From nobody Thu Apr 25 10:42:47 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of seabios.org designates 78.46.105.101 as permitted sender) client-ip=78.46.105.101; envelope-from=seabios-bounces@seabios.org; helo=coreboot.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of seabios.org designates 78.46.105.101 as permitted sender) smtp.mailfrom=seabios-bounces@seabios.org Return-Path: Received: from coreboot.org (coreboot.org [78.46.105.101]) by mx.zohomail.com with SMTPS id 1631048786089157.71628730295004; Tue, 7 Sep 2021 14:06:26 -0700 (PDT) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by coreboot.org (Postfix) with ESMTPA id 0D793106080A; Tue, 7 Sep 2021 21:06:19 +0000 (UTC) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by coreboot.org (Postfix) with ESMTP id 01CA11060012 for ; Tue, 7 Sep 2021 21:05:59 +0000 (UTC) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 187L4nCx022958; Tue, 7 Sep 2021 17:05:56 -0400 Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by mx0a-001b2d01.pphosted.com with ESMTP id 3axec6snkb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 07 Sep 2021 17:05:56 -0400 Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by ppma03dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 187KvkU1000447; Tue, 7 Sep 2021 21:05:55 GMT Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by ppma03dal.us.ibm.com with ESMTP id 3axcnhcvyf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 07 Sep 2021 21:05:55 +0000 Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by b03cxnp07028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 187L5si440173852 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 7 Sep 2021 21:05:54 GMT Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by IMSVA (Postfix) with ESMTP id 9090A6E054; Tue, 7 Sep 2021 21:05:54 +0000 (GMT) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by IMSVA (Postfix) with ESMTP id 446586E04E; Tue, 7 Sep 2021 21:05:54 +0000 (GMT) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by b03ledav001.gho.boulder.ibm.com (Postfix) with ESMTP; Tue, 7 Sep 2021 21:05:54 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=jCzfsDivUMO+M9iosy7E8//XA/c16YUf+mB11iKKyWQ=; b=IPJ4zTiIMlPIZWAay7ZA8k8whVkGWsL5wDNoiJelPVjic3kIHxRA8/u3+lPw7obJzhz7 6Z2UvGJ/vU0pPRFG/c/IHTZmFZqlQ3uJd3p4P97SXTdijvh0BfvMaNitFn+QpMgtlbBv wUh4FLW8ixiKibda7my35J+O076fH+w/f1Y1r58aqDQWOHygwsGc1ZtQEWZ0vBTxXb8c JChLqDrJ9keoX+3ZS7MEBcjyWoDy7ULpvUIqofkXRuD/Pb+eBfeA8ttJ+4Qt85oVuWCu DfqmdgN9TnKUjQbKsbb4RgotHBBGvKNmEX5XBxGqr1n+oWaNxC1q41iyVlEkzeezKKDy WA== From: Stefan Berger To: seabios@seabios.org Date: Tue, 7 Sep 2021 17:05:52 -0400 Message-Id: <20210907210552.742554-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: NY76F7yjxlwTamUW6V574wJXwztrfuhe X-Proofpoint-GUID: NY76F7yjxlwTamUW6V574wJXwztrfuhe X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.790 definitions=2021-09-07_08:2021-09-07,2021-09-07 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1011 priorityscore=1501 phishscore=0 spamscore=0 malwarescore=0 mlxlogscore=998 impostorscore=0 adultscore=0 lowpriorityscore=0 bulkscore=0 suspectscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2109030001 definitions=main-2109070132 X-Spam-Level: * Message-ID-Hash: O26SMAK245T6KQRO7DDZXPJEULU4ATWK X-Message-ID-Hash: O26SMAK245T6KQRO7DDZXPJEULU4ATWK X-MailFrom: stefanb@linux.vnet.ibm.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-seabios.seabios.org-0; header-match-seabios.seabios.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Stefan Berger X-Mailman-Version: 3.3.4 Precedence: list Subject: [SeaBIOS] [PATCH] tcgbios: Disable platform hierarchy in case of failure List-Id: SeaBIOS mailing list Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Content-Transfer-Encoding: quoted-printable Authentication-Results: coreboot.org; auth=pass smtp.auth=mailman@coreboot.org smtp.mailfrom=seabios-bounces@seabios.org X-Spamd-Bar: -- X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1631048787834100001 Content-Type: text/plain; charset="utf-8" In the rare case of a TPM 2 failure, disable the platform hierarchy after disabling the endorsement and owner hierarchies. Signed-off-by: Stefan Berger --- src/tcgbios.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/tcgbios.c b/src/tcgbios.c index 02921d8..31f4d7b 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -983,6 +983,7 @@ tpm_set_failure(void) case TPM_VERSION_2: tpm20_hierarchycontrol(TPM2_RH_ENDORSEMENT, TPM2_NO); tpm20_hierarchycontrol(TPM2_RH_OWNER, TPM2_NO); + tpm20_hierarchycontrol(TPM2_RH_PLATFORM, TPM2_NO); break; } =20 --=20 2.31.1 _______________________________________________ SeaBIOS mailing list -- seabios@seabios.org To unsubscribe send an email to seabios-leave@seabios.org