From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web10.4073.1631827081303762863 for ; Thu, 16 Sep 2021 14:18:01 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=fLSYTjTu; spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: stefanb@linux.ibm.com) Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18GKnNjF024865; Thu, 16 Sep 2021 17:17:58 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=X9IjZFzS+BkpwgyDeFxVjrE2rdJ2UfM0ztW+aeTkUA8=; b=fLSYTjTujzo+YHwD6Uflr+4uPEceXATKIX1fvVpUuj4M186tl9J7fW3DXJ+BgSsfo2l3 wQC8hLMcA1c3Qjjdo7F9IsDfN8jegv33MRDD837BHXtSzDR7cviod/w4vQhM4zSJAlLX B2qMyeFbWvEER/G81/+jF+EO3DxNA2Jy7CbObcXN7loNcfS3DwHj3I1W5WuUhnqDchwP GTMR6t0QcEmorrKSY2KG71wIDF/PsbU86OSgZ9l//WVyg1mfbhDw1kb0KEifYmehz24d LZH2PLLOzj1CdeHU6Y+gX6l/uCFoIWyiAY8/E1JXQPcSEXD7uOzdT8xBbmjAolSlHQ2B Eg== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3b453scj5n-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 16 Sep 2021 17:17:57 -0400 Received: from m0098393.ppops.net (m0098393.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 18GKno8W026747; Thu, 16 Sep 2021 17:17:57 -0400 Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com with ESMTP id 3b453scj5d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 16 Sep 2021 17:17:57 -0400 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 18GL9r3o027329; Thu, 16 Sep 2021 21:17:56 GMT Received: from b03cxnp07027.gho.boulder.ibm.com (b03cxnp07027.gho.boulder.ibm.com [9.17.130.14]) by ppma01dal.us.ibm.com with ESMTP id 3b0m3f0qdf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 16 Sep 2021 21:17:56 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp07027.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 18GLHs6I34341160 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 16 Sep 2021 21:17:54 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9E26B136060; Thu, 16 Sep 2021 21:17:54 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 25EA513605E; Thu, 16 Sep 2021 21:17:54 +0000 (GMT) Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Thu, 16 Sep 2021 21:17:53 +0000 (GMT) From: "Stefan Berger" To: devel@edk2.groups.io Cc: marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, ardb+tianocore@kernel.org, leif@nuviainc.com, sami.mujawar@arm.com, Stefan Berger Subject: [RFC PATCH 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy Date: Thu, 16 Sep 2021 17:17:49 -0400 Message-Id: <20210916211752.2714332-1-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: ijwU6P9aqQSi-SUoBAveswlEg8vUPhV9 X-Proofpoint-ORIG-GUID: jNRQfxGGI78aiJtyaOvC8fDEQK98okx5 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-16_07,2021-09-16_01,2020-04-07_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 suspectscore=0 spamscore=0 mlxlogscore=616 impostorscore=0 lowpriorityscore=0 phishscore=0 priorityscore=1501 adultscore=0 clxscore=1015 bulkscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2109030001 definitions=main-2109160122 Content-Transfer-Encoding: 8bit This series of patches disables the TPM 2 platform hierarchy. We just added the same functionality to the OvmfPkg. However, on x86, we could use the notification mechanism around gEfiDxeSmmReadyToLockProtocolGuid to indirectly invoke ConfigureTpmPlatformHierarchy(). Since ARM does not have an SMM mode this series now use direct invocation of this function at the same place in PlatformBootManagerBeforeConsole() as it is done on x86. Regards, Stefan Stefan Berger (3): ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib ArmVirtPkg: Reference new TPM classes in the build system for compilation ArmVirtPkg: Disable the TPM2 platform hierarchy ArmVirtPkg/ArmVirtCloudHv.dsc | 1 + ArmVirtPkg/ArmVirtPkg.dec | 1 + ArmVirtPkg/ArmVirtQemu.dsc | 2 ++ ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 + ArmVirtPkg/ArmVirtXen.dsc | 1 + .../Include/Library/TpmPlatformHierarchyLib.h | 27 +++++++++++++++++ .../PeiDxeTpmPlatformHierarchyLib.c | 22 ++++++++++++++ .../PeiDxeTpmPlatformHierarchyLib.inf | 30 +++++++++++++++++++ .../PlatformBootManagerLib/PlatformBm.c | 6 ++++ .../PlatformBootManagerLib.inf | 2 ++ 10 files changed, 93 insertions(+) create mode 100644 ArmVirtPkg/Include/Library/TpmPlatformHierarchyLib.h create mode 100644 ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c create mode 100644 ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf -- 2.31.1