* [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu
@ 2019-01-25 17:12 Stefan Berger
2019-01-25 19:30 ` Laszlo Ersek
0 siblings, 1 reply; 4+ messages in thread
From: Stefan Berger @ 2019-01-25 17:12 UTC (permalink / raw)
To: lersek, edk2-devel
Cc: chao.b.zhang, jiewen.yao, marcandre.lureau, Stefan Berger
This patch adds the TCG2 Configuration menu to the Device Manager
menu. We can reuse all the code in the SecurityPkg and need to
only add it to the build and flash config files.
The code is added to Ovfm by building with -DTPM2_ENABLE and
-DTPM2_CONFIG_ENABLE.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
OvmfPkg/OvmfPkgIa32.dsc | 3 +++
OvmfPkg/OvmfPkgIa32.fdf | 4 ++++
OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++
OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++
OvmfPkg/OvmfPkgX64.dsc | 3 +++
OvmfPkg/OvmfPkgX64.fdf | 4 ++++
6 files changed, 21 insertions(+)
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index aee19b75d7..68e707e7e5 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -632,6 +632,9 @@
NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
}
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
!endif
#
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index e013099136..a46598f2c3 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -295,6 +295,10 @@ INF ShellPkg/Application/Shell/Shell.inf
INF MdeModulePkg/Logo/LogoDxe.inf
+!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE)
+INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
+
#
# Network modules
#
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 90cbd8e341..dd6c700774 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -640,6 +640,9 @@
NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
}
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
!endif
[Components.X64]
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index afaa334384..8a02b3cc79 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -296,6 +296,10 @@ INF ShellPkg/Application/Shell/Shell.inf
INF MdeModulePkg/Logo/LogoDxe.inf
+!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE)
+INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
+
#
# Network modules
#
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 83d16eb00b..828a1d9999 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -639,6 +639,9 @@
NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
}
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
!endif
#
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index afaa334384..8a02b3cc79 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -296,6 +296,10 @@ INF ShellPkg/Application/Shell/Shell.inf
INF MdeModulePkg/Logo/LogoDxe.inf
+!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE)
+INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
+
#
# Network modules
#
--
2.20.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu
2019-01-25 17:12 [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu Stefan Berger
@ 2019-01-25 19:30 ` Laszlo Ersek
2019-01-25 21:25 ` Stefan Berger
0 siblings, 1 reply; 4+ messages in thread
From: Laszlo Ersek @ 2019-01-25 19:30 UTC (permalink / raw)
To: Stefan Berger, edk2-devel
Cc: chao.b.zhang, jiewen.yao, marcandre.lureau,
Jordan Justen (Intel address), Ard Biesheuvel, Anthony Perard,
Julien Grall
Hi,
(1) when posting a patch, please CC all people marked with "M" for the
subject package in Maintainers.txt. And, if in doubt, please CC the "R"
people too.
Adding the others now.
(2) In [a] [b], you mentioned a need to repost, due to your email
address having changed. However, that posting, and this posting, seem to
come from the same email address, and to use the same S-o-b: "Stefan
Berger <stefanb@linux.ibm.com>".
[a] http://mid.mail-archive.com/d0222c94-4578-74bd-94ad-90d10911b534@linux.ibm.com
[b] https://lists.01.org/pipermail/edk2-devel/2019-January/035701.html
On 01/25/19 18:12, Stefan Berger wrote:
> This patch adds the TCG2 Configuration menu to the Device Manager
> menu.
OK.
> We can reuse all the code in the SecurityPkg and need to
> only add it to the build and flash config files.
(3) I disagree with this formulation.
Instead, we can apparently include the *sample* Tcg2ConfigDxe from
SecurityPkg as-is, without obvious adverse effects. I consider this an
experimental feature that's being enabled (not by default) in order to
support further R&D. The Tcg2ConfigDxe has not been trimmed / modified
for OVMF / QEMU specifics (unlike Tcg2ConfigPei in commit 6cf1880fb5b6).
That's why we are gating Tcg2ConfigDxe with TPM2_CONFIG_ENABLE, and not
enabling it simply as part of TPM2_ENABLE.
> The code is added to Ovfm by building with -DTPM2_ENABLE and
> -DTPM2_CONFIG_ENABLE.
(4) Typo, s/Ovfm/OVMF/. "OVMF" stands for Open Virtual Machine Firmware.
>
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
(5) Before your S-o-b, please add:
"""
Contributed-under: TianoCore Contribution Agreement 1.1
"""
after reviewing "Contributions.txt" in the project root dir.
