVrsy/45c8birHXMLLF920RCqxVbMml4I2Lc5VFpl28HkCslP+jh1bz0h1wo7n/24= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79045+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1628617153183618.1675368101578; Tue, 10 Aug 2021 10:39:13 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id IMpaYY1788612xLUx7saBfol; Tue, 10 Aug 2021 10:39:12 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web08.292.1628616035820303279 for ; Tue, 10 Aug 2021 10:20:36 -0700 X-Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17AH3n4s191720; Tue, 10 Aug 2021 13:20:34 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 3abg7kwny6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:34 -0400 X-Received: from m0098414.ppops.net (m0098414.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 17AH57MJ196327; Tue, 10 Aug 2021 13:20:34 -0400 X-Received: from ppma03wdc.us.ibm.com (ba.79.3fa9.ip4.static.sl-reverse.com [169.63.121.186]) by mx0b-001b2d01.pphosted.com with ESMTP id 3abg7kwnxn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:33 -0400 X-Received: from pps.filterd (ppma03wdc.us.ibm.com [127.0.0.1]) by ppma03wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 17AHHadu016204; Tue, 10 Aug 2021 17:20:33 GMT X-Received: from b03cxnp08027.gho.boulder.ibm.com (b03cxnp08027.gho.boulder.ibm.com [9.17.130.19]) by ppma03wdc.us.ibm.com with ESMTP id 3a9htcbd0x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 17:20:33 +0000 X-Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp08027.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 17AHKW7414287572 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 10 Aug 2021 17:20:32 GMT X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E026C7805C; Tue, 10 Aug 2021 17:20:31 +0000 (GMT) X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5C1B978063; Tue, 10 Aug 2021 17:20:31 +0000 (GMT) X-Received: from sbct-2.. (unknown [9.47.158.152]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Tue, 10 Aug 2021 17:20:31 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io, jiewen.yao@intel.com Cc: marcandre.lureau@redhat.com, lersek@redhat.com, dick_wilkins@phoenix.com, James.Bottomley@HansenPartnership.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v3 1/6] OvmfPkg/TPM: Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms Date: Tue, 10 Aug 2021 13:20:24 -0400 Message-Id: <20210810172029.4166819-2-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> References: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-GUID: EN_Rg-8Ce-3xOxRJ-qcRfGrpRItQdlkQ X-Proofpoint-ORIG-GUID: xneILotOtTKU_PNaq75ak5qDB9uSLnto X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: Fjmf28Qisyf3PBFAJyCvdLiFx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1628617152; bh=CB53pTS2eyWu2qmo8auWVKsB47JhAET/Igixr6BEOfQ=; h=Cc:Date:From:Reply-To:Subject:To; b=kGJpySqfNazwGCjHVQsELxQxDGGnNhpxnpobHVG278gDeMHpPxnvU2vHQfp27br0t7m G191fR6RZ6VHQhU1/gA+PLTOlZhJdT+aNKInXWkHO4t6NwvoeEKA6oPzcvp7NSwLgG86H bxVqlK1O5asz7sC0Ng/oI44g+JevuYfu0AQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1628617154234100005 Content-Type: text/plain; charset="utf-8" Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms. Modify it so that ConfigureTpmPlatformHierarchy() is the only public function provided by this file. Signed-off-by: Stefan Berger --- .../Include/Library/TpmPlatformHierarchyLib.h | 27 +++ .../PeiDxeTpmPlatformHierarchyLib.c | 210 ++++++++++++++++++ .../PeiDxeTpmPlatformHierarchyLib.inf | 40 ++++ 3 files changed, 277 insertions(+) create mode 100644 OvmfPkg/Include/Library/TpmPlatformHierarchyLib.h create mode 100644 OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpm= PlatformHierarchyLib.c create mode 100644 OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpm= PlatformHierarchyLib.inf diff --git a/OvmfPkg/Include/Library/TpmPlatformHierarchyLib.h b/OvmfPkg/In= clude/Library/TpmPlatformHierarchyLib.h new file mode 100644 index 0000000000..a872fa09dc --- /dev/null +++ b/OvmfPkg/Include/Library/TpmPlatformHierarchyLib.h @@ -0,0 +1,27 @@ +/** @file + TPM Platform Hierarchy configuration library. + + This library provides functions for customizing the TPM's Platform Hie= rarchy + Authorization Value (platformAuth) and Platform Hierarchy Authorization + Policy (platformPolicy) can be defined through this function. + +Copyright (c) 2019, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TPM_PLATFORM_HIERARCHY_LIB_H_ +#define _TPM_PLATFORM_HIERARCHY_LIB_H_ + +/** + This service will perform the TPM Platform Hierarchy configuration at t= he SmmReadyToLock event. + +**/ +VOID +EFIAPI +ConfigureTpmPlatformHierarchy ( + VOID + ); + +#endif diff --git a/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatfor= mHierarchyLib.c b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPl= atformHierarchyLib.c new file mode 100644 index 0000000000..ba2d99bb53 --- /dev/null +++ b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierar= chyLib.c @@ -0,0 +1,210 @@ +/** @file + TPM Platform Hierarchy configuration library. + + This library provides functions for customizing the TPM's Platform Hie= rarchy + Authorization Value (platformAuth) and Platform Hierarchy Authorization + Policy (platformPolicy) can be defined through this function. + + Copyright (c) 2019, Intel Corporation. All rights reserved.
+ Copyright (c) Microsoft Corporation.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Specification Reference: + https://trustedcomputinggroup.org/resource/tcg-tpm-v2-0-provisioning-g= uidance/ +**/ + +#include + +#include +#include +#include +#include +#include +#include + +// +// The authorization value may be no larger than the digest produced by th= e hash +// algorithm used for context integrity. +// +#define MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE + +UINT16 mAuthSize; + +/** + Generate high-quality entropy source through RDRAND. + + @param[in] Length Size of the buffer, in bytes, to fill with. + @param[out] Entropy Pointer to the buffer to store the entropy da= ta. + + @retval EFI_SUCCESS Entropy generation succeeded. + @retval EFI_NOT_READY Failed to request random data. + +**/ +EFI_STATUS +EFIAPI +RdRandGenerateEntropy ( + IN UINTN Length, + OUT UINT8 *Entropy + ) +{ + EFI_STATUS Status; + UINTN BlockCount; + UINT64 Seed[2]; + UINT8 *Ptr; + + Status =3D EFI_NOT_READY; + BlockCount =3D Length / 64; + Ptr =3D (UINT8 *)Entropy; + + // + // Generate high-quality seed for DRBG Entropy + // + while (BlockCount > 0) { + Status =3D GetRandomNumber128 (Seed); + if (EFI_ERROR (Status)) { + return Status; + } + CopyMem (Ptr, Seed, 64); + + BlockCount--; + Ptr =3D Ptr + 64; + } + + // + // Populate the remained data as request. + // + Status =3D GetRandomNumber128 (Seed); + if (EFI_ERROR (Status)) { + return Status; + } + CopyMem (Ptr, Seed, (Length % 64)); + + return Status; +} + +/** + This function returns the maximum size of TPM2B_AUTH; this structure is = used for an authorization value + and limits an authValue to being no larger than the largest digest produ= ced by a TPM. + + @param[out] AuthSize Tpm2 Auth size + + @retval EFI_SUCCESS Auth size returned. + @retval EFI_DEVICE_ERROR Can not return platform auth due to= device error. + +**/ +EFI_STATUS +EFIAPI +GetAuthSize ( + OUT UINT16 *AuthSize + ) +{ + EFI_STATUS Status; + TPML_PCR_SELECTION Pcrs; + UINTN Index; + UINT16 DigestSize; + + Status =3D EFI_SUCCESS; + + while (mAuthSize =3D=3D 0) { + + mAuthSize =3D SHA1_DIGEST_SIZE; + ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION)); + Status =3D Tpm2GetCapabilityPcrs (&Pcrs); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs fail!\n")); + break; + } + + DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - %08x\n", Pcrs.count)); + + for (Index =3D 0; Index < Pcrs.count; Index++) { + DEBUG ((DEBUG_ERROR, "alg - %x\n", Pcrs.pcrSelections[Index].hash)); + + switch (Pcrs.pcrSelections[Index].hash) { + case TPM_ALG_SHA1: + DigestSize =3D SHA1_DIGEST_SIZE; + break; + case TPM_ALG_SHA256: + DigestSize =3D SHA256_DIGEST_SIZE; + break; + case TPM_ALG_SHA384: + DigestSize =3D SHA384_DIGEST_SIZE; + break; + case TPM_ALG_SHA512: + DigestSize =3D SHA512_DIGEST_SIZE; + break; + case TPM_ALG_SM3_256: + DigestSize =3D SM3_256_DIGEST_SIZE; + break; + default: + DigestSize =3D SHA1_DIGEST_SIZE; + break; + } + + if (DigestSize > mAuthSize) { + mAuthSize =3D DigestSize; + } + } + break; + } + + *AuthSize =3D mAuthSize; + return Status; +} + +/** + Set PlatformAuth to random value. +**/ +VOID +RandomizePlatformAuth ( + VOID + ) +{ + EFI_STATUS Status; + UINT16 AuthSize; + UINT8 *Rand; + UINTN RandSize; + TPM2B_AUTH NewPlatformAuth; + + // + // Send Tpm2HierarchyChange Auth with random value to avoid PlatformAuth= being null + // + + GetAuthSize (&AuthSize); + + ZeroMem (NewPlatformAuth.buffer, AuthSize); + NewPlatformAuth.size =3D AuthSize; + + // + // Allocate one buffer to store random data. + // + RandSize =3D MAX_NEW_AUTHORIZATION_SIZE; + Rand =3D AllocatePool (RandSize); + + RdRandGenerateEntropy (RandSize, Rand); + CopyMem (NewPlatformAuth.buffer, Rand, AuthSize); + + FreePool (Rand); + + // + // Send Tpm2HierarchyChangeAuth command with the new Auth value + // + Status =3D Tpm2HierarchyChangeAuth (TPM_RH_PLATFORM, NULL, &NewPlatformA= uth); + DEBUG ((DEBUG_INFO, "Tpm2HierarchyChangeAuth Result: - %r\n", Status)); + ZeroMem (NewPlatformAuth.buffer, AuthSize); + ZeroMem (Rand, RandSize); +} + +/** + This service defines the configuration of the Platform Hierarchy Author= ization Value (platformAuth) + and Platform Hierarchy Authorization Policy (platformPolicy) + +**/ +VOID +EFIAPI +ConfigureTpmPlatformHierarchy ( + ) +{ + RandomizePlatformAuth (); +} diff --git a/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatfor= mHierarchyLib.inf b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpm= PlatformHierarchyLib.inf new file mode 100644 index 0000000000..a413e02302 --- /dev/null +++ b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierar= chyLib.inf @@ -0,0 +1,40 @@ +### @file +# +# TPM Platform Hierarchy configuration library. +# +# This library provides functions for customizing the TPM's Platform Hie= rarchy +# Authorization Value (platformAuth) and Platform Hierarchy Authorization +# Policy (platformPolicy) can be defined through this function. +# +# Copyright (c) 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +### + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D PeiDxeTpmPlatformHierarchyLib + FILE_GUID =3D 7794F92C-4E8E-4E57-9E4A-49A0764C7D73 + MODULE_TYPE =3D PEIM + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D TpmPlatformHierarchyLib|PEIM DXE_DRIV= ER + +[LibraryClasses] + BaseLib + BaseMemoryLib + DebugLib + MemoryAllocationLib + RngLib + Tpm2CommandLib + Tpm2DeviceLib + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + +[Sources] + PeiDxeTpmPlatformHierarchyLib.c --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#79045): https://edk2.groups.io/g/devel/message/79045 Mute This Topic: https://groups.io/mt/84798631/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed May 1 03:00:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+79046+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79046+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1628617154; cv=none; d=zohomail.com; s=zohoarc; b=jGuzj8dBM79biGHXKnctQgL6R/My9y7ri2y2dgITn+ZG6zFoMvQuTFhje5RxchUWZcPS4W6A/7jeBw1J01V6vAjMnVgB0FWpiolJ8QymkooZGCGUiXvo7qaeizwDPyIC6rWWmvvNzK5KlEvFqkNsxru8WOLPoXCPzs5YnsdgMEI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1628617154; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=8ZO8bLciogxlWbv/zHZapg3flZCQK8PZzqwN/6D6BFU=; b=Fecj4GnIIE1VFqP9GByuHKZFiddPA5hSGdbhS3wO+73+NFDHYJRuA9jn3wQO9EEYkf6NvVnEm1zDYkYitInmctDWKgtaYs9XWQsPjB5HL80ifaBuYKiBeTErr500Mf6RUj84+7HmHpvfQ83YFDusjlCwLi5Q6JVTsHIacyjjWK0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79046+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1628617154510199.21007955085918; Tue, 10 Aug 2021 10:39:14 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id uhBkYY1788612xtHo3NXXA6C; Tue, 10 Aug 2021 10:39:14 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web10.277.1628616036476883416 for ; Tue, 10 Aug 2021 10:20:36 -0700 X-Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17AH3XWi130571; Tue, 10 Aug 2021 13:20:36 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aam0n9d95-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:35 -0400 X-Received: from m0098393.ppops.net (m0098393.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 17AHHmLi036440; Tue, 10 Aug 2021 13:20:35 -0400 X-Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aam0n9d8m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:35 -0400 X-Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1]) by ppma04dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 17AHHxMi010036; Tue, 10 Aug 2021 17:20:34 GMT X-Received: from b03cxnp08027.gho.boulder.ibm.com (b03cxnp08027.gho.boulder.ibm.com [9.17.130.19]) by ppma04dal.us.ibm.com with ESMTP id 3a9htd4ex5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 17:20:33 +0000 X-Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp08027.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 17AHKWXD15991310 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 10 Aug 2021 17:20:32 GMT X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9D1387805C; Tue, 10 Aug 2021 17:20:32 +0000 (GMT) X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 102B478063; Tue, 10 Aug 2021 17:20:32 +0000 (GMT) X-Received: from sbct-2.. (unknown [9.47.158.152]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Tue, 10 Aug 2021 17:20:31 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io, jiewen.yao@intel.com Cc: marcandre.lureau@redhat.com, lersek@redhat.com, dick_wilkins@phoenix.com, James.Bottomley@HansenPartnership.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v3 2/6] OvmfPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib Date: Tue, 10 Aug 2021 13:20:25 -0400 Message-Id: <20210810172029.4166819-3-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> References: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: Fu1-hnZS9zuEHQzc8BlRkqDvnfZQIYcF X-Proofpoint-ORIG-GUID: GKVUT_4bXNj_5Eqf1T00Z0vJ6NpWzsuz Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: EYC5bBAzvTGa9ha8uwIbMyQOx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1628617154; bh=2fYHnV3SLGkRPYPnC04rbTGmhmyxmV0p0D81yhJdwpE=; h=Cc:Date:From:Reply-To:Subject:To; b=XZLYt+mIgN3igICDa9R0ZwAm7pEe2+P7udhmPHOuwteEPRGy6AAaBomZqkQ5H2SdY02 YKif/LyWwcRBuvM4miJRlrcCZUWvsdpOgtPYuVG8e5LDTnvl3CfpJkCqBiEJIYV74JNGE htJElEAWOZ6UHqBpqBzsvcnCzB5JsklVdyw= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1628617156389100021 Content-Type: text/plain; charset="utf-8" Add a NULL implementation of the library class TpmPlatformHierarchyLib Signed-off-by: Stefan Berger --- .../PeiDxeTpmPlatformHierarchyLib.c | 19 ++++++++++++ .../PeiDxeTpmPlatformHierarchyLib.inf | 31 +++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDx= eTpmPlatformHierarchyLib.c create mode 100644 OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDx= eTpmPlatformHierarchyLib.inf diff --git a/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPla= tformHierarchyLib.c b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/Pei= DxeTpmPlatformHierarchyLib.c new file mode 100644 index 0000000000..a4d38a1465 --- /dev/null +++ b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHi= erarchyLib.c @@ -0,0 +1,19 @@ +/** @file + Null TPM Platform Hierarchy configuration library. + + This library provides stub functions for customizing the TPM's Platfor= m Hierarchy. + + Copyright (c) 2021, IBM Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +VOID +EFIAPI +ConfigureTpmPlatformHierarchy ( + ) +{ + /* no nothing */ +} diff --git a/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPla= tformHierarchyLib.inf b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/P= eiDxeTpmPlatformHierarchyLib.inf new file mode 100644 index 0000000000..f0c474d57c --- /dev/null +++ b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHi= erarchyLib.inf @@ -0,0 +1,31 @@ +### @file +# +# TPM Platform Hierarchy configuration library. +# +# This library provides functions for customizing the TPM's Platform Hie= rarchy +# Authorization Value (platformAuth) and Platform Hierarchy Authorization +# Policy (platformPolicy) can be defined through this function. +# +# Copyright (c) 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +### + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D PeiDxeTpmPlatformHierarchyLibNull + FILE_GUID =3D 7794F92C-4E8E-4E57-9E4A-49A0764C7D73 + MODULE_TYPE =3D PEIM + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D TpmPlatformHierarchyLib|PEIM DXE_DRIV= ER + +[LibraryClasses] + BaseLib + +[Packages] + MdePkg/MdePkg.dec + +[Sources] + PeiDxeTpmPlatformHierarchyLib.c --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#79046): https://edk2.groups.io/g/devel/message/79046 Mute This Topic: https://groups.io/mt/84798632/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed May 1 03:00:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+79047+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79047+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1628617152; cv=none; d=zohomail.com; s=zohoarc; b=LRwbGFvr3yPaRISoJ+0uxBE+3RoSBHa2l2z003WivrPSEWXKzmWRllm0CNeoAFKwmMoojSQPyEruv7v7ltj528SkzMVMv6xAQNoqzWUu00FxKH7runmJ2CldF0uW+2sTf745swxz2LTehMcI7OLPPRzoWgBq6FDoUmU7rSkuR6M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1628617152; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=pijnLcYsT07XY8VZyX3EtKiTjKen1nOaSACZ+SlcQL0=; b=LsjTfRORI+BhjLfUxGQ68HSsJOWN9TG1dRCqzjr0K3qybB7JDXxhReV8mffpj00upQpQI1N03tsddJ6HexXHUZ42giEFC1teQlpMKTkMRWbiUapjokM9vLGwAv00qU9I1vQkhugbM4iOMcA0qmSv0BTe78pU7DwJYwDPk3CGHZk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79047+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1628617152147677.2583760917789; Tue, 10 Aug 2021 10:39:12 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 9JQIYY1788612xkfTixReudG; Tue, 10 Aug 2021 10:39:11 -0700 X-Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web09.255.1628616036429785574 for ; Tue, 10 Aug 2021 10:20:36 -0700 X-Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17AH34qr109756; Tue, 10 Aug 2021 13:20:35 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3abt96xtb8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:35 -0400 X-Received: from m0098421.ppops.net (m0098421.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 17AH35Ex109922; Tue, 10 Aug 2021 13:20:35 -0400 X-Received: from ppma04wdc.us.ibm.com (1a.90.2fa9.ip4.static.sl-reverse.com [169.47.144.26]) by mx0a-001b2d01.pphosted.com with ESMTP id 3abt96xtau-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:35 -0400 X-Received: from pps.filterd (ppma04wdc.us.ibm.com [127.0.0.1]) by ppma04wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 17AHH1OW022440; Tue, 10 Aug 2021 17:20:34 GMT X-Received: from b03cxnp08028.gho.boulder.ibm.com (b03cxnp08028.gho.boulder.ibm.com [9.17.130.20]) by ppma04wdc.us.ibm.com with ESMTP id 3a9htcbdt0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 17:20:34 +0000 X-Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp08028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 17AHKXFJ37945786 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 10 Aug 2021 17:20:33 GMT X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 50B527806D; Tue, 10 Aug 2021 17:20:33 +0000 (GMT) X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B78FE78064; Tue, 10 Aug 2021 17:20:32 +0000 (GMT) X-Received: from sbct-2.. (unknown [9.47.158.152]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Tue, 10 Aug 2021 17:20:32 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io, jiewen.yao@intel.com Cc: marcandre.lureau@redhat.com, lersek@redhat.com, dick_wilkins@phoenix.com, James.Bottomley@HansenPartnership.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v3 3/6] OvmfPkg: Reference new TPM classes in the build system for compilation Date: Tue, 10 Aug 2021 13:20:26 -0400 Message-Id: <20210810172029.4166819-4-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> References: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 0iU16eS91CUpoxDHV-qDIbI8lwJy4Nv9 X-Proofpoint-GUID: B8S193WvIHSxrtsBGxd6PH9qvUHwJX8f Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: qvu2DzaB7fABsAEzBcPSFRlkx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1628617151; bh=JBl1qsoWPuCKtcJPIHnDlwqzNvfP6s5clyysV4BREVM=; h=Cc:Date:From:Reply-To:Subject:To; b=b1VZPzZAMInL81JzQQZxxUNAc9wRhPt3p3agxmgPpcEjHGU/8e9S2+jHSSCg4v43ppW N/+WwYhSpgBUSjQ/YCbR8/Xm+ZbhKwIyiAs7dLZwZlCdmCH1DBbDdR+7KNIL1LBLgp74N 4Pq3idlcW8Xl4SnQD5Ke4oRY5ftDO1is6dY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1628617154112100001 Content-Type: text/plain; charset="utf-8" Compile the added TPM related code now. Signed-off-by: Stefan Berger --- OvmfPkg/AmdSev/AmdSevX64.dsc | 3 +++ OvmfPkg/Bhyve/BhyveX64.dsc | 1 + .../Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 1 + OvmfPkg/OvmfPkgIa32.dsc | 3 +++ OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ OvmfPkg/OvmfPkgX64.dsc | 3 +++ OvmfPkg/OvmfXen.dsc | 1 + 7 files changed, 15 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index e6cd10b759..db1deffcc8 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -209,9 +209,11 @@ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/Pe= iDxeTpmPlatformHierarchyLib.inf !else Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf !endif =20 [LibraryClasses.common] @@ -836,6 +838,7 @@ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLi= b/PeiDxeTpmPlatformHierarchyLib.inf NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc index d8fe607d1c..76904ae614 100644 --- a/OvmfPkg/Bhyve/BhyveX64.dsc +++ b/OvmfPkg/Bhyve/BhyveX64.dsc @@ -224,6 +224,7 @@ =20 Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf diff --git a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.= inf b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf index e470b9a6a3..e7d1917022 100644 --- a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +++ b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf @@ -56,6 +56,7 @@ PlatformBmPrintScLib Tcg2PhysicalPresenceLib XenPlatformLib + TpmPlatformHierarchyLib =20 [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index d1d92c97ba..7c2948c5e9 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -235,9 +235,11 @@ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/Pe= iDxeTpmPlatformHierarchyLib.inf !else Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf !endif =20 [LibraryClasses.common] @@ -711,6 +713,7 @@ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLi= b/PeiDxeTpmPlatformHierarchyLib.inf NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index a467ab7090..88a014510f 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -239,9 +239,11 @@ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/Pe= iDxeTpmPlatformHierarchyLib.inf !else Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf !endif =20 [LibraryClasses.common] @@ -1034,6 +1036,7 @@ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLi= b/PeiDxeTpmPlatformHierarchyLib.inf NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index e56b83d95e..ca434a5faa 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -239,9 +239,11 @@ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibN= ull.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/Pe= iDxeTpmPlatformHierarchyLib.inf !else Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf !endif =20 [LibraryClasses.common] @@ -723,6 +725,7 @@ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterPei.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLi= b/PeiDxeTpmPlatformHierarchyLib.inf NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 3c1ca6bfd4..b01873843b 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -216,6 +216,7 @@ =20 Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf RealTimeClockLib|OvmfPkg/Library/XenRealTimeClockLib/XenRealTimeClockLib= .inf TimeBaseLib|EmbeddedPkg/Library/TimeBaseLib/TimeBaseLib.inf !ifdef $(DEBUG_ON_HYPERVISOR_CONSOLE) --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#79047): https://edk2.groups.io/g/devel/message/79047 Mute This Topic: https://groups.io/mt/84798633/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed May 1 03:00:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+79049+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79049+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1628617154; cv=none; d=zohomail.com; s=zohoarc; b=JJe3XKGawKyZoBAXwsBQras6h4Q10cWFyvJkLEAznzpEi+wSVI7NNcc1ELXaWuenEyuNn7iQxRZEHj7WLi3T1E7k/i3xaZ1CDLvFUICHR7MGVkNcB53e++8DS+FvUoTHAxlWf0VmEG0lpbik1TRcNXaiNfflNFqitAf/u5C/bRM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1628617154; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=QIXsY2nip4gdo5xCRdyOAN7MwhtUqq94+I3Wv+eF5zU=; b=dFS7oH+hlDTWG/Qs4lFxGd51J+QOv7/A49RHJ31ssChSnhgY1CMAhrVDDUbX6KG7gF2jbOj7G4miRxHxBH7y2BtzeUCupNFmxxJdf27z78K0rdB8SmBZ4VTLnre/3t5pjsfUyZ3H/mTqk5bEz3aqdZ6JnbULYbutt/gEs/dWCWQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79049+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1628617153984171.06535422929983; Tue, 10 Aug 2021 10:39:13 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id s9BgYY1788612xqaE60GfTAM; Tue, 10 Aug 2021 10:39:13 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web12.281.1628616037424308656 for ; Tue, 10 Aug 2021 10:20:37 -0700 X-Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17AHFqVe170722; Tue, 10 Aug 2021 13:20:36 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 3abb7pc33s-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:36 -0400 X-Received: from m0098420.ppops.net (m0098420.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 17AHGwND174081; Tue, 10 Aug 2021 13:20:36 -0400 X-Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0b-001b2d01.pphosted.com with ESMTP id 3abb7pc33j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:36 -0400 X-Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 17AHGlWi008662; Tue, 10 Aug 2021 17:20:35 GMT X-Received: from b03cxnp07029.gho.boulder.ibm.com (b03cxnp07029.gho.boulder.ibm.com [9.17.130.16]) by ppma03dal.us.ibm.com with ESMTP id 3a9htd4bbc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 17:20:35 +0000 X-Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp07029.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 17AHKY4B45547892 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 10 Aug 2021 17:20:34 GMT X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EDC227806A; Tue, 10 Aug 2021 17:20:33 +0000 (GMT) X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6ADAA78070; Tue, 10 Aug 2021 17:20:33 +0000 (GMT) X-Received: from sbct-2.. (unknown [9.47.158.152]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Tue, 10 Aug 2021 17:20:33 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io, jiewen.yao@intel.com Cc: marcandre.lureau@redhat.com, lersek@redhat.com, dick_wilkins@phoenix.com, James.Bottomley@HansenPartnership.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v3 4/6] OvmfPkg: Disable the TPM2 platform hierarchy Date: Tue, 10 Aug 2021 13:20:27 -0400 Message-Id: <20210810172029.4166819-5-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> References: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: CO53fCstMAKBecGIDn2VKtixjO22tOmD X-Proofpoint-GUID: GGQLhG1zSD_LmNE9txKJADmDXdv4v_Q7 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: Svm8hn6McneF0rvU48rl6wQLx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1628617153; bh=BDomkkKie8RwgoJ6Si7thl2ubXqGwil1fW/cE6L9dRA=; h=Cc:Date:From:Reply-To:Subject:To; b=sLw2AR3YU0mznw90t3L2LX4kK21imcpOqFxpT61zDmoWc05x5wlyS9QtewpIHx1OnRH yZ+gstVhN8z9Phe3a/CGSP0jwZRCkt8mqAGNk3eSrPW+PhybPchEP+auFljNdJWoIC1qs 2u0fg3oiYpyg5XxUoyi/NsnRq7Mpzb9buEo= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1628617156328100019 Content-Type: text/plain; charset="utf-8" Use the newly added function to disable the TPM2 platform hierarchy. Signed-off-by: Stefan Berger --- OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c | 6 ++++++ OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c | 6 ++++++ OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c | 6 ++++++ 3 files changed, 18 insertions(+) diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg= /Library/PlatformBootManagerLib/BdsPlatform.c index b0e9742937..5bf145ba25 100644 --- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c @@ -11,6 +11,7 @@ #include #include #include +#include #include =20 =20 @@ -1516,6 +1517,11 @@ PlatformBootManagerAfterConsole ( // Tcg2PhysicalPresenceLibProcessRequest (NULL); =20 + // + // Disable the TPM 2 platform hierarchy + // + ConfigureTpmPlatformHierarchy (); + // // Process QEMU's -kernel command line option // diff --git a/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c b/Ov= mfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c index eaade4adea..09418dc4ff 100644 --- a/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c @@ -12,6 +12,7 @@ #include #include #include +#include =20 #include =20 @@ -1450,6 +1451,11 @@ PlatformBootManagerAfterConsole ( // Tcg2PhysicalPresenceLibProcessRequest (NULL); =20 + // + // Disable the TPM 2 platform hierarchy + // + ConfigureTpmPlatformHierarchy (); + // // Perform some platform specific connect sequence // diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c b/Ovm= fPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c index 7cceeea487..508e2b6403 100644 --- a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c @@ -12,6 +12,7 @@ #include #include #include +#include =20 =20 // @@ -1315,6 +1316,11 @@ PlatformBootManagerAfterConsole ( // Tcg2PhysicalPresenceLibProcessRequest (NULL); =20 + // + // Disable the TPM 2 platform hierachy + // + ConfigureTpmPlatformHierarchy (); + // // Process QEMU's -kernel command line option // --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#79049): https://edk2.groups.io/g/devel/message/79049 Mute This Topic: https://groups.io/mt/84798635/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed May 1 03:00:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+79050+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79050+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1628617153; cv=none; d=zohomail.com; s=zohoarc; b=IuLs920sGaP87rR4GGr+SGXxLaUWWcWwP6VLMJyhQBfoqdGuMWHTxWSA2RvFS+m0j6ITmV0w69gusWEvL9M7aI+VdJbp74m7qPXrU47JhFCeARA4/N7FUHeQvo+j+Qa7t1SqSA7h61QHQ0A4nb74rTp1luZL06lCUi1zu7J0Mn8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1628617153; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=RBCcirUtPt33hGypp1T3Krh1yZMhPZm2OBHGJ5gpHjo=; b=aDN7f7/KhHlKNEZcqBsBEHdJyL8fCQehfqX6jtM0AeH5pX+iI+4jAcm6czsQ5RYKl7u66Wq/qO6kT/o/7Gna7CPYHLYnCvAHHOb5zZkGa/tMZKM+q7j31VWO1Fg3UUKKAuLj0mLwlZ28PzRzYK+DRTAT6ZFoN58fjDzaSo/LVU0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79050+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1628617153610851.1478213949736; Tue, 10 Aug 2021 10:39:13 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id q6wyYY1788612xUdDxf8omUZ; Tue, 10 Aug 2021 10:39:13 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web08.294.1628616038126859920 for ; Tue, 10 Aug 2021 10:20:38 -0700 X-Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17AH4VaB145469; Tue, 10 Aug 2021 13:20:38 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3abr2utq0x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:37 -0400 X-Received: from m0098396.ppops.net (m0098396.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 17AH4qWK146520; Tue, 10 Aug 2021 13:20:37 -0400 X-Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122]) by mx0a-001b2d01.pphosted.com with ESMTP id 3abr2utq0m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:37 -0400 X-Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1]) by ppma04dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 17AHHwcc010011; Tue, 10 Aug 2021 17:20:36 GMT X-Received: from b03cxnp07029.gho.boulder.ibm.com (b03cxnp07029.gho.boulder.ibm.com [9.17.130.16]) by ppma04dal.us.ibm.com with ESMTP id 3a9htd4ey2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 17:20:36 +0000 X-Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp07029.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 17AHKYTQ35455262 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 10 Aug 2021 17:20:34 GMT X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A0ED57805E; Tue, 10 Aug 2021 17:20:34 +0000 (GMT) X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1DA6E7805C; Tue, 10 Aug 2021 17:20:34 +0000 (GMT) X-Received: from sbct-2.. (unknown [9.47.158.152]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Tue, 10 Aug 2021 17:20:34 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io, jiewen.yao@intel.com Cc: marcandre.lureau@redhat.com, lersek@redhat.com, dick_wilkins@phoenix.com, James.Bottomley@HansenPartnership.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v3 5/6] ArmVirtPkg: Reference new TPM classes in the build system for compilation Date: Tue, 10 Aug 2021 13:20:28 -0400 Message-Id: <20210810172029.4166819-6-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> References: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 6LX1AJmDxGwdTX3zxXc7obgs4c8vfdPW X-Proofpoint-ORIG-GUID: zQvZx06-XhH0YOOEBs1iNiUsN1k4yYI6 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: DBBLR1Qtc2GJPqSuslwLLlw7x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1628617153; bh=13pQpBlIhlz2atYqqxguhM+qv7Zm7i8QyCq0sDgBeyI=; h=Cc:Date:From:Reply-To:Subject:To; b=jSq5VenJVfOdKruL9LtalL9rpnz3vvgFSNAlUn09/VJRjcXkdcZKHdfZUqpmU5rryny 7znhx1OqeC4GZMWvS2D88CuZEc1x1Fr1s2pOZMT15U0ETVolUfTThqgT5vxl7ENchapCl f5r80tA9mZkZKDCWZa10nVw5sx7NSDQRePs= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1628617154316100014 Content-Type: text/plain; charset="utf-8" Signed-off-by: Stefan Berger --- ArmVirtPkg/ArmVirtCloudHv.dsc | 1 + ArmVirtPkg/ArmVirtQemu.dsc | 3 +++ ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 + ArmVirtPkg/ArmVirtXen.dsc | 1 + 4 files changed, 6 insertions(+) diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc index f292ba6079..cb135d08d9 100644 --- a/ArmVirtPkg/ArmVirtCloudHv.dsc +++ b/ArmVirtPkg/ArmVirtCloudHv.dsc @@ -55,6 +55,7 @@ PciHostBridgeUtilityLib|ArmVirtPkg/Library/ArmVirtPciHostBridgeUtilityLi= b/ArmVirtPciHostBridgeUtilityLib.inf =20 TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf =20 !include MdePkg/MdeLibs.dsc.inc =20 diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 97539edef7..10dfc382b5 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -86,8 +86,10 @@ Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/Pe= iDxeTpmPlatformHierarchyLib.inf !else TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf !endif =20 [LibraryClasses.common.PEIM] @@ -523,6 +525,7 @@ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypt= oRouterDxe.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR= outerDxe.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLi= b/PeiDxeTpmPlatformHierarchyLib.inf NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKerne= l.dsc index 28064199c8..d89da457e0 100644 --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc @@ -80,6 +80,7 @@ PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridge= Lib.inf PciHostBridgeUtilityLib|OvmfPkg/Library/PciHostBridgeUtilityLib/PciHostB= ridgeUtilityLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf =20 [LibraryClasses.common.DXE_DRIVER] ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRepor= tStatusCodeLib.inf diff --git a/ArmVirtPkg/ArmVirtXen.dsc b/ArmVirtPkg/ArmVirtXen.dsc index 2b07a5ba19..e41259fa54 100644 --- a/ArmVirtPkg/ArmVirtXen.dsc +++ b/ArmVirtPkg/ArmVirtXen.dsc @@ -50,6 +50,7 @@ PlatformBootManagerLib|ArmPkg/Library/PlatformBootManagerLib/PlatformBoo= tManagerLib.inf CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Customize= dDisplayLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf + TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNul= l/PeiDxeTpmPlatformHierarchyLib.inf =20 [LibraryClasses.common.UEFI_DRIVER] UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#79050): https://edk2.groups.io/g/devel/message/79050 Mute This Topic: https://groups.io/mt/84798636/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed May 1 03:00:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+79051+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79051+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1628617154; cv=none; d=zohomail.com; s=zohoarc; b=HXCWbevKFb5N/GQwpxqM4sztEXfS79U6ck6KCDNkBFTShyFhOiaPl4GM4Yv4NqyOL1b2Q1uWbNolHtaIet5InjjFpyJhWr6LLv9Pe3qHCiQLtgTpUTXaE3w8qyFvIxXaKrOhlQkiO6AaE4L3M2kPJeeFzqVXo0WGS4TLf/Wa1eM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1628617154; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=/iuOQW60lQjsPb5tbdB4TcZ1/iSh56TzYXfkUDmkBjU=; b=PaDIik48WXC58rfxBEOJaRWnwdSfivzVvWxSz4mwZ0/Udv1PtHhSbk3oFX3vj9ppE8NHiVvTLwqiOoHWeVdPlY3dRVWeFVSm8haCzIIl7bmedhFQDX7XAdBTty6JwPvwDHCI8CTUgMSWye+q0uA9el5feUMeVKm6B1P2a1ocX0A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79051+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1628617154899347.51096748680675; Tue, 10 Aug 2021 10:39:14 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id Fvx5YY1788612xmjYYdPGq3D; Tue, 10 Aug 2021 10:39:14 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web11.262.1628616038557533058 for ; Tue, 10 Aug 2021 10:20:38 -0700 X-Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17AHEKFN029347; Tue, 10 Aug 2021 13:20:38 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aam0n9dae-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:38 -0400 X-Received: from m0098393.ppops.net (m0098393.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 17AHJNBm044520; Tue, 10 Aug 2021 13:20:37 -0400 X-Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aam0n9da0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 13:20:37 -0400 X-Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1]) by ppma04dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 17AHHwjn010000; Tue, 10 Aug 2021 17:20:36 GMT X-Received: from b03cxnp08025.gho.boulder.ibm.com (b03cxnp08025.gho.boulder.ibm.com [9.17.130.17]) by ppma04dal.us.ibm.com with ESMTP id 3a9htd4eye-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Aug 2021 17:20:36 +0000 X-Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp08025.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 17AHKZ6954198778 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 10 Aug 2021 17:20:35 GMT X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5DB6A78063; Tue, 10 Aug 2021 17:20:35 +0000 (GMT) X-Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C514478066; Tue, 10 Aug 2021 17:20:34 +0000 (GMT) X-Received: from sbct-2.. (unknown [9.47.158.152]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Tue, 10 Aug 2021 17:20:34 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io, jiewen.yao@intel.com Cc: marcandre.lureau@redhat.com, lersek@redhat.com, dick_wilkins@phoenix.com, James.Bottomley@HansenPartnership.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v3 6/6] ArmVirtPkg: Disable the TPM2 platform hierarchy Date: Tue, 10 Aug 2021 13:20:29 -0400 Message-Id: <20210810172029.4166819-7-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> References: <20210810172029.4166819-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: u2KkjVphwXkJb0javDtQL5KgEqc6fqPW X-Proofpoint-ORIG-GUID: 3f-g8l_NWQCnlzPIHEAHo6-61Okp3kdn Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: BCVZAphV1OA3Kj5lFK9Wlvwcx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1628617154; bh=AMjJsTzJjnctm93+PWisTsmesmLj4IQymr/BveEsMEs=; h=Cc:Date:From:Reply-To:Subject:To; b=AGo3agGxmQqrmxuOLiAVvRzjcsZWsyDrxEV7aNqsCZhwj/MvIZVDwZuhukoX+lM06T/ yY2X1Z3beHeFBT27j8ZoAFbXv/JDYtJVqO7XPxvSCgVHoymjar/VNUhsygChsbPIVJ3Ar OO2oK0Z/9mL1cJJ1JRDhqt7sIIBL7DRwkWY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1628617156413100023 Content-Type: text/plain; charset="utf-8" Use the newly added function to disable the TPM2 platform hierarchy. Signed-off-by: Stefan Berger --- ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c | 6 ++++++ .../PlatformBootManagerLib/PlatformBootManagerLib.inf | 1 + 2 files changed, 7 insertions(+) diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c b/ArmVi= rtPkg/Library/PlatformBootManagerLib/PlatformBm.c index 69448ff65b..a45824ab06 100644 --- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c +++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include #include @@ -832,6 +833,11 @@ PlatformBootManagerAfterConsole ( EfiBootManagerConnectAll (); } =20 + // + // Disable the TPM 2 platform hierarchy + // + ConfigureTpmPlatformHierarchy (); + // // Enumerate all possible boot options, then filter and reorder them bas= ed on // the QEMU configuration. diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerL= ib.inf b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.i= nf index 11f52e019b..cead956bfc 100644 --- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf @@ -51,6 +51,7 @@ UefiBootServicesTableLib UefiLib UefiRuntimeServicesTableLib + TpmPlatformHierarchyLib =20 [FixedPcd] gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#79051): https://edk2.groups.io/g/devel/message/79051 Mute This Topic: https://groups.io/mt/84798637/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-