From: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
lersek@redhat.com, eric.auger@redhat.com, philmd@redhat.com,
marcandre.lureau@redhat.com, stefanb@linux.ibm.com,
leif@nuviainc.com
Subject: [PATCH v4 10/11] ArmVirtPkg/ArmVirtQemu: enable the TPM2 configuration module
Date: Thu, 27 Feb 2020 15:40:55 +0100 [thread overview]
Message-ID: <20200227144056.56988-11-ard.biesheuvel@linaro.org> (raw)
In-Reply-To: <20200227144056.56988-1-ard.biesheuvel@linaro.org>
Enable the DXE phase component that publishes the HII pages and
associated logic to enable TPM2 parameters to be configured by
the user via the setup menu.
This patch ports (parts of) the following commits to ArmVirtQemu:
- 3103389043bd ("OvmfPkg: Add TCG2 Configuration menu to the Device
Manager menu", 2019-02-11)
- cf3ad972a210 ("OvmfPkg: reorganize TPM2 support in DSC/FDF files",
2020-01-09)
- f55477fe2d62 ("OvmfPkg: use HII type PCDs for TPM2 config related
variables", 2020-01-09)
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
ArmVirtPkg/ArmVirtQemu.dsc | 9 +++++++++
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 3 +++
2 files changed, 12 insertions(+)
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 598ac49b3c40..f93e13987db4 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -30,6 +30,7 @@ [Defines]
DEFINE TTY_TERMINAL = FALSE
DEFINE SECURE_BOOT_ENABLE = FALSE
DEFINE TPM2_ENABLE = FALSE
+ DEFINE TPM2_CONFIG_ENABLE = FALSE
#
# Network definition
@@ -270,6 +271,11 @@ [PcdsDynamicDefault.common]
[PcdsDynamicHii]
gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
+!endif
+
################################################################################
#
# Components Section - list of all EDK II Modules needed by this Platform
@@ -492,6 +498,9 @@ [Components.common]
NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
}
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
!endif
#
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index a93a9970c8d2..211f7aeb6f62 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -178,6 +178,9 @@ [FV.FvMain]
#
!if $(TPM2_ENABLE) == TRUE
INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
!endif
#
--
2.20.1
next prev parent reply other threads:[~2020-02-27 14:41 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-27 14:40 [PATCH v4 00/11] ArmVirtPkg: implement measured boot for ArmVirtQemu Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 01/11] OvmfPkg/Tcg2ConfigPei: introduce a signalling PPI to depex on Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 02/11] ArmVirtPkg/PlatformPeiLib: make PcdLib dependency explicit in .INF Ard Biesheuvel
2020-02-27 15:23 ` [edk2-devel] " Philippe Mathieu-Daudé
2020-02-27 14:40 ` [PATCH v4 03/11] ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 04/11] ArmVirtPkg: implement ArmVirtPsciResetSystemPeiLib Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 05/11] ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2 support Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 06/11] ArmVirtPkg/ArmVirtQemu: enable TPM2 support in the PEI phase Ard Biesheuvel
2020-02-27 14:40 ` [PATCH v4 07/11] ArmVirtPkg; avoid DxeTpmMeasurementLib in shared .DSC Ard Biesheuvel
2020-02-27 15:21 ` Laszlo Ersek
2020-02-27 14:40 ` [PATCH v4 08/11] ArmVirtPkg: unshare TpmMeasurementLib resolution between platforms Ard Biesheuvel
2020-02-27 15:22 ` Laszlo Ersek
2020-02-27 14:40 ` [PATCH v4 09/11] ArmVirtPkg/ArmVirtQemu: enable the DXE phase TPM2 support module Ard Biesheuvel
2020-02-27 15:27 ` Laszlo Ersek
2020-02-27 14:40 ` Ard Biesheuvel [this message]
2020-02-27 14:40 ` [PATCH v4 11/11] ArmVirtPkg/ArmVirtQemu: enable TPM2 based measured boot Ard Biesheuvel
2020-02-27 18:14 ` [edk2-devel] [PATCH v4 00/11] ArmVirtPkg: implement measured boot for ArmVirtQemu Laszlo Ersek
2020-02-27 18:15 ` Ard Biesheuvel
2020-03-04 8:52 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200227144056.56988-11-ard.biesheuvel@linaro.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox