public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH] SecurityPkg/TcgConfigDxe: Allow enabling TPM 1.2 device from disabled state.
@ 2019-02-04  6:06 Rodrigo Gonzalez del Cueto
  2019-02-20  3:12 ` Yao, Jiewen
  0 siblings, 1 reply; 2+ messages in thread
From: Rodrigo Gonzalez del Cueto @ 2019-02-04  6:06 UTC (permalink / raw)
  To: edk2-devel; +Cc: Rodrigo Gonzalez del Cueto, Chao Zhang, Jiewen Yao

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1511

Currently the TCG config setup form defaults the physical presence action to
PHYSICAL_PRESENCE_ENABLE, this prevents the action from being called. When a TPM
1.2 device is in Disabled and Activated state it is not possible to issue the
PHYSICAL_PRESENCE_ENABLE using the menu action.

By having the form default to PHYSICAL_PRESENCE_NO_ACTION, the user is now able
to select PHYSICAL_PRESENCE_ENABLE and toggle the TPM 1.2 device enable state.

Contributed-under: TianoCore Contribution Agreement 1.1

Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
---
 SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr        | 8 ++++++--
 SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c      | 4 ++--
 SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni | 3 ++-
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
index b0a7bf6f47..1047475cef 100644
--- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
+++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
@@ -1,7 +1,7 @@
 /** @file
   VFR file used by the TCG configuration component.
 
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2019, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -43,6 +43,10 @@ formset
           help   = STRING_TOKEN(STR_TPM_OPERATION_HELP),
           flags  = INTERACTIVE | RESET_REQUIRED,
           //
+          // Default the form to NO ACTION to allow toggling other options
+          //
+          option text = STRING_TOKEN(STR_NO_ACTION), value = PHYSICAL_PRESENCE_NO_ACTION, flags = DEFAULT;
+          //
           // Disable (TPM_ORD_PhysicalDisable) command is not available when disabled.
           // Activate/deactivate (TPM_ORD_physicalSetDeactivated) command is not available when disabled.
           //
@@ -61,7 +65,7 @@ formset
             option text = STRING_TOKEN(STR_TPM_CLEAR_ENABLE_ACTIVATE), value = PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, flags = 0;
           endif
 
-          option text = STRING_TOKEN(STR_ENABLE), value = PHYSICAL_PRESENCE_ENABLE, flags = DEFAULT;
+          option text = STRING_TOKEN(STR_ENABLE), value = PHYSICAL_PRESENCE_ENABLE, flags = 0;
           option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE, flags = 0;
           option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR, flags = 0;
           option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR_E_A), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE, flags = 0;
diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
index a306bbbb5c..4455fd2b48 100644
--- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
+++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
@@ -1,7 +1,7 @@
 /** @file
   HII Config Access protocol implementation of TCG configuration module.
 
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2019, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -176,7 +176,7 @@ TcgExtractConfig (
   //
   // Convert buffer data to <ConfigResp> by helper function BlockToConfig()
   //
-  PrivateData->Configuration->TpmOperation = PHYSICAL_PRESENCE_ENABLE;
+  PrivateData->Configuration->TpmOperation = PHYSICAL_PRESENCE_NO_ACTION;
 
   //
   // Get current TPM state.
diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni
index 7a84462a6e..3c3f0f7ddb 100644
--- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni
+++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni
@@ -1,7 +1,7 @@
 /** @file
   String definitions for TCG configuration form.
 
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2019, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -23,6 +23,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #string STR_TPM_OPERATION                  #language en-US "TPM Operation"
 #string STR_TPM_OPERATION_HELP             #language en-US "Select one of the supported operation to change TPM state."
 
+#string STR_NO_ACTION                      #language en-US "No Action"
 #string STR_ENABLE                         #language en-US "Enable"
 #string STR_DISABLE                        #language en-US "Disable"
 #string STR_TPM_ACTIVATE                   #language en-US "Activate"
-- 
2.20.1.windows.1



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] SecurityPkg/TcgConfigDxe: Allow enabling TPM 1.2 device from disabled state.
  2019-02-04  6:06 [PATCH] SecurityPkg/TcgConfigDxe: Allow enabling TPM 1.2 device from disabled state Rodrigo Gonzalez del Cueto
@ 2019-02-20  3:12 ` Yao, Jiewen
  0 siblings, 0 replies; 2+ messages in thread
From: Yao, Jiewen @ 2019-02-20  3:12 UTC (permalink / raw)
  To: Gonzalez Del Cueto, Rodrigo, edk2-devel@lists.01.org; +Cc: Zhang, Chao B

Thanks for the enhancement.

Reviewed-by: Jiewen.yao@intel.com

> -----Original Message-----
> From: Gonzalez Del Cueto, Rodrigo
> Sent: Monday, February 4, 2019 2:07 PM
> To: edk2-devel@lists.01.org
> Cc: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@intel.com>;
> Zhang, Chao B <chao.b.zhang@intel.com>; Yao, Jiewen
> <jiewen.yao@intel.com>
> Subject: [PATCH] SecurityPkg/TcgConfigDxe: Allow enabling TPM 1.2 device
> from disabled state.
> 
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1511
> 
> Currently the TCG config setup form defaults the physical presence action to
> PHYSICAL_PRESENCE_ENABLE, this prevents the action from being called.
> When a TPM
> 1.2 device is in Disabled and Activated state it is not possible to issue the
> PHYSICAL_PRESENCE_ENABLE using the menu action.
> 
> By having the form default to PHYSICAL_PRESENCE_NO_ACTION, the user is
> now able
> to select PHYSICAL_PRESENCE_ENABLE and toggle the TPM 1.2 device
> enable state.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> 
> Signed-off-by: Rodrigo Gonzalez del Cueto
> <rodrigo.gonzalez.del.cueto@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> ---
>  SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr        | 8 ++++++--
>  SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c      | 4 ++--
>  SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni | 3 ++-
>  3 files changed, 10 insertions(+), 5 deletions(-)
> 
> diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
> b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
> index b0a7bf6f47..1047475cef 100644
> --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
> +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
> @@ -1,7 +1,7 @@
>  /** @file
>    VFR file used by the TCG configuration component.
> 
> -Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2011 - 2019, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BSD
> License
>  which accompanies this distribution.  The full text of the license may be
> found at
> @@ -43,6 +43,10 @@ formset
>            help   = STRING_TOKEN(STR_TPM_OPERATION_HELP),
>            flags  = INTERACTIVE | RESET_REQUIRED,
>            //
> +          // Default the form to NO ACTION to allow toggling other
> options
> +          //
> +          option text = STRING_TOKEN(STR_NO_ACTION), value =
> PHYSICAL_PRESENCE_NO_ACTION, flags = DEFAULT;
> +          //
>            // Disable (TPM_ORD_PhysicalDisable) command is not
> available when disabled.
>            // Activate/deactivate (TPM_ORD_physicalSetDeactivated)
> command is not available when disabled.
>            //
> @@ -61,7 +65,7 @@ formset
>              option text =
> STRING_TOKEN(STR_TPM_CLEAR_ENABLE_ACTIVATE), value =
> PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, flags = 0;
>            endif
> 
> -          option text = STRING_TOKEN(STR_ENABLE), value =
> PHYSICAL_PRESENCE_ENABLE, flags = DEFAULT;
> +          option text = STRING_TOKEN(STR_ENABLE), value =
> PHYSICAL_PRESENCE_ENABLE, flags = 0;
>            option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE),
> value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE, flags = 0;
>            option text =
> STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR), value =
> PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR, flags = 0;
>            option text =
> STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR_E_A), value =
> PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE, flags
> = 0;
> diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
> b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
> index a306bbbb5c..4455fd2b48 100644
> --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
> +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
> @@ -1,7 +1,7 @@
>  /** @file
>    HII Config Access protocol implementation of TCG configuration module.
> 
> -Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2011 - 2019, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BSD
> License
>  which accompanies this distribution.  The full text of the license may be
> found at
> @@ -176,7 +176,7 @@ TcgExtractConfig (
>    //
>    // Convert buffer data to <ConfigResp> by helper function
> BlockToConfig()
>    //
> -  PrivateData->Configuration->TpmOperation =
> PHYSICAL_PRESENCE_ENABLE;
> +  PrivateData->Configuration->TpmOperation =
> PHYSICAL_PRESENCE_NO_ACTION;
> 
>    //
>    // Get current TPM state.
> diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni
> b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni
> index 7a84462a6e..3c3f0f7ddb 100644
> --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni
> +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni
> @@ -1,7 +1,7 @@
>  /** @file
>    String definitions for TCG configuration form.
> 
> -Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2011 - 2019, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BSD
> License
>  which accompanies this distribution.  The full text of the license may be
> found at
> @@ -23,6 +23,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> ANY KIND, EITHER EXPRESS OR IMPLIED.
>  #string STR_TPM_OPERATION                  #language en-US "TPM
> Operation"
>  #string STR_TPM_OPERATION_HELP             #language en-US
> "Select one of the supported operation to change TPM state."
> 
> +#string STR_NO_ACTION                      #language en-US "No
> Action"
>  #string STR_ENABLE                         #language en-US
> "Enable"
>  #string STR_DISABLE                        #language en-US
> "Disable"
>  #string STR_TPM_ACTIVATE                   #language en-US
> "Activate"
> --
> 2.20.1.windows.1



^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2019-02-20  3:12 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-02-04  6:06 [PATCH] SecurityPkg/TcgConfigDxe: Allow enabling TPM 1.2 device from disabled state Rodrigo Gonzalez del Cueto
2019-02-20  3:12 ` Yao, Jiewen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox