From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wr1-f68.google.com (mail-wr1-f68.google.com [209.85.221.68]) by mx.groups.io with SMTP id smtpd.web09.603.1582743932155426808 for ; Wed, 26 Feb 2020 11:05:32 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=anLQ7MWv; spf=pass (domain: linaro.org, ip: 209.85.221.68, mailfrom: ard.biesheuvel@linaro.org) Received: by mail-wr1-f68.google.com with SMTP id m16so40128wrx.11 for ; Wed, 26 Feb 2020 11:05:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=T+kmKn3zEAiuK0L36HDg/5OyEl2dwX5JS1XOKN4vyxQ=; b=anLQ7MWv0YEeMcfpvE6xYdOlN4brQNM0Ww+xK2AfLPNe6Md+cNk+QCLHCijL17dow8 /qD47797uTuRTp6prPIInY45NlPtRYnxusXjUtG12orLEMXeoMDQoPzDBdFYM+V4rzuD 3+8EgM3Hw7G43CxsyCXPgwjUQpPRCMTECGxWf8QdBSFTwbs2dbjjSg1c3WWAmju0hggb Y2rilyfdF3IsG83pbKG3DjghH9Y9FmfMPDKwZg4VAeWgclKQLe5s/r9wt5bdSQxvStWr KPPJHcpyfsRENV+E5aMVKW7hDgvHJCoMkui/gBGjkDc2esTmtVUwnBzh3ZJXzwu/tfHM ik3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=T+kmKn3zEAiuK0L36HDg/5OyEl2dwX5JS1XOKN4vyxQ=; b=gxx/cxRTfWF1jaHhWXEP3212Gk7Z2R0KX/qqGCzGu737mfkBW49tf2pTmmXModkrW1 pvz06xE4iujWm26nj2IVYAQeQ4emp7uOj67VEXnh58QX4aRnA44mVhNqWPBZlk+Yk9uH HIy2qBzGdTMNkmulv0VyK/nP4Y/kTT2l+/313+ETm+xySIJZTRrXe1xZaG5NjdiBjj0f iqyaoovthJmRkHKDzgqtlxcA4nNUMAY1NJwVtV3bxNVZKFfZI9eocxQ263dzdhLQAhr1 /yhBL0Od98SDUDoK4UMo/l/fgd1ME/hUAROGEAH2DaClH/Y3mUVRS2Xg5BfywjSKtOzW gy9A== X-Gm-Message-State: APjAAAXQg5dHBEFYlNqGxs7cC7jVSD3QvNp6Q6uv613HBecIpkJXXgDG AxQWtGXz7ENvkq/XVtuT+g4LRjBwlEeltQ== X-Google-Smtp-Source: APXvYqxYH731OovudUmpADM0R0GtdKC+sw7FeD0j0pwICKkITiBnDH1TPdgYWh/H1q9I7k4wf+LM2Q== X-Received: by 2002:adf:f288:: with SMTP id k8mr77341wro.301.1582743930460; Wed, 26 Feb 2020 11:05:30 -0800 (PST) Return-Path: Received: from e123331-lin.home ([2a01:cb1d:112:6f00:816e:ff0d:fb69:f613]) by smtp.gmail.com with ESMTPSA id z1sm3932823wmf.42.2020.02.26.11.05.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Feb 2020 11:05:29 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com, marcandre.lureau@redhat.com, stefanb@linux.ibm.com, leif@nuviainc.com Subject: [PATCH v3 9/9] ArmVirtPkg/ArmVirtQemu: enable TPM2 based measured boot Date: Wed, 26 Feb 2020 20:05:14 +0100 Message-Id: <20200226190514.31395-10-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200226190514.31395-1-ard.biesheuvel@linaro.org> References: <20200226190514.31395-1-ard.biesheuvel@linaro.org> Now that all the TPM2 related plumbing is in place, we can add the final piece that performs the measurements of loaded images into the appropriate PCRs. Signed-off-by: Ard Biesheuvel --- ArmVirtPkg/ArmVirtQemu.dsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 7cb2d1b42fb8..a0d179a72b2a 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -346,6 +346,9 @@ [Components.common] MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf +!if $(TPM2_ENABLE) == TRUE + NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +!endif } SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf -- 2.17.1