From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 27F08740035 for ; Thu, 17 Aug 2023 03:00:29 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=krkgAyMry8N/VGMh6y/cJ0xnX3Z8ZqziJCYJnmVHYus=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:msip_labels:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type; s=20140610; t=1692241228; v=1; b=uhgvjRnLDqLSeizeGvthdIY34gGs3O+3HSXI5X20VcDc/AfUOHMScqbjkflECcXXmZeincPd AhrlneHgopblGFmhvdaGBj7hCM6cBeDpSMNDTMsE7O3+Xg3d35HyttGCRjsDHqH1bE95QeJPSV5 3qj5Z/rwvVXE+iRxkkVF5kRk= X-Received: by 127.0.0.2 with SMTP id xfZcYY7687511xshVZybiaF3; Wed, 16 Aug 2023 20:00:28 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web11.178824.1692241226816917990 for ; Wed, 16 Aug 2023 20:00:27 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10803"; a="439051919" X-IronPort-AV: E=Sophos;i="6.01,178,1684825200"; d="scan'208,217";a="439051919" X-Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Aug 2023 20:00:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10803"; a="684276965" X-IronPort-AV: E=Sophos;i="6.01,178,1684825200"; d="scan'208,217";a="684276965" X-Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by orsmga003.jf.intel.com with ESMTP; 16 Aug 2023 20:00:25 -0700 X-Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Wed, 16 Aug 2023 20:00:24 -0700 X-Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27 via Frontend Transport; Wed, 16 Aug 2023 20:00:24 -0700 X-Received: from NAM04-BN8-obe.outbound.protection.outlook.com (104.47.74.40) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.27; Wed, 16 Aug 2023 20:00:24 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TP3JFujkDeHHE7i+6Cd2/a4b7RYMr0Oxw8xkZGfg6ZHGbIJMwzuwdaqMUKHaOqjLijh1QihS6+/DOMDgkhy6tzSLA8rOrCJFKdIJq8UHNdLKfTrOirLUjYfHegEAmmH9PzaJYwBv/9WqLpyDqXbrgo8esOS5eP2mrIYWkCc40ZGDG3GrRT67+UQcCERZS3Lky2GozK1USD3IK8cwGR+EGOg3BPaOAtHFajwjFjzXBWzr8iZL24MbgbpT3wKvE091mO92pctQN246Snjaq8Qt8tVe79MMw9Y71fgWSUTtSpx648epT9plF1Y5rDCyv1Pa/nwaEDuHFjv7WzDI4phfpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YqLeNCm45+OdIIbQa7xFxRNhog+iZGn+nvxsZlOLsqY=; b=DQph/LZGGK5y2nI0H4/40ax58EmyZa/QBHjr9zPKR9J29qwoOydNAxMnk2R0iEGbNE6SyBJ1qX+CwZNo30bp/lc0cveoaDsO16110GdfBiioUMrUOd6Br4CYmw01/7jBI7bUcG+gM60PZjbnTlQW7bMFCcCzRJRdvzfDfBd+qVkEqUt4+EYqRYaYvDzFwcmbHfPuUqwcnQkE03oxbqEcShjw/iVX09SEqjsX2C5Ip5La3aLGK58y75ClDoutelK34Lmeki/Gw9sg4JYOZO22cjslYnO9bj0B7YO6EI4kTIXwD819yUE6jYB6X/b7Y4dW8vXF+rTwdQeWq9JYUBH5hw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by SA0PR11MB4701.namprd11.prod.outlook.com (2603:10b6:806:9a::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6678.31; Thu, 17 Aug 2023 03:00:21 +0000 X-Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::fdf8:dc0e:db69:f35b]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::fdf8:dc0e:db69:f35b%4]) with mapi id 15.20.6678.029; Thu, 17 Aug 2023 03:00:20 +0000 From: "Yao, Jiewen" To: "Poosapalli, Karunakar" , "Gao, Liming" , "devel@edk2.groups.io" Subject: Re: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib for Clear Graphics Screen To unblock and Display TPM messages Thread-Topic: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib for Clear Graphics Screen To unblock and Display TPM messages Thread-Index: Adm8DJurGgUFmZ0XSiuVHtzYqmi7VgCNo1NgACuqkgACzGH2gAAKjkkAAArdUdABe3nosAATztzw Date: Thu, 17 Aug 2023 03:00:20 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_73dd1fcc-24d7-4f55-9dc2-c1518f171327_Enabled=true; MSIP_Label_73dd1fcc-24d7-4f55-9dc2-c1518f171327_SetDate=2023-08-16T17:28:23Z; MSIP_Label_73dd1fcc-24d7-4f55-9dc2-c1518f171327_Method=Standard; MSIP_Label_73dd1fcc-24d7-4f55-9dc2-c1518f171327_Name=No Protection (Label Only) - Internal Use; MSIP_Label_73dd1fcc-24d7-4f55-9dc2-c1518f171327_SiteId=945c199a-83a2-4e80-9f8c-5a91be5752dd; MSIP_Label_73dd1fcc-24d7-4f55-9dc2-c1518f171327_ActionId=00aa4726-a054-4984-b240-3da3a8130492; MSIP_Label_73dd1fcc-24d7-4f55-9dc2-c1518f171327_ContentBits=2 x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|SA0PR11MB4701:EE_ x-ms-office365-filtering-correlation-id: 3a439a55-8a26-4641-6fcd-08db9ece1822 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: x77TiPSoEWgWSt6nWrpDQD6oCQIURNmUvxIEuLqiTvFp8PCQfsUvGpf4VKvZtjMeAasCV5f3c8QIwXG6l/E9zSFvu2K+qxcTARhNllWