From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 7527894224F for ; Mon, 4 Dec 2023 16:52:10 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=948+xbegj7m8TICoBzF6WtDeUw03cP387WcMqoxCFEs=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1701708729; v=1; b=QnwLvhomYoU4Z/W2w1IqlMNTHqiHLq8a4nYeXknglZj7b210jYBfcrKT5HwHCMPpXQCNH1in woklwS6o1fH9BIwS0olwH1CQrldwQJ/wptzPkgRRK+axjrtJHmPHUg9VOpi0DM5DFqQHwds+6oO iRfMPgiL9YJA1G+xOViVXg0w= X-Received: by 127.0.0.2 with SMTP id v1SGYY7687511xlD2z8U2IIF; Mon, 04 Dec 2023 08:52:09 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) by mx.groups.io with SMTP id smtpd.web10.74709.1701708727898522678 for ; Mon, 04 Dec 2023 08:52:08 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10914"; a="12477691" X-IronPort-AV: E=Sophos;i="6.04,250,1695711600"; d="scan'208";a="12477691" X-Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Dec 2023 08:52:06 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10914"; a="861442014" X-IronPort-AV: E=Sophos;i="6.04,250,1695711600"; d="scan'208";a="861442014" X-Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by FMSMGA003.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 04 Dec 2023 08:52:06 -0800 X-Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 4 Dec 2023 08:52:06 -0800 X-Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Mon, 4 Dec 2023 08:52:06 -0800 X-Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34 via Frontend Transport; Mon, 4 Dec 2023 08:52:06 -0800 X-Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.101) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.34; Mon, 4 Dec 2023 08:52:05 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=R0yzrCraww6N/3IK0pDRa5bOd1qFhLTli0/4zk87UZlVhrFVSMF+C8C8F1ucxtN5WNuhpnMUwNHk/wsptkB4pxClXlCMpNqogduyQ50j7ALR1mBbcu9row69o8ppJhsP1DodGgrTV2EBMEK1dkgeMNzVlhPaUYBwcfJgPzKHcjfJlacTjBi/LRBwVmGslyJ+YI/Q5FdPta8nAbjh3Ugf9vyace13H1cweZiZZLNm25CBvWSqoukSnHC2o8QwY8DakwgXaPso+kbEWgBtY7b0Coc96jxPoOw2rY5jFtl+1GBAMPPyfZ6ZzC77OV9KpzxaeJJGUXyXlq2BJ19AZVLN4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8KoCr9j8gQyNEyz/r6Ki/KgIrtO5m58aW6LOOdy9tRw=; b=iO7RVkSvtSYczScDRW4/yy4bOFHg3AXUaLabXzkAW78jH4YDOoEzcToStHRHy599NqjSojdLVf33n6q1TezDOyYjaMxONnXYVc2vDvdHbKV2sJFLM0DKgm+P6ik5LIVxFehBpNJJjXYI6KZ6jOpBKzO8WCUAQrFOV/PlVoUkUeeAubIZT3p1YAWOC9vQSAtF4ECbCopcpzV4KBPP7XAeIzNMqE+LrvQx8ErWuc1Q28i3/H/Rad6oDoJBl3/wIePcgrhlEmd0AIT9nv5JTDXaR7SdiYFcSD9wcqb4l1T4PTYfUWMq6bya218FLKhVSHtHtN37fJf7otsLIgkI97egUQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from BN9PR11MB5483.namprd11.prod.outlook.com (2603:10b6:408:104::10) by SA1PR11MB6686.namprd11.prod.outlook.com (2603:10b6:806:259::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7046.33; Mon, 4 Dec 2023 16:52:02 +0000 X-Received: from BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::6da1:a4b7:4771:14e1]) by BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::6da1:a4b7:4771:14e1%5]) with mapi id 15.20.7046.033; Mon, 4 Dec 2023 16:52:02 +0000 From: "Chiu, Chasel" To: "Chiang, Chris" , "devel@edk2.groups.io" CC: "Desimone, Nathaniel L" , "Gao, Liming" , "Dong, Eric" Subject: Re: [edk2-devel] [PATCH v1] MinPlatformPkg: Remove PeiDxeTpmPlatformHierarchyLib Thread-Topic: [PATCH v1] MinPlatformPkg: Remove PeiDxeTpmPlatformHierarchyLib Thread-Index: AQHaJo8YAvUxpy13MkCu4f4YDdgvHrCZVyAQ Date: Mon, 4 Dec 2023 16:52:01 +0000 Message-ID: References: <20231204085035.1438-1-chris.chiang@intel.com> In-Reply-To: <20231204085035.1438-1-chris.chiang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BN9PR11MB5483:EE_|SA1PR11MB6686:EE_ x-ms-office365-filtering-correlation-id: 64c4101e-ab3a-4abb-692d-08dbf4e9568b x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: oZA+KV2+j3wJ7DoVa/w64WOyN3FdjiAnphO9k3Fy7c2SbwaO/k0GDrzqF7aumKW9MBMIYpUGtwp2lDkk8ZIIooeoIaN9hYAlVSAI60+LIo2vG1yJODjQ9cu/mGZJrh+IKce57k6NYrn07TH4kh9FUD+Ts/NTxFHn//S2ETx+TyIqCp72eR1iTOOCmJ9elSuOzuTTYD3FuozU+jOK9huA5onKWJV4Nxdjz1/z1Eqwa1g1N5mg9X3MYsLv8aq4hrtNTPY2WgsDCH1yqmr5tLtdic+lUxqptCXecD7kq2AE84sD1o2NX9QIQ76RKc8cqwfMR/pgU3jl2NMVVaymyUu2kV1pFv3glwwKBQR1WXhSKLPP0uyJ9sMzEPtyzuGaL+SFWODlbKk/XtbCRu/nANOiu/o5qbZb9PURHzdHuPiY56JT8lsCOA4ya2N/atkc063/XeMgrs6PrhIoyjA2WRGkeOMYNsG02YwOYJPlm4JtidLBvWcTaGqLPXSY3AyefjR8KW23/8Nf7yWOM0kTQ1KA7SKACbYgvX/8ENWBe4E3RjXoAMjpIbN20Djb/jyq6fOJV+buguxfjuThJaJUQfC+DlXU1YR17yWC24RMuuzZdcvh/lw+m4JrQT2kAC6kYFOJmnL+sTnB/Zk88dHv+FzLhBSxSI/XzriUjaHFKCG6/i8= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?812LoAxp42rezDLRTGFfvBJkcLd+DARSQY8Jao1dBaN14+Ukf4X6MGEA5TBo?= =?us-ascii?Q?SVveWZ3bJdI5JOha31KByRwfOrleDu3wKxH8t5UoRYmbYe9rysdlbCLiKf4Z?= =?us-ascii?Q?A/BJ/htPZaWWCUPxJuEYp2g3xpi0Wg7xo7CieWhdLKtA5NlUdhkjU6Jpkf/X?= =?us-ascii?Q?CHK0ZjHSZw0qvv+9ee77vww0g/N9WAM6cBZ3S1yyXVw+pmYDy17zkYLaUHMG?= =?us-ascii?Q?HfvH9/IrkCH7JmmjklcXGRkLJNlUqg+Rrn2oPP69c1wMXJ1q6cgqS/Xy+ssW?= =?us-ascii?Q?ztYRgV97p9rOTo+OMTsu/E/IdR0ON2IvjyxbUDWCy9ceqPjI6KjJGe/0qqTn?= =?us-ascii?Q?2i4T5De0El7yMYqMyMStkL23GDE7YYft0Ob5tRKiBvGS04d057C4Yh6vTAsV?= =?us-ascii?Q?NRgU1Oxq/M3NygDWMwzrBq+Pu9NsBaqnjAKr2iqBPo+QAYJdF0Eg1QNY9FB6?= =?us-ascii?Q?OSXHsXy8goGIQJERN0hSbq/V0cZ2Kk8u/RkEr2NhylRctiRU/antvs65Q2z5?= =?us-ascii?Q?PqVtL+SMQHV62YmUqNtKRKqLGCw43VuIucTDyJigJ6ZumXcMbp00tZT0JE1L?= =?us-ascii?Q?n5bn8E7ZFNwv6GmpkwPHVT+gBNlgmOXs8ork+WD1hdNGCFvELMKO+/8tU3WJ?= =?us-ascii?Q?xxsM2ZDbDnK/g+g5OW6W7G+WevMeznlEWAd6gRV307BShd+eubTUrVsMVOUS?= =?us-ascii?Q?oDxcl+b0DcM+0G8QcTxUuGDn2qf7dfXH2bzirj+3VM+T1m4qDfqsAOVLkCQB?= =?us-ascii?Q?XdDNwkG3nznjyFazNxkYqMxXKeb1Lvcqwnp/z24Ce+Xkrm1t8NKPg11uXlnY?= =?us-ascii?Q?rTj7G3WIfVF4CYLytncds6o/R+BSnMyVNn4hcpEu1y57ZpfemFl356sfo/m+?= =?us-ascii?Q?Rfns29DrroOOxee/ej7Nx/BcwcWpurbHaT57KWAz45LjeU6MWEcSAYtwQ8YX?= =?us-ascii?Q?yBDG9Vx0O0OF3ZjEEladnLQNzY2s1BS7UynK8atWWxWW7Bj8VFltm04fRWQA?= =?us-ascii?Q?HUQgkL81ktVBUMnPjcUarVcgLhRLFuuEGatv+yoDFloJdFj4z//E/R8OPX7j?= =?us-ascii?Q?k5ddm7Dti/TMwwmIVTbyEZdpRt1wVyQTpmh95Ht84yIihFi4EK22GSfueMdB?= =?us-ascii?Q?clgCuOlsf856vwYQ0lvS4J/VMfITf6050n8mi6CcBOezyuhlgTPTTiualLkt?= =?us-ascii?Q?d70e+w7588VdMYdaCvSQpoNTapGGwiMvTR30w0MFmsNoU34RK+ypmTT4iOKx?= =?us-ascii?Q?fEl4eneTMb1FvMRmGLIuEDvAzDBBEC/2kqKO0svB9Ri5RjOIB0QS7XzRbR1J?= =?us-ascii?Q?DA7sBnJVcL20XjQbY+LL2LaeB9jZDXXETdNrhMpYNdOvVrQ5sOT4MtQ5RXvR?= =?us-ascii?Q?8PMDrxDd6v9jfq210tN9zMu1mi/CIhCjYAtr0x7DxA7tu6pjtUgMyDA22HLe?= =?us-ascii?Q?4fiIaQZJrGXAravPl88csoH+5icuTE86zTKXYrN8hM+zvmln6/wVxBGfRgbM?= =?us-ascii?Q?Qnc4gA0BlZk0rG9AkOMry8rWVAqOK6gY7AZEYKkhgpMIaa1+VwwtpWJwnrja?= =?us-ascii?Q?NYaIPq2nJzmSYfxWLGJiupIaWm1WRV0EdFskpcub?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5483.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 64c4101e-ab3a-4abb-692d-08dbf4e9568b X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Dec 2023 16:52:01.9283 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: j4rMSlvq0+Dnz+uZ5qvYN1sKU90XOxMWBMiCY/d0foefDI2Q+j04paBMKkLSfAxmkA3hEE6B86SxIipDWz1hZQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR11MB6686 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,chasel.chiu@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: bhCZ3P45O8zpJ2bZoDKoYlwDx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=QnwLvhom; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Reviewed-by: Chasel Chiu Thanks, Chasel > -----Original Message----- > From: Chiang, Chris > Sent: Monday, December 4, 2023 12:51 AM > To: devel@edk2.groups.io > Cc: Chiang, Chris ; Chiu, Chasel > ; Desimone, Nathaniel L > ; Gao, Liming ; > Dong, Eric > Subject: [PATCH v1] MinPlatformPkg: Remove PeiDxeTpmPlatformHierarchyLib >=20 > From: Chiang-Chris >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4612 >=20 > Remove PeiDxeTpmPlatformHierarchyLib in Tcg/Library > Signed-off-by: Chiang-Chris >=20 > Cc: Chasel Chiu > Cc: Nate DeSimone > Cc: Liming Gao > Cc: Eric Dong > --- > Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > | 2 +- > Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > | 2 +- > Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > | 1 - >=20 > Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib/P= ei > DxeTpmPlatformHierarchyLib.c | 266 -------------------- >=20 > Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib/P= ei > DxeTpmPlatformHierarchyLib.inf | 45 ---- > 5 files changed, 2 insertions(+), 314 deletions(-) >=20 > diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > index 260f3b94c5..b469938823 100644 > --- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > +++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > @@ -66,7 +66,7 @@ >=20 > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf >=20 >=20 >=20 > [LibraryClasses.common.DXE_DRIVER] >=20 > - > TpmPlatformHierarchyLib|MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHiera= r > chyLib/PeiDxeTpmPlatformHierarchyLib.inf >=20 > + > TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf >=20 >=20 >=20 > [LibraryClasses.common.DXE_SMM_DRIVER] >=20 >=20 > SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableL > ib.inf >=20 > diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > b/Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > index 595f0ee490..7afbb2900f 100644 > --- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > +++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > @@ -52,7 +52,7 @@ >=20 > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRoute > rPei.inf >=20 >=20 > HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout > erPei.inf >=20 >=20 > Tcg2PhysicalPresenceLib|SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/Pe= iTcg > 2PhysicalPresenceLib.inf >=20 > - > TpmPlatformHierarchyLib|MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHiera= r > chyLib/PeiDxeTpmPlatformHierarchyLib.inf >=20 > + > TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf >=20 >=20 >=20 >=20 > FspMeasurementLib|IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/Ba > seFspMeasurementLib.inf >=20 >=20 > FspWrapperPlatformMultiPhaseLib|IntelFsp2WrapperPkg/Library/BaseFspWrapp > erPlatformMultiPhaseLibNull/BaseFspWrapperPlatformMultiPhaseLibNull.inf >=20 > diff --git a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > index 087fa48dd0..ee5d211128 100644 > --- a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > +++ b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > @@ -203,7 +203,6 @@ > MinPlatformPkg/Test/TestPointStubDxe/TestPointStubDxe.inf >=20 > MinPlatformPkg/Test/TestPointDumpApp/TestPointDumpApp.inf >=20 >=20 >=20 > - > MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatfor > mHierarchyLib.inf >=20 > MinPlatformPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf >=20 > MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf >=20 >=20 >=20 > diff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.c > b/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.c > deleted file mode 100644 > index 9812ab99ab..0000000000 > --- > a/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.c > +++ /dev/null > @@ -1,266 +0,0 @@ > -/** @file >=20 > - TPM Platform Hierarchy configuration library. >=20 > - >=20 > - This library provides functions for customizing the TPM's Platform H= ierarchy >=20 > - Authorization Value (platformAuth) and Platform Hierarchy Authorizat= ion >=20 > - Policy (platformPolicy) can be defined through this function. >=20 > - >=20 > - Copyright (c) 2019, Intel Corporation. All rights reserved.
>=20 > - Copyright (c) Microsoft Corporation.
>=20 > - SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > - @par Specification Reference: >=20 > - https://trustedcomputinggroup.org/resource/tcg-tpm-v2-0-provisioning= - > guidance/ >=20 > -**/ >=20 > - >=20 > -#include >=20 > - >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > - >=20 > -// >=20 > -// The authorization value may be no larger than the digest produced by = the hash >=20 > -// algorithm used for context integrity. >=20 > -// >=20 > -#define MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE >=20 > - >=20 > -UINT16 mAuthSize; >=20 > - >=20 > -/** >=20 > - Generate high-quality entropy source through RDRAND. >=20 > - >=20 > - @param[in] Length Size of the buffer, in bytes, to fill with. >=20 > - @param[out] Entropy Pointer to the buffer to store the entropy = data. >=20 > - >=20 > - @retval EFI_SUCCESS Entropy generation succeeded. >=20 > - @retval EFI_NOT_READY Failed to request random data. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -RdRandGenerateEntropy ( >=20 > - IN UINTN Length, >=20 > - OUT UINT8 *Entropy >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - UINTN BlockCount; >=20 > - UINT64 Seed[2]; >=20 > - UINT8 *Ptr; >=20 > - >=20 > - Status =3D EFI_NOT_READY; >=20 > - BlockCount =3D Length / 64; >=20 > - Ptr =3D (UINT8 *)Entropy; >=20 > - >=20 > - // >=20 > - // Generate high-quality seed for DRBG Entropy >=20 > - // >=20 > - while (BlockCount > 0) { >=20 > - Status =3D GetRandomNumber128 (Seed); >=20 > - if (EFI_ERROR (Status)) { >=20 > - return Status; >=20 > - } >=20 > - CopyMem (Ptr, Seed, 64); >=20 > - >=20 > - BlockCount--; >=20 > - Ptr =3D Ptr + 64; >=20 > - } >=20 > - >=20 > - // >=20 > - // Populate the remained data as request. >=20 > - // >=20 > - Status =3D GetRandomNumber128 (Seed); >=20 > - if (EFI_ERROR (Status)) { >=20 > - return Status; >=20 > - } >=20 > - CopyMem (Ptr, Seed, (Length % 64)); >=20 > - >=20 > - return Status; >=20 > -} >=20 > - >=20 > -/** >=20 > - This function returns the maximum size of TPM2B_AUTH; this structure i= s used > for an authorization value >=20 > - and limits an authValue to being no larger than the largest digest pro= duced by a > TPM. >=20 > - >=20 > - @param[out] AuthSize Tpm2 Auth size >=20 > - >=20 > - @retval EFI_SUCCESS Auth size returned. >=20 > - @retval EFI_DEVICE_ERROR Can not return platform auth due = to device > error. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -GetAuthSize ( >=20 > - OUT UINT16 *AuthSize >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - TPML_PCR_SELECTION Pcrs; >=20 > - UINTN Index; >=20 > - UINT16 DigestSize; >=20 > - >=20 > - Status =3D EFI_SUCCESS; >=20 > - >=20 > - while (mAuthSize =3D=3D 0) { >=20 > - >=20 > - mAuthSize =3D SHA1_DIGEST_SIZE; >=20 > - ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION)); >=20 > - Status =3D Tpm2GetCapabilityPcrs (&Pcrs); >=20 > - >=20 > - if (EFI_ERROR (Status)) { >=20 > - DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs fail!\n")); >=20 > - break; >=20 > - } >=20 > - >=20 > - DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - %08x\n", Pcrs.count)); >=20 > - >=20 > - for (Index =3D 0; Index < Pcrs.count; Index++) { >=20 > - DEBUG ((DEBUG_ERROR, "alg - %x\n", Pcrs.pcrSelections[Index].hash)= ); >=20 > - >=20 > - switch (Pcrs.pcrSelections[Index].hash) { >=20 > - case TPM_ALG_SHA1: >=20 > - DigestSize =3D SHA1_DIGEST_SIZE; >=20 > - break; >=20 > - case TPM_ALG_SHA256: >=20 > - DigestSize =3D SHA256_DIGEST_SIZE; >=20 > - break; >=20 > - case TPM_ALG_SHA384: >=20 > - DigestSize =3D SHA384_DIGEST_SIZE; >=20 > - break; >=20 > - case TPM_ALG_SHA512: >=20 > - DigestSize =3D SHA512_DIGEST_SIZE; >=20 > - break; >=20 > - case TPM_ALG_SM3_256: >=20 > - DigestSize =3D SM3_256_DIGEST_SIZE; >=20 > - break; >=20 > - default: >=20 > - DigestSize =3D SHA1_DIGEST_SIZE; >=20 > - break; >=20 > - } >=20 > - >=20 > - if (DigestSize > mAuthSize) { >=20 > - mAuthSize =3D DigestSize; >=20 > - } >=20 > - } >=20 > - break; >=20 > - } >=20 > - >=20 > - *AuthSize =3D mAuthSize; >=20 > - return Status; >=20 > -} >=20 > - >=20 > -/** >=20 > - Set PlatformAuth to random value. >=20 > -**/ >=20 > -VOID >=20 > -RandomizePlatformAuth ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - UINT16 AuthSize; >=20 > - UINT8 *Rand; >=20 > - UINTN RandSize; >=20 > - TPM2B_AUTH NewPlatformAuth; >=20 > - >=20 > - // >=20 > - // Send Tpm2HierarchyChange Auth with random value to avoid PlatformAu= th > being null >=20 > - // >=20 > - >=20 > - GetAuthSize (&AuthSize); >=20 > - >=20 > - ZeroMem (NewPlatformAuth.buffer, AuthSize); >=20 > - NewPlatformAuth.size =3D AuthSize; >=20 > - >=20 > - // >=20 > - // Allocate one buffer to store random data. >=20 > - // >=20 > - RandSize =3D MAX_NEW_AUTHORIZATION_SIZE; >=20 > - Rand =3D AllocatePool (RandSize); >=20 > - >=20 > - RdRandGenerateEntropy (RandSize, Rand); >=20 > - CopyMem (NewPlatformAuth.buffer, Rand, AuthSize); >=20 > - >=20 > - FreePool (Rand); >=20 > - >=20 > - // >=20 > - // Send Tpm2HierarchyChangeAuth command with the new Auth value >=20 > - // >=20 > - Status =3D Tpm2HierarchyChangeAuth (TPM_RH_PLATFORM, NULL, > &NewPlatformAuth); >=20 > - DEBUG ((DEBUG_INFO, "Tpm2HierarchyChangeAuth Result: - %r\n", Status))= ; >=20 > - ZeroMem (NewPlatformAuth.buffer, AuthSize); >=20 > - ZeroMem (Rand, RandSize); >=20 > -} >=20 > - >=20 > -/** >=20 > - Disable the TPM platform hierarchy. >=20 > - >=20 > - @retval EFI_SUCCESS The TPM was disabled successfully. >=20 > - @retval Others An error occurred attempting to disable th= e TPM > platform hierarchy. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -DisableTpmPlatformHierarchy ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - >=20 > - // Make sure that we have use of the TPM. >=20 > - Status =3D Tpm2RequestUseTpm (); >=20 > - if (EFI_ERROR (Status)) { >=20 > - DEBUG ((DEBUG_ERROR, "%a:%a() - Tpm2RequestUseTpm Failed! %r\n", > gEfiCallerBaseName, __FUNCTION__, Status)); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - return Status; >=20 > - } >=20 > - >=20 > - // Let's do what we can to shut down the hierarchies. >=20 > - >=20 > - // Disable the PH NV. >=20 > - // IMPORTANT NOTE: We *should* be able to disable the PH NV here, but = TPM > parts have >=20 > - // been known to store the EK cert in the PH NV. If we= disable it, the >=20 > - // EK cert will be unreadable. >=20 > - >=20 > - // Disable the PH. >=20 > - Status =3D Tpm2HierarchyControl ( >=20 > - TPM_RH_PLATFORM, // AuthHandle >=20 > - NULL, // AuthSession >=20 > - TPM_RH_PLATFORM, // Hierarchy >=20 > - NO // State >=20 > - ); >=20 > - DEBUG ((DEBUG_VERBOSE, "%a:%a() - Disable PH =3D %r\n", > gEfiCallerBaseName, __FUNCTION__, Status)); >=20 > - if (EFI_ERROR (Status)) { >=20 > - DEBUG ((DEBUG_ERROR, "%a:%a() - Disable PH Failed! %r\n", > gEfiCallerBaseName, __FUNCTION__, Status)); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - } >=20 > - >=20 > - return Status; >=20 > -} >=20 > - >=20 > -/** >=20 > - This service defines the configuration of the Platform Hierarchy Auth= orization > Value (platformAuth) >=20 > - and Platform Hierarchy Authorization Policy (platformPolicy) >=20 > - >=20 > -**/ >=20 > -VOID >=20 > -EFIAPI >=20 > -ConfigureTpmPlatformHierarchy ( >=20 > - ) >=20 > -{ >=20 > - if (PcdGetBool (PcdRandomizePlatformHierarchy)) { >=20 > - // >=20 > - // Send Tpm2HierarchyChange Auth with random value to avoid Platform= Auth > being null >=20 > - // >=20 > - RandomizePlatformAuth (); >=20 > - } else { >=20 > - // >=20 > - // Disable the hierarchy entirely (do not randomize it) >=20 > - // >=20 > - DisableTpmPlatformHierarchy (); >=20 > - } >=20 > -} >=20 > diff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf > b/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf > deleted file mode 100644 > index b7a7fb0a08..0000000000 > --- > a/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf > +++ /dev/null > @@ -1,45 +0,0 @@ > -### @file >=20 > -# >=20 > -# TPM Platform Hierarchy configuration library. >=20 > -# >=20 > -# This library provides functions for customizing the TPM's Platform H= ierarchy >=20 > -# Authorization Value (platformAuth) and Platform Hierarchy Authorizat= ion >=20 > -# Policy (platformPolicy) can be defined through this function. >=20 > -# >=20 > -# Copyright (c) 2019, Intel Corporation. All rights reserved.
>=20 > -# Copyright (c) Microsoft Corporation.
>=20 > -# >=20 > -# SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > -# >=20 > -### >=20 > - >=20 > -[Defines] >=20 > - INF_VERSION =3D 0x00010005 >=20 > - BASE_NAME =3D PeiDxeTpmPlatformHierarchyLib >=20 > - FILE_GUID =3D 7794F92C-4E8E-4E57-9E4A-49A0764C7D7= 3 >=20 > - MODULE_TYPE =3D PEIM >=20 > - VERSION_STRING =3D 1.0 >=20 > - LIBRARY_CLASS =3D TpmPlatformHierarchyLib|PEIM DXE_DR= IVER >=20 > - >=20 > -[LibraryClasses] >=20 > - BaseLib >=20 > - BaseMemoryLib >=20 > - DebugLib >=20 > - MemoryAllocationLib >=20 > - PcdLib >=20 > - RngLib >=20 > - Tpm2CommandLib >=20 > - Tpm2DeviceLib >=20 > - >=20 > -[Packages] >=20 > - MdePkg/MdePkg.dec >=20 > - MdeModulePkg/MdeModulePkg.dec >=20 > - SecurityPkg/SecurityPkg.dec >=20 > - CryptoPkg/CryptoPkg.dec >=20 > - MinPlatformPkg/MinPlatformPkg.dec >=20 > - >=20 > -[Sources] >=20 > - PeiDxeTpmPlatformHierarchyLib.c >=20 > - >=20 > -[Pcd] >=20 > - gMinPlatformPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy >=20 > -- > 2.43.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112048): https://edk2.groups.io/g/devel/message/112048 Mute This Topic: https://groups.io/mt/102974261/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-