From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80455+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80455+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231229; cv=none; d=zohomail.com; s=zohoarc; b=Bx9BSm6Ynmk0JHMr5VmR4RE/rYMqBXY5h50ywAd5ZqonEu3fuCNqatrFYBr5VXp+uJiVmpg6K04xjABdq3JwCCjaN2nF3waKqcDWH3N1+E1y03Te0FlCAXwTEbFVB+j8HRI0ubSGHemEjQq7+aGBL1xbOLp+UZgRhp1SO+mzLRw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231229; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=100zeT071iI8v933eyG1bioSDvkUlbvXI2jypwM6rbk=; b=ibRA0ha9YAPMBNUAvo/YIHTIDXzeqt9GgzulbCnTwF/Un3K+eg1llv49On/rVbXLkqhfJryinf1YqxfdCxB6ERgNvtn8l7h5kcP/ORDhLTB9pSnC3wTNq9z6RIJ2itOusiNSvyfVes+T2J81Y5nqZ3PWX/JFGqeosM2dXSw3okM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80455+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 163123122943986.64945405229503; Thu, 9 Sep 2021 16:47:09 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jM3tYY1788612xI3NK0YHVRL; Thu, 09 Sep 2021 16:47:09 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web11.2554.1631208942947188672 for ; Thu, 09 Sep 2021 10:35:43 -0700 X-Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HY6iH062179; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3ayk6y6crc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from m0098396.ppops.net (m0098396.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HY8uZ062295; Thu, 9 Sep 2021 13:35:41 -0400 X-Received: from ppma03wdc.us.ibm.com (ba.79.3fa9.ip4.static.sl-reverse.com [169.63.121.186]) by mx0a-001b2d01.pphosted.com with ESMTP id 3ayk6y6cqx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:41 -0400 X-Received: from pps.filterd (ppma03wdc.us.ibm.com [127.0.0.1]) by ppma03wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HNRKB027215; Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma03wdc.us.ibm.com with ESMTP id 3axcnqax6j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:40 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZdNP42271184 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:39 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8FD82AC068; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 73691AC064; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 1/9] SecurityPkg/TPM: Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms Date: Thu, 9 Sep 2021 13:35:30 -0400 Message-Id: <20210909173538.2380673-2-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 8yZ9dE_3KOHEkKGsh5VmYLQS499Jv6ZA X-Proofpoint-ORIG-GUID: KTaz6q3rnoygR8bw89VOhEZC6Tz85nGg X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: qHG3GcSqBMhZqXSwSXjth0q5x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231229; bh=CbIMzuV51oycISAs2i1aNeRvDozsDzfuO+dg4gn2q6Q=; h=Cc:Date:From:Reply-To:Subject:To; b=oU8TxFOQ3Mb//AItg5t3kCeYebmKmeoSdLOxTrft1zqKfysG/idWdU27/vgKSE6qrrd yuhMSo+WUEu1ANb/bz+y6FaIocybfGvrxNgdIRgdZMzrukoZ+pXj0CD6T/M+KHydz9aUg tWF/PFvDhYG51M54OMC0UP3UfLj1moE0o14= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231230793100007 Content-Type: text/plain; charset="utf-8" Import PeiDxeTpmPlatformHierarchyLib from edk2-platforms without any modifications. Signed-off-by: Stefan Berger --- .../Include/Library/TpmPlatformHierarchyLib.h | 27 ++ .../PeiDxeTpmPlatformHierarchyLib.c | 266 ++++++++++++++++++ .../PeiDxeTpmPlatformHierarchyLib.inf | 45 +++ 3 files changed, 338 insertions(+) create mode 100644 SecurityPkg/Include/Library/TpmPlatformHierarchyLib.h create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDx= eTpmPlatformHierarchyLib.c create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDx= eTpmPlatformHierarchyLib.inf diff --git a/SecurityPkg/Include/Library/TpmPlatformHierarchyLib.h b/Securi= tyPkg/Include/Library/TpmPlatformHierarchyLib.h new file mode 100644 index 0000000000..a872fa09dc --- /dev/null +++ b/SecurityPkg/Include/Library/TpmPlatformHierarchyLib.h @@ -0,0 +1,27 @@ +/** @file + TPM Platform Hierarchy configuration library. + + This library provides functions for customizing the TPM's Platform Hie= rarchy + Authorization Value (platformAuth) and Platform Hierarchy Authorization + Policy (platformPolicy) can be defined through this function. + +Copyright (c) 2019, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TPM_PLATFORM_HIERARCHY_LIB_H_ +#define _TPM_PLATFORM_HIERARCHY_LIB_H_ + +/** + This service will perform the TPM Platform Hierarchy configuration at t= he SmmReadyToLock event. + +**/ +VOID +EFIAPI +ConfigureTpmPlatformHierarchy ( + VOID + ); + +#endif diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPla= tformHierarchyLib.c b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/Pei= DxeTpmPlatformHierarchyLib.c new file mode 100644 index 0000000000..9812ab99ab --- /dev/null +++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHi= erarchyLib.c @@ -0,0 +1,266 @@ +/** @file + TPM Platform Hierarchy configuration library. + + This library provides functions for customizing the TPM's Platform Hie= rarchy + Authorization Value (platformAuth) and Platform Hierarchy Authorization + Policy (platformPolicy) can be defined through this function. + + Copyright (c) 2019, Intel Corporation. All rights reserved.
+ Copyright (c) Microsoft Corporation.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Specification Reference: + https://trustedcomputinggroup.org/resource/tcg-tpm-v2-0-provisioning-g= uidance/ +**/ + +#include + +#include +#include +#include +#include +#include +#include +#include + +// +// The authorization value may be no larger than the digest produced by th= e hash +// algorithm used for context integrity. +// +#define MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE + +UINT16 mAuthSize; + +/** + Generate high-quality entropy source through RDRAND. + + @param[in] Length Size of the buffer, in bytes, to fill with. + @param[out] Entropy Pointer to the buffer to store the entropy da= ta. + + @retval EFI_SUCCESS Entropy generation succeeded. + @retval EFI_NOT_READY Failed to request random data. + +**/ +EFI_STATUS +EFIAPI +RdRandGenerateEntropy ( + IN UINTN Length, + OUT UINT8 *Entropy + ) +{ + EFI_STATUS Status; + UINTN BlockCount; + UINT64 Seed[2]; + UINT8 *Ptr; + + Status =3D EFI_NOT_READY; + BlockCount =3D Length / 64; + Ptr =3D (UINT8 *)Entropy; + + // + // Generate high-quality seed for DRBG Entropy + // + while (BlockCount > 0) { + Status =3D GetRandomNumber128 (Seed); + if (EFI_ERROR (Status)) { + return Status; + } + CopyMem (Ptr, Seed, 64); + + BlockCount--; + Ptr =3D Ptr + 64; + } + + // + // Populate the remained data as request. + // + Status =3D GetRandomNumber128 (Seed); + if (EFI_ERROR (Status)) { + return Status; + } + CopyMem (Ptr, Seed, (Length % 64)); + + return Status; +} + +/** + This function returns the maximum size of TPM2B_AUTH; this structure is = used for an authorization value + and limits an authValue to being no larger than the largest digest produ= ced by a TPM. + + @param[out] AuthSize Tpm2 Auth size + + @retval EFI_SUCCESS Auth size returned. + @retval EFI_DEVICE_ERROR Can not return platform auth due to= device error. + +**/ +EFI_STATUS +EFIAPI +GetAuthSize ( + OUT UINT16 *AuthSize + ) +{ + EFI_STATUS Status; + TPML_PCR_SELECTION Pcrs; + UINTN Index; + UINT16 DigestSize; + + Status =3D EFI_SUCCESS; + + while (mAuthSize =3D=3D 0) { + + mAuthSize =3D SHA1_DIGEST_SIZE; + ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION)); + Status =3D Tpm2GetCapabilityPcrs (&Pcrs); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs fail!\n")); + break; + } + + DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - %08x\n", Pcrs.count)); + + for (Index =3D 0; Index < Pcrs.count; Index++) { + DEBUG ((DEBUG_ERROR, "alg - %x\n", Pcrs.pcrSelections[Index].hash)); + + switch (Pcrs.pcrSelections[Index].hash) { + case TPM_ALG_SHA1: + DigestSize =3D SHA1_DIGEST_SIZE; + break; + case TPM_ALG_SHA256: + DigestSize =3D SHA256_DIGEST_SIZE; + break; + case TPM_ALG_SHA384: + DigestSize =3D SHA384_DIGEST_SIZE; + break; + case TPM_ALG_SHA512: + DigestSize =3D SHA512_DIGEST_SIZE; + break; + case TPM_ALG_SM3_256: + DigestSize =3D SM3_256_DIGEST_SIZE; + break; + default: + DigestSize =3D SHA1_DIGEST_SIZE; + break; + } + + if (DigestSize > mAuthSize) { + mAuthSize =3D DigestSize; + } + } + break; + } + + *AuthSize =3D mAuthSize; + return Status; +} + +/** + Set PlatformAuth to random value. +**/ +VOID +RandomizePlatformAuth ( + VOID + ) +{ + EFI_STATUS Status; + UINT16 AuthSize; + UINT8 *Rand; + UINTN RandSize; + TPM2B_AUTH NewPlatformAuth; + + // + // Send Tpm2HierarchyChange Auth with random value to avoid PlatformAuth= being null + // + + GetAuthSize (&AuthSize); + + ZeroMem (NewPlatformAuth.buffer, AuthSize); + NewPlatformAuth.size =3D AuthSize; + + // + // Allocate one buffer to store random data. + // + RandSize =3D MAX_NEW_AUTHORIZATION_SIZE; + Rand =3D AllocatePool (RandSize); + + RdRandGenerateEntropy (RandSize, Rand); + CopyMem (NewPlatformAuth.buffer, Rand, AuthSize); + + FreePool (Rand); + + // + // Send Tpm2HierarchyChangeAuth command with the new Auth value + // + Status =3D Tpm2HierarchyChangeAuth (TPM_RH_PLATFORM, NULL, &NewPlatformA= uth); + DEBUG ((DEBUG_INFO, "Tpm2HierarchyChangeAuth Result: - %r\n", Status)); + ZeroMem (NewPlatformAuth.buffer, AuthSize); + ZeroMem (Rand, RandSize); +} + +/** + Disable the TPM platform hierarchy. + + @retval EFI_SUCCESS The TPM was disabled successfully. + @retval Others An error occurred attempting to disable the = TPM platform hierarchy. + +**/ +EFI_STATUS +DisableTpmPlatformHierarchy ( + VOID + ) +{ + EFI_STATUS Status; + + // Make sure that we have use of the TPM. + Status =3D Tpm2RequestUseTpm (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a:%a() - Tpm2RequestUseTpm Failed! %r\n", gEfiC= allerBaseName, __FUNCTION__, Status)); + ASSERT_EFI_ERROR (Status); + return Status; + } + + // Let's do what we can to shut down the hierarchies. + + // Disable the PH NV. + // IMPORTANT NOTE: We *should* be able to disable the PH NV here, but TP= M parts have + // been known to store the EK cert in the PH NV. If we d= isable it, the + // EK cert will be unreadable. + + // Disable the PH. + Status =3D Tpm2HierarchyControl ( + TPM_RH_PLATFORM, // AuthHandle + NULL, // AuthSession + TPM_RH_PLATFORM, // Hierarchy + NO // State + ); + DEBUG ((DEBUG_VERBOSE, "%a:%a() - Disable PH =3D %r\n", gEfiCallerBaseN= ame, __FUNCTION__, Status)); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a:%a() - Disable PH Failed! %r\n", gEfiCallerB= aseName, __FUNCTION__, Status)); + ASSERT_EFI_ERROR (Status); + } + + return Status; +} + +/** + This service defines the configuration of the Platform Hierarchy Author= ization Value (platformAuth) + and Platform Hierarchy Authorization Policy (platformPolicy) + +**/ +VOID +EFIAPI +ConfigureTpmPlatformHierarchy ( + ) +{ + if (PcdGetBool (PcdRandomizePlatformHierarchy)) { + // + // Send Tpm2HierarchyChange Auth with random value to avoid PlatformAu= th being null + // + RandomizePlatformAuth (); + } else { + // + // Disable the hierarchy entirely (do not randomize it) + // + DisableTpmPlatformHierarchy (); + } +} diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPla= tformHierarchyLib.inf b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/P= eiDxeTpmPlatformHierarchyLib.inf new file mode 100644 index 0000000000..b7a7fb0a08 --- /dev/null +++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHi= erarchyLib.inf @@ -0,0 +1,45 @@ +### @file +# +# TPM Platform Hierarchy configuration library. +# +# This library provides functions for customizing the TPM's Platform Hie= rarchy +# Authorization Value (platformAuth) and Platform Hierarchy Authorization +# Policy (platformPolicy) can be defined through this function. +# +# Copyright (c) 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +### + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D PeiDxeTpmPlatformHierarchyLib + FILE_GUID =3D 7794F92C-4E8E-4E57-9E4A-49A0764C7D73 + MODULE_TYPE =3D PEIM + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D TpmPlatformHierarchyLib|PEIM DXE_DRIV= ER + +[LibraryClasses] + BaseLib + BaseMemoryLib + DebugLib + MemoryAllocationLib + PcdLib + RngLib + Tpm2CommandLib + Tpm2DeviceLib + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + MinPlatformPkg/MinPlatformPkg.dec + +[Sources] + PeiDxeTpmPlatformHierarchyLib.c + +[Pcd] + gMinPlatformPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80455): https://edk2.groups.io/g/devel/message/80455 Mute This Topic: https://groups.io/mt/85498427/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80452+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80452+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231228; cv=none; d=zohomail.com; s=zohoarc; b=KR8MNzbgtmOhf0TjDr87sauD3FQgVIMMnlNaQF0FWsYdzbTd0h34F6G+0Yn83baG85Dyw5oMGgRkbPz+0PDxGcKVl4yG8bExAveAiVetyJdumwsZ/+HMDi+MDqTiPmgPrTj7svujCicdoOuOwl7VLwtHvcf8s7J1Aek/rjzBqgM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231228; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=hsDQKJaCcgEPiwbSNYG3y7xmDiursowbEb/0zC4yUAo=; b=V7VSxJqU07JiZyxE3POIDK8Ayia1vkJptiJngm+I3CT9QAnz15GM6tc5vkH1+A9Cgo2ypqG5KpIh50q3HpHbbm+D3y3o9EfWWRHzlvgohYOuBn2bZdfmEBjxXfb0vW0wZNEAVhDdx5jG9SX1s98MDQJHv3pdVYPtvvgX7AcTSLs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80452+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631231228740316.85959304873916; Thu, 9 Sep 2021 16:47:08 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id quD8YY1788612xAvD9iwCpXZ; Thu, 09 Sep 2021 16:47:08 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web10.2510.1631208942583406277 for ; Thu, 09 Sep 2021 10:35:42 -0700 X-Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HXlUW190262; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3ayn4xakt3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HYnv7195873; Thu, 9 Sep 2021 