From nobody Thu Mar 28 19:15:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80679+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80679+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1631669140; cv=none; d=zohomail.com; s=zohoarc; b=kzaf8Rqof67Y+VIKB1EUhouyVyQBT2krYYVzlWcPIN9QyYDrIB8Mztru1PC7+tzIHn+MwKIx3/Fle7sBv+E/jr8zruruHDrLJYnf279QbuurJoQjWgqDeFfDDhrsJHOT/lnhWk2GxvxtzWviS/u4wxfCegsQad8GaAPvQon/1wo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631669140; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=29SXAX9kE/SqOwOU/JhNHspJE2ZTxeZlTtY0aaMtTCQ=; b=hgIaxPgBlFFMW7jcuImoaFCWOL1DOSQ74B09/QP8mZdguCjG90iaMwPYirQUBMEXZkllt9OjTwuacIHPGb6mT94g5pzH4N9sSrOSAhancQIrtt79hvtarHUEb+/beTZhnzYbe9J1iW3Jg1u4lE0+wjY8K1NfVCOyNk3dgoEupag= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80679+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631669140391516.4791045349264; Tue, 14 Sep 2021 18:25:40 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 1fXfYY1788612xyU2pThtxSv; Tue, 14 Sep 2021 18:25:40 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web10.1692.1631669138048562861 for ; Tue, 14 Sep 2021 18:25:38 -0700 X-Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.1.2/8.16.0.43) with SMTP id 18ELpOCx015044; Tue, 14 Sep 2021 21:25:20 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 3b31gqy0eg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 21:25:20 -0400 X-Received: from m0098416.ppops.net (m0098416.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 18F1KF36030314; Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0b-001b2d01.pphosted.com with ESMTP id 3b31gqy0e7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 21:25:18 -0400 X-Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 18F17Ruw022089; Wed, 15 Sep 2021 01:25:17 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma05wdc.us.ibm.com with ESMTP id 3b0m3b68f9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 15 Sep 2021 01:25:17 +0000 X-Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 18F1PHR037487092 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 15 Sep 2021 01:25:17 GMT X-Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 27E0F112064; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) X-Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0D1FE11206B; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP; Wed, 15 Sep 2021 01:25:16 +0000 (GMT) From: "Stefan Berger" To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, rebecca@bsdio.com, grehan@freebsd.org, brijesh.singh@amd.com, erdemaktas@google.com, jejb@linux.ibm.com, min.m.xu@intel.com, thomas.lendacky@amd.com, ardb+tianocore@kernel.org, jordan.l.justen@intel.com, Stefan Berger , Stefan Berger , Jiewen Yao Subject: [edk2-devel] [PATCH v3 1/4] OvmfPkg/TPM PPI: Connect default consoles for user interaction Date: Tue, 14 Sep 2021 21:25:03 -0400 Message-Id: <20210915012506.2619693-2-stefanb@linux.ibm.com> In-Reply-To: <20210915012506.2619693-1-stefanb@linux.ibm.com> References: <20210915012506.2619693-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: kEuBeOG2W5mfv57ko0zKQWkKULyADjBD X-Proofpoint-ORIG-GUID: RVljySbT91sO6zkQIz8hlZsb5-tqrch0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.ibm.com X-Gm-Message-State: zrHVSppKx8efWKfpr5W3OCqpx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631669140; bh=5fdOeOQTJ4hPTx+ifaSoWUE/Atk3gHv9X7BGobycPgc=; h=Cc:Date:From:Reply-To:Subject:To; b=d3UwI6ni4BzMF4++U1qAy7BrjW97RaIUTvxf6reSQvVFVHgEOWKJU2JYoO56qk/WYTB GQuFb7X7nXGtx/mcTkmY2eVJyRP0g9QdYPGzVFBAP1WYIT2WXdJqOJwgrr3flwwirSa+6 VRAgktjtOCFPjChDocI54g/fU4aZtdbw3Ho= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631669142499100012 Content-Type: text/plain; charset="utf-8" From: Stefan Berger Activate the default console when user interaction is required for the processing of TPM 2 physical presence interface opcodes. Background: TPM 2 physical presence interface (PPI) opcodes need to be handled before the TPM 2 platform hierarchy is disabled. Due to this requirement we will move the function call to handle the PPI opcodes into PlatformBootManagerBeforeConsole() which runs before the initialization of the consoles. However, since for interaction with the user we need the console to be available, activate it now before displaying any message to the user. Cc: Rebecca Cran Cc: Peter Grehan Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Gerd Hoffmann Signed-off-by: Stefan Berger Reviewed-by: Jiewen Yao --- .../Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.c | 5 +++++ .../DxeTcg2PhysicalPresenceLib.inf | 1 + 2 files changed, 6 insertions(+) diff --git a/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPre= senceLib.c b/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPre= senceLib.c index 00d76ba2c2..33a470f6d8 100644 --- a/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLi= b.c +++ b/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLi= b.c @@ -32,6 +32,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include =20 @@ -591,6 +592,10 @@ Tcg2UserConfirm ( return FALSE; } =20 + // Console for user interaction + // We need to connect all trusted consoles for TCG PP. Here we treat all= consoles in OVMF to be trusted consoles. + EfiBootManagerConnectAllDefaultConsoles (); + if (TpmPpCommand < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN) { if (CautionKey) { TmpStr1 =3D Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAU= TION_KEY)); diff --git a/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPre= senceLib.inf b/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalP= resenceLib.inf index 85ce0e2b29..5b5417c321 100644 --- a/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLi= b.inf +++ b/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLi= b.inf @@ -59,6 +59,7 @@ PrintLib QemuFwCfgLib Tpm2CommandLib + UefiBootManagerLib UefiBootServicesTableLib UefiLib UefiRuntimeServicesTableLib --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80679): https://edk2.groups.io/g/devel/message/80679 Mute This Topic: https://groups.io/mt/85617945/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu Mar 28 19:15:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80677+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80677+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1631669139; cv=none; d=zohomail.com; s=zohoarc; b=eGAnKWOzKjWSSabhKiq3yBhDq6v3MHe0lnShpzNwaAMdSwzEAVSxOE9qIt14qDDTzYIno7NFhQ8GUL6NPex7uMh+qW/RcXa7rw5mOMI+yxcq3Bet2BPWRdfDZAvMAnv2p7ObeoWyPJ4xqAmOCP7fVMvtDZJQLBwhO+ny5oyDnz0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631669139; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=rvUTi5SRfSbFr7e2pXQzPqvlCVyxIc7/Nxis+PGh3rU=; b=eAzcMVrVZ90MlS7RCdi0zBbOWRbSnWUUSZYgffyEJ7v94pkJQWEPUUHFidn87LgA6poHVl/UN4JQ4W99lot9jIB2CXoEOXoTg+pCzWJLAyck4XLxsqt2oepT0JeRLajKI9wxhrbeL0u8kTNYYmgx3bhtBmF/vxlu29aKMWspUVM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80677+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631669139942599.7273104787006; Tue, 14 Sep 2021 18:25:39 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id g0HZYY1788612x2DJgqkc6kB; Tue, 14 Sep 2021 18:25:39 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web11.1682.1631669137735805179 for ; Tue, 14 Sep 2021 18:25:38 -0700 X-Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.1.2/8.16.0.43) with SMTP id 18ELxULr015162; Tue, 14 Sep 2021 21:25:20 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 3b31gqy0er-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from m0098416.ppops.net (m0098416.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 18F1ExaD008123; Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from ppma02dal.us.ibm.com (a.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.10]) by mx0b-001b2d01.pphosted.com with ESMTP id 3b31gqy0e9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from pps.filterd (ppma02dal.us.ibm.com [127.0.0.1]) by ppma02dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 18F17oOO011976; Wed, 15 Sep 2021 01:25:18 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma02dal.us.ibm.com with ESMTP id 3b0m3bf80v-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 15 Sep 2021 01:25:18 +0000 X-Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 18F1PH9H39191032 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 15 Sep 2021 01:25:17 GMT X-Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 50A0E112062; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) X-Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 32493112065; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) From: "Stefan Berger" To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, rebecca@bsdio.com, grehan@freebsd.org, brijesh.singh@amd.com, erdemaktas@google.com, jejb@linux.ibm.com, min.m.xu@intel.com, thomas.lendacky@amd.com, ardb+tianocore@kernel.org, jordan.l.justen@intel.com, Stefan Berger , Stefan Berger , Jiewen Yao Subject: [edk2-devel] [PATCH v3 2/4] OvmfPkg: Handle TPM 2 physical presence opcodes much earlier Date: Tue, 14 Sep 2021 21:25:04 -0400 Message-Id: <20210915012506.2619693-3-stefanb@linux.ibm.com> In-Reply-To: <20210915012506.2619693-1-stefanb@linux.ibm.com> References: <20210915012506.2619693-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 7iXY7TfeAplMjx49CfPKjcw7XqgLViL8 X-Proofpoint-ORIG-GUID: -0yR-l0YGzIlrbfDKfnXM49aImvaS4YO Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.ibm.com X-Gm-Message-State: JaT814ApHSeGTRjbqcVOV5RZx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631669139; bh=4sPE/PHrz/G89fm8yku4qGPHgy2BVy1uE3SFIMh5VXM=; h=Cc:Date:From:Reply-To:Subject:To; b=iRYqKqbmXaZz4VSehrsOt0TJdraQ+cG8PIsB4oaZbiGr9Qx0VsDgsHufGs48ySm1PXf IU5nN2BCigXB4lfrxP/aP+WIzBCTDS8QruKGkCKfVRmiJfWqpt1ogjoVQOiGvBkTLfdrP nl2fkUVKQIXBVRPdqH+8Iz4IhjvXNXD2JtM= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631669140479100004 Content-Type: text/plain; charset="utf-8" From: Stefan Berger Handle the TPM 2 physical presence interface (PPI) opcodes in PlatformBootManagerBeforeConsole() before the TPM 2 platform hierarchy is disabled. Since the handling of the PPI opcodes may require inter- action with the user, initialize the keyboard before handling PPI codes. Cc: Rebecca Cran Cc: Peter Grehan Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Gerd Hoffmann Signed-off-by: Stefan Berger Reviewed-by: Jiewen Yao --- .../PlatformBootManagerLib/BdsPlatform.c | 19 +++++++++++-------- .../PlatformBootManagerLibBhyve/BdsPlatform.c | 17 ++++++++++------- .../PlatformBootManagerLibGrub/BdsPlatform.c | 17 ++++++++++------- 3 files changed, 31 insertions(+), 22 deletions(-) diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg= /Library/PlatformBootManagerLib/BdsPlatform.c index 71f63b2448..4448722e19 100644 --- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c @@ -387,8 +387,19 @@ PlatformBootManagerBeforeConsole ( SaveS3BootScript (); } =20 + // We need to connect all trusted consoles for TCG PP. Here we treat all + // consoles in OVMF to be trusted consoles. + PlatformInitializeConsole ( + XenDetected() ? gXenPlatformConsole : gPlatformConsole); + + // + // Process TPM PPI request; this may require keyboard input + // + Tcg2PhysicalPresenceLibProcessRequest (NULL); + // // Prevent further changes to LockBoxes or SMRAM. + // Any TPM 2 Physical Presence Interface opcode must be handled before. // Handle =3D NULL; Status =3D gBS->InstallProtocolInterface (&Handle, @@ -402,9 +413,6 @@ PlatformBootManagerBeforeConsole ( // EfiBootManagerDispatchDeferredImages (); =20 - PlatformInitializeConsole ( - XenDetected() ? gXenPlatformConsole : gPlatformConsole); - FrontPageTimeout =3D GetFrontPageTimeoutFromQemu (); PcdStatus =3D PcdSet16S (PcdPlatformBootTimeOut, FrontPageTimeout); ASSERT_RETURN_ERROR (PcdStatus); @@ -1511,11 +1519,6 @@ PlatformBootManagerAfterConsole ( // PciAcpiInitialization (); =20 - // - // Process TPM PPI request - // - Tcg2PhysicalPresenceLibProcessRequest (NULL); - // // Process QEMU's -kernel command line option // diff --git a/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c b/Ov= mfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c index eaade4adea..513d2f00a7 100644 --- a/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c @@ -375,8 +375,18 @@ PlatformBootManagerBeforeConsole ( // EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid); =20 + // We need to connect all trusted consoles for TCG PP. Here we treat all + // consoles in OVMF to be trusted consoles. + PlatformInitializeConsole (gPlatformConsole); + + // + // Process TPM PPI request + // + Tcg2PhysicalPresenceLibProcessRequest (NULL); + // // Prevent further changes to LockBoxes or SMRAM. + // Any TPM 2 Physical Presence Interface opcode must be handled before. // Handle =3D NULL; Status =3D gBS->InstallProtocolInterface (&Handle, @@ -390,8 +400,6 @@ PlatformBootManagerBeforeConsole ( // EfiBootManagerDispatchDeferredImages (); =20 - PlatformInitializeConsole (gPlatformConsole); - PlatformRegisterOptionsAndKeys (); =20 // @@ -1445,11 +1453,6 @@ PlatformBootManagerAfterConsole ( // PciAcpiInitialization (); =20 - // - // Process TPM PPI request - // - Tcg2PhysicalPresenceLibProcessRequest (NULL); - // // Perform some platform specific connect sequence // diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c b/Ovm= fPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c index 7cceeea487..1c5405f620 100644 --- a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c @@ -338,8 +338,18 @@ PlatformBootManagerBeforeConsole ( // EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid); =20 + // We need to connect all trusted consoles for TCG PP. Here we treat all + // consoles in OVMF to be trusted consoles. + PlatformInitializeConsole (gPlatformConsole); + + // + // Process TPM PPI request + // + Tcg2PhysicalPresenceLibProcessRequest (NULL); + // // Prevent further changes to LockBoxes or SMRAM. + // Any TPM 2 Physical Presence Interface opcode must be handled before. // Handle =3D NULL; Status =3D gBS->InstallProtocolInterface (&Handle, @@ -353,8 +363,6 @@ PlatformBootManagerBeforeConsole ( // EfiBootManagerDispatchDeferredImages (); =20 - PlatformInitializeConsole (gPlatformConsole); - Status =3D gRT->SetVariable ( EFI_TIME_OUT_VARIABLE_NAME, &gEfiGlobalVariableGuid, @@ -1310,11 +1318,6 @@ PlatformBootManagerAfterConsole ( // PciAcpiInitialization (); =20 - // - // Process TPM PPI request - // - Tcg2PhysicalPresenceLibProcessRequest (NULL); - // // Process QEMU's -kernel command line option // --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80677): https://edk2.groups.io/g/devel/message/80677 Mute This Topic: https://groups.io/mt/85617943/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu Mar 28 19:15:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80681+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80681+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1631669144; cv=none; d=zohomail.com; s=zohoarc; b=kEYLYasB6MSKWHGVbH0tLz5A+vlSr9iGUYKciuxrX6T23BHdCNxZBxPV5YCgeCMpX6N9HtidejoWr4lMh1ldGWLq00qfw+Am2DZMh/mUhfoGkLlJLJtJ2w5EKsvihNT5yMfPWZ2yql/DP3bmXBX+QBxzNYfpAQFvbWcmdjKL51c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631669144; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=9sG+w2mMvzlUsGZdd1P9rUgehzN486wWJnKR6LSxiBc=; b=dJxjUCee4F5+EdIG2BWqdEYGnKiRYHI1h+BnE+ZXw6je3ricIdSAnnqsC5EuH4nZq6P/cWUk/W/ymzWykBbnfcWExkKM0uqtmKBN0wJRJcEVu5L80VW8HDnwNarWvBR2rAVSJX21vzAl+TefFAkf3JXT+vn/wUH0o5E4k+SW39g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80681+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631669144843223.80884902958326; Tue, 14 Sep 2021 18:25:44 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id Zl5CYY1788612xYGmfT1WSCB; Tue, 14 Sep 2021 18:25:44 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web11.1683.1631669137887980209 for ; Tue, 14 Sep 2021 18:25:38 -0700 X-Received: from pps.filterd (m0098419.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.1.2/8.16.0.43) with SMTP id 18ENNJsF018024; Tue, 14 Sep 2021 21:25:20 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 3b32mt5khh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from m0098419.ppops.net (m0098419.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 18F0xC2V011425; Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0b-001b2d01.pphosted.com with ESMTP id 3b32mt5kh5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 18F17Sxs022122; Wed, 15 Sep 2021 01:25:18 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma05wdc.us.ibm.com with ESMTP id 3b0m3b68fd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 15 Sep 2021 01:25:18 +0000 X-Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 18F1PH4o38863296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 15 Sep 2021 01:25:17 GMT X-Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 65B8E112067; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) X-Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 528F0112064; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) From: "Stefan Berger" To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, rebecca@bsdio.com, grehan@freebsd.org, brijesh.singh@amd.com, erdemaktas@google.com, jejb@linux.ibm.com, min.m.xu@intel.com, thomas.lendacky@amd.com, ardb+tianocore@kernel.org, jordan.l.justen@intel.com, Stefan Berger , Stefan Berger , Jiewen Yao Subject: [edk2-devel] [PATCH v3 3/4] OvmfPkg: Reference new Tcg2PlatformDxe in the build system for compilation Date: Tue, 14 Sep 2021 21:25:05 -0400 Message-Id: <20210915012506.2619693-4-stefanb@linux.ibm.com> In-Reply-To: <20210915012506.2619693-1-stefanb@linux.ibm.com> References: <20210915012506.2619693-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: m6HtRONk_ZM95NWCvtlREyQfnPdehpT7 X-Proofpoint-ORIG-GUID: 3IL3d0KHEU-v7m7Q3svr66RVUEGh78hZ Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.ibm.com X-Gm-Message-State: sPZ0UHKkGz9npdcZTOrByqLgx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631669144; bh=UUOBrIxrdEHXCXUEBwVvpBEXgMa2zy1Y06I0jil7LNw=; h=Cc:Date:From:Reply-To:Subject:To; b=NNdD9dpoYjTO7cdoK8mgAdj6Prp9FH/yoaaTLAXoYMew5FCVTkp0t8tqqGfHEEZntFM S0HlcvR5mLiaA+AtSqotbeJlkQLf0baEfyXm1yn22uPeRx3zfED6Lmq0Q0G3GVcCHx/Yy /G0YtXhl91CpalmrR8b4QACK1vAsaBDkcUY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631669146716100003 Content-Type: text/plain; charset="utf-8" From: Stefan Berger Compile the Tcg2PlatformDxe related code now. Cc: Rebecca Cran Cc: Peter Grehan Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Gerd Hoffmann Signed-off-by: Stefan Berger Reviewed-by: Jiewen Yao --- OvmfPkg/AmdSev/AmdSevX64.dsc | 4 ++++ OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + OvmfPkg/OvmfPkgIa32.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32.fdf | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.dsc | 4 ++++ OvmfPkg/OvmfPkgX64.fdf | 1 + 8 files changed, 20 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index e6cd10b759..3079f4b503 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -851,4 +851,8 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 0a89749700..a9f675303f 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -313,6 +313,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/Variabl= eRuntimeDxe.inf !if $(TPM_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf !if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index d1d92c97ba..923a012f0c 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -1034,6 +1034,10 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 !if $(LOAD_X64_ON_IA32_ENABLE) =3D=3D TRUE diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 04b41445ca..bb3b53626e 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -363,6 +363,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/Variabl= eRuntimeDxe.inf !if $(TPM_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf !if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index a467ab7090..b907b36973 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -1049,4 +1049,8 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 02fd8f0c41..030638ae78 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -370,6 +370,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/Variabl= eRuntimeDxe.inf !if $(TPM_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf !if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index e56b83d95e..8aca437a9b 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -1047,4 +1047,8 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLib= DTpm.inf } + SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 23936242e7..888363ff9d 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -389,6 +389,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/Variabl= eRuntimeDxe.inf !if $(TPM_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf !if $(TPM_CONFIG_ENABLE) =3D=3D TRUE INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf !endif --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80681): https://edk2.groups.io/g/devel/message/80681 Mute This Topic: https://groups.io/mt/85617947/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu Mar 28 19:15:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80678+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80678+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1631669139; cv=none; d=zohomail.com; s=zohoarc; b=Y4WyfZeEnsWdE+LtG+NgCjSkmul773VDGXkUsvnlPgEfbiLwitmJQAHvzUgHoooJBu17ycRRNJl7MR+cdeaI98kmZPseJ/gQ2ZokpdHMg1toSVAtK5BSVqonLuP1+irwoFdjjZF9zwAe8LBDd+ai94kFLSU5vYX6Qdg/jMNe+Mw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1631669139; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=61D0g0JbBtkW4TmdKrNFdVs4FFp4w5Qnt7dM6TQHL0Y=; b=g7bkh+9euM7Z65XwFbWvtfS25ZRfD7u6rtU9HnEGEGmYmm0zoo6A4RKS08qWQ9da79WmU0LlASGA59wVl2FqdoL5xmObD+FAqUK61I3WSlu1yZyIOZWFSX1lhrvc69iIy2BdVwgDU+7jkHEbJW+TcS1Gn2ePzi6i4V6+6ejUFVo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80678+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631669139919307.0733398454605; Tue, 14 Sep 2021 18:25:39 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id DkVMYY1788612xTGa4mPfb0i; Tue, 14 Sep 2021 18:25:39 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web08.1694.1631669137795640205 for ; Tue, 14 Sep 2021 18:25:38 -0700 X-Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.1.2/8.16.0.43) with SMTP id 18EMxYRS024624; Tue, 14 Sep 2021 21:25:20 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 3b35152c75-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from m0098420.ppops.net (m0098420.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 18F1I3GS019454; Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from ppma03wdc.us.ibm.com (ba.79.3fa9.ip4.static.sl-reverse.com [169.63.121.186]) by mx0b-001b2d01.pphosted.com with ESMTP id 3b35152c6r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 21:25:19 -0400 X-Received: from pps.filterd (ppma03wdc.us.ibm.com [127.0.0.1]) by ppma03wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 18F17P2J030075; Wed, 15 Sep 2021 01:25:18 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma03wdc.us.ibm.com with ESMTP id 3b0m3b6918-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 15 Sep 2021 01:25:18 +0000 X-Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 18F1PHrx39191038 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 15 Sep 2021 01:25:17 GMT X-Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8F004112064; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) X-Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 721B1112062; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) X-Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP; Wed, 15 Sep 2021 01:25:17 +0000 (GMT) From: "Stefan Berger" To: devel@edk2.groups.io Cc: mhaeuser@posteo.de, spbrogan@outlook.com, marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, rebecca@bsdio.com, grehan@freebsd.org, brijesh.singh@amd.com, erdemaktas@google.com, jejb@linux.ibm.com, min.m.xu@intel.com, thomas.lendacky@amd.com, ardb+tianocore@kernel.org, jordan.l.justen@intel.com, Stefan Berger , Stefan Berger , Jiewen Yao Subject: [edk2-devel] [PATCH v3 4/4] OvmfPkg: Reference new Tcg2PlatformPei in the build system Date: Tue, 14 Sep 2021 21:25:06 -0400 Message-Id: <20210915012506.2619693-5-stefanb@linux.ibm.com> In-Reply-To: <20210915012506.2619693-1-stefanb@linux.ibm.com> References: <20210915012506.2619693-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: jAoNkK7BXpw7BXvsj1EdlOGGT1hnkNi0 X-Proofpoint-GUID: LRwSmzWzBx1PJKP3aspakzvJyBLeLW0Z Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,stefanb@linux.ibm.com X-Gm-Message-State: fIkXDnTMOuVqPuRsz4oEAKpxx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631669139; bh=x2Sdl7ADAuEwSuknNc98jZuOA1LEj4Y5ecP/wFzpN8k=; h=Cc:Date:From:Reply-To:Subject:To; b=fwDAzXq+CvyDOn3njpg+DgUllu5B7AIH8f3QPNrY4oHWkU335IAdCMXEqXBF3WNZNjo I6aPQn9gn5DjtrldKp0fpz5s5wLoGSKH9tUH3UR6OlJT8kx+LuUQNw407CQL3i6fcuRdD 4HBBJ3U9W8Gu0uNceNS7ERjThx6ztQ/sl9I= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631669140474100003 Content-Type: text/plain; charset="utf-8" From: Stefan Berger Compile the Tcg2PlatformPei related code now to support TPM 2 platform hierachy disablement if the TPM state cannot be resumed upon S3 resume. Cc: Rebecca Cran Cc: Peter Grehan Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Gerd Hoffmann Signed-off-by: Stefan Berger Reviewed-by: Jiewen Yao --- OvmfPkg/AmdSev/AmdSevX64.dsc | 4 ++++ OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + OvmfPkg/OvmfPkgIa32.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32.fdf | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.dsc | 4 ++++ OvmfPkg/OvmfPkgX64.fdf | 1 + 8 files changed, 20 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 3079f4b503..5ee5445116 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -637,6 +637,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 # diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index a9f675303f..542722ac6b 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -154,6 +154,7 @@ INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecrypt= Pei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif =20 ##########################################################################= ###### diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 923a012f0c..6a5be97c05 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -717,6 +717,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index bb3b53626e..775ea2d710 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -166,6 +166,7 @@ INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecrypt= Pei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif =20 ##########################################################################= ###### diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index b907b36973..71227d1b70 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -730,6 +730,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 [Components.X64] diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 030638ae78..245ca94044 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -166,6 +166,7 @@ INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecrypt= Pei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif =20 ##########################################################################= ###### diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 8aca437a9b..52f7598cf1 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -729,6 +729,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } + SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf { + + TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarc= hyLib/PeiDxeTpmPlatformHierarchyLib.inf + } !endif =20 # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 888363ff9d..b6cc3cabdd 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -185,6 +185,7 @@ INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecrypt= Pei.inf INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf !endif =20 ##########################################################################= ###### --=20 2.31.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80678): https://edk2.groups.io/g/devel/message/80678 Mute This Topic: https://groups.io/mt/85617944/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-