From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wr1-f47.google.com (mail-wr1-f47.google.com [209.85.221.47])
 by mx.groups.io with SMTP id smtpd.web09.5021.1582814473001050299
 for <devel@edk2.groups.io>;
 Thu, 27 Feb 2020 06:41:13 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=pty/w2GV;
 spf=pass (domain: linaro.org, ip: 209.85.221.47, mailfrom: ard.biesheuvel@linaro.org)
Received: by mail-wr1-f47.google.com with SMTP id c13so3626431wrq.10
        for <devel@edk2.groups.io>; Thu, 27 Feb 2020 06:41:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=/BUkpKGkbqIWGt5z0ooDAKBbEH8X6vU4HYcPzo6bL+U=;
        b=pty/w2GVYJD52S6bm99t71qEND9aclRHMlR0peoF9mESQFfMqjrqA+6SV/S+eNWKWf
         DcmGJohUIKrBOj7gyorTDlLjz6GxXVj9mD/4XGVjQYXSVkvpkpAWXlL78XqZIvOBScks
         WlRnsfnu7BIaMd3JrJjc0EhU1WLhi9LZxaNxU490mpvEl5U77dnN+ptH6NqYIWaaHCqH
         amVZBUeDxUQPwSqrFM6BZ9tEn8rkBNK1oQgGjTVtArdKyDDl/fG9WeQQmRAk/9fLKR/V
         zSnFZM8YMsAyeIUcdggrZBCbeKAj0QZieA4tGtPfukThXjlCvw9pJF9gyONN6mhq6JGm
         KJlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=/BUkpKGkbqIWGt5z0ooDAKBbEH8X6vU4HYcPzo6bL+U=;
        b=Vytk4zV7uN9yFaGmpmmLicW67CwmGWYlSNYX1vlde2ieqwmRQzK7zChQil7gyPh0hB
         LDSG/ee4cPS/NmF8JfkHsZTDfixjZKV/mN+SUGktKdNxKvFgKkzZvtVPUrHHiEETvNHk
         I7yo2zrCc0KPA+I1tI5Rkba0FQeF0cmBxfkwkXMhCkMLButuilaCjp0fThfzd6dR/3XS
         AVHAJbeoMEatLva4hkxDt6LsTRdcWPIcuF5rDNPVZjitT2fzeDEaHLAL8/J6X8xYyMJp
         n1QfLjQ+fxeK99N3SnAmAyQOdBZJULrqcLHsEu3+H4tcx4vDn3KSyXNEeXyfeWDX4Q2P
         /RRA==
X-Gm-Message-State: APjAAAWUvDeccKdxooEW6nAS1odxz6P8hqFpngsUGKBB0ef0hfBD4+ls
	0c3ynzbc9WzSvhnLf/FJ0XJN4Fx5Pvw=
X-Google-Smtp-Source: APXvYqzg6buVlrEEHXlThiGwXTsg9QfIedflkLUJpUwd7LFNzCZxKhNDen2MmFovHvl8OLDbEmcPpg==
X-Received: by 2002:adf:ea91:: with SMTP id s17mr5103260wrm.129.1582814471323;
        Thu, 27 Feb 2020 06:41:11 -0800 (PST)
Return-Path: <ard.biesheuvel@linaro.org>
Received: from localhost.localdomain (aaubervilliers-682-1-29-142.w90-88.abo.wanadoo.fr. [90.88.192.142])
        by smtp.gmail.com with ESMTPSA id k7sm8273575wrq.12.2020.02.27.06.41.10
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 27 Feb 2020 06:41:10 -0800 (PST)
From: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	lersek@redhat.com,
	eric.auger@redhat.com,
	philmd@redhat.com,
	marcandre.lureau@redhat.com,
	stefanb@linux.ibm.com,
	leif@nuviainc.com
Subject: [PATCH v4 09/11] ArmVirtPkg/ArmVirtQemu: enable the DXE phase TPM2 support module
Date: Thu, 27 Feb 2020 15:40:54 +0100
Message-Id: <20200227144056.56988-10-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org>
References: <20200227144056.56988-1-ard.biesheuvel@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Enable the TPM2 support module in the DXE phase, and the associated
libraries and PCDs that it requires. This will be wired into the
measured boot support code in a subsequent patch.

Note that Tcg2Dxe.inf is added to ArmVirtQemuFvMain.fdf.inc, which
is shared with other platforms in ArmVirtPkg, but as those will not
set the TPM2_ENABLE define, this change does not affect them.

This patch ports (parts of) the following OvmfPkg commits to
ArmVirtQemu:

- 0c0a50d6b3ff ("OvmfPkg: include Tcg2Dxe module", 2018-03-09)

- b9777bb42e4f ("OvmfPkg: add Tcg2PhysicalPresenceLibQemu", 2018-05-22)
               -- only to match OVMF's current lib class resolutions

- 1ec05b81e59f ("OvmfPkg: use DxeTpmMeasurementLib if and only if
                TPM2_ENABLE", 2019-07-04)

- b9130c866dc0 ("OvmfPkg: link Sha384 and Sha512 support into Tcg2Pei
                and Tcg2Dxe", 2018-08-16)

- 5d3ef15da7c3 ("OvmfPkg: link SM3 support into Tcg2Pei and Tcg2Dxe",
                2019-07-19)

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 ArmVirtPkg/ArmVirtQemu.dsc           | 26 +++++++++++++++++++-
 ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc |  7 ++++++
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 2f0aac5f1cb8..598ac49b3c40 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -74,10 +74,13 @@ [LibraryClasses.common]
   PciPcdProducerLib|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProducerLib.inf
   PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
   PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf
-  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
 
 !if $(TPM2_ENABLE) == TRUE
   Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
+  Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
+  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
+!else
+  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
 !endif
 
 [LibraryClasses.common.PEIM]
@@ -92,6 +95,10 @@ [LibraryClasses.common.PEIM]
 [LibraryClasses.common.DXE_DRIVER]
   ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
 
+!if $(TPM2_ENABLE) == TRUE
+  Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
+!endif
+
 [LibraryClasses.common.UEFI_DRIVER]
   UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
 
@@ -470,6 +477,23 @@ [Components.common]
   MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf
   MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
 
+  #
+  # TPM2 support
+  #
+!if $(TPM2_ENABLE) == TRUE
+  SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
+    <LibraryClasses>
+      HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
+      Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
+      NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
+  }
+!endif
+
   #
   # ACPI Support
   #
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index 31f615a9d0f9..a93a9970c8d2 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -173,6 +173,13 @@ [FV.FvMain]
   INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf
   INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
 
+  #
+  # TPM2 support
+  #
+!if $(TPM2_ENABLE) == TRUE
+  INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+!endif
+
   #
   # TianoCore logo (splash screen)
   #
-- 
2.20.1