From: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com,
marcandre.lureau@redhat.com, stefanb@linux.ibm.com,
leif@nuviainc.com
Subject: [PATCH v4 00/11] ArmVirtPkg: implement measured boot for ArmVirtQemu
Date: Thu, 27 Feb 2020 15:40:45 +0100 [thread overview]
Message-ID: <20200227144056.56988-1-ard.biesheuvel@linaro.org> (raw)
Wire up the various existing pieces so that we can implement measured
boot on ArmVirtQemu based on the TPM support in QEMU, just like it has
been implemented for x86 in OvmfPkg.
The main difference is that on ARM, we first need to discover the TPM base
address from the device tree provided by QEMU, as well as the PSCI method
used to perform a cold reset.
Changes since v3:
- add Laszlo's ack to patches #3, #5, #6, #10 and #11
- incorporate Laszlo's review feedback, including splitting off #7 and #8
from patch #9
Changes since v2:
- add Laszlo's ack to patches #2 and #4
- add PcdTpm2SupportEnabled PCD declarations to all individual platforms in
ArmVirtPkg, even though only ArmVirtQemu really needs it
- split patch #5 into several patches
Changes since v1:
- use a separate ResetSystemLib instance based on on-demand parsing of the
DT, and expose it via the ResetSystem PPI to other client PEIMs
- add Laszlo's ack to #1
- incorporate Laszlo's review feedback across the board
Code can also be found at:
https://github.com/ardbiesheuvel/edk2/tree/armvirt-tpm
Cc: lersek@redhat.com
Cc: eric.auger@redhat.com
Cc: philmd@redhat.com
Cc: marcandre.lureau@redhat.com
Cc: stefanb@linux.ibm.com
Cc: leif@nuviainc.com
Ard Biesheuvel (11):
OvmfPkg/Tcg2ConfigPei: introduce a signalling PPI to depex on
ArmVirtPkg/PlatformPeiLib: make PcdLib dependency explicit in .INF
ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT
ArmVirtPkg: implement ArmVirtPsciResetSystemPeiLib
ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2 support
ArmVirtPkg/ArmVirtQemu: enable TPM2 support in the PEI phase
ArmVirtPkg; avoid DxeTpmMeasurementLib in shared .DSC
ArmVirtPkg: unshare TpmMeasurementLib resolution between platforms
ArmVirtPkg/ArmVirtQemu: enable the DXE phase TPM2 support module
ArmVirtPkg/ArmVirtQemu: enable the TPM2 configuration module
ArmVirtPkg/ArmVirtQemu: enable TPM2 based measured boot
ArmVirtPkg/ArmVirt.dsc.inc | 2 -
ArmVirtPkg/ArmVirtPkg.dec | 6 +
ArmVirtPkg/ArmVirtQemu.dsc | 76 +++++++
ArmVirtPkg/ArmVirtQemu.fdf | 6 +
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 10 +
ArmVirtPkg/ArmVirtQemuKernel.dsc | 7 +
ArmVirtPkg/ArmVirtXen.dsc | 7 +
ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiLib.c | 232 ++++++++++++++++++++
ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiLib.inf | 39 ++++
ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c | 101 ++++++++-
ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf | 20 +-
OvmfPkg/OvmfPkg.dec | 5 +
OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf | 6 +-
13 files changed, 500 insertions(+), 17 deletions(-)
create mode 100644 ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiLib.c
create mode 100644 ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiLib.inf
--
2.20.1
next reply other threads:[~2020-02-27 14:41 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-27 14:40 Ard Biesheuvel [this message]
2020-02-27 14:40 ` [PATCH v4 01/11] OvmfPkg/Tcg2ConfigPei: introduce a signalling PPI to depex on Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 02/11] ArmVirtPkg/PlatformPeiLib: make PcdLib dependency explicit in .INF Ard Biesheuvel
2020-02-27 15:23 ` [edk2-devel] " Philippe Mathieu-Daudé
2020-02-27 14:40 ` [PATCH v4 03/11] ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 04/11] ArmVirtPkg: implement ArmVirtPsciResetSystemPeiLib Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 05/11] ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2 support Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 06/11] ArmVirtPkg/ArmVirtQemu: enable TPM2 support in the PEI phase Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 07/11] ArmVirtPkg; avoid DxeTpmMeasurementLib in shared .DSC Ard Biesheuvel
2020-02-27 15:21 ` Laszlo Ersek
2020-02-27 14:40 ` [PATCH v4 08/11] ArmVirtPkg: unshare TpmMeasurementLib resolution between platforms Ard Biesheuvel
2020-02-27 15:22 ` Laszlo Ersek
2020-02-27 14:40 ` [PATCH v4 09/11] ArmVirtPkg/ArmVirtQemu: enable the DXE phase TPM2 support module Ard Biesheuvel
2020-02-27 15:27 ` Laszlo Ersek
2020-02-27 14:40 ` [PATCH v4 10/11] ArmVirtPkg/ArmVirtQemu: enable the TPM2 configuration module Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 11/11] ArmVirtPkg/ArmVirtQemu: enable TPM2 based measured boot Ard Biesheuvel
2020-02-27 18:14 ` [edk2-devel] [PATCH v4 00/11] ArmVirtPkg: implement measured boot for ArmVirtQemu Laszlo Ersek
2020-02-27 18:15 ` Ard Biesheuvel
2020-03-04 8:52 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200227144056.56988-1-ard.biesheuvel@linaro.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox