* [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy
@ 2021-09-24 11:42 Stefan Berger
2021-09-24 11:42 ` [PATCH v4 1/3] ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib Stefan Berger
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Stefan Berger @ 2021-09-24 11:42 UTC (permalink / raw)
To: devel
Cc: marcandre.lureau, kraxel, jiewen.yao, ardb+tianocore, leif,
sami.mujawar, Stefan Berger
This series of patches disables the TPM 2 platform hierarchy.
We just added the same functionality to the OvmfPkg. However, on x86, we
could use the notification mechanism around gEfiDxeSmmReadyToLockProtocolGuid
to indirectly invoke ConfigureTpmPlatformHierarchy(). Since ARM does not
have an SMM mode this series now use direct invocation of this function
at the same place in PlatformBootManagerBeforeConsole() as it is done
on x86.
Regards,
Stefan
v4:
- Added Sami's R-b tag to 1/3
v3:
- Addressed Ard's comments on 1/3
v2:
- Move Null implementation to SecurityPkg
- Added suggested texts to commit messages and added Sami's R-b tags
Stefan Berger (3):
ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib
ArmVirtPkg: Reference new TPM classes in the build system for
compilation
ArmVirtPkg: Disable the TPM2 platform hierarchy
ArmVirtPkg/ArmVirtCloudHv.dsc | 1 +
ArmVirtPkg/ArmVirtQemu.dsc | 2 ++
ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 +
ArmVirtPkg/ArmVirtXen.dsc | 1 +
.../PlatformBootManagerLib/PlatformBm.c | 6 ++++
.../PlatformBootManagerLib.inf | 2 ++
.../PeiDxeTpmPlatformHierarchyLib.c | 22 +++++++++++++
.../PeiDxeTpmPlatformHierarchyLib.inf | 31 +++++++++++++++++++
SecurityPkg/SecurityPkg.dsc | 1 +
9 files changed, 67 insertions(+)
create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
--
2.31.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v4 1/3] ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib
2021-09-24 11:42 [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy Stefan Berger
@ 2021-09-24 11:42 ` Stefan Berger
2021-09-24 11:42 ` [PATCH v4 2/3] ArmVirtPkg: Reference new TPM classes in the build system for compilation Stefan Berger
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: Stefan Berger @ 2021-09-24 11:42 UTC (permalink / raw)
To: devel
Cc: marcandre.lureau, kraxel, jiewen.yao, ardb+tianocore, leif,
sami.mujawar, Stefan Berger, Stefan Berger
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add a NULL implementation of the library class TpmPlatformHierarchyLib.
Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3510
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
---
.../PeiDxeTpmPlatformHierarchyLib.c | 22 +++++++++++++
.../PeiDxeTpmPlatformHierarchyLib.inf | 31 +++++++++++++++++++
SecurityPkg/SecurityPkg.dsc | 1 +
3 files changed, 54 insertions(+)
create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
new file mode 100644
index 0000000000..dfc8863830
--- /dev/null
+++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
@@ -0,0 +1,22 @@
+/** @file
+ Null TPM Platform Hierarchy configuration library.
+
+ This library provides stub functions for customizing the TPM's Platform Hierarchy.
+
+ Copyright (c) 2021, IBM Corporation.
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Uefi.h>
+
+/**
+ A NULL implementation of ConfigureTpmPlatformHierarchy.
+**/
+VOID
+EFIAPI
+ConfigureTpmPlatformHierarchy (
+ )
+{
+ /* do nothing */
+}
diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
new file mode 100644
index 0000000000..1b1e9ad592
--- /dev/null
+++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
@@ -0,0 +1,31 @@
+### @file
+# NULL TPM Platform Hierarchy configuration library.
+#
+# This library provides functions for customizing the TPM's Platform Hierarchy
+# Authorization Value (platformAuth) and Platform Hierarchy Authorization
+# Policy (platformPolicy) can be defined through this function.
+#
+# Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) Microsoft Corporation.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+###
+
+[Defines]
+ INF_VERSION = 1.27
+ BASE_NAME = BasePlatform
+ FILE_GUID = 8947A3F2-BfB4-45EF-968D-5C40C1CE6A58
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = TpmPlatformHierarchyLib|PEIM DXE_DRIVER
+
+[LibraryClasses]
+ BaseLib
+
+[Packages]
+ MdePkg/MdePkg.dec
+ SecurityPkg/SecurityPkg.dec
+
+[Sources]
+ PeiDxeTpmPlatformHierarchyLib.c
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index f1f678c492..37318c64c5 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -232,6 +232,7 @@
SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf
SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
+ SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
#
# TCG Storage.
--
2.31.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH v4 2/3] ArmVirtPkg: Reference new TPM classes in the build system for compilation
2021-09-24 11:42 [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy Stefan Berger
2021-09-24 11:42 ` [PATCH v4 1/3] ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib Stefan Berger
@ 2021-09-24 11:42 ` Stefan Berger
2021-09-24 11:42 ` [PATCH v4 3/3] ArmVirtPkg: Disable the TPM2 platform hierarchy Stefan Berger
2021-10-04 19:56 ` [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 " Stefan Berger
3 siblings, 0 replies; 6+ messages in thread
From: Stefan Berger @ 2021-09-24 11:42 UTC (permalink / raw)
To: devel
Cc: marcandre.lureau, kraxel, jiewen.yao, ardb+tianocore, leif,
sami.mujawar, Stefan Berger, Stefan Berger
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
We just added the same functionality to the OvmfPkg. However, on x86, we
could use the notification mechanism around
gEfiDxeSmmReadyToLockProtocolGuid to indirectly invoke
ConfigureTpmPlatformHierarchy(). Since ARM does not have an SMM mode, we
have to use direct invocation of this function at the same place in
PlatformBootManagerBeforeConsole() as it is called on x86.
Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3510
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
---
ArmVirtPkg/ArmVirtCloudHv.dsc | 1 +
ArmVirtPkg/ArmVirtQemu.dsc | 2 ++
ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 +
ArmVirtPkg/ArmVirtXen.dsc | 1 +
.../Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 1 +
5 files changed, 6 insertions(+)
diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc
index f292ba6079..3475bb7f0d 100644
--- a/ArmVirtPkg/ArmVirtCloudHv.dsc
+++ b/ArmVirtPkg/ArmVirtCloudHv.dsc
@@ -55,6 +55,7 @@
PciHostBridgeUtilityLib|ArmVirtPkg/Library/ArmVirtPciHostBridgeUtilityLib/ArmVirtPciHostBridgeUtilityLib.inf
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
!include MdePkg/MdeLibs.dsc.inc
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 97539edef7..35aea68e02 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -86,8 +86,10 @@
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
+ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
!else
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
!endif
[LibraryClasses.common.PEIM]
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
index 28064199c8..19c1908cd9 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -80,6 +80,7 @@
PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf
PciHostBridgeUtilityLib|OvmfPkg/Library/PciHostBridgeUtilityLib/PciHostBridgeUtilityLib.inf
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
[LibraryClasses.common.DXE_DRIVER]
ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
diff --git a/ArmVirtPkg/ArmVirtXen.dsc b/ArmVirtPkg/ArmVirtXen.dsc
index 2b07a5ba19..dbc40e854b 100644
--- a/ArmVirtPkg/ArmVirtXen.dsc
+++ b/ArmVirtPkg/ArmVirtXen.dsc
@@ -50,6 +50,7 @@
PlatformBootManagerLib|ArmPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
[LibraryClasses.common.UEFI_DRIVER]
UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index 11f52e019b..9f54224d3e 100644
--- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -33,6 +33,7 @@
MdeModulePkg/MdeModulePkg.dec
MdePkg/MdePkg.dec
OvmfPkg/OvmfPkg.dec
+ SecurityPkg/SecurityPkg.dec
ShellPkg/ShellPkg.dec
[LibraryClasses]
--
2.31.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH v4 3/3] ArmVirtPkg: Disable the TPM2 platform hierarchy
2021-09-24 11:42 [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy Stefan Berger
2021-09-24 11:42 ` [PATCH v4 1/3] ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib Stefan Berger
2021-09-24 11:42 ` [PATCH v4 2/3] ArmVirtPkg: Reference new TPM classes in the build system for compilation Stefan Berger
@ 2021-09-24 11:42 ` Stefan Berger
2021-10-04 19:56 ` [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 " Stefan Berger
3 siblings, 0 replies; 6+ messages in thread
From: Stefan Berger @ 2021-09-24 11:42 UTC (permalink / raw)
To: devel
Cc: marcandre.lureau, kraxel, jiewen.yao, ardb+tianocore, leif,
sami.mujawar, Stefan Berger, Stefan Berger
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Disable the TPM2 platform hierarchy by directly calling
ConfigureTpmPlatformHierarchy().
Per the TCG firmware specification "TCG PC Client Platform Firmware Profile
Specification" the TPM 2 platform hierarchy needs to be disabled or a
random password set and discarded before the firmware passes control to the
next stage bootloader or kernel.
Current specs are here:
https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_v23_pub.pdf
Section 11 states:
"Platform Firmware MUST protect access to the Platform Hierarchy
and prevent access to the platform hierarchy by non-manufacturer-
controlled components."
Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3510
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
---
ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c | 6 ++++++
.../PlatformBootManagerLib/PlatformBootManagerLib.inf | 1 +
2 files changed, 7 insertions(+)
diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
index 69448ff65b..1848042f86 100644
--- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c
@@ -16,6 +16,7 @@
#include <Library/PcdLib.h>
#include <Library/PlatformBmPrintScLib.h>
#include <Library/QemuBootOrderLib.h>
+#include <Library/TpmPlatformHierarchyLib.h>
#include <Library/UefiBootManagerLib.h>
#include <Protocol/DevicePath.h>
#include <Protocol/FirmwareVolume2.h>
@@ -696,6 +697,11 @@ PlatformBootManagerBeforeConsole (
//
EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);
+ //
+ // Disable the TPM 2 platform hierarchy
+ //
+ ConfigureTpmPlatformHierarchy ();
+
//
// Dispatch deferred images after EndOfDxe event.
//
diff --git a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index 9f54224d3e..997eb1a442 100644
--- a/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -48,6 +48,7 @@
QemuBootOrderLib
QemuLoadImageLib
ReportStatusCodeLib
+ TpmPlatformHierarchyLib
UefiBootManagerLib
UefiBootServicesTableLib
UefiLib
--
2.31.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy
2021-09-24 11:42 [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy Stefan Berger
` (2 preceding siblings ...)
2021-09-24 11:42 ` [PATCH v4 3/3] ArmVirtPkg: Disable the TPM2 platform hierarchy Stefan Berger
@ 2021-10-04 19:56 ` Stefan Berger
2021-10-05 9:55 ` [edk2-devel] " Ard Biesheuvel
3 siblings, 1 reply; 6+ messages in thread
From: Stefan Berger @ 2021-10-04 19:56 UTC (permalink / raw)
To: devel, Yao, Jiewen
Cc: marcandre.lureau, kraxel, ardb+tianocore, leif, sami.mujawar
Yao,
I think this series has the needed R-b's and should be commit-able.
Cheers!
Stefan
On 9/24/21 7:42 AM, Stefan Berger wrote:
> This series of patches disables the TPM 2 platform hierarchy.
> We just added the same functionality to the OvmfPkg. However, on x86, we
> could use the notification mechanism around gEfiDxeSmmReadyToLockProtocolGuid
> to indirectly invoke ConfigureTpmPlatformHierarchy(). Since ARM does not
> have an SMM mode this series now use direct invocation of this function
> at the same place in PlatformBootManagerBeforeConsole() as it is done
> on x86.
>
> Regards,
> Stefan
>
> v4:
> - Added Sami's R-b tag to 1/3
>
> v3:
> - Addressed Ard's comments on 1/3
>
> v2:
> - Move Null implementation to SecurityPkg
> - Added suggested texts to commit messages and added Sami's R-b tags
>
> Stefan Berger (3):
> ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib
> ArmVirtPkg: Reference new TPM classes in the build system for
> compilation
> ArmVirtPkg: Disable the TPM2 platform hierarchy
>
> ArmVirtPkg/ArmVirtCloudHv.dsc | 1 +
> ArmVirtPkg/ArmVirtQemu.dsc | 2 ++
> ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 +
> ArmVirtPkg/ArmVirtXen.dsc | 1 +
> .../PlatformBootManagerLib/PlatformBm.c | 6 ++++
> .../PlatformBootManagerLib.inf | 2 ++
> .../PeiDxeTpmPlatformHierarchyLib.c | 22 +++++++++++++
> .../PeiDxeTpmPlatformHierarchyLib.inf | 31 +++++++++++++++++++
> SecurityPkg/SecurityPkg.dsc | 1 +
> 9 files changed, 67 insertions(+)
> create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
> create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [edk2-devel] [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy
2021-10-04 19:56 ` [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 " Stefan Berger
@ 2021-10-05 9:55 ` Ard Biesheuvel
0 siblings, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2021-10-05 9:55 UTC (permalink / raw)
To: edk2-devel-groups-io, Stefan Berger
Cc: Yao, Jiewen, Marc-André Lureau, Gerd Hoffmann,
Ard Biesheuvel, Leif Lindholm, Sami Mujawar
Merged as #2041
What is the status of the OVMF series with the same purpose?
On Mon, 4 Oct 2021 at 21:56, Stefan Berger <stefanb@linux.ibm.com> wrote:
>
> Yao,
>
> I think this series has the needed R-b's and should be commit-able.
>
> Cheers!
>
> Stefan
>
>
> On 9/24/21 7:42 AM, Stefan Berger wrote:
> > This series of patches disables the TPM 2 platform hierarchy.
> > We just added the same functionality to the OvmfPkg. However, on x86, we
> > could use the notification mechanism around gEfiDxeSmmReadyToLockProtocolGuid
> > to indirectly invoke ConfigureTpmPlatformHierarchy(). Since ARM does not
> > have an SMM mode this series now use direct invocation of this function
> > at the same place in PlatformBootManagerBeforeConsole() as it is done
> > on x86.
> >
> > Regards,
> > Stefan
> >
> > v4:
> > - Added Sami's R-b tag to 1/3
> >
> > v3:
> > - Addressed Ard's comments on 1/3
> >
> > v2:
> > - Move Null implementation to SecurityPkg
> > - Added suggested texts to commit messages and added Sami's R-b tags
> >
> > Stefan Berger (3):
> > ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib
> > ArmVirtPkg: Reference new TPM classes in the build system for
> > compilation
> > ArmVirtPkg: Disable the TPM2 platform hierarchy
> >
> > ArmVirtPkg/ArmVirtCloudHv.dsc | 1 +
> > ArmVirtPkg/ArmVirtQemu.dsc | 2 ++
> > ArmVirtPkg/ArmVirtQemuKernel.dsc | 1 +
> > ArmVirtPkg/ArmVirtXen.dsc | 1 +
> > .../PlatformBootManagerLib/PlatformBm.c | 6 ++++
> > .../PlatformBootManagerLib.inf | 2 ++
> > .../PeiDxeTpmPlatformHierarchyLib.c | 22 +++++++++++++
> > .../PeiDxeTpmPlatformHierarchyLib.inf | 31 +++++++++++++++++++
> > SecurityPkg/SecurityPkg.dsc | 1 +
> > 9 files changed, 67 insertions(+)
> > create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
> > create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
> >
>
>
>
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-10-05 9:55 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-09-24 11:42 [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy Stefan Berger
2021-09-24 11:42 ` [PATCH v4 1/3] ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib Stefan Berger
2021-09-24 11:42 ` [PATCH v4 2/3] ArmVirtPkg: Reference new TPM classes in the build system for compilation Stefan Berger
2021-09-24 11:42 ` [PATCH v4 3/3] ArmVirtPkg: Disable the TPM2 platform hierarchy Stefan Berger
2021-10-04 19:56 ` [PATCH v4 0/3] ArmVirtPkg: Disable the TPM 2 " Stefan Berger
2021-10-05 9:55 ` [edk2-devel] " Ard Biesheuvel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox