From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:400c:c09::244; helo=mail-wm0-x244.google.com; envelope-from=marcandre.lureau@gmail.com; receiver=edk2-devel@lists.01.org Received: from mail-wm0-x244.google.com (mail-wm0-x244.google.com [IPv6:2a00:1450:400c:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 48883224E691D for ; Thu, 1 Mar 2018 07:02:24 -0800 (PST) Received: by mail-wm0-x244.google.com with SMTP id h21so12570386wmd.1 for ; Thu, 01 Mar 2018 07:08:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=VwhFaj61JDP8UtEG894a41qTyETbqcM2WLePx212IQU=; b=ZOXO0lBlHUSpIjBsV/qjNAuKhBKOJcM58SPVorsCIE3ZHUjwzhuoNK78ZX8j4DJnL/ QBCJJINM1BP+9sW20RYqB9cZ8UD0rqkHVWulaqRve35NyQBZBRmuYgL2xsFdRrs3b00C nDn4ZfSv7TM01YEyl96NN0m6jM+xQayM7H/7P51NLUHP5sedSuwPtg6vD67Bi36/9pdh 4mIKr1anc60lFciC0fDcwqgGYf1vcM7Gmx5nrVsPe+tIatoGyMZdTPdwrgnddzju1T8Y JU6ZNoQL80tfF0EPqet7fMeAfhJFdVDEMzDnNoUUiCo4z7Q+VLWvkukULWNRo+pudHbX 9sLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=VwhFaj61JDP8UtEG894a41qTyETbqcM2WLePx212IQU=; b=RVkNS+1nPHFsjycqrJ2qPdoK2EOZ56sYKUbPfyxxGbmbL4Vfu6Vw5El5fA1VEeJT63 d9rm4UMeoM4+ludB3Tu9MEUh9/cjW1E73/gRNzqRfmRNdjHytQppPViNOsYpkID8HLYc wlLEnjlkCslejSokcUaQ1WiFj+ehaO26q6pHv5fv9R6e+SPMFzUhdyDmsQyFlXy/nT2g 30yPYGBP8r4SDMWc1XvnW9F2KkhNCAakAPRY87GhRNIIGq0WpGUlt3ctGyQzFlmv5V91 bME6Gc0z4Gt6+zk5le/JyyNse+n8ESf7zOVhBgyVqJSxrA9aZuasvgTejHGPNTf411NN x5Sg== X-Gm-Message-State: AElRT7HM0q4Sl3EFKgfbMA/7rGrgGH70liC+19oE/nswE71w+EOYou6e GKyfom0zzmkFX0xQaBpwTHWr4ISvz/XK9bW0R1Y= X-Google-Smtp-Source: AG47ELs78pSyLB/2/2ORyRRAePZKOk6qGs7ZQh37gvLT7niCzXGCSorWrn8tHf43YmjZ1GTLG9udAlJa/RjgdPfi8mg= X-Received: by 10.28.212.13 with SMTP id l13mr2190439wmg.123.1519916911403; Thu, 01 Mar 2018 07:08:31 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.185.67 with HTTP; Thu, 1 Mar 2018 07:08:30 -0800 (PST) In-Reply-To: References: <20180223132311.26555-1-marcandre.lureau@redhat.com> <20180223132311.26555-5-marcandre.lureau@redhat.com> From: =?UTF-8?B?TWFyYy1BbmRyw6kgTHVyZWF1?= Date: Thu, 1 Mar 2018 16:08:30 +0100 Message-ID: To: Laszlo Ersek Cc: edk2-devel@lists.01.org, Peter Jones , Jiewen Yao , QEMU , Javier Martinez Canillas Subject: Re: [PATCH 4/7] ovmf: link with Tcg2Pei module X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Mar 2018 15:02:24 -0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi On Mon, Feb 26, 2018 at 10:38 AM, Laszlo Ersek wrote: > On 02/23/18 14:23, marcandre.lureau@redhat.com wrote: >> From: Marc-Andr=C3=A9 Lureau >> >> This module will initialize TPM device, measure reported FVs and BIOS >> version. >> >> CC: Laszlo Ersek >> CC: Stefan Berger >> Contributed-under: TianoCore Contribution Agreement 1.0 >> Signed-off-by: Marc-Andr=C3=A9 Lureau >> --- >> OvmfPkg/OvmfPkgX64.dsc | 7 +++++++ >> OvmfPkg/OvmfPkgX64.fdf | 1 + >> 2 files changed, 8 insertions(+) >> >> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc >> index b5cbe8430f..34a7c2778e 100644 >> --- a/OvmfPkg/OvmfPkgX64.dsc >> +++ b/OvmfPkg/OvmfPkgX64.dsc >> @@ -279,6 +279,8 @@ >> PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf >> QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf >> !if $(TPM2_ENABLE) >> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf >> + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypto= RouterPei.inf >> Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibD= Tpm.inf >> Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm= .inf >> !endif >> @@ -647,6 +649,11 @@ >> >> !if $(TPM2_ENABLE) =3D=3D TRUE >> SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf >> + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { >> + >> + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.= inf >> + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha= 256.inf >> + } >> !endif >> >> !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE >> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf >> index dc35d0a1f7..9558142a42 100644 >> --- a/OvmfPkg/OvmfPkgX64.fdf >> +++ b/OvmfPkg/OvmfPkgX64.fdf >> @@ -170,6 +170,7 @@ INF MdeModulePkg/Universal/Variable/Pei/VariablePei= .inf >> !endif >> !if $(TPM2_ENABLE) =3D=3D TRUE >> INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf >> +INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf >> !endif >> >> #######################################################################= ######### >> > > Would it be possible to drop SHA1 (include SHA256 only) by setting > PcdTpm2HashMask to value 2? Or SHA1 required for some other reason? (If > so please mention it in the commit message.) > afaik, it's not strictly required, and apparently the support is being dropped. I'll remove it. btw, now I understand your comment about read-only variable not being used by PEI module. I'll add a preliminary patch dropping it from depex ;) thanks --=20 Marc-Andr=C3=A9 Lureau