From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id A1037940FCB for ; Tue, 5 Dec 2023 03:17:49 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=5YihIyWVqUz9GjAP25RwVlEFejkk23A2tZ0A1YVcBwA=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1701746268; v=1; b=cjRSmXL2TK1J+hf4T9aFlexeT45g/G0rHSKyR6ZG5LEcUwFc4nRTan9pi/WAgDlZPn2fLARk pJVIEbj5gfZLLB8pu00hTBCBI+/w7AKHkNyfmdK1vIJyQOIeh8I3i/QNexx+TTpc3Sldfsz1cBT nZr4KD9d1atV96ydd19WYKoY= X-Received: by 127.0.0.2 with SMTP id bljQYY7687511xfCZgEXWNiD; Mon, 04 Dec 2023 19:17:48 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.7]) by mx.groups.io with SMTP id smtpd.web10.91997.1701746267516427760 for ; Mon, 04 Dec 2023 19:17:47 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10914"; a="15383411" X-IronPort-AV: E=Sophos;i="6.04,251,1695711600"; d="scan'208";a="15383411" X-Received: from orviesa001.jf.intel.com ([10.64.159.141]) by fmvoesa101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Dec 2023 19:17:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,251,1695711600"; d="scan'208";a="18810001" X-Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by orviesa001.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 04 Dec 2023 19:17:47 -0800 X-Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 4 Dec 2023 19:17:46 -0800 X-Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34 via Frontend Transport; Mon, 4 Dec 2023 19:17:46 -0800 X-Received: from NAM02-DM3-obe.outbound.protection.outlook.com (104.47.56.41) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.34; Mon, 4 Dec 2023 19:17:45 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SBiVjMBjlgEpKrvT4xDIxijRrA4OWu7HaZpVtPkJrk2XbYixHs3ZIN5JyVgqEqbBgTH/0Dx0uYMQ6NwNo7iNHD0snkEZ9UGd+YzyvuRlmJPlAz1W+Qv53gJRBIZBKymiPkdKG949B4J/fFLTy7jv15U1cRSCxYj6Seyie5eNHapAlQfwm8zYId09fDi7hZFuHqhLPQSv/tLknTZIRN8BTQlwm8vIEoPb40+Fs60kmtMhCEBjIwiheH4ehrYEo0pHk53GW1AsulV/e50v0o5obQB0q7cjile0YHDMymOYsUMV55XRkyeCZIDiCPNDgTC7QNCJ7BEW+gZAI4R+cXzdIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XNbZhu30loeE30wmoLfLejHRepfWBZ4fsZNv3KG1zhA=; b=gWWxHECSu0/u8ypYai9X6Jf0r/dtolo5K6Go0F60IidZXGjpics7HZD5OKi250knJafU2vExHogCb4Ktqam4f/9VnrkXSP7zOuTwNQAOVOv3E/fivn6QKRSff4eBVboQQ98k9BOQDxolqkQShumWwAV21PDDQynhuwiWGdYdgirEfsuY3vZxrk1jrMgEN8ElVHkrvmQCyRELoggRqC5GwJeHL4ynJW8ih4wnF+ilhH0+tgYT63976z+P1Uy3gD11HvW0XUsYZIoQD3A09zqKodnUQzdUUTNQBathUVTXYzU4+/3mDzvRjIchL90m0IJENUMxByAWCpD1pnpOG2lwMQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from BN9PR11MB5483.namprd11.prod.outlook.com (2603:10b6:408:104::10) by PH0PR11MB5208.namprd11.prod.outlook.com (2603:10b6:510:3b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7046.33; Tue, 5 Dec 2023 03:17:42 +0000 X-Received: from BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::6da1:a4b7:4771:14e1]) by BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::6da1:a4b7:4771:14e1%5]) with mapi id 15.20.7046.034; Tue, 5 Dec 2023 03:17:42 +0000 From: "Chiu, Chasel" To: "Chiang, Chris" , "devel@edk2.groups.io" CC: "Desimone, Nathaniel L" , "Gao, Liming" , "Dong, Eric" Subject: Re: [edk2-devel] [PATCH v1] MinPlatformPkg: Remove PeiDxeTpmPlatformHierarchyLib Thread-Topic: [PATCH v1] MinPlatformPkg: Remove PeiDxeTpmPlatformHierarchyLib Thread-Index: AQHaJo8YAvUxpy13MkCu4f4YDdgvHrCaBgVg Date: Tue, 5 Dec 2023 03:17:42 +0000 Message-ID: References: <20231204085035.1438-1-chris.chiang@intel.com> In-Reply-To: <20231204085035.1438-1-chris.chiang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BN9PR11MB5483:EE_|PH0PR11MB5208:EE_ x-ms-office365-filtering-correlation-id: abbd07ac-6632-4311-98ff-08dbf540be34 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: t1BTr5/Dsp3PlI8CWytMNZbYHyFVutUAme2SAC3PPMk6yYeU/70n6zs3JzXi0fScp3daYdsxfXTHf9WnpV+eNkFR50nFsJwiSd2h6WwbMC2ontCnoav+/ewqq0CAE6wnU4FqLMw0XPjn/gPC5rkNpLW0TFfr7+/150uMZ8PatD4BJS1Lsk2azF9ICsB0WpuetAW/H83m6q2QntfRPtTa6BdNs7eJzaGTZC0gt64GElDIgB44wkuc8/lfomJcHeiJVLibdqTDbvS8D1SiZbSagWXj/ZtTTiiIBFuI8q0YjFCR+DKkzw5SJQegWcTkxRCqM7gK9Wjx8E5IXzrF6PqhxtvHkSQSLmJ0/MQuXKM5mXj3LW3E/bOWUIM7Wjozz/uNWzsCGvgvh/fxCZkTttMwzL2EYjNM9mXDsOS7eGuQsccB4Zbi+4oUTr5E+Y9tAJajyLxZTreRI5sjr4zyshUsIN00VuM+vn4NCH6fok/4ufh4WLcsXAPiWpgW0pgmTPFmCeIoTtIGWZYCkd2o89IsmINhb/Dq88yEnVATWdGvA73IEUR+YLPPJN5JF5p3QszcGhkk7rldrac45sReLIqJs1uAEQmPHu8GKba+Lnk2KkkJaEWmien9fMLkZWZJKVZMjAlCOiNQ6PuX14P0iMCvWseVD0xIICHY2kVpf6XlSGM= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?MqpbV7gcPylfflvKFc/R1FfCRPWa8UV8nUsNTIEWH/F2HhADwXxpqzamRRU6?= =?us-ascii?Q?ApFfIq18u1LtH+BdJ08qiizM0ygVgAttaTU5EQdEq2fJ9/rRtBVI8Il2i83L?= =?us-ascii?Q?I+QuT+vqbGA6nvBqZnML0bZGUTZgq3Vfgs0n4ikLFRaxrrcHM4xGYhTKGeMW?= =?us-ascii?Q?pacsKbS4VwphTIUxEO69fGZEzpTgOyJq2anWNdeEyUP8mwDaskvwpO688vEW?= =?us-ascii?Q?tvSiSKkJRka6okB2Li0deBp0KgdsaktAezfXgkFderQzfP41MhpOQOzIoHsC?= =?us-ascii?Q?UeB9gYAhvnzJt6/NvjP/n0NQxYesxSd7L2D9E9rgHGtlc+71pA5N+yjmWGP8?= =?us-ascii?Q?X0XZjz5VCn550FV25EgIdlg00orieMU44Zb4lqHQ0aGZFIduLAa2ibyh1mya?= =?us-ascii?Q?9tV59+DIQk/H13S2pYpQyeB+6UZ7ABvlJyTFPSr48Wh/4bX5pz3AysbxT6yC?= =?us-ascii?Q?sRipeTCL0tSsVwa7U6lQBYhfeLlAoR990Cvr+DxZujA1wKpX1NP4zR2aX8Z3?= =?us-ascii?Q?Hr0I2JO8JTZn/bESvQn/0vEdo28EWO5JXh/r5+bGMtpKHAuPc1h9ggCewaUv?= =?us-ascii?Q?6qiZhyeDNhGUYxVcGeqPd2m/MlQzdGynsbOoO16xn8eGDJogd8ggxqWZe54Z?= =?us-ascii?Q?kOcn1ssUNscdcyPcYm3HyqV3xm1oGyDvEnWkPseXmv4mCnbBDEsNJ/Ej8HNr?= =?us-ascii?Q?2MBDB0wmeKnnTYiV7pHZ3ndpOMabGGT3rreUJq128xS2TCS1U0o51pkx4wX+?= =?us-ascii?Q?m7g0JXYf+cmlSpW/qM3cQnElak2MKaCHHUcYyjiLvH/SvttXqi7pEgPJ1oDH?= =?us-ascii?Q?5sLDOzvO2PtK+7w1ZfnZwln5fWy6NKFtfo0Q1vpsHypUT3Cd7duEpCqS5lF5?= =?us-ascii?Q?dauLW2aQCVpkHiv/0RoPdURV07tr11R1qIi3bWnpy9g/1oewJ1SBvd3JXyYX?= =?us-ascii?Q?FQUzRLu/YGGATrXoT8yvS0jixkHxuNjcBy3GKYiMNFRIvqP7sJyeDZ1jZRxr?= =?us-ascii?Q?bxQhqRgDr927Mob7FyyBqezoqG6S8jzw9fxA3glUKGW8WB5x28DAuWaAqVOK?= =?us-ascii?Q?+TGfOCrml3eHhIUIsqNLG10CFSjXLI7f3uKC8mkYhpHikOEed6IE9FjDZBrH?= =?us-ascii?Q?urnleUaSYxioxDV4BPtOUwbIhqH6sL3+xUsRZqmV0O76EHJVKTJM2v/+T9W2?= =?us-ascii?Q?9cabt4humjOBywDdnXStoHAfcMZIF3RxXDwDB6WlxSHXjsmf1bizz+lcJYOw?= =?us-ascii?Q?jmWyuzS/jxfm1bRC3g0eDIhZ73o8OLsXrSKlrntHW6c9NYEHB4iTFL6/5Kvf?= =?us-ascii?Q?ytmz/wcGkwfkWoI6OPkA7v9/jbfo/Jbvp9JHYHAofbBG3AnLDXM72Jx9n+D2?= =?us-ascii?Q?Zk1tS7zrz3o93i9NnXwPfZeqTKJ3QjHftVTuWVjjhTHrJrSjM0vYOxCTlDtj?= =?us-ascii?Q?PCL8yoErIbMAqPw94o0/6tqK1PSVBahR8uUF0SRRNOU6J9Lt4Hjd3V9a0EVC?= =?us-ascii?Q?ILOosWJ11+umG/5s+7u/atbuF924dNfMa0YNtJXhFHBdgzhw1F1ZSn9kLJ+O?= =?us-ascii?Q?O1mPaOYt9vYzI5zBmWcm19vkxSSJm3P3rnKvVHMx?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5483.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: abbd07ac-6632-4311-98ff-08dbf540be34 X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Dec 2023 03:17:42.0649 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ZKKdQeq9x49t8Wkfj6ksfbExIyXHbBA6MH4+hiPTwKHA75QEDbdJSuA015EOaXz+5wXyBKxcmlNcB7XotsSqAw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5208 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,chasel.chiu@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: ztlbepJct5bkc28OkpsBKIw0x7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=cjRSmXL2; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Patch pushed: https://github.com/tianocore/edk2-platforms/commit/f446fff050= 03f69a4396b2ec375301ecb5f63a2a Thanks, Chasel > -----Original Message----- > From: Chiang, Chris > Sent: Monday, December 4, 2023 12:51 AM > To: devel@edk2.groups.io > Cc: Chiang, Chris ; Chiu, Chasel > ; Desimone, Nathaniel L > ; Gao, Liming ; > Dong, Eric > Subject: [PATCH v1] MinPlatformPkg: Remove PeiDxeTpmPlatformHierarchyLib >=20 > From: Chiang-Chris >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4612 >=20 > Remove PeiDxeTpmPlatformHierarchyLib in Tcg/Library > Signed-off-by: Chiang-Chris >=20 > Cc: Chasel Chiu > Cc: Nate DeSimone > Cc: Liming Gao > Cc: Eric Dong > --- > Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > | 2 +- > Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > | 2 +- > Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > | 1 - >=20 > Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib/P= ei > DxeTpmPlatformHierarchyLib.c | 266 -------------------- >=20 > Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib/P= ei > DxeTpmPlatformHierarchyLib.inf | 45 ---- > 5 files changed, 2 insertions(+), 314 deletions(-) >=20 > diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > index 260f3b94c5..b469938823 100644 > --- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > +++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc > @@ -66,7 +66,7 @@ >=20 > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf >=20 >=20 >=20 > [LibraryClasses.common.DXE_DRIVER] >=20 > - > TpmPlatformHierarchyLib|MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHiera= r > chyLib/PeiDxeTpmPlatformHierarchyLib.inf >=20 > + > TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf >=20 >=20 >=20 > [LibraryClasses.common.DXE_SMM_DRIVER] >=20 >=20 > SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableL > ib.inf >=20 > diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > b/Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > index 595f0ee490..7afbb2900f 100644 > --- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > +++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CorePeiLib.dsc > @@ -52,7 +52,7 @@ >=20 > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRoute > rPei.inf >=20 >=20 > HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRout > erPei.inf >=20 >=20 > Tcg2PhysicalPresenceLib|SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/Pe= iTcg > 2PhysicalPresenceLib.inf >=20 > - > TpmPlatformHierarchyLib|MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHiera= r > chyLib/PeiDxeTpmPlatformHierarchyLib.inf >=20 > + > TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf >=20 >=20 >=20 >=20 > FspMeasurementLib|IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/Ba > seFspMeasurementLib.inf >=20 >=20 > FspWrapperPlatformMultiPhaseLib|IntelFsp2WrapperPkg/Library/BaseFspWrapp > erPlatformMultiPhaseLibNull/BaseFspWrapperPlatformMultiPhaseLibNull.inf >=20 > diff --git a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > index 087fa48dd0..ee5d211128 100644 > --- a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > +++ b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > @@ -203,7 +203,6 @@ > MinPlatformPkg/Test/TestPointStubDxe/TestPointStubDxe.inf >=20 > MinPlatformPkg/Test/TestPointDumpApp/TestPointDumpApp.inf >=20 >=20 >=20 > - > MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatfor > mHierarchyLib.inf >=20 > MinPlatformPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf >=20 > MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf >=20 >=20 >=20 > diff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.c > b/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.c > deleted file mode 100644 > index 9812ab99ab..0000000000 > --- > a/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.c > +++ /dev/null > @@ -1,266 +0,0 @@ > -/** @file >=20 > - TPM Platform Hierarchy configuration library. >=20 > - >=20 > - This library provides functions for customizing the TPM's Platform H= ierarchy >=20 > - Authorization Value (platformAuth) and Platform Hierarchy Authorizat= ion >=20 > - Policy (platformPolicy) can be defined through this function. >=20 > - >=20 > - Copyright (c) 2019, Intel Corporation. All rights reserved.
>=20 > - Copyright (c) Microsoft Corporation.
>=20 > - SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > - @par Specification Reference: >=20 > - https://trustedcomputinggroup.org/resource/tcg-tpm-v2-0-provisioning= - > guidance/ >=20 > -**/ >=20 > - >=20 > -#include >=20 > - >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > - >=20 > -// >=20 > -// The authorization value may be no larger than the digest produced by = the hash >=20 > -// algorithm used for context integrity. >=20 > -// >=20 > -#define MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE >=20 > - >=20 > -UINT16 mAuthSize; >=20 > - >=20 > -/** >=20 > - Generate high-quality entropy source through RDRAND. >=20 > - >=20 > - @param[in] Length Size of the buffer, in bytes, to fill with. >=20 > - @param[out] Entropy Pointer to the buffer to store the entropy = data. >=20 > - >=20 > - @retval EFI_SUCCESS Entropy generation succeeded. >=20 > - @retval EFI_NOT_READY Failed to request random data. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -RdRandGenerateEntropy ( >=20 > - IN UINTN Length, >=20 > - OUT UINT8 *Entropy >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - UINTN BlockCount; >=20 > - UINT64 Seed[2]; >=20 > - UINT8 *Ptr; >=20 > - >=20 > - Status =3D EFI_NOT_READY; >=20 > - BlockCount =3D Length / 64; >=20 > - Ptr =3D (UINT8 *)Entropy; >=20 > - >=20 > - // >=20 > - // Generate high-quality seed for DRBG Entropy >=20 > - // >=20 > - while (BlockCount > 0) { >=20 > - Status =3D GetRandomNumber128 (Seed); >=20 > - if (EFI_ERROR (Status)) { >=20 > - return Status; >=20 > - } >=20 > - CopyMem (Ptr, Seed, 64); >=20 > - >=20 > - BlockCount--; >=20 > - Ptr =3D Ptr + 64; >=20 > - } >=20 > - >=20 > - // >=20 > - // Populate the remained data as request. >=20 > - // >=20 > - Status =3D GetRandomNumber128 (Seed); >=20 > - if (EFI_ERROR (Status)) { >=20 > - return Status; >=20 > - } >=20 > - CopyMem (Ptr, Seed, (Length % 64)); >=20 > - >=20 > - return Status; >=20 > -} >=20 > - >=20 > -/** >=20 > - This function returns the maximum size of TPM2B_AUTH; this structure i= s used > for an authorization value >=20 > - and limits an authValue to being no larger than the largest digest pro= duced by a > TPM. >=20 > - >=20 > - @param[out] AuthSize Tpm2 Auth size >=20 > - >=20 > - @retval EFI_SUCCESS Auth size returned. >=20 > - @retval EFI_DEVICE_ERROR Can not return platform auth due = to device > error. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -GetAuthSize ( >=20 > - OUT UINT16 *AuthSize >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - TPML_PCR_SELECTION Pcrs; >=20 > - UINTN Index; >=20 > - UINT16 DigestSize; >=20 > - >=20 > - Status =3D EFI_SUCCESS; >=20 > - >=20 > - while (mAuthSize =3D=3D 0) { >=20 > - >=20 > - mAuthSize =3D SHA1_DIGEST_SIZE; >=20 > - ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION)); >=20 > - Status =3D Tpm2GetCapabilityPcrs (&Pcrs); >=20 > - >=20 > - if (EFI_ERROR (Status)) { >=20 > - DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs fail!\n")); >=20 > - break; >=20 > - } >=20 > - >=20 > - DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - %08x\n", Pcrs.count)); >=20 > - >=20 > - for (Index =3D 0; Index < Pcrs.count; Index++) { >=20 > - DEBUG ((DEBUG_ERROR, "alg - %x\n", Pcrs.pcrSelections[Index].hash)= ); >=20 > - >=20 > - switch (Pcrs.pcrSelections[Index].hash) { >=20 > - case TPM_ALG_SHA1: >=20 > - DigestSize =3D SHA1_DIGEST_SIZE; >=20 > - break; >=20 > - case TPM_ALG_SHA256: >=20 > - DigestSize =3D SHA256_DIGEST_SIZE; >=20 > - break; >=20 > - case TPM_ALG_SHA384: >=20 > - DigestSize =3D SHA384_DIGEST_SIZE; >=20 > - break; >=20 > - case TPM_ALG_SHA512: >=20 > - DigestSize =3D SHA512_DIGEST_SIZE; >=20 > - break; >=20 > - case TPM_ALG_SM3_256: >=20 > - DigestSize =3D SM3_256_DIGEST_SIZE; >=20 > - break; >=20 > - default: >=20 > - DigestSize =3D SHA1_DIGEST_SIZE; >=20 > - break; >=20 > - } >=20 > - >=20 > - if (DigestSize > mAuthSize) { >=20 > - mAuthSize =3D DigestSize; >=20 > - } >=20 > - } >=20 > - break; >=20 > - } >=20 > - >=20 > - *AuthSize =3D mAuthSize; >=20 > - return Status; >=20 > -} >=20 > - >=20 > -/** >=20 > - Set PlatformAuth to random value. >=20 > -**/ >=20 > -VOID >=20 > -RandomizePlatformAuth ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - UINT16 AuthSize; >=20 > - UINT8 *Rand; >=20 > - UINTN RandSize; >=20 > - TPM2B_AUTH NewPlatformAuth; >=20 > - >=20 > - // >=20 > - // Send Tpm2HierarchyChange Auth with random value to avoid PlatformAu= th > being null >=20 > - // >=20 > - >=20 > - GetAuthSize (&AuthSize); >=20 > - >=20 > - ZeroMem (NewPlatformAuth.buffer, AuthSize); >=20 > - NewPlatformAuth.size =3D AuthSize; >=20 > - >=20 > - // >=20 > - // Allocate one buffer to store random data. >=20 > - // >=20 > - RandSize =3D MAX_NEW_AUTHORIZATION_SIZE; >=20 > - Rand =3D AllocatePool (RandSize); >=20 > - >=20 > - RdRandGenerateEntropy (RandSize, Rand); >=20 > - CopyMem (NewPlatformAuth.buffer, Rand, AuthSize); >=20 > - >=20 > - FreePool (Rand); >=20 > - >=20 > - // >=20 > - // Send Tpm2HierarchyChangeAuth command with the new Auth value >=20 > - // >=20 > - Status =3D Tpm2HierarchyChangeAuth (TPM_RH_PLATFORM, NULL, > &NewPlatformAuth); >=20 > - DEBUG ((DEBUG_INFO, "Tpm2HierarchyChangeAuth Result: - %r\n", Status))= ; >=20 > - ZeroMem (NewPlatformAuth.buffer, AuthSize); >=20 > - ZeroMem (Rand, RandSize); >=20 > -} >=20 > - >=20 > -/** >=20 > - Disable the TPM platform hierarchy. >=20 > - >=20 > - @retval EFI_SUCCESS The TPM was disabled successfully. >=20 > - @retval Others An error occurred attempting to disable th= e TPM > platform hierarchy. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -DisableTpmPlatformHierarchy ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - >=20 > - // Make sure that we have use of the TPM. >=20 > - Status =3D Tpm2RequestUseTpm (); >=20 > - if (EFI_ERROR (Status)) { >=20 > - DEBUG ((DEBUG_ERROR, "%a:%a() - Tpm2RequestUseTpm Failed! %r\n", > gEfiCallerBaseName, __FUNCTION__, Status)); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - return Status; >=20 > - } >=20 > - >=20 > - // Let's do what we can to shut down the hierarchies. >=20 > - >=20 > - // Disable the PH NV. >=20 > - // IMPORTANT NOTE: We *should* be able to disable the PH NV here, but = TPM > parts have >=20 > - // been known to store the EK cert in the PH NV. If we= disable it, the >=20 > - // EK cert will be unreadable. >=20 > - >=20 > - // Disable the PH. >=20 > - Status =3D Tpm2HierarchyControl ( >=20 > - TPM_RH_PLATFORM, // AuthHandle >=20 > - NULL, // AuthSession >=20 > - TPM_RH_PLATFORM, // Hierarchy >=20 > - NO // State >=20 > - ); >=20 > - DEBUG ((DEBUG_VERBOSE, "%a:%a() - Disable PH =3D %r\n", > gEfiCallerBaseName, __FUNCTION__, Status)); >=20 > - if (EFI_ERROR (Status)) { >=20 > - DEBUG ((DEBUG_ERROR, "%a:%a() - Disable PH Failed! %r\n", > gEfiCallerBaseName, __FUNCTION__, Status)); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - } >=20 > - >=20 > - return Status; >=20 > -} >=20 > - >=20 > -/** >=20 > - This service defines the configuration of the Platform Hierarchy Auth= orization > Value (platformAuth) >=20 > - and Platform Hierarchy Authorization Policy (platformPolicy) >=20 > - >=20 > -**/ >=20 > -VOID >=20 > -EFIAPI >=20 > -ConfigureTpmPlatformHierarchy ( >=20 > - ) >=20 > -{ >=20 > - if (PcdGetBool (PcdRandomizePlatformHierarchy)) { >=20 > - // >=20 > - // Send Tpm2HierarchyChange Auth with random value to avoid Platform= Auth > being null >=20 > - // >=20 > - RandomizePlatformAuth (); >=20 > - } else { >=20 > - // >=20 > - // Disable the hierarchy entirely (do not randomize it) >=20 > - // >=20 > - DisableTpmPlatformHierarchy (); >=20 > - } >=20 > -} >=20 > diff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf > b/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf > deleted file mode 100644 > index b7a7fb0a08..0000000000 > --- > a/Platform/Intel/MinPlatformPkg/Tcg/Library/PeiDxeTpmPlatformHierarchyLib= /P > eiDxeTpmPlatformHierarchyLib.inf > +++ /dev/null > @@ -1,45 +0,0 @@ > -### @file >=20 > -# >=20 > -# TPM Platform Hierarchy configuration library. >=20 > -# >=20 > -# This library provides functions for customizing the TPM's Platform H= ierarchy >=20 > -# Authorization Value (platformAuth) and Platform Hierarchy Authorizat= ion >=20 > -# Policy (platformPolicy) can be defined through this function. >=20 > -# >=20 > -# Copyright (c) 2019, Intel Corporation. All rights reserved.
>=20 > -# Copyright (c) Microsoft Corporation.
>=20 > -# >=20 > -# SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > -# >=20 > -### >=20 > - >=20 > -[Defines] >=20 > - INF_VERSION =3D 0x00010005 >=20 > - BASE_NAME =3D PeiDxeTpmPlatformHierarchyLib >=20 > - FILE_GUID =3D 7794F92C-4E8E-4E57-9E4A-49A0764C7D7= 3 >=20 > - MODULE_TYPE =3D PEIM >=20 > - VERSION_STRING =3D 1.0 >=20 > - LIBRARY_CLASS =3D TpmPlatformHierarchyLib|PEIM DXE_DR= IVER >=20 > - >=20 > -[LibraryClasses] >=20 > - BaseLib >=20 > - BaseMemoryLib >=20 > - DebugLib >=20 > - MemoryAllocationLib >=20 > - PcdLib >=20 > - RngLib >=20 > - Tpm2CommandLib >=20 > - Tpm2DeviceLib >=20 > - >=20 > -[Packages] >=20 > - MdePkg/MdePkg.dec >=20 > - MdeModulePkg/MdeModulePkg.dec >=20 > - SecurityPkg/SecurityPkg.dec >=20 > - CryptoPkg/CryptoPkg.dec >=20 > - MinPlatformPkg/MinPlatformPkg.dec >=20 > - >=20 > -[Sources] >=20 > - PeiDxeTpmPlatformHierarchyLib.c >=20 > - >=20 > -[Pcd] >=20 > - gMinPlatformPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy >=20 > -- > 2.43.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112061): https://edk2.groups.io/g/devel/message/112061 Mute This Topic: https://groups.io/mt/102974261/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-