From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web09.6991.1632483761130990576 for ; Fri, 24 Sep 2021 04:42:41 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=hDOWZJnE; spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: stefanb@linux.ibm.com) Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18OBNvkm009325; Fri, 24 Sep 2021 07:42:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=D2USBWALWqYM3wf845v7wd4cD6v3pGytSK+BQcrPt7k=; b=hDOWZJnErxnxC+bRAHURXPBBUip2DEJ2IRNzx9A+1jEZZbhKW10iNz5TxqXYbLdXx5v6 0/FavnRtMN6OZP+6prF379ie1iwYsy1qhuw8vHSyZcU7anV/AXo5drUKGwHwKMl/ZKxL 2afnU959M3WTx409h4IzGmQMaOSvt3H+nliYSbpJC/i6iF+How8QXWgHSOoXSEZOQYBR E32ULvrWIAbuPl8ydtl7rnjkgbV/bptPcTkgXTA7UKIvC/orh9xX4ipP3+tl1U6Yhn4D ZxI66gbt7eNPdpGK57osMCh6NiVPTJfhFYJYaxv8jUNJNzi83c3thx6TQtzezHxLomPd Mg== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3b9b7qv01c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 24 Sep 2021 07:42:36 -0400 Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 18OBTOfb006588; Fri, 24 Sep 2021 07:42:35 -0400 Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0a-001b2d01.pphosted.com with ESMTP id 3b9b7qv012-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 24 Sep 2021 07:42:35 -0400 Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 18OBbnnj022818; Fri, 24 Sep 2021 11:42:34 GMT Received: from b03cxnp07029.gho.boulder.ibm.com (b03cxnp07029.gho.boulder.ibm.com [9.17.130.16]) by ppma03dal.us.ibm.com with ESMTP id 3b93g24g8q-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 24 Sep 2021 11:42:34 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp07029.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 18OBgX6o47645026 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 24 Sep 2021 11:42:33 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A1BEA13604F; Fri, 24 Sep 2021 11:42:33 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 28570136051; Fri, 24 Sep 2021 11:42:33 +0000 (GMT) Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 24 Sep 2021 11:42:32 +0000 (GMT) From: "Stefan Berger" To: devel@edk2.groups.io Cc: marcandre.lureau@redhat.com, kraxel@redhat.com, jiewen.yao@intel.com, ardb+tianocore@kernel.org, leif@nuviainc.com, sami.mujawar@arm.com, Stefan Berger Subject: [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy Date: Fri, 24 Sep 2021 07:42:18 -0400 Message-Id: <20210924114221.3132368-1-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: W1fw2gIfRyw1PpixUeaIwnt129gCrtTX X-Proofpoint-ORIG-GUID: yTyivCF10GMNcTZ27EqibP_raI-CTDg9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-24_04,2021-09-24_02,2020-04-07_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 clxscore=1015 mlxlogscore=671 impostorscore=0 bulkscore=0 phishscore=0 adultscore=0 malwarescore=0 spamscore=0 suspectscore=0 lowpriorityscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2109230001 definitions=main-2109240070 Content-Transfer-Encoding: 8bit This series of patches disables the TPM 2 platform hierarchy. We just added the same functionality to the OvmfPkg. However, on x86, we could use the notification mechanism around gEfiDxeSmmReadyToLockProtocolGuid to indirectly invoke ConfigureTpmPlatformHierarchy(). Since ARM does not have an SMM mode this series now use direct invocation of this function at the same place in PlatformBootManagerBeforeConsole() as it is done on x86. Regards, Stefan v4: - Added Sami's R-b tag to 1/3 v3: - Addressed Ard's comments on 1/3 v2: - Move Null implementation to SecurityPkg - Added suggested texts to commit messages and added Sami's R-b tags Stefan Berger (3): ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib ArmVirtPkg: Reference new TPM classes in the build system for compilation ArmVirtPkg: Disable the TPM2 platform hierarchy ArmVirtPkg/ArmVirtCloudHv.dsc | 1 + ArmVirtPkg/ArmVirtQemu.dsc | 2 ++ ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 + ArmVirtPkg/ArmVirtXen.dsc | 1 + .../PlatformBootManagerLib/PlatformBm.c | 6 ++++ .../PlatformBootManagerLib.inf | 2 ++ .../PeiDxeTpmPlatformHierarchyLib.c | 22 +++++++++++++ .../PeiDxeTpmPlatformHierarchyLib.inf | 31 +++++++++++++++++++ SecurityPkg/SecurityPkg.dsc | 1 + 9 files changed, 67 insertions(+) create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf -- 2.31.1