From: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com,
marcandre.lureau@redhat.com, stefanb@linux.ibm.com,
leif@nuviainc.com
Subject: [PATCH v3 6/9] ArmVirtPkg/ArmVirtQemu: enable TPM2 support in the PEI phase
Date: Wed, 26 Feb 2020 20:05:11 +0100 [thread overview]
Message-ID: <20200226190514.31395-7-ard.biesheuvel@linaro.org> (raw)
In-Reply-To: <20200226190514.31395-1-ard.biesheuvel@linaro.org>
Incorporate the PEI components and the associated library class
resolutions and PCD declarations to enable TPM2 support in the
PEI phase.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
ArmVirtPkg/ArmVirtQemu.dsc | 20 ++++++++++++++++++++
ArmVirtPkg/ArmVirtQemu.fdf | 2 ++
2 files changed, 22 insertions(+)
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index d1757cdba671..8950116dacab 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -75,11 +75,17 @@ [LibraryClasses.common]
PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf
+!if $(TPM2_ENABLE) == TRUE
+ Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
+!endif
+
[LibraryClasses.common.PEIM]
ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoPeiLib.inf
!if $(TPM2_ENABLE) == TRUE
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
ResetSystemLib|MdeModulePkg/Library/PeiResetSystemLib/PeiResetSystemLib.inf
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
!endif
[LibraryClasses.common.DXE_DRIVER]
@@ -248,6 +254,10 @@ [PcdsDynamicDefault.common]
# TPM2 support
#
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0
+!if $(TPM2_ENABLE) == TRUE
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0
+!endif
[PcdsDynamicHii]
gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS
@@ -278,6 +288,16 @@ [Components.common]
<LibraryClasses>
ResetSystemLib|ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiLib.inf
}
+ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
+ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
+ <LibraryClasses>
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
+ }
!endif
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {
diff --git a/ArmVirtPkg/ArmVirtQemu.fdf b/ArmVirtPkg/ArmVirtQemu.fdf
index f55918d26b06..b5e2253295fe 100644
--- a/ArmVirtPkg/ArmVirtQemu.fdf
+++ b/ArmVirtPkg/ArmVirtQemu.fdf
@@ -115,6 +115,8 @@ [FV.FVMAIN_COMPACT]
!if $(TPM2_ENABLE) == TRUE
INF MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf
+ INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
+ INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
!endif
FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
--
2.17.1
next prev parent reply other threads:[~2020-02-26 19:05 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-26 19:05 [PATCH v3 0/9] ArmVirtPkg: implement measured boot for ArmVirtQemu Ard Biesheuvel
2020-02-26 19:05 ` [PATCH v3 1/9] OvmfPkg/Tcg2ConfigPei: introduce a signalling PPI to depex on Ard Biesheuvel
2020-02-26 19:05 ` [PATCH v3 2/9] ArmVirtPkg/PlatformPeiLib: make PcdLib dependency explicit in .INF Ard Biesheuvel
2020-02-26 19:05 ` [PATCH v3 3/9] ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT Ard Biesheuvel
2020-02-27 7:41 ` [edk2-devel] " Laszlo Ersek
2020-02-26 19:05 ` [PATCH v3 4/9] ArmVirtPkg: implement ArmVirtPsciResetSystemPeiLib Ard Biesheuvel
2020-02-26 19:05 ` [PATCH v3 5/9] ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2 support Ard Biesheuvel
2020-02-27 8:06 ` [edk2-devel] " Laszlo Ersek
2020-02-26 19:05 ` Ard Biesheuvel [this message]
2020-02-27 8:24 ` [edk2-devel] [PATCH v3 6/9] ArmVirtPkg/ArmVirtQemu: enable TPM2 support in the PEI phase Laszlo Ersek
2020-02-27 8:34 ` Ard Biesheuvel
2020-02-26 19:05 ` [PATCH v3 7/9] ArmVirtPkg/ArmVirtQemu: enable the DXE phase TPM2 support module Ard Biesheuvel
2020-02-27 9:28 ` [edk2-devel] " Laszlo Ersek
2020-02-26 19:05 ` [PATCH v3 8/9] ArmVirtPkg/ArmVirtQemu: enable the TPM2 configuration module Ard Biesheuvel
2020-02-27 9:39 ` Laszlo Ersek
2020-02-26 19:05 ` [PATCH v3 9/9] ArmVirtPkg/ArmVirtQemu: enable TPM2 based measured boot Ard Biesheuvel
2020-02-27 9:42 ` Laszlo Ersek
2020-03-04 8:51 ` [PATCH v3 0/9] ArmVirtPkg: implement measured boot for ArmVirtQemu Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200226190514.31395-7-ard.biesheuvel@linaro.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox