From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wr1-f65.google.com (mail-wr1-f65.google.com [209.85.221.65]) by mx.groups.io with SMTP id smtpd.web10.6371.1582713533670300936 for ; Wed, 26 Feb 2020 02:38:54 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=tfVBwreh; spf=pass (domain: linaro.org, ip: 209.85.221.65, mailfrom: ard.biesheuvel@linaro.org) Received: by mail-wr1-f65.google.com with SMTP id z15so2363374wrl.1 for ; Wed, 26 Feb 2020 02:38:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WLT2mHLlvyob5XhW09o8OKxnSLjEcpZ+DyVv7AJf9as=; b=tfVBwrehMPTjSZAnLFapDlMuI8kqoWK16lugCDXvb4ga5MkXyygSx4aQ+NACzs7KjI s/Jjg2/rLaT44IE7Mjkfn98rn5bS9WZz95xrPbBcCQc5WIatVDNvvedGb+hrqDYwOaJr hmMDEJW6cvIU1dqF5o8HS8tFq2sey9te5qstAPIWMkGgJyaNTBdhH9lO4CwLnd93eVYV /RcPPic/W2WPXnV/hK4ceXox13ax4K/T8wtZbSGPMcnotBxerQqnUeJUZxbMn3u8Ktpo EM1jswvTCzBY/7ZMHL0ffFpxUFTFuzPNFtjT0hZz1GkSLZI0pgtqcz3nJEy8IfKLqvOM SzSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WLT2mHLlvyob5XhW09o8OKxnSLjEcpZ+DyVv7AJf9as=; b=ZTXu+IVPDSCZr/qldqkv0JY0hmi62wFDLiKrZ6rGbTIFPvOqEM6GNiUUWRHmO4K15I 2ssx4qvUBGE2Hc8IfNwwaYxckNwnRCS9fVG6PlPp51wdxYZUw6CtGIqXTrXsq6cvU+Y+ VUSP5msnUVudZrqsWU1vt7o+UoxrNDyDMYLEqk11z/oxLnp+Xy6Zulz96YBYVcA0TuHr UkLm+g/4IqE5EX+6DJJAt0MP6R1Wi1b0xeVTNH75WGA/8lWsvv/GDAgtKXYiKKCNIU8Z /IGx6KXm4Jz8xFvRbMKiFCDlNczh14Rc1N9f/QAzsTn0Pn5T7bxhnDUQl1yzDkJXQ8N5 tVNQ== X-Gm-Message-State: APjAAAXgAAGMxox5MYDUkSh8hea671xF4wFCfxa4w709UJPGhb7zKVeL 8c5Wg5pvp6yi39OelUfyPquHc59jWORYGcfk18+Vzw== X-Google-Smtp-Source: APXvYqzn5ElsujfKXDmfopWvfFKmdFU/Px90fh0h9gUwE4hNTsudBV8NGOny34WT9l4ljksveXGO9fc5F4pycOXehH8= X-Received: by 2002:a5d:5188:: with SMTP id k8mr4750430wrv.151.1582713532037; Wed, 26 Feb 2020 02:38:52 -0800 (PST) MIME-Version: 1.0 References: <20200225104449.22453-1-ard.biesheuvel@linaro.org> <20200225104449.22453-4-ard.biesheuvel@linaro.org> <74e50cfd-148b-7085-417b-b5613f1a7f2c@redhat.com> In-Reply-To: From: "Ard Biesheuvel" Date: Wed, 26 Feb 2020 11:38:41 +0100 Message-ID: Subject: Re: [edk2-devel] [PATCH v2 3/5] ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT To: Laszlo Ersek Cc: edk2-devel-groups-io , Auger Eric , =?UTF-8?Q?Philippe_Mathieu=2DDaud=C3=A9?= , =?UTF-8?B?TWFyYy1BbmRyw6kgTHVyZWF1?= , Stefan Berger , Leif Lindholm Content-Type: text/plain; charset="UTF-8" On Wed, 26 Feb 2020 at 01:31, Laszlo Ersek wrote: > > On 02/26/20 01:24, Laszlo Ersek wrote: > > On 02/25/20 11:44, Ard Biesheuvel wrote: > >> Introduce a boolean PCD that tells us whether TPM support is enabled > >> in the build, and if it is, record the TPM base address in the existing > >> routine that traverses the device tree in the platform PEIM. > >> > >> If a TPM is found, install the gOvmfTpmDiscoveredPpiGuid signalling PPI > >> that will unlock the dispatch of OvmfPkg's Tcg2ConfigPei. If TPM2 > >> support is enabled in the build but no TPM2 device is found, install the > >> gPeiTpmInitializationDonePpiGuid PPI, which is normally installed by > >> Tcg2ConfigPei if no TPM2 is found, but in our case Tcg2ConfigPei will > >> never run so let's do it here instead. > >> > >> Signed-off-by: Ard Biesheuvel > >> --- > >> ArmVirtPkg/ArmVirt.dsc.inc | 6 ++ > >> ArmVirtPkg/ArmVirtPkg.dec | 6 ++ > >> ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c | 101 ++++++++++++++++++-- > >> ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf | 19 +++- > >> 4 files changed, 118 insertions(+), 14 deletions(-) > >> > >> diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc > >> index 10037c938eb8..abb253fdf76a 100644 > >> --- a/ArmVirtPkg/ArmVirt.dsc.inc > >> +++ b/ArmVirtPkg/ArmVirt.dsc.inc > >> @@ -366,6 +366,12 @@ [PcdsFixedAtBuild.common] > >> # > >> gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1 > >> > >> +[PcdsPatchableInModule] > >> + # we need a default resolution for this PCD that supports PcdSet64(), > >> + # even though any actual calls will be compiled out on builds that have > >> + # gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled == FALSE > >> + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 > >> + > >> [Components.common] > >> # > >> # Ramdisk support > > > > I don't understand why this is patchable-in-module, and not dynamic. I > > feel like it's a "textbook case" of a dynamic PCD. What am I missing? > > I've found the dynamic default in patch v2 5/5, in ArmVirtQemu.dsc, so I > guess this is for all *other* ArmVirt platforms. Is that correct? > Yes. > Can we add the PatchPcd to the other DSC files then (ArmVirtQemuKernel > and ArmVirtXen)? I'm a bit uncomfortable with ArmVirtQemu.dsc describing > two access methods for the same PCD, even though (apparently) the > dynamic one will take effect (?) > Sure, that works for me.