> ---
> OvmfPkg/OvmfPkgIa32.dsc | 3 +++
> OvmfPkg/OvmfPkgIa32.fdf | 4 ++++
> OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++
> OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++
> OvmfPkg/OvmfPkgX64.dsc | 3 +++
> OvmfPkg/OvmfPkgX64.fdf | 4 ++++
> 6 files changed, 21 insertions(+)
(6) In all three DSC files, please DEFINE TPM2_CONFIG_ENABLE = FALSE as
well, just below TPM2_ENABLE.
>
> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> index aee19b75d7..68e707e7e5 100644
> --- a/OvmfPkg/OvmfPkgIa32.dsc
> +++ b/OvmfPkg/OvmfPkgIa32.dsc
> @@ -632,6 +632,9 @@
> NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> }
> +!if $(TPM2_CONFIG_ENABLE) == TRUE
> + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> !endif
>
> #
This looks good.
> diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
> index e013099136..a46598f2c3 100644
> --- a/OvmfPkg/OvmfPkgIa32.fdf
> +++ b/OvmfPkg/OvmfPkgIa32.fdf
> @@ -295,6 +295,10 @@ INF ShellPkg/Application/Shell/Shell.inf
>
> INF MdeModulePkg/Logo/LogoDxe.inf
>
> +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE)
> +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> +
(7) In this file, we already have
"""
!if $(TPM2_ENABLE) == TRUE
INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
!endif
"""
elsewhere. Can you please nest the addition in that scope?
Thanks,
Laszlo
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu
2019-01-25 19:30 ` Laszlo Ersek
@ 2019-01-25 21:25 ` Stefan Berger
0 siblings, 0 replies; 4+ messages in thread
From: Stefan Berger @ 2019-01-25 21:25 UTC (permalink / raw)
To: Laszlo Ersek, edk2-devel
Cc: chao.b.zhang, jiewen.yao, marcandre.lureau,
Jordan Justen (Intel address), Ard Biesheuvel, Anthony Perard,
Julien Grall
On 1/25/19 2:30 PM, Laszlo Ersek wrote:
> Hi,
>
> (1) when posting a patch, please CC all people marked with "M" for the
> subject package in Maintainers.txt. And, if in doubt, please CC the "R"
> people too.
>
> Adding the others now.
>
> (2) In [a] [b], you mentioned a need to repost, due to your email
> address having changed. However, that posting, and this posting, seem to
> come from the same email address, and to use the same S-o-b: "Stefan
> Berger <stefanb@linux.ibm.com>".
I re-subscribed to the ml. Old address was stefanb@linux.vnet.ibm.com.
>
> [a] http://mid.mail-archive.com/d0222c94-4578-74bd-94ad-90d10911b534@linux.ibm.com
> [b] https://lists.01.org/pipermail/edk2-devel/2019-January/035701.html
>
> On 01/25/19 18:12, Stefan Berger wrote:
>> This patch adds the TCG2 Configuration menu to the Device Manager
>> menu.
> OK.
>
>> We can reuse all the code in the SecurityPkg and need to
>> only add it to the build and flash config files.
> (3) I disagree with this formulation.
>
> Instead, we can apparently include the *sample* Tcg2ConfigDxe from
> SecurityPkg as-is, without obvious adverse effects. I consider this an
I will reuse some of this formulation.
> experimental feature that's being enabled (not by default) in order to
> support further R&D. The Tcg2ConfigDxe has not been trimmed / modified
> for OVMF / QEMU specifics (unlike Tcg2ConfigPei in commit 6cf1880fb5b6).
> That's why we are gating Tcg2ConfigDxe with TPM2_CONFIG_ENABLE, and not
> enabling it simply as part of TPM2_ENABLE.
>
>> The code is added to Ovfm by building with -DTPM2_ENABLE and
>> -DTPM2_CONFIG_ENABLE.
> (4) Typo, s/Ovfm/OVMF/. "OVMF" stands for Open Virtual Machine Firmware.
:-)
>
>> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> (5) Before your S-o-b, please add:
>
> """
> Contributed-under: TianoCore Contribution Agreement 1.1
> """
>
> after reviewing "Contributions.txt" in the project root dir.
Done.
>
>> ---
>> OvmfPkg/OvmfPkgIa32.dsc | 3 +++
>> OvmfPkg/OvmfPkgIa32.fdf | 4 ++++
>> OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++
>> OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++
>> OvmfPkg/OvmfPkgX64.dsc | 3 +++
>> OvmfPkg/OvmfPkgX64.fdf | 4 ++++
>> 6 files changed, 21 insertions(+)
> (6) In all three DSC files, please DEFINE TPM2_CONFIG_ENABLE = FALSE as
> well, just below TPM2_ENABLE.
Done.
>
>> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
>> index aee19b75d7..68e707e7e5 100644
>> --- a/OvmfPkg/OvmfPkgIa32.dsc
>> +++ b/OvmfPkg/OvmfPkgIa32.dsc
>> @@ -632,6 +632,9 @@
>> NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
>> NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
>> }
>> +!if $(TPM2_CONFIG_ENABLE) == TRUE
>> + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
>> +!endif
>> !endif
>>
>> #
> This looks good.
>
>> diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
>> index e013099136..a46598f2c3 100644
>> --- a/OvmfPkg/OvmfPkgIa32.fdf
>> +++ b/OvmfPkg/OvmfPkgIa32.fdf
>> @@ -295,6 +295,10 @@ INF ShellPkg/Application/Shell/Shell.inf
>>
>> INF MdeModulePkg/Logo/LogoDxe.inf
>>
>> +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE)
>> +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
>> +!endif
>> +
> (7) In this file, we already have
>
> """
> !if $(TPM2_ENABLE) == TRUE
> INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> !endif
> """
>
> elsewhere. Can you please nest the addition in that scope?
Done.
>
> Thanks,
> Laszlo
>
^ permalink raw reply [flat|nested] 4+ messages in thread
[parent not found: <20190125165527.1059649-1-stefanb@linux.ibm.com>]
* Re: [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu
[not found] <20190125165527.1059649-1-stefanb@linux.ibm.com>
@ 2019-01-25 17:12 ` Stefan Berger
0 siblings, 0 replies; 4+ messages in thread
From: Stefan Berger @ 2019-01-25 17:12 UTC (permalink / raw)
To: lersek, edk2-devel; +Cc: chao.b.zhang, jiewen.yao, marcandre.lureau
I have to repost this since my email has changed.
On 1/25/19 11:55 AM, Stefan Berger wrote:
> This patch adds the TCG2 Configuration menu to the Device Manager
> menu. We can reuse all the code in the SecurityPkg and need to
> only add it to the build and flash config files.
>
> The code is added to Ovfm by building with -DTPM2_ENABLE and
> -DTPM2_CONFIG_ENABLE.
>
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> ---
> OvmfPkg/OvmfPkgIa32.dsc | 3 +++
> OvmfPkg/OvmfPkgIa32.fdf | 4 ++++
> OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++
> OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++
> OvmfPkg/OvmfPkgX64.dsc | 3 +++
> OvmfPkg/OvmfPkgX64.fdf | 4 ++++
> 6 files changed, 21 insertions(+)
>
> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> index aee19b75d7..68e707e7e5 100644
> --- a/OvmfPkg/OvmfPkgIa32.dsc
> +++ b/OvmfPkg/OvmfPkgIa32.dsc
> @@ -632,6 +632,9 @@
> NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> }
> +!if $(TPM2_CONFIG_ENABLE) == TRUE
> + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> !endif
>
> #
> diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
> index e013099136..a46598f2c3 100644
> --- a/OvmfPkg/OvmfPkgIa32.fdf
> +++ b/OvmfPkg/OvmfPkgIa32.fdf
> @@ -295,6 +295,10 @@ INF ShellPkg/Application/Shell/Shell.inf
>
> INF MdeModulePkg/Logo/LogoDxe.inf
>
> +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE)
> +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> +
> #
> # Network modules
> #
> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
> index 90cbd8e341..dd6c700774 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> @@ -640,6 +640,9 @@
> NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> }
> +!if $(TPM2_CONFIG_ENABLE) == TRUE
> + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> !endif
>
> [Components.X64]
> diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
> index afaa334384..8a02b3cc79 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.fdf
> +++ b/OvmfPkg/OvmfPkgIa32X64.fdf
> @@ -296,6 +296,10 @@ INF ShellPkg/Application/Shell/Shell.inf
>
> INF MdeModulePkg/Logo/LogoDxe.inf
>
> +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE)
> +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> +
> #
> # Network modules
> #
> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
> index 83d16eb00b..828a1d9999 100644
> --- a/OvmfPkg/OvmfPkgX64.dsc
> +++ b/OvmfPkg/OvmfPkgX64.dsc
> @@ -639,6 +639,9 @@
> NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> }
> +!if $(TPM2_CONFIG_ENABLE) == TRUE
> + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> !endif
>
> #
> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
> index afaa334384..8a02b3cc79 100644
> --- a/OvmfPkg/OvmfPkgX64.fdf
> +++ b/OvmfPkg/OvmfPkgX64.fdf
> @@ -296,6 +296,10 @@ INF ShellPkg/Application/Shell/Shell.inf
>
> INF MdeModulePkg/Logo/LogoDxe.inf
>
> +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE)
> +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> +
> #
> # Network modules
> #
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-01-25 21:25 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-01-25 17:12 [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu Stefan Berger
2019-01-25 19:30 ` Laszlo Ersek
2019-01-25 21:25 ` Stefan Berger
[not found] <20190125165527.1059649-1-stefanb@linux.ibm.com>
2019-01-25 17:12 ` Stefan Berger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox