From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4864:20::42b; helo=mail-pf1-x42b.google.com; envelope-from=heyi.guo@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id CE4F3210EFB02 for ; Mon, 13 Aug 2018 23:18:07 -0700 (PDT) Received: by mail-pf1-x42b.google.com with SMTP id d4-v6so8812810pfn.0 for ; Mon, 13 Aug 2018 23:18:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:date:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=fFPns8UGRkq4qm9m0NLBJK7xPlQNlRMA2RfHCpY5G4Q=; b=kQYcbQ9gKUdTu98gfnmQPU/+rEEcUsPwD89rKVv/TXDW3H0t23HKWk1idB2dyJ70zJ l+8G3kkFpoDICNHGrRaYVZ37isKVuWOWoZlveiGC5Fb3MnAShu4EDxVFYhWdDyHybYox TXkEdbrRHgm7cB50UbaKWcYO9DJF6Czvh36TA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:date:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=fFPns8UGRkq4qm9m0NLBJK7xPlQNlRMA2RfHCpY5G4Q=; b=Qt5O7z9eZeZpfj0J8p9BRVQtCdMS6v6vD/rOHyIQxVi2hJTnCujrA0c9HhSJbtOb99 /F84SLePydKT323rG55lq+3bmuiP7ChfOTL/YF0fe3axnrqgHvp1JC+eA4na319H/Og4 wsGGoBu0unQ7W9Arc4nBo8XHhvxyl9eepFWNVgS8RmqbMaIxHlqtXqx8mKGATXY0pvwL rDpWdLg7vxjhqt8t8bGn39jBXwEEdk7Z6m+xh1bx8PvQnSndtrEsYuud7JEw5rCHNJax 9IbFHFe3mXnCqj1rIODQbFbMHeLCs7vHFZaPlY+VMjC36zZveN7iSEFbLCmQvwEGLxfE woHg== X-Gm-Message-State: AOUpUlGoVPowNi1DzuEqmAEOEyUiGweO8Q7K0BYpg8IdVYsy0aRuFgAN CFaobNTTJnz6U9XprvPq2WFBUQ== X-Google-Smtp-Source: AA+uWPzUJJhwWnl8DP7jEyl7UYIgZHYrjDsYz4bXpSAzm7xg6xdbILe7UVvBEcOo7oNgeg/nRaOXlw== X-Received: by 2002:a63:1f20:: with SMTP id f32-v6mr19135376pgf.84.1534227487178; Mon, 13 Aug 2018 23:18:07 -0700 (PDT) Received: from ecs-e536.expressvpn ([45.62.52.63]) by smtp.gmail.com with ESMTPSA id c88-v6sm28566515pfe.132.2018.08.13.23.18.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 13 Aug 2018 23:18:06 -0700 (PDT) From: heyi.guo@linaro.org X-Google-Original-From: g00179230@ecs-e536.expressvpn Date: Tue, 14 Aug 2018 14:18:01 +0800 To: "Yao, Jiewen" Cc: "heyi.guo@linaro.org" , "edk2-devel@lists.01.org" , "Zhang, Chao B" Message-ID: <20180814061801.GA2691@ecs-e536.expressvpn> References: <20180810084950.GA32368@ecs-e536.expressvpn> <67261275-360A-40ED-A668-AF1265A39AFD@intel.com> <20180813010715.GA1974@ecs-e536.expressvpn> <74D8A39837DF1E4DA445A8C0B3885C503AD06403@shsmsx102.ccr.corp.intel.com> MIME-Version: 1.0 In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503AD06403@shsmsx102.ccr.corp.intel.com> User-Agent: Mutt/1.5.24 (2015-08-30) Subject: Re: Question about SecurityPkg/DxeTcg2PhysicalPresenceLib X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Aug 2018 06:18:08 -0000 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Hi Jiewen, I searched the code in EDK2, and found there is another implementation of DxeTcg2PhysicalPresenceLib for OVMF: the function Tcg2PhysicalPresenceLibProcessRequest() is called in PlatformBootManagerAfterConsole() on OVMF, and it doesn't invoke VariableLockProtocol->RequestToLock() in Tcg2PhysicalPresenceLibProcessRequest(). Is this also an reference solution? Does it have any drawback comparing with the implementation in SecurityPkg? Thanks, Heyi On Mon, Aug 13, 2018 at 01:10:57AM +0000, Yao, Jiewen wrote: > The code in SecurityPkg\Library\DxeTcg2PhysicalPresenceLib can be treated as the example for the platform with trusted console. > > If a platform does not have a trusted graphic console, the platform may implement another DxeTcg2PhysicalPresenceLib instance to get user confirmation. For example, use the serial port, special hot key, etc. > > Thank you > Yao Jiewen > > > -----Original Message----- > > From: heyi.guo@linaro.org [mailto:heyi.guo@linaro.org] > > Sent: Monday, August 13, 2018 9:07 AM > > To: Yao, Jiewen > > Cc: heyi.guo@linaro.org; edk2-devel@lists.01.org; Zhang, Chao B > > > > Subject: Re: Question about SecurityPkg/DxeTcg2PhysicalPresenceLib > > > > Is there any work around if we don't have such trusted console on available > > hardware platforms? Is there any example implementation which we can refer > > to? > > > > Thanks, > > > > Heyi > > > > On Fri, Aug 10, 2018 at 09:12:46AM +0000, Yao, Jiewen wrote: > > > by design a platform need define a trusted console and only connect this > > trusted console before endofdxe > > > > > > thank you! > > > Yao, Jiewen > > > > > > > > > > 在 2018年8月10日,下午4:50,"heyi.guo@linaro.org" > > 写道: > > > > > > > > Hi folks, > > > > > > > > The function Tcg2PhysicalPresenceLibProcessRequest in > > DxeTcg2PhysicalPresenceLib > > > > requires to be invoked after console is ready, and in the function it will call > > > > VariableLockProtocol->RequestToLock(), while variable RequestToLock() > > requires > > > > to be called before "End Of Dxe" event, or else it will return > > ACCESS_DENIED. > > > > > > > > However, in PI spec 1.6, section 5.1.2.1 "End of DXE Event", it says "Prior to > > > > connecting consoles, the platform should signal the event 'End of DXE'". So > > > > there seems to be contradiction between these implementations and PI > > spec. > > > > > > > > If we follow below work flow: > > > > End of DXE -> connect console -> Tcg2PhysicalPresenceLibProcessRequest() > > -> > > > > Variable RequestToLock() -> we will get ACCESS_DENIED. > > > > > > > > Please advise, > > > > > > > > Thanks, > > > > > > > > Heyi