From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2FA1A818FC for ; Tue, 27 Dec 2016 18:19:12 -0800 (PST) Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga101.fm.intel.com with ESMTP; 27 Dec 2016 18:19:11 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,419,1477983600"; d="scan'208";a="1076861876" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by orsmga001.jf.intel.com with ESMTP; 27 Dec 2016 18:19:09 -0800 Received: from fmsmsx126.amr.corp.intel.com (10.18.125.43) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 27 Dec 2016 18:18:32 -0800 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by FMSMSX126.amr.corp.intel.com (10.18.125.43) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 27 Dec 2016 18:18:31 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by SHSMSX104.ccr.corp.intel.com ([10.239.4.70]) with mapi id 14.03.0248.002; Wed, 28 Dec 2016 10:17:10 +0800 From: "Yao, Jiewen" To: "Zhang, Chao B" , "edk2-devel@lists.01.org" CC: "Zeng, Star" Thread-Topic: [PATCH] SecurityPkg: Tcg2PhysicalPresence: Define TPM2 PP Flags Initial Pcd Thread-Index: AQHSYKWLikFdz61n6kibIkLZnDoqhqEcn6Ww Date: Wed, 28 Dec 2016 02:17:09 +0000 Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A8D5F4F@shsmsx102.ccr.corp.intel.com> References: <1482886717-3924-1-git-send-email-chao.b.zhang@intel.com> In-Reply-To: <1482886717-3924-1-git-send-email-chao.b.zhang@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] SecurityPkg: Tcg2PhysicalPresence: Define TPM2 PP Flags Initial Pcd X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Dec 2016 02:19:12 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen.yao@Intel.com > -----Original Message----- > From: Zhang, Chao B > Sent: Wednesday, December 28, 2016 8:59 AM > To: edk2-devel@lists.01.org > Cc: Yao, Jiewen ; Zeng, Star ; > Zhang, Chao B > Subject: [PATCH] SecurityPkg: Tcg2PhysicalPresence: Define TPM2 PP Flags = Initial > Pcd >=20 > Define PcdTpm2PhysicalPresenceFlags to initialize TPM2 PP Flags setting. >=20 > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Chao Zhang > --- > .../Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c | 3 = ++- > .../DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf | 5 > ++++- > SecurityPkg/SecurityPkg.dec | 6 > ++++++ > 3 files changed, 12 insertions(+), 2 deletions(-) >=20 > diff --git > a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib. > c > b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib. > c > index a077b03..8ffc1d9 100644 > --- > a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib. > c > +++ > b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib. > c > @@ -932,7 +932,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( > &PpiFlags > ); > if (EFI_ERROR (Status)) { > - PpiFlags.PPFlags =3D TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | > TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT; > + PpiFlags.PPFlags =3D PcdGet32(PcdTpm2PhysicalPresenceFlags); > Status =3D gRT->SetVariable ( > TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE, > &gEfiTcg2PhysicalPresenceGuid, > @@ -944,6 +944,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( > DEBUG ((EFI_D_ERROR, "[TPM2] Set physical presence flag failed, St= atus > =3D %r\n", Status)); > return ; > } > + DEBUG((DEBUG_INFO, "[TPM2] Initial physical presence flags value is > 0x%x\n", PpiFlags.PPFlags)); > } >=20 > // > diff --git > a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib.i > nf > b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib. > inf > index f4aa0da..0e04e6b 100644 > --- > a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib.i > nf > +++ > b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib. > inf > @@ -8,7 +8,7 @@ > # This driver will have external input - variable. > # This external input must be validated carefully to avoid security iss= ue. > # > -# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.
> +# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
> # This program and the accompanying materials > # are licensed and made available under the terms and conditions of the = BSD > License > # which accompanies this distribution. The full text of the license may = be found > at > @@ -60,6 +60,9 @@ > gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES > gEdkiiVariableLockProtocolGuid ## SOMETIMES_CONSUMES >=20 > +[Pcd] > + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2PhysicalPresenceFlags ## > SOMETIMES_CONSUMES > + > [Guids] > ## SOMETIMES_CONSUMES ## HII > ## SOMETIMES_PRODUCES ## Variable:L"Tcg2PhysicalPresence" > diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec > index 02fdd98..7364ccf 100644 > --- a/SecurityPkg/SecurityPkg.dec > +++ b/SecurityPkg/SecurityPkg.dec > @@ -431,6 +431,12 @@ > # @Prompt Revision of TPM2 ACPI table > gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|3|UINT8|0x0001001A >=20 > + ## This PCD defines initial setting of TPM 2.0 Persistent Firmware TPM > Management Flags > + # PCD can be configured for different settings in different scenarios > + # Default setting is TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | > TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT > + # @Prompt Inital setting of TPM 2.0 Persistent Firmware TPM Management > Flags > + > gEfiSecurityPkgTokenSpaceGuid.PcdTpm2PhysicalPresenceFlags|0x300E3|UINT3 > 2|0x0001001B > + > [PcdsDynamic, PcdsDynamicEx] >=20 > ## This PCD indicates Hash mask for TPM 2.0.

> -- > 1.9.5.msysgit.1