From: "Stefan Berger" <stefanb@linux.ibm.com>
To: devel@edk2.groups.io
Cc: mhaeuser@posteo.de, spbrogan@outlook.com,
marcandre.lureau@redhat.com, kraxel@redhat.com,
jiewen.yao@intel.com, Stefan Berger <stefanb@linux.ibm.com>
Subject: [PATCH v2 0/4] OvmfPkg: Disable the TPM 2 platform hierarchy
Date: Tue, 14 Sep 2021 10:18:14 -0400 [thread overview]
Message-ID: <20210914141818.2583900-1-stefanb@linux.ibm.com> (raw)
This series of patches adds support for disabling the TPM 2 platform
hierarchy to Ovmf. To be able to do this we have to handle TPM 2
physical presence interface (PPI) opcodes before the TPM 2 platform
hierarchy is disabled otherwise TPM 2 commands that are sent due to the
PPI opcodes may fail if the platform hierarchy is already disabled.
Therefore, we need to invoke the handler function
Tcg2PhysicalPresenceLibProcessRequest from within
PlatformBootManagerBeforeConsole. Since handling of PPI opcodes may require
interaction with the user, we also move PlatformInitializeConsole
to before the handling of PPI codes so that the keyboard is available
when needed. The PPI handling code will activate the default consoles
only if it requires user interaction.
Regards,
Stefan
v2:
- 1/4: Added missing link library
- 2/4: Modified other BdsPlatform.c files as well
- Added Yao's comments to 1/2 and 2/2
Stefan Berger (4):
OvmfPkg/TPM PPI: Connect default consoles for user interaction
OvmfPkg: Handle TPM 2 physical presence opcodes much earlier
OvmfPkg: Reference new Tcg2PlatformDxe in the build system for
compilation
OvmfPkg: Reference new Tcg2PlatformPei in the build system
OvmfPkg/AmdSev/AmdSevX64.dsc | 8 ++++++++
OvmfPkg/AmdSev/AmdSevX64.fdf | 2 ++
.../PlatformBootManagerLib/BdsPlatform.c | 19 +++++++++++--------
.../PlatformBootManagerLibBhyve/BdsPlatform.c | 16 +++++++++-------
.../PlatformBootManagerLibGrub/BdsPlatform.c | 16 +++++++++-------
.../DxeTcg2PhysicalPresenceLib.c | 5 +++++
.../DxeTcg2PhysicalPresenceLib.inf | 1 +
OvmfPkg/OvmfPkgIa32.dsc | 8 ++++++++
OvmfPkg/OvmfPkgIa32.fdf | 2 ++
OvmfPkg/OvmfPkgIa32X64.dsc | 8 ++++++++
OvmfPkg/OvmfPkgIa32X64.fdf | 2 ++
OvmfPkg/OvmfPkgX64.dsc | 8 ++++++++
OvmfPkg/OvmfPkgX64.fdf | 2 ++
13 files changed, 75 insertions(+), 22 deletions(-)
--
2.31.1
next reply other threads:[~2021-09-14 14:18 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-14 14:18 Stefan Berger [this message]
2021-09-14 14:18 ` [PATCH v2 1/4] OvmfPkg/TPM PPI: Connect default consoles for user interaction Stefan Berger
2021-09-14 14:18 ` [PATCH v2 2/4] OvmfPkg: Handle TPM 2 physical presence opcodes much earlier Stefan Berger
2021-09-14 14:18 ` [PATCH v2 3/4] OvmfPkg: Reference new Tcg2PlatformDxe in the build system for compilation Stefan Berger
2021-09-14 14:18 ` [PATCH v2 4/4] OvmfPkg: Reference new Tcg2PlatformPei in the build system Stefan Berger
2021-09-14 22:26 ` [PATCH v2 0/4] OvmfPkg: Disable the TPM 2 platform hierarchy Yao, Jiewen
2021-09-14 22:37 ` [edk2-devel] " Stefan Berger
2021-09-29 19:15 ` Stefan Berger
2021-09-30 0:01 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210914141818.2583900-1-stefanb@linux.ibm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox