From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web10.768.1573773565648988557 for ; Thu, 14 Nov 2019 15:19:26 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=ee5y46kd; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: michael.a.kubacki@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Nov 2019 15:19:25 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.68,306,1569308400"; d="scan'208";a="214643994" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by fmsmga001.fm.intel.com with ESMTP; 14 Nov 2019 15:19:25 -0800 Received: from fmsmsx157.amr.corp.intel.com (10.18.116.73) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 14 Nov 2019 15:19:25 -0800 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by FMSMSX157.amr.corp.intel.com (10.18.116.73) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 14 Nov 2019 15:19:24 -0800 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.36.56) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 14 Nov 2019 15:19:25 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S8br+5fgF1bNGbmNw590SQgfcrrj3x5B6dumqErX113WwE07elmpX09+X0yXjh+T+5RAttLBK9b/BSaJ+APmPM2il60aK1PIrgpVxQR71zOIxq3tYFt1XV3CA1tD5hwF7GqwGD7nFQhuJoGMrFnmBPzpH008l5fAh30XDFPfkDdjCyC4XgbE3ehO8ivmAhMcfs9i+cmExJsNLQNrgO8mFieXrLWUTX/fgv8tQ4k9V3uqo1ArFUqTyQZ64oPMew5eUtCHn0mg83m83pZj2NgTBvXTzX0YUsdVH7WFOs9uKQpjhLP/IO+qV9X/rDpStIWYPNVYY26TFuzUprLzS8arkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RVXRmYjaCnSqNYQhirKL52bnMD3uRQ5TlNtB/Gf3a60=; b=WXNi59efYMyE1TDf64uVry/0yRq2witINn/M4dRGkqA2ybJZW53n+jyW4ZG3rYuCihDKo+m+5LnQzjmk4krkRTk6Qeb5YSBvB9IzzdV67mI8x4sIxpIQqthU1cRG118PWaxgaTBGuJ9F+jYN78jC7k0jHLpDSvlTVjo4xAsN08Pug2ncEnz+jjf1EGuEvhvn1FYaauJ+pSzLFw77V35otBkDapABehhrZh+QM/oRSZkigcGGHVszrmDZjko6uZF1FuTLQ01ocu0xxAJkneMSkASt1EVnxtewMsfWfju5s+pytBb89/pg2opmXhIXf6LHHnSDaHA1we01mEu1abVBPA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RVXRmYjaCnSqNYQhirKL52bnMD3uRQ5TlNtB/Gf3a60=; b=ee5y46kdwvlxaVZkN3nWSJpa/jpd37obYisTN/MnvRnRHSqRU7WyJ6BSVpd0e4oI2TAgvyJHzZs76dp2mOmysMU85WvMtSSjAv9pnqDMEfTYtXyfdagLbPlAUnlguFfqVxOD556FGjzSt4fNQNRwXLI3dvFR/+KA9tDtMK6knoo= Received: from BY5PR11MB4484.namprd11.prod.outlook.com (52.132.254.155) by BY5PR11MB4420.namprd11.prod.outlook.com (52.132.255.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.23; Thu, 14 Nov 2019 23:19:22 +0000 Received: from BY5PR11MB4484.namprd11.prod.outlook.com ([fe80::a114:604b:7ca3:5420]) by BY5PR11MB4484.namprd11.prod.outlook.com ([fe80::a114:604b:7ca3:5420%7]) with mapi id 15.20.2451.027; Thu, 14 Nov 2019 23:19:22 +0000 From: "Kubacki, Michael A" To: "Gonzalez Del Cueto, Rodrigo" , "devel@edk2.groups.io" CC: "Chiu, Chasel" , "Desimone, Nathaniel L" , "Gao, Liming" Subject: Re: [edk2-platforms][Patch V5 1/2] MinPlatformPkg: Library for customizing TPM platform hierarchy Thread-Topic: [edk2-platforms][Patch V5 1/2] MinPlatformPkg: Library for customizing TPM platform hierarchy Thread-Index: AQHVmy9J4cc/NGCi/kCfbJ1mJOEd9aeLTW8Q Date: Thu, 14 Nov 2019 23:19:22 +0000 Message-ID: References: <20191114210510.1736-1-rodrigo.gonzalez.del.cueto@intel.com> <20191114210510.1736-2-rodrigo.gonzalez.del.cueto@intel.com> In-Reply-To: <20191114210510.1736-2-rodrigo.gonzalez.del.cueto@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows x-ctpclassification: CTP_NT x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMWQ4ZTdmYTItZmM2ZC00OTkwLWEwNGItMDhmMWZiYTA2Yzk3IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiajdaVVdpXC9pZlpOMW84VFRVVVJcL3Q0Y2ZzdDdqYm9GeTR2bkV2REY2TzFvejNWdEU0MW9zQ2hlbUtMUWo0UkQ4In0= dlp-reaction: no-action dlp-version: 11.2.0.6 authentication-results: spf=none (sender IP is ) smtp.mailfrom=michael.a.kubacki@intel.com; x-originating-ip: [134.134.136.217] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: ce10d844-b1d3-4099-782d-08d769591558 x-ms-traffictypediagnostic: BY5PR11MB4420: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:6430; x-forefront-prvs: 02213C82F8 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(396003)(136003)(376002)(366004)(39860400002)(346002)(199004)(189003)(13464003)(53546011)(14444005)(5660300002)(110136005)(86362001)(19627235002)(76176011)(54906003)(6306002)(7696005)(2501003)(316002)(6246003)(52536014)(26005)(102836004)(186003)(4326008)(107886003)(11346002)(486006)(446003)(305945005)(7736002)(81166006)(74316002)(66066001)(25786009)(229853002)(8936002)(3846002)(99286004)(71190400001)(71200400001)(9686003)(8676002)(55016002)(33656002)(966005)(6506007)(76116006)(2906002)(81156014)(476003)(6116002)(14454004)(30864003)(66446008)(66946007)(6436002)(64756008)(66556008)(66476007)(478600001)(256004);DIR:OUT;SFP:1102;SCL:1;SRVR:BY5PR11MB4420;H:BY5PR11MB4484.namprd11.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;A:1;MX:1; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 4gKJXVHbVnywAouVcXDRIQ0NsORTwirrjsLykGxOp3X8tNAMiShkw+8WUQ6phS0qRilQ77WH2R44/mvMlKNw40kYTUIstGuHlN7bkBQFFws8hSj9KXBuWIW1svHzJSf9/oA3SpV80tZvidt4D8EjwlgezWfj2gm5VLbWV1iKu7KWLjtkVh6ygY5Nn3elilbDzTnHRdmIvUfvD6PbZoQCOD3ekfb/tInD/Vt+VppKJZsx61I3pIrEPFCO3gs1OMWkU+j83I62XkkBxQgbMV09+SVZThFGEgyfsynVt58dfO8/z0QycvrPEulrpJDKwqXn/BvkW9LlTuy1+e489HqS/pz/A9efDA5MfPYHiH/pJXY9U2cVFeIweSq9HYWvAqzscYgNpCI/gjKKOGCIPbLqjTJaRGLxoOawm6AQRIIl98L3lvBpDh6HUIYQpJyMKtZ0 MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: ce10d844-b1d3-4099-782d-08d769591558 X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Nov 2019 23:19:22.5131 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: hsFERHm98JonjHsTcHhZ8Di+XjlTF/Qfu3Oj6S4Ks9JRpnqFezAc2QC2qtuIXKIXll+imA7Oiw5j0CW3i/QHwcjF4nAf76e64dKPVyBO6ks= X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4420 Return-Path: michael.a.kubacki@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Michael Kubacki > -----Original Message----- > From: Gonzalez Del Cueto, Rodrigo > Sent: Thursday, November 14, 2019 1:05 PM > To: devel@edk2.groups.io. > Cc: Gonzalez Del Cueto, Rodrigo ; > Kubacki, Michael A ; Chiu, Chasel > ; Desimone, Nathaniel L > ; Gao, Liming > Subject: [edk2-platforms][Patch V5 1/2] MinPlatformPkg: Library for > customizing TPM platform hierarchy >=20 > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2331 >=20 > In V5: > + Fixed build of MinPlatformPkg >=20 > This change is split into two commits: > 1) This commit: Add new library class TpmPlatformHierarchyLib > 2) Second commit: Add usage in Tcg2PlatformDxe >=20 > In order to enable some TPM use cases BIOS should enable to customize the > configuration of the TPM platform, provisioning of endorsement, platform > and storage hierarchy. >=20 > Cc: Michael Kubacki > Cc: Chasel Chiu > Cc: Nate DeSimone > Cc: Liming Gao >=20 > Signed-off-by: Rodrigo Gonzalez del Cueto > > --- > .../Include/Library/TpmPlatformHierarchyLib.h | 29 +++ > .../Intel/MinPlatformPkg/MinPlatformPkg.dec | 2 + > .../Intel/MinPlatformPkg/MinPlatformPkg.dsc | 1 + > .../TpmPlatformHierarchyLib.c | 214 ++++++++++++++++++ > .../TpmPlatformHierarchyLib.inf | 45 ++++ > 5 files changed, 291 insertions(+) > create mode 100644 > Platform/Intel/MinPlatformPkg/Include/Library/TpmPlatformHierarchyLib.h > create mode 100644 > Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformHierarchyLib/TpmPl > atformHierarchyLib.c > create mode 100644 > Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformHierarchyLib/TpmPl > atformHierarchyLib.inf >=20 > diff --git > a/Platform/Intel/MinPlatformPkg/Include/Library/TpmPlatformHierarchyLib. > h > b/Platform/Intel/MinPlatformPkg/Include/Library/TpmPlatformHierarchyLib. > h > new file mode 100644 > index 000000000000..ed9709b24a73 > --- /dev/null > +++ > b/Platform/Intel/MinPlatformPkg/Include/Library/TpmPlatformHierarchy > +++ Lib.h > @@ -0,0 +1,29 @@ > +/** @file+ TPM Platform Hierarchy configuration library.++ This li= brary > provides functions for customizing the TPM's Platform Hierarchy+ > Authorization Value (platformAuth) and Platform Hierarchy Authorization+ > Policy (platformPolicy) can be defined through this function.++Copyright = (c) > 2019, Intel Corporation. All rights reserved.
+SPDX-License-Identifier= : > BSD-2-Clause-Patent++**/++#ifndef > _TPM_PLATFORM_HIERARCHY_LIB_H_+#define > _TPM_PLATFORM_HIERARCHY_LIB_H_++#include +#include > ++/**+ This service will perform the TPM Platform Hierarchy > configuration at the SmmReadyToLock > event.++**/+VOID+EFIAPI+ConfigureTpmPlatformHierarchy (+ VOID+ > );++#endifdiff --git a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec > b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec > index a851021c0b79..92bda3784ffc 100644 > --- a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec > +++ b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec > @@ -62,6 +62,8 @@ BoardInitLib|Include/Library/BoardInitLib.h > MultiBoardInitSupportLib|Include/Library/MultiBoardInitSupportLib.h > SecBoardInitLib|Include/Library/SecBoardInitLib.h > +TpmPlatformHierarchyLib|Include/Library/TpmPlatformHierarchyLib.h+ > TestPointLib|Include/Library/TestPointLib.h > TestPointCheckLib|Include/Library/TestPointCheckLib.h diff --git > a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > index 5f9363ff3228..a01f229a891d 100644 > --- a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > +++ b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > @@ -102,6 +102,7 @@ >=20 > FspWrapperPlatformLib|MinPlatformPkg/FspWrapper/Library/DxeFspWrap > perPlatformLib/DxeFspWrapperPlatformLib.inf > TestPointCheckLib|MinPlatformPkg/Test/Library/TestPointCheckLib/DxeTes > tPointCheckLib.inf > TestPointLib|MinPlatformPkg/Test/Library/TestPointLib/DxeTestPointLib.inf > + > TpmPlatformHierarchyLib|MinPlatformPkg/Tcg/Library/TpmPlatformHierarc > hyLib/TpmPlatformHierarchyLib.inf > [LibraryClasses.common.DXE_SMM_DRIVER] > SpiFlashCommonLib|MinPlatformPkg/Flash/Library/SpiFlashCommonLibNull/ > SpiFlashCommonLibNull.infdiff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformHierarchyLib/Tp > mPlatformHierarchyLib.c > b/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformHierarchyLib/Tp > mPlatformHierarchyLib.c > new file mode 100644 > index 000000000000..41ddb26f4046 > --- /dev/null > +++ > b/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformHierarchyLib/ > +++ TpmPlatformHierarchyLib.c > @@ -0,0 +1,214 @@ > +/** @file+ TPM Platform Hierarchy configuration library.++ This li= brary > provides functions for customizing the TPM's Platform Hierarchy+ > Authorization Value (platformAuth) and Platform Hierarchy Authorization+ > Policy (platformPolicy) can be defined through this function.++ Copyri= ght > (c) 2019, Intel Corporation. All rights reserved.
+ SPDX-License- > Identifier: BSD-2-Clause-Patent++ @par Specification Reference:+ > https://trustedcomputinggroup.org/resource/tcg-tpm-v2-0-provisioning- > guidance/+**/++#include ++#include > +#include +#include > +#include > +#include > +#include +#include > +#include ++//+// > The authorization value may be no larger than the digest produced by the > hash+// algorithm used for context integrity.+//+#define > MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE++UINT16 > mAuthSize;++/**+ Generate high-quality entropy source through > RDRAND.++ @param[in] Length Size of the buffer, in bytes, to fi= ll with.+ > @param[out] Entropy Pointer to the buffer to store the entropy dat= a.++ > @retval EFI_SUCCESS Entropy generation succeeded.+ @retval > EFI_NOT_READY Failed to request random > data.++**/+EFI_STATUS+EFIAPI+RdRandGenerateEntropy (+ IN UINTN > Length,+ OUT UINT8 *Entropy+ )+{+ EFI_STATUS Status;+ UINTN > BlockCount;+ UINT64 Seed[2];+ UINT8 *Ptr;++ Status =3D > EFI_NOT_READY;+ BlockCount =3D Length / 64;+ Ptr =3D (UINT8 *)Entropy;+= + > //+ // Generate high-quality seed for DRBG Entropy+ //+ while (BlockCo= unt > > 0) {+ Status =3D GetRandomNumber128 (Seed);+ if (EFI_ERROR (Statu= s)) > {+ return Status;+ }+ CopyMem (Ptr, Seed, 64);++ BlockCount= --;+ Ptr > =3D Ptr + 64;+ }++ //+ // Populate the remained data as request.+ //+= Status > =3D GetRandomNumber128 (Seed);+ if (EFI_ERROR (Status)) {+ return > Status;+ }+ CopyMem (Ptr, Seed, (Length % 64));++ return Status;+}++/*= *+ > This function returns the maximum size of TPM2B_AUTH; this structure is > used for an authorization value+ and limits an authValue to being no lar= ger > than the largest digest produced by a TPM.++ @param[out] AuthSize > Tpm2 Auth size++ @retval EFI_SUCCESS Auth size returned= .+ > @retval EFI_DEVICE_ERROR Can not return platform auth due to > device error.++**/+EFI_STATUS+EFIAPI+GetAuthSize (+ OUT UINT16 > *AuthSize+ )+{+ EFI_STATUS Status;+ TPML_PCR_SELECTION P= crs;+ > UINTN Index;+ UINT16 DigestSize;++ Statu= s =3D > EFI_SUCCESS;++ while (mAuthSize =3D=3D 0) {++ mAuthSize =3D > SHA1_DIGEST_SIZE;+ ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION));+ > Status =3D Tpm2GetCapabilityPcrs (&Pcrs);++ if (EFI_ERROR (Status)) {+ > DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs fail!\n"));+ break;+ = }++ > DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - %08x\n", Pcrs.count));++ > for (Index =3D 0; Index < Pcrs.count; Index++) {+ DEBUG ((DEBUG_ERRO= R, > "alg - %x\n", Pcrs.pcrSelections[Index].hash));++ switch > (Pcrs.pcrSelections[Index].hash) {+ case TPM_ALG_SHA1:+ Diges= tSize > =3D SHA1_DIGEST_SIZE;+ break;+ case TPM_ALG_SHA256:+ > DigestSize =3D SHA256_DIGEST_SIZE;+ break;+ case TPM_ALG_SHA3= 84:+ > DigestSize =3D SHA384_DIGEST_SIZE;+ break;+ case TPM_ALG_SHA5= 12:+ > DigestSize =3D SHA512_DIGEST_SIZE;+ break;+ case > TPM_ALG_SM3_256:+ DigestSize =3D SM3_256_DIGEST_SIZE;+ brea= k;+ > default:+ DigestSize =3D SHA1_DIGEST_SIZE;+ break;+ }+= + if > (DigestSize > mAuthSize) {+ mAuthSize =3D DigestSize;+ }+ = }+ break;+ > }++ *AuthSize =3D mAuthSize;+ return Status;+}++/**+ Set PlatformAuth = to > random value.+**/+VOID+RandomizePlatformAuth (+ VOID+ )+{+ > EFI_STATUS Status;+ UINT16 = AuthSize;+ UINT8 > *Rand;+ UINTN RandSize;+ TPM2B_AUTH > NewPlatformAuth;++ //+ // Send Tpm2HierarchyChange Auth with random > value to avoid PlatformAuth being null+ //++ GetAuthSize (&AuthSize);++ > ZeroMem (NewPlatformAuth.buffer, AuthSize);+ NewPlatformAuth.size =3D > AuthSize;++ //+ // Allocate one buffer to store random data.+ //+ Ran= dSize > =3D MAX_NEW_AUTHORIZATION_SIZE;+ Rand =3D AllocatePool (RandSize);++ > RdRandGenerateEntropy (RandSize, Rand);+ CopyMem > (NewPlatformAuth.buffer, Rand, AuthSize);++ FreePool (Rand);++ //+ // > Send Tpm2HierarchyChangeAuth command with the new Auth value+ //+ > Status =3D Tpm2HierarchyChangeAuth (TPM_RH_PLATFORM, NULL, > &NewPlatformAuth);+ DEBUG ((DEBUG_INFO, "Tpm2HierarchyChangeAuth > Result: - %r\n", Status));+ ZeroMem (NewPlatformAuth.buffer, AuthSize);+ > ZeroMem (Rand, RandSize);+}++/**+ This service defines the configuratio= n > of the Platform Hierarchy Authorization Value (platformAuth)+ and Platf= orm > Hierarchy Authorization Policy > (platformPolicy)++**/+VOID+EFIAPI+ConfigureTpmPlatformHierarchy (+ > )+{+ //+ // Send Tpm2HierarchyChange Auth with random value to avoid > PlatformAuth being null+ //+ RandomizePlatformAuth ();+}diff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformHierarchyLib/Tp > mPlatformHierarchyLib.inf > b/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformHierarchyLib/Tp > mPlatformHierarchyLib.inf > new file mode 100644 > index 000000000000..0911bdffa01f > --- /dev/null > +++ > b/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformHierarchyLib/ > +++ TpmPlatformHierarchyLib.inf > @@ -0,0 +1,45 @@ > +### @file+#+# TPM Platform Hierarchy configuration library.+#+# This > library provides functions for customizing the TPM's Platform Hierarchy+# > Authorization Value (platformAuth) and Platform Hierarchy Authorization+# > Policy (platformPolicy) can be defined through this function.+#+# Copyrig= ht > (c) 2019, Intel Corporation. All rights reserved.
+#+# SPDX-License- > Identifier: BSD-2-Clause-Patent+#+###++[Defines]+ INF_VERSION > =3D 0x00010005+ BASE_NAME =3D TpmPlatformHierarchyL= ib+ > FILE_GUID =3D 7794F92C-4E8E-4E57-9E4A-49A0764C7D73+ > MODULE_TYPE =3D DXE_DRIVER+ VERSION_STRING = =3D 1.0+ > LIBRARY_CLASS =3D TpmPlatformHierarchyLib++[LibraryClass= es]+ > MemoryAllocationLib+ BaseLib+ UefiBootServicesTableLib+ > UefiDriverEntryPoint+ BaseMemoryLib+ DebugLib+ Tpm2CommandLib+ > Tpm2DeviceLib+ RngLib+ UefiLib++[Packages]+ MdePkg/MdePkg.dec+ > MdeModulePkg/MdeModulePkg.dec+ SecurityPkg/SecurityPkg.dec+ > CryptoPkg/CryptoPkg.dec++[Sources]+ > TpmPlatformHierarchyLib.c++[Depex]+ gEfiTcg2ProtocolGuid-- > 2.22.0.windows.1