13:35:41 -0400 X-Received: from ppma01wdc.us.ibm.com (fd.55.37a9.ip4.static.sl-reverse.com [169.55.85.253]) by mx0a-001b2d01.pphosted.com with ESMTP id 3ayn4xaksr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:41 -0400 X-Received: from pps.filterd (ppma01wdc.us.ibm.com [127.0.0.1]) by ppma01wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HM6q9025593; Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma01wdc.us.ibm.com with ESMTP id 3axcnp2vqk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:40 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZdLn38273292 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:39 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AE558AC064; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 911F4AC069; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 2/9] SecurityPkg/TPM: Fix bugs in imported PeiDxeTpmPlatformHierarchyLib Date: Thu, 9 Sep 2021 13:35:31 -0400 Message-Id: <20210909173538.2380673-3-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: j5d4XVxmYY2MnbTDM4u53uNIrMG9egz7 X-Proofpoint-GUID: uaCvfvToNZbNYA2lHYV2W6Ooy29CqSl_ Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: ahO54H1MWOjla2kSUfTIdnFNx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231228; bh=T6EPMRgBmYqRuhwy+UNCxVEoOKINZZwynuKyJTDCWSA=; h=Cc:Date:From:Reply-To:Subject:To; b=xKjaSLOMUrgDL5Z14hh6I2PoY5CFGM8n50vhLaYIq1ooDqFtS7VRNg33h6wILGhTFkg HpdFbX4cLdgmJMD66LvnwygTamRp2cHN49qJZFPc0HN698jqhdcIq7WgCadNgQUP68TZ1 Wv+dYN8ntorcgkIGcUI5Zay8n1M1PVQFllE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231230756100002 Content-Type: text/plain; charset="utf-8" Fix some bugs in the original PeiDxeTpmPlatformHierarchyLib.c. Signed-off-by: Stefan Berger --- .../PeiDxeTpmPlatformHierarchyLib.c | 23 +++++-------------- 1 file changed, 6 insertions(+), 17 deletions(-) diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPla= tformHierarchyLib.c b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/Pei= DxeTpmPlatformHierarchyLib.c index 9812ab99ab..d82a0ae1bd 100644 --- a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHi= erarchyLib.c +++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHi= erarchyLib.c @@ -18,7 +18,6 @@ #include #include #include -#include #include #include #include @@ -27,7 +26,6 @@ // The authorization value may be no larger than the digest produced by th= e hash // algorithm used for context integrity. // -#define MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE =20 UINT16 mAuthSize; =20 @@ -54,7 +52,7 @@ RdRandGenerateEntropy ( UINT8 *Ptr; =20 Status =3D EFI_NOT_READY; - BlockCount =3D Length / 64; + BlockCount =3D Length / sizeof(Seed); Ptr =3D (UINT8 *)Entropy; =20 // @@ -65,10 +63,10 @@ RdRandGenerateEntropy ( if (EFI_ERROR (Status)) { return Status; } - CopyMem (Ptr, Seed, 64); + CopyMem (Ptr, Seed, sizeof(Seed)); =20 BlockCount--; - Ptr =3D Ptr + 64; + Ptr =3D Ptr + sizeof(Seed); } =20 // @@ -78,7 +76,7 @@ RdRandGenerateEntropy ( if (EFI_ERROR (Status)) { return Status; } - CopyMem (Ptr, Seed, (Length % 64)); + CopyMem (Ptr, Seed, (Length % sizeof(Seed))); =20 return Status; } @@ -164,8 +162,6 @@ RandomizePlatformAuth ( { EFI_STATUS Status; UINT16 AuthSize; - UINT8 *Rand; - UINTN RandSize; TPM2B_AUTH NewPlatformAuth; =20 // @@ -174,19 +170,13 @@ RandomizePlatformAuth ( =20 GetAuthSize (&AuthSize); =20 - ZeroMem (NewPlatformAuth.buffer, AuthSize); NewPlatformAuth.size =3D AuthSize; =20 // - // Allocate one buffer to store random data. + // Create the random bytes in the destination buffer // - RandSize =3D MAX_NEW_AUTHORIZATION_SIZE; - Rand =3D AllocatePool (RandSize); - - RdRandGenerateEntropy (RandSize, Rand); - CopyMem (NewPlatformAuth.buffer, Rand, AuthSize); =20 - FreePool (Rand); + RdRandGenerateEntropy (NewPlatformAuth.size, NewPlatformAuth.buffer); =20 // // Send Tpm2HierarchyChangeAuth command with the new Auth value @@ -194,7 +184,6 @@ RandomizePlatformAuth ( Status =3D Tpm2HierarchyChangeAuth (TPM_RH_PLATFORM, NULL, &NewPlatformA= uth); DEBUG ((DEBUG_INFO, "Tpm2HierarchyChangeAuth Result: - %r\n", Status)); ZeroMem (NewPlatformAuth.buffer, AuthSize); - ZeroMem (Rand, RandSize); } =20 /** --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80452): https://edk2.groups.io/g/devel/message/80452 Mute This Topic: https://groups.io/mt/85498424/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80460+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80460+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231250; cv=none; d=zohomail.com; s=zohoarc; b=gKHSAqzKkc4ZpAb5SVVgyGd1tGMBxFZWb+sCih0ZpVI2adRWW4Q+BTd3DSV1sdT+I00kTRRR1KE/XUCsrntnf/TwTqhiZ8d8D8tJrS0/CKy7x9od/W+HMPRaIX66I7dhpjsrrl3e88CIl8UnLalho0v/++Skty+IRowDqsBRc/8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231250; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=mAsAnR68tNaa1rFEVTsmpRogHqwlluXilLcL766HDqw=; b=dryp5lug/CZ7rOuQ3oNAOXS2FmhSU/dXWBJxdl1M2J6nEFqVlW1c9J24rBuCK8l++lhHmcZDSdfkEF1bv00Dcp3FUtZf1xkRW5ysmw81q6GgEnS9oxADD49N45RePsQtxisL/ExyOw9iN12D/W2eXNPIc4JKD/1TD8HneIu/Y00= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80460+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631231250169965.1975644770961; Thu, 9 Sep 2021 16:47:30 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id SbJlYY1788612xXMKuvKBPWU; Thu, 09 Sep 2021 16:47:29 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web11.2556.1631208943105387542 for ; Thu, 09 Sep 2021 10:35:43 -0700 X-Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HXmnD125061; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 3ayndpt0jq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from m0098414.ppops.net (m0098414.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HYsqr129080; Thu, 9 Sep 2021 13:35:41 -0400 X-Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122]) by mx0b-001b2d01.pphosted.com with ESMTP id 3ayndpt0je-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:41 -0400 X-Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1]) by ppma04dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HMAxY026995; Thu, 9 Sep 2021 17:35:41 GMT X-Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma04dal.us.ibm.com with ESMTP id 3axcnk71v8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:41 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZd9338076874 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CD3C0AC06B; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AEA7BAC065; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 3/9] SecrutiyPkg/Tcg: Import Tcg2PlatformDxe from edk2-platforms Date: Thu, 9 Sep 2021 13:35:32 -0400 Message-Id: <20210909173538.2380673-4-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: or2FaSCgQ-YWLC6TlH3GPycFYwCNoN0o X-Proofpoint-GUID: m4PV97BdOOYyxmy5DNUZJlkj2R4GUfxc Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: j4ohxVdIvYRVyG1dSX50dQLex1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231249; bh=R1nPfLc+gm0v8g0ndtGTfl7CG0B+hfAbGuvlYl8Ayn8=; h=Cc:Date:From:Reply-To:Subject:To; b=WZeR6AERiB5ll/4uTNkjWIX42FWqGqZLgFW38uh+VnHjjI+s/tyqgZdi08PBmaGVgvw bbcgyKTDqptjll5r3PHqeRbDoVr3cDG4Nb8DV93sg0YDSVZLoblZrc2YMsspf8m9uw0fu g+8qcQWOwlgYVCczUS6TkgaVIGygnjDEMUk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231251686100011 Content-Type: text/plain; charset="utf-8" Import Tcg2PlatformDxe from edk2-platforms without any modifications. Signed-off-by: Stefan Berger --- .../Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c | 85 +++++++++++++++++++ .../Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf | 44 ++++++++++ 2 files changed, 129 insertions(+) create mode 100644 SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c create mode 100644 SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf diff --git a/SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c b/SecurityPk= g/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c new file mode 100644 index 0000000000..150cf748ff --- /dev/null +++ b/SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c @@ -0,0 +1,85 @@ +/** @file + Platform specific TPM2 component for configuring the Platform Hierarchy. + + Copyright (c) 2017 - 2019, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include +#include + +/** + This callback function will run at the SmmReadyToLock event. + + Configuration of the TPM's Platform Hierarchy Authorization Value (plat= formAuth) + and Platform Hierarchy Authorization Policy (platformPolicy) can be def= ined through this function. + + @param Event Pointer to this event + @param Context Event hanlder private data + **/ +VOID +EFIAPI +SmmReadyToLockEventCallBack ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EFI_STATUS Status; + VOID *Interface; + + // + // Try to locate it because EfiCreateProtocolNotifyEvent will trigger it= once when registration. + // Just return if it is not found. + // + Status =3D gBS->LocateProtocol ( + &gEfiDxeSmmReadyToLockProtocolGuid, + NULL, + &Interface + ); + if (EFI_ERROR (Status)) { + return ; + } + + ConfigureTpmPlatformHierarchy (); + + gBS->CloseEvent (Event); +} + +/** + The driver's entry point. Will register a function for callback during = SmmReadyToLock event to + configure the TPM's platform authorization. + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The entry point is executed successfully. + @retval other Some error occurs when executing this entry poi= nt. +**/ +EFI_STATUS +EFIAPI +Tcg2PlatformDxeEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + VOID *Registration; + EFI_EVENT Event; + + Event =3D EfiCreateProtocolNotifyEvent ( + &gEfiDxeSmmReadyToLockProtocolGuid, + TPL_CALLBACK, + SmmReadyToLockEventCallBack, + NULL, + &Registration + ); + + ASSERT (Event !=3D NULL); + + return EFI_SUCCESS; +} diff --git a/SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf b/Security= Pkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf new file mode 100644 index 0000000000..af29c1cd98 --- /dev/null +++ b/SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf @@ -0,0 +1,44 @@ +### @file +# Platform specific TPM2 component. +# +# Copyright (c) 2017 - 2019, Intel Corporation. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +### + +[Defines] + INF_VERSION =3D 0x00010017 + BASE_NAME =3D Tcg2PlatformDxe + FILE_GUID =3D 5CAB08D5-AD8F-4d8b-B828-D17A8D9FE977 + VERSION_STRING =3D 1.0 + MODULE_TYPE =3D DXE_DRIVER + ENTRY_POINT =3D Tcg2PlatformDxeEntryPoint +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 IPF +# + +[LibraryClasses] + BaseLib + UefiBootServicesTableLib + UefiDriverEntryPoint + DebugLib + UefiLib + TpmPlatformHierarchyLib + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + MinPlatformPkg/MinPlatformPkg.dec + SecurityPkg/SecurityPkg.dec + +[Sources] + Tcg2PlatformDxe.c + +[Protocols] + gEfiDxeSmmReadyToLockProtocolGuid ## SOMETIMES_CONSUMES ## N= OTIFY + +[Depex] + gEfiTcg2ProtocolGuid --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80460): https://edk2.groups.io/g/devel/message/80460 Mute This Topic: https://groups.io/mt/85498439/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80457+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80457+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231230; cv=none; d=zohomail.com; s=zohoarc; b=LlCe6+F0iFaNRMl+VBgVMh4GSlC7ljL2PqYhgJN4NECnqiHzjFUR4JGpVy3EQFpyENeVScfcousdwc8EfM2rr+Uk4EUDk2LNX1dtRsFxbcQZew/rb3bj0CZOYfeiu86yFx0Uz0nN3/XnYBxGLzvozxgxkKid01eYB4tIMlszOnU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231230; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=6WAx1Wrsdd599kzRm6c+PBueKOjOuhOU+gTysUtoWhY=; b=cRQgiSlHRzQ7itqH6B+yvbTYi6TdKC5+apv20KddsFkuO7bv9U8wAvEgZ39Su6/7aIsmSQEL2eizsx1aXqy3TCzsCiRaXycRxXKHWazc0U65NgplJFo3l3KfKKes3DgMtfGmJVPh6mroM+wbP1uOuwtt6u5Ka4hYq6muZv4lk6M= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80457+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631231230609640.9140582956907; Thu, 9 Sep 2021 16:47:10 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id WTsmYY1788612xKDIq651e4u; Thu, 09 Sep 2021 16:47:10 -0700 X-Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web10.2511.1631208942931852556 for ; Thu, 09 Sep 2021 10:35:43 -0700 X-Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HYShU049126; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3ayjreph1h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:41 -0400 X-Received: from m0127361.ppops.net (m0127361.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HYT7S049182; Thu, 9 Sep 2021 13:35:41 -0400 X-Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0a-001b2d01.pphosted.com with ESMTP id 3ayjreph18-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:41 -0400 X-Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HNQ5H003417; Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma05wdc.us.ibm.com with ESMTP id 3axcnpjxg8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:40 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZe0229622608 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E6E0DAC065; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CE383AC06C; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 4/9] SecurityPkg/Tcg: Make Tcg2PlatformDxe buildable Date: Thu, 9 Sep 2021 13:35:33 -0400 Message-Id: <20210909173538.2380673-5-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: tvUVUMYXEOHZsI-6WddTZoRPKSVINHKB X-Proofpoint-GUID: bVHtwZOixc0KTnLyBiVLVY5TCH5rfNN- Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: gB8XJ021OMuRdR3GIqBAQpC3x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231230; bh=I2ONPr3/AUPRQ3Qu7WMvW/5Ir7HqeK7ka+hVWNf+x5k=; h=Cc:Date:From:Reply-To:Subject:To; b=eMzfElxkdnZhJamakyIY6ug95YxtlRBCpeJWVOn5RUtSAMKPsgi+HUo/FqdpNMdXReJ 8Ng49r/XJnOkkBfw8ctB+lTsreH/5gQjtlzuT38yaqkS55YHCu4uS6WVW0OvQK6434zOO tOwqa99fv5a9T7Vdd5ogaY9B8ZedoNxkb1w= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231232712100017 Content-Type: text/plain; charset="utf-8" Signed-off-by: Stefan Berger --- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf | 1 - 1 file changed, 1 deletion(-) diff --git a/SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf b/Security= Pkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf index af29c1cd98..76c11f36f6 100644 --- a/SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf +++ b/SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf @@ -31,7 +31,6 @@ [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec - MinPlatformPkg/MinPlatformPkg.dec SecurityPkg/SecurityPkg.dec =20 [Sources] --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80457): https://edk2.groups.io/g/devel/message/80457 Mute This Topic: https://groups.io/mt/85498429/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80456+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80456+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231233; cv=none; d=zohomail.com; s=zohoarc; b=O/KyoyyQjpeoKOUJGTJeTblpBb/O8PaJet0OLngahU1Z6TiY8GQRA5MUNDkL3uqjBqSR2G2qyP99nDv/B4hxMfgG9fb02F6ZgNw9anFtHpNXW9wZqa+CZhTkTkDXW+aE9EqflGcCp5gTC/u8cT19hY5tJ6vgYAEtedRcYvaJRsQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231233; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=k21SrjYj+wEqzJx0/hf56Y69BX1yuPkaoOqBpzyh56E=; b=FRnbuysa0dphd6kipxCrcfgvxZg58X53Gy9szQjg9jTDeOG9dd9kAXE8A8OhrLR3j+7JCF/1J3CeHHJIipXgJqIiWXNX+eiBSi1FPyFAhWd2ZaSJsntk2HtyE9eyGyQyU+NcddqKoxgHYUbzbg+SGW6HPKwWrX1zB9VT5drMdH4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80456+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631231233959314.2113518539355; Thu, 9 Sep 2021 16:47:13 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id BLxBYY1788612xcxcgwyJB6b; Thu, 09 Sep 2021 16:47:13 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web08.2482.1631208943042458113 for ; Thu, 09 Sep 2021 10:35:43 -0700 X-Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HYYtX103587; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aypq6859c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from m0098410.ppops.net (m0098410.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HYluq104346; Thu, 9 Sep 2021 13:35:41 -0400 X-Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aypq68590-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:41 -0400 X-Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1]) by ppma04dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HM9La026940; Thu, 9 Sep 2021 17:35:41 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma04dal.us.ibm.com with ESMTP id 3axcnk71v7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:40 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZeZw39715318 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0ABE3AC062; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E7162AC067; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:39 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 5/9] SecurityPkg: Introduce new PCD PcdRandomizePlatformHierarchy Date: Thu, 9 Sep 2021 13:35:34 -0400 Message-Id: <20210909173538.2380673-6-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: ON7riQORgZxcUyvxuTc28AmZXgaDFFAD X-Proofpoint-ORIG-GUID: M-VVMlmUg3ZCJYvQhdqQ4TyoS8KQs1me Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: qpp8yZcuGuSxQL3QMrauncvCx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231233; bh=TbURhfLttIbjRzjinrVs5yYCFVRr6yHTAr3jSFNaz68=; h=Cc:Date:From:Reply-To:Subject:To; b=AEE/TuzLHl8rdpZOzTfZbxcj4cewLIA+jwCXOqalF/GZ2unB6kxJusFyYIfy1Mw5znq qZ8FU/OyG9AzuioERxpsRJQb0HsmfbEfj2gXWVTnjthft+k4Qcvothq6TWuVQWmS6WBQS v6/mNclt3eLYC71/tarYerBqqsvvoZ6QSmE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231234932100001 Content-Type: text/plain; charset="utf-8" Introduce the new PCD gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy. We need it for TpmPlatformHierarchyLib. Signed-off-by: Stefan Berger --- .../PeiDxeTpmPlatformHierarchyLib.inf | 3 +-- SecurityPkg/SecurityPkg.dec | 6 ++++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPla= tformHierarchyLib.inf b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/P= eiDxeTpmPlatformHierarchyLib.inf index b7a7fb0a08..1161d6fa1f 100644 --- a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHi= erarchyLib.inf +++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHi= erarchyLib.inf @@ -36,10 +36,9 @@ MdeModulePkg/MdeModulePkg.dec SecurityPkg/SecurityPkg.dec CryptoPkg/CryptoPkg.dec - MinPlatformPkg/MinPlatformPkg.dec =20 [Sources] PeiDxeTpmPlatformHierarchyLib.c =20 [Pcd] - gMinPlatformPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy + gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index d5ace6f654..2cb5bfa0ac 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -342,6 +342,12 @@ # @Prompt Physical presence of the platform operator. gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x0001= 0001 =20 + ## Indicates whether the TPM2 platform hierarchy will be disabled by usi= ng + # a random password or by disabling the hierarchy + # TRUE - A random password will be used + # FALSE - The hierarchy will be disabled + gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy|TRUE|BOOLEAN= |0x00010024 + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## Indicates whether TPM physical presence is locked during platform ini= tialization. # Once it is locked, it can not be unlocked for TPM life time.

--=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80456): https://edk2.groups.io/g/devel/message/80456 Mute This Topic: https://groups.io/mt/85498428/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80459+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80459+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231249; cv=none; d=zohomail.com; s=zohoarc; b=E3SkJaCdKu8q/MY/PoElh92B1UyTDvEhszgi6l2Dsinps2/JHRPlpr3cKp5HlWS+P6whOxahtYEKmCv0o86F1+UcxFgev4H9v1IDxM3pSbSzy3o3spem7DTcPtB0b6Y01/gmGXkVP7VlCHqWDLrHrUWOzSISBOkS0D4ugxyV5R0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231249; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=7nFeTv7hI5Rss/MAnws8LKSrbJwVeaYXGnmHF0HNWkI=; b=Htl36v1bmOY+0bxb4HJId1TJbHx1slwIoVlDZfWdrT6fWE+sKXWCD9/JUVpkpAqV6W//A09bN8aTb87yn4bpq5UiQPLkSuMGTqzIC2Bb4Y6p4kx35Os8tqB+/H1Qst7K8sU9YcPZRC7DZozR4VR3a++1JPs2Yv4byEXc3LM2Ys8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80459+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631231249292407.4734111091117; Thu, 9 Sep 2021 16:47:29 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 0aWkYY1788612xcu8SxVogZ0; Thu, 09 Sep 2021 16:47:29 -0700 X-Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web11.2555.1631208943007306142 for ; Thu, 09 Sep 2021 10:35:43 -0700 X-Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HYRur049099; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3ayjreph1n-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from m0127361.ppops.net (m0127361.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HYq2P050629; Thu, 9 Sep 2021 13:35:41 -0400 X-Received: from ppma04wdc.us.ibm.com (1a.90.2fa9.ip4.static.sl-reverse.com [169.47.144.26]) by mx0a-001b2d01.pphosted.com with ESMTP id 3ayjreph1a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:41 -0400 X-Received: from pps.filterd (ppma04wdc.us.ibm.com [127.0.0.1]) by ppma04wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HNRZT004529; Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma04wdc.us.ibm.com with ESMTP id 3axcnraw0d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:40 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZemx39715320 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 23E72AC067; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0B453AC068; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 6/9] OvmfPkg: Reference new Tcg2PlatformDxe in the build system for compilation Date: Thu, 9 Sep 2021 13:35:35 -0400 Message-Id: <20210909173538.2380673-7-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: spbHkMHgTvRaQ4ba1-MWAeGLW5MwixYC X-Proofpoint-GUID: zjrWxY1nfdXJ5jKr6oLXfaiOZc8YwITE Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: zJ3gvtESHaF6XWG8Q1C4f998x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231249; bh=vuAdah0pPXvrNzEyx9hUkLsP9iK/1PK9EVyHjJnc3YY=; h=Cc:Date:From:Reply-To:Subject:To; b=UDN/W56cqEREw0Pt6Aa1TbJhZp8YL6zaqvpueG768KbyDyvvNAltAdBGgXNXgU7XCaC 600UCxHO06zeuH30MoaGbUe6WqvHsj2a4JGZ62sti/5tBSmRsc/X5SYTF3MpSaJX2sROF lp2ynEplNk7TsP4LnpLcNrehxxQTZl7LULY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231249777100004 Content-Type: text/plain; charset="utf-8" Compile the Tcg2PlatformDxe related code now. Signed-off-by: Stefan Berger --- OvmfPkg/AmdSev/AmdSevX64.dsc | 4 ++++ OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + OvmfPkg/OvmfPkgIa32.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32.fdf | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.dsc | 4 ++++ OvmfPkg/OvmfPkgX64.fdf | 1 + 8 files changed, 20 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index e6cd10b759..3079f4b503 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -851,4 +851,8 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 0a89749700..a9f675303f 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -313,6 +313,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/Variabl= eRuntimeDxe.inf !if $(TPM_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf !if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index d1d92c97ba..923a012f0c 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -1034,6 +1034,10 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 !if $(LOAD_X64_ON_IA32_ENABLE) =3D=3D TRUE diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 04b41445ca..bb3b53626e 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -363,6 +363,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/Variabl= eRuntimeDxe.inf !if $(TPM_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf !if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index a467ab7090..b907b36973 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -1049,4 +1049,8 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 02fd8f0c41..030638ae78 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -370,6 +370,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/Variabl= eRuntimeDxe.inf !if $(TPM_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf !if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index e56b83d95e..8aca437a9b 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -1047,4 +1047,8 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 23936242e7..888363ff9d 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -389,6 +389,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/Variabl= eRuntimeDxe.inf !if $(TPM_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf !if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80459): https://edk2.groups.io/g/devel/message/80459 Mute This Topic: https://groups.io/mt/85498438/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80454+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80454+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231229; cv=none; d=zohomail.com; s=zohoarc; b=HOMegAJsNqrQZRU/e9yTdCGQwJ/Ydcl6iXduN+cOU43MdA1YCG+fBpdBNX/JdhVQfiye8dekt0x+1Zu8tlm9D1vdy1qjibCOCZnLTUfCMYrw9zjkiCVXQiL8FzyPEYDdBdQk3/Yxge8o4ZNbxb0+buz6bIKfGSJFkpUvqXcqtus= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231229; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=9SwFHn8/cIGUfcsEONK7RCjkT5ZhbBc9PmjO3+uJdjw=; b=ctBssXqEML2MWtznDnEb5hBocGdRPFb3kMl1vNbO2BAwjNGfxMUq5YYqfW/088QyQPXkH/FOxGNFiorlpwcp10mHQzqQk256W1UXtwqITr7+ZOHWWhoLoZ1NIS/qquLuqTtiU1DTUmtMMt37gy/8W1ikAmvdJ2aEi/v/itVzlJg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80454+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631231229761198.7107473126831; Thu, 9 Sep 2021 16:47:09 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id S4pPYY1788612xfsgZPcIG1f; Thu, 09 Sep 2021 16:47:09 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web09.2434.1631208943042158418 for ; Thu, 09 Sep 2021 10:35:43 -0700 X-Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HWkiY038190; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aymu9u39q-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from m0098404.ppops.net (m0098404.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HZYqE054266; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aymu9u39c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HMCjg028475; Thu, 9 Sep 2021 17:35:41 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma01dal.us.ibm.com with ESMTP id 3axcnrf31a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:41 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZewN39518676 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 33829AC062; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2465DAC06A; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 7/9] SecurityPkg/Tcg: Import Tcg2PlatformPei from edk2-platforms Date: Thu, 9 Sep 2021 13:35:36 -0400 Message-Id: <20210909173538.2380673-8-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: Wj0YwmpA32Ty-xSTfeH7F3gz7t2Kw69X X-Proofpoint-GUID: fCRlFsWBsoE_VtK2llHOlJ6GoUFZYApv Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: M6ZWeNnTvjIBc77JWseAMEK5x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231229; bh=E0XeZY9nny4UtafPKrS3tyvvGR/7gRQwrjePSisEp0k=; h=Cc:Date:From:Reply-To:Subject:To; b=JUba+lzKmfHn2JdeVrhZkXkiMwPAynsmEkIH5j7E/oUZqs9JgYPgcOnyClfh92OnGb5 TEwmnZEm3CMok19I0hqWtbZxywnNm6irBJsxsj4o6p3mRkKmAsbDY7HNhCo9LYxKKO+gq FWJXFbtH984LePA3fSgeHen7jPxk4xYys9I= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231230772100005 Content-Type: text/plain; charset="utf-8" Import Tcg2PlatformPei from edk2-platforms without any modifications. Signed-off-by: Stefan Berger --- .../Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c | 107 ++++++++++++++++++ .../Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf | 52 +++++++++ 2 files changed, 159 insertions(+) create mode 100644 SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c create mode 100644 SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf diff --git a/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c b/SecurityPk= g/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c new file mode 100644 index 0000000000..66ec75ad0e --- /dev/null +++ b/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c @@ -0,0 +1,107 @@ +/** @file + +Copyright (c) 2017, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#define MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE + +/** + This function handles PlatformInit task at the end of PEI + + @param[in] PeiServices Pointer to PEI Services Table. + @param[in] NotifyDesc Pointer to the descriptor for the Notification = event that + caused this function to execute. + @param[in] Ppi Pointer to the PPI data associated with this fu= nction. + + @retval EFI_SUCCESS The function completes successfully + @retval others +**/ +EFI_STATUS +EFIAPI +PlatformInitEndOfPei ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor, + IN VOID *Ppi + ) +{ + VOID *TcgEventLog; + + // + // Try to get TcgEventLog in S3 to see if S3 error is reported. + // + TcgEventLog =3D GetFirstGuidHob(&gTcgEventEntryHobGuid); + if (TcgEventLog =3D=3D NULL) { + TcgEventLog =3D GetFirstGuidHob(&gTcgEvent2EntryHobGuid); + } + + if (TcgEventLog =3D=3D NULL) { + // + // no S3 error reported + // + return EFI_SUCCESS; + } + + // + // If there is S3 error on TPM_SU_STATE and success on TPM_SU_CLEAR, + // configure the TPM Platform Hierarchy. + // + ConfigureTpmPlatformHierarchy (); + + return EFI_SUCCESS; +} + +static EFI_PEI_NOTIFY_DESCRIPTOR mEndOfPeiNotifyList =3D { + (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINA= TE_LIST), + &gEfiEndOfPeiSignalPpiGuid, + (EFI_PEIM_NOTIFY_ENTRY_POINT)PlatformInitEndOfPei +}; + +/** + Main entry + + @param[in] FileHandle Handle of the file being invoked. + @param[in] PeiServices Pointer to PEI Services table. + + @retval EFI_SUCCESS Install function successfully. + +**/ +EFI_STATUS +EFIAPI +Tcg2PlatformPeiEntryPoint ( + IN EFI_PEI_FILE_HANDLE FileHandle, + IN CONST EFI_PEI_SERVICES **PeiServices + ) +{ + EFI_STATUS Status; + EFI_BOOT_MODE BootMode; + + Status =3D PeiServicesGetBootMode (&BootMode); + ASSERT_EFI_ERROR(Status); + + if (BootMode !=3D BOOT_ON_S3_RESUME) { + return EFI_SUCCESS; + } + + // + // Performing PlatformInitEndOfPei after EndOfPei PPI produced + // + Status =3D PeiServicesNotifyPpi (&mEndOfPeiNotifyList); + + return Status; +} diff --git a/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf b/Security= Pkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf new file mode 100644 index 0000000000..579f09b940 --- /dev/null +++ b/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf @@ -0,0 +1,52 @@ +### @file +# +# Copyright (c) 2017, Intel Corporation. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +### + +[Defines] + INF_VERSION =3D 0x00010017 + BASE_NAME =3D Tcg2PlatformPei + FILE_GUID =3D 47727552-A54B-4A84-8CC1-BFF23E239636 + VERSION_STRING =3D 1.0 + MODULE_TYPE =3D PEIM + ENTRY_POINT =3D Tcg2PlatformPeiEntryPoint + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 IPF EBC +# + +[LibraryClasses] + PcdLib + BaseMemoryLib + MemoryAllocationLib + PeiServicesLib + PeimEntryPoint + DebugLib + Tpm2DeviceLib + Tpm2CommandLib + TpmPlatformHierarchyLib + RngLib + +[Packages] + MdePkg/MdePkg.dec + SecurityPkg/SecurityPkg.dec + MinPlatformPkg/MinPlatformPkg.dec + +[Sources] + Tcg2PlatformPei.c + +[Guids] + gTcgEventEntryHobGuid + gTcgEvent2EntryHobGuid + +[Ppis] + gEfiEndOfPeiSignalPpiGuid + +[Depex] + gEfiTpmDeviceSelectedGuid + --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80454): https://edk2.groups.io/g/devel/message/80454 Mute This Topic: https://groups.io/mt/85498426/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80461+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80461+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231250; cv=none; d=zohomail.com; s=zohoarc; b=Vjc8lBNbCsli5v5Q448jHiBC50B953ZM4tqnV7/n9wZ29pQH/eFNkZQiTQrNqzUkM0yYApQjyeSYQ7EWrIBtVrWhvT6mWYze5COLtcoaN53X88v89j4cIRYSdX1+rODSQFhty19CLo0aZ6obXWgY1i/Wsg6mxsu6T1L8bTziiO4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231250; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=e4YE3DsIgOh7pGPvX8n/WNj8jh9sM1470SRnlXFUJvo=; b=ThNzSGkrZCy4IAO3xnBfB6HydnNSovIZVs39f9O2oq3LqpnlzJvXBuhyrPZxKRlahpwss7pdmW4Rv5ZuVz8fUFKZ4KftxqljHGg31A4R+oedqW616Ett0IG2vaWUdXHNua4acxXPrmvGlpDgWd/eR3ea1JzMQWb8fsAzRETdja4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80461+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631231250628661.3747544275788; Thu, 9 Sep 2021 16:47:30 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id hi4BYY1788612xNxMlqAaARk; Thu, 09 Sep 2021 16:47:30 -0700 X-Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web11.2557.1631208943470776466 for ; Thu, 09 Sep 2021 10:35:43 -0700 X-Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HWihO142455; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aygjvjsqj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from m0098417.ppops.net (m0098417.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HXJJ4144248; Thu, 9 Sep 2021 13:35:41 -0400 X-Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aygjvjsqa-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:41 -0400 X-Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HMC1u014951; Thu, 9 Sep 2021 17:35:41 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma03dal.us.ibm.com with ESMTP id 3axcnk72au-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:41 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZeAC39518678 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 412C2AC065; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 33FF8AC064; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 8/9] SecurityPkg/Tcg: Make Tcg2PlatformPei buildable Date: Thu, 9 Sep 2021 13:35:37 -0400 Message-Id: <20210909173538.2380673-9-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: guM-k_6WXmB6zVzg6WJP79H6fyZckDhy X-Proofpoint-ORIG-GUID: vZmkkbdAzGBxVRT3F1LYUwSg9UbpCKJg Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: d8AXDKXhrwdl2nVL68ea1ViFx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231250; bh=aP25C/8oeHEKLtDgmTcQ3KO9MY4dbaXkpJsFKOcTLFE=; h=Cc:Date:From:Reply-To:Subject:To; b=khpTtmwUfAFkLPbpYemrRJEkjzsIHVdWbY2KGZpNawD8SX6Kl3lBY6Sxu/D0JtajP/q XEALsREf5g5Q9waZhCBQ8n5FHlw/3liZWTxA0d6gRVBR/fRMdjztHioMneqeN8I5lfKVV emtx1HRcQ5fA2taSUNYvDeG6XP03Rms+h64= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231251687100012 Content-Type: text/plain; charset="utf-8" Signed-off-by: Stefan Berger --- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf | 1 - 1 file changed, 1 deletion(-) diff --git a/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf b/Security= Pkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf index 579f09b940..3f5c2955a4 100644 --- a/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf +++ b/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf @@ -35,7 +35,6 @@ [Packages] MdePkg/MdePkg.dec SecurityPkg/SecurityPkg.dec - MinPlatformPkg/MinPlatformPkg.dec =20 [Sources] Tcg2PlatformPei.c --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80461): https://edk2.groups.io/g/devel/message/80461 Mute This Topic: https://groups.io/mt/85498440/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 06:17:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80458+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80458+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1631231248; cv=none; d=zohomail.com; s=zohoarc; b=cVZV/EhTsl2yJTAZXPwf14xAMmzMMSeQ9qZSRmo0tjbybJWQ5kXaS+YiJTcGrJcupc55lYzjweWD98pSRqKSJ91z6LCT5+WZBKFu+0vzhxjboN0olTX1eYM90ZX9epDZV/x/xCwHMkODZJcPN0/IcUhsSab75Lc5XtwtQG0bu0E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631231248; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=WRHvEt8BaMEIQgiVx+Qz0uEG2cZkajcWz16n14snrtw=; b=Go5z+74uEOW6j5Oh9Xz/PEtPnIb6xe0AS5ZtRnH6bU4/9E+cJr3ZXQkiOIwRLAXV/A8n+k36VhagsB5nevQQA0o1qjXjI27y26w5+Ntxp9bWB/sgKOOvYHB1bbbt2sFaGnGtshBt3rFvsMCgydCyPakwqWN+jtlkwjsJeKwGW9c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80458+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631231248855568.539944138085; Thu, 9 Sep 2021 16:47:28 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id VEmwYY1788612x52I3AYclR4; Thu, 09 Sep 2021 16:47:28 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web08.2483.1631208943307234172 for ; Thu, 09 Sep 2021 10:35:43 -0700 X-Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 189HWlpR038369; Thu, 9 Sep 2021 13:35:43 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aymu9u39u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from m0098404.ppops.net (m0098404.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 189HY2Rl048828; Thu, 9 Sep 2021 13:35:42 -0400 X-Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com with ESMTP id 3aymu9u39f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 13:35:42 -0400 X-Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 189HMBJi028424; Thu, 9 Sep 2021 17:35:41 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma01dal.us.ibm.com with ESMTP id 3axcnrf31d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 09 Sep 2021 17:35:41 +0000 X-Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 189HZe9F39518680 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 9 Sep 2021 17:35:40 GMT X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 59B3CAC062; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4B92CAC066; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 9 Sep 2021 17:35:40 +0000 (GMT) From: Stefan Berger To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, Stefan Berger , Stefan Berger Subject: [edk2-devel] [PATCH v7 9/9] OvmfPkg: Reference new Tcg2PlatformPei in the build system Date: Thu, 9 Sep 2021 13:35:38 -0400 Message-Id: <20210909173538.2380673-10-stefanb@linux.vnet.ibm.com> In-Reply-To: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> References: <20210909173538.2380673-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: ORLPytf_kmBImOX7ju6AMXXmI3WTmN8G X-Proofpoint-GUID: 0-HZdqYsGYfzXdyBv342OvmE0WR2569P Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.vnet.ibm.com X-Gm-Message-State: URJ8kNFXRDuxdpMMR6uZnKGdx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631231248; bh=CY+iRsjOVMPfN1iZIOmxy7uN/yHX9vc3v55U0vFXZkA=; h=Cc:Date:From:Reply-To:Subject:To; b=iQpW9ULdMBNngZ7n18CCeBP4iIo1os4nzGLmdu5vPWc+7uRBfi/1MGZpZN49Z45fkBM u/+0H8SPq0XZx7dOMzlwJv6WPTtLwe7EEDruJH/hPpRnG6A/a/CuHj2Wn842YOONB4zz3 tAJUMOm/zNyKcRQtNcYp+5qRdwRpYnOZ1zc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631231249767100002 Content-Type: text/plain; charset="utf-8" Compile the Tcg2PlatformPei related code now to support TPM 2 platform hierachy disablement if the TPM state cannot be resumed upon S3 resume. Signed-off-by: Stefan Berger --- OvmfPkg/AmdSev/AmdSevX64.dsc | 4 ++++ OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + OvmfPkg/OvmfPkgIa32.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32.fdf | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.dsc | 4 ++++ OvmfPkg/OvmfPkgX64.fdf | 1 + 8 files changed, 20 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 3079f4b503..5ee5445116 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -637,6 +637,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 # diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index a9f675303f..542722ac6b 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -154,6 +154,7 @@ INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecrypt= Pei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif =20 ##########################################################################= ###### diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 923a012f0c..6a5be97c05 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -717,6 +717,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index bb3b53626e..775ea2d710 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -166,6 +166,7 @@ INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecrypt= Pei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif =20 ##########################################################################= ###### diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index b907b36973..71227d1b70 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -730,6 +730,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 [Components.X64] diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 030638ae78..245ca94044 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -166,6 +166,7 @@ INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecrypt= Pei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif =20 ##########################################################################= ###### diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 8aca437a9b..52f7598cf1 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -729,6 +729,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 888363ff9d..b6cc3cabdd 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -185,6 +185,7 @@ INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecrypt= Pei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif =20 ##########################################################################= ###### --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80458): https://edk2.groups.io/g/devel/message/80458 Mute This Topic: https://groups.io/mt/85498437/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-