From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.5743.1589599225543775477 for ; Fri, 15 May 2020 20:20:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=rYjkJCUk; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: jiewen.yao@intel.com) IronPort-SDR: NdA4DdFevDPNh+HK+1joHsNxnmBG4zmYmFk+yMIDd2YgHmthhpMk0H3gb7+QE/LcFxidqxKaoN d/rCiWMNtVcg== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 May 2020 20:20:24 -0700 IronPort-SDR: T0Ecd+crh/9r1aHPW0obh9TIhFv9Gc+D7E+0N/1zyhyay0DOFeVwDcQblMz4bj+stFZ39gRvdp 7OHkraIUwqeQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,397,1583222400"; d="scan'208";a="410669968" Received: from orsmsx108.amr.corp.intel.com ([10.22.240.6]) by orsmga004.jf.intel.com with ESMTP; 15 May 2020 20:20:24 -0700 Received: from orsmsx112.amr.corp.intel.com (10.22.240.13) by ORSMSX108.amr.corp.intel.com (10.22.240.6) with Microsoft SMTP Server (TLS) id 14.3.439.0; Fri, 15 May 2020 20:20:23 -0700 Received: from ORSEDG002.ED.cps.intel.com (10.7.248.5) by ORSMSX112.amr.corp.intel.com (10.22.240.13) with Microsoft SMTP Server (TLS) id 14.3.439.0; Fri, 15 May 2020 20:20:23 -0700 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.172) by edgegateway.intel.com (134.134.137.101) with Microsoft SMTP Server (TLS) id 14.3.439.0; Fri, 15 May 2020 20:20:23 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aaHyxNE93ZOU7VtpYjnNO3d5kyDxDSYYuKKHmXJH/nL+H6PsoP1FXtHW5Ozv7GiNq5xBFcxjBkr/ZbxZcdx6XXI6cJP8ymgrauoKhlqpAAeNX2KH9ojA4FZj527NPaT/HiGcCexZMAOA4+lzjUBcj9rAM8zQIae3ould3Vn4N4Pg5qJMowZ63rrVur4u+owTPnsIhQHqi7+0OaHYX6ZaJ5ZHE2bntEXhZY2DYR6Dcnqsb4rR6aKGVzGxc4bm7TS1/jjThfpr77nXmSZjSm7y1xDLbgmiXCIgdoy5uEwQvjzDlTo25AI3dzd7pRnov0zSMzhMZ4z4lYKlUkB+jIW7JQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WN8kikKXEd9TGH6tDT1LRnA96EyPtUyAg99cPwHmgRw=; b=d/wQp5+FhytE8MDOERgDZcezbT898kTYD8D2zGgsuNX9aBkY7+B3LTkaFCHwF1a8RAnmfFPXEqkzauneLWtYL9unI9uunr6lpUVqRhZEka9A1HLVNJuUSx1XDpB1U3/CE5PAq7pOdjkz5EFGhsGi7Hp3hQU7tWA6AFlX7vqpYaGmkAa/7Wr2Q398BLkh5NaYpxfIplVu8Nx2uBLcDUkCDyJX41rcUj75yb67mdLRnPsf1OyB85nrxpjtPO6VHRzyLH6uTR2NeHMgwjN7sapw8xKFq+jNjv6BLaV9QF7Hujg3QtdYblZNNqmlVvrcwqBJoJ8KMst4d54Eil2gv3CA6g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WN8kikKXEd9TGH6tDT1LRnA96EyPtUyAg99cPwHmgRw=; b=rYjkJCUk/QUf3bwF7wdSMAklzb/jiICVniNvddeiiVwvbv/ezHVKs3bf8uo3jM4dG9QJx6T1cnOdXQYBwMeoFIb3VIviYjrDPoE9yIy9l1XzfosgCRYhciFyLw/nmGZ4ZhKKvCnPQY6ypi5VXivTArJzhZw9UvTvwJ11oKiYBLI= Received: from BL0PR11MB3412.namprd11.prod.outlook.com (2603:10b6:208:7c::32) by BL0PR11MB3089.namprd11.prod.outlook.com (2603:10b6:208:79::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.24; Sat, 16 May 2020 03:20:21 +0000 Received: from BL0PR11MB3412.namprd11.prod.outlook.com ([fe80::9d83:ab47:2249:e024]) by BL0PR11MB3412.namprd11.prod.outlook.com ([fe80::9d83:ab47:2249:e024%5]) with mapi id 15.20.3000.022; Sat, 16 May 2020 03:20:21 +0000 From: "Yao, Jiewen" To: "Chu, Maggie" , "devel@edk2.groups.io" CC: "Dong, Eric" , "Wang, Jian J" , "Zhang, Chao B" Subject: Re: [PATCH v2] SecurityPkg: Change default value source Thread-Topic: [PATCH v2] SecurityPkg: Change default value source Thread-Index: AQHWKpLTgRKUh4qGWEWuoIri10Igm6iqDIZQ Date: Sat, 16 May 2020 03:20:21 +0000 Message-ID: References: <20200515082743.1768-1-maggie.chu@intel.com> In-Reply-To: <20200515082743.1768-1-maggie.chu@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYWM1ZDE3MjEtZWQ1ZC00OWNkLTgwYWQtYzNkOTdjZjllZGI5IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiZElHUXhUTkk5TXlmclROSm5DdlZlcVBDQ0hRSzN5TW9KbVNjdGJ5Rm5vUVRCUTM1dlwvM3lFXC9zeXl2Slo1T1h4In0= x-ctpclassification: CTP_NT dlp-version: 11.2.0.6 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.55.52.199] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 8bc1bc61-71ef-449b-457e-08d7f94810ef x-ms-traffictypediagnostic: BL0PR11MB3089: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8273; x-forefront-prvs: 040513D301 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: No3a6Uu20t9ZBCX3NbVRsjDum21APkcd3iWp/+PN8rSzQi+uTbxq+alA8ddbWkC2TMb3NCTLWdAfoKyK2ezjdol+7M/dEZtmGuv+2JHhlJd39GQVJUMwXsm4vrZvm/BeX6BlMNgK7xkf2xN9v1jvnbc6C5EIf74zKC6CpHgyu8EwH1hFyb2fc88a35yxbDb3GlkNrPXG6+NNSHBBsDuq0B6xh2qUcat7o4Gs+qB2B9Rpx8BNcH3Enb3vuRRu6zHpuM56OU8XujGORXRlGuMiNHW4P23VYmAJZfAQJ52jj8GkC5UuVZjNbi1pYo4pNucXY08oUqP9tnDpGZ6nSH0vcgDo24TqDiooCpiY8ZV12QPrYG8PkBg4qX76NmaHhzgNN1I0JRu9rrr+ifg/lDixY8GUMEK09/mZlTvlYMnBAP96FQtTs/oEjz+63NDNqpxVIlMrvlHV/v/nth+ijiZd9BMIY7ShA91/qUyYimdP7UDV6iAse6uwoPR0LsxNL144GAbZ1dlvJevCIb3LZijKWA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR11MB3412.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(366004)(346002)(396003)(376002)(136003)(39860400002)(66556008)(33656002)(52536014)(8676002)(7696005)(53546011)(478600001)(66946007)(8936002)(186003)(76116006)(9686003)(55016002)(6506007)(26005)(19627235002)(66476007)(64756008)(966005)(86362001)(66446008)(15650500001)(4326008)(71200400001)(2906002)(54906003)(316002)(5660300002)(110136005)(107886003);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: f8e2zUQExgEW+7ZUhAPxf9OvYbygcKIPxqAQSPD0Ml261nj9N8FZvNPuCd+UUKxus1OFEnXnym12LFWWTnpO/dDzPABaLruHmYwrhIWX7c616um8nwVAhZuou5H/UcLTsYMa6OIRZz6+fA35WcbsJzi9nhpXtRp+7wu0MqtYQp3Yl/EhZx6rL087Z0suQGadzFU1iSfuSoMbDgI/V2ufHeAqotivRniaY+pNDJn2vGNjXlHxiKbT/Jw2h6Ww+os+8E12SRPTxRqiisCoHaGj94AttgymqfzjAnQ5rRfahitk5+q5mtOVVZGA6Y/GffUmOxj3DzUgLC48QiiW4MfRKXUt/uEvwKe5k2M+LbTZNtEsFvnnDYecn2dSKyCOp5VTOSAfw6PnsU/7TBQux3xSbHppTGG2Sx3IoT8cPtgF5zn+nNrWKycnuxJ/VfVXIAyk7071rhGVjFOcdst7oBsJ57zqOhDdYocQ9DxrJXCdExQSeWozdsuPA4288Bafyjew MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 8bc1bc61-71ef-449b-457e-08d7f94810ef X-MS-Exchange-CrossTenant-originalarrivaltime: 16 May 2020 03:20:21.1643 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ib6hSSU1A7u/wOAnKBxlBPxAicllrqIFkgUAIH2wJzh6E525mSzdKu0lmSVMIhGpvWadE8GR8CapnffCUUkGfg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR11MB3089 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Looks good to me. Then can we remove TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT definition ? It seems no longer useful. Thank you Yao Jiewen > -----Original Message----- > From: Chu, Maggie > Sent: Friday, May 15, 2020 4:28 PM > To: devel@edk2.groups.io > Cc: Dong, Eric ; Wang, Jian J ; > Zhang, Chao B ; Yao, Jiewen > Subject: [PATCH v2] SecurityPkg: Change default value source >=20 > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2713 > In current code, If TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE variable > is not exist, code will get default value from two places. > This fix is to make the default value comes from the PCD > gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags >=20 > Signed-off-by: Maggie Chu > Cc: Eric Dong > Cc: Jian J Wang > Cc: Chao Zhang > Cc: Jiewen Yao > --- > v2 change: > Change patch title. >=20 > .../Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c | 2= +- > .../Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c | 2= +- > .../PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf | 3= +++ > .../Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c | 5 > ++++- > .../SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf | 1= + > 5 files changed, 10 insertions(+), 3 deletions(-) >=20 > diff --git > a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib > .c > b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib > .c > index 80e2e37bf4..bf793555aa 100644 > --- > a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib > .c > +++ > b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceL= ib > .c > @@ -1228,7 +1228,7 @@ Tcg2PhysicalPresenceLibGetManagementFlags ( > &PpiFlags >=20 > ); >=20 > if (EFI_ERROR (Status)) { >=20 > - PpiFlags.PPFlags =3D TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | > TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT; >=20 > + PpiFlags.PPFlags =3D PcdGet32(PcdTcg2PhysicalPresenceFlags); >=20 > } >=20 > return PpiFlags.PPFlags; >=20 > } >=20 > diff --git > a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceL= ib.c > b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceL= ib.c > index a111351516..a2c157d8a7 100644 > --- > a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceL= ib.c > +++ > b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceL= ib.c > @@ -47,7 +47,7 @@ Tcg2PhysicalPresenceLibGetManagementFlags ( > &PpiFlags >=20 > ); >=20 > if (EFI_ERROR (Status)) { >=20 > - PpiFlags.PPFlags =3D TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | > TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT; >=20 > + PpiFlags.PPFlags =3D PcdGet32(PcdTcg2PhysicalPresenceFlags); >=20 > } >=20 > return PpiFlags.PPFlags; >=20 > } >=20 > diff --git > a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceL= ib.i > nf > b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceL= ib.i > nf > index d34f232022..11ebaa9263 100644 > --- > a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceL= ib.i > nf > +++ > b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceL= ib.i > nf > @@ -43,5 +43,8 @@ > [Ppis] >=20 > gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES >=20 >=20 >=20 > +[Pcd] >=20 > + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ## > SOMETIMES_CONSUMES >=20 > + >=20 > [Depex] >=20 > gEfiPeiReadOnlyVariable2PpiGuid >=20 > diff --git > a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence > Lib.c > b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence > Lib.c > index 3827df9663..08ef5416d8 100644 > --- > a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence > Lib.c > +++ > b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence > Lib.c > @@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent >=20 >=20 > EFI_SMM_VARIABLE_PROTOCOL *mTcg2PpSmmVariable; >=20 > BOOLEAN mIsTcg2PPVerLowerThan_1_3 =3D FALSE; >=20 > +UINT32 mTcg2PhysicalPresenceFlags; >=20 >=20 >=20 > /** >=20 > The handler for TPM physical presence function: >=20 > @@ -162,7 +163,7 @@ > Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( > &Flags >=20 > ); >=20 > if (EFI_ERROR (Status)) { >=20 > - Flags.PPFlags =3D TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | > TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT; >=20 > + Flags.PPFlags =3D mTcg2PhysicalPresenceFlags; >=20 > } >=20 > ReturnCode =3D Tcg2PpVendorLibSubmitRequestToPreOSFunction > (*OperationRequest, Flags.PPFlags, *RequestParameter); >=20 > } >=20 > @@ -396,5 +397,7 @@ Tcg2PhysicalPresenceLibConstructor ( > Status =3D gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NUL= L, > (VOID**)&mTcg2PpSmmVariable); >=20 > ASSERT_EFI_ERROR (Status); >=20 >=20 >=20 > + mTcg2PhysicalPresenceFlags =3D PcdGet32(PcdTcg2PhysicalPresenceFlags); >=20 > + >=20 > return EFI_SUCCESS; >=20 > } >=20 > diff --git > a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence > Lib.inf > b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence > Lib.inf > index e0e5fef5f1..1f40629e3b 100644 > --- > a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence > Lib.inf > +++ > b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence > Lib.inf > @@ -50,6 +50,7 @@ >=20 >=20 > [Pcd] >=20 > gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer ## > CONSUMES >=20 > + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ## > SOMETIMES_CONSUMES >=20 >=20 >=20 > [Depex] >=20 > gEfiSmmVariableProtocolGuid >=20 > -- > 2.16.2.windows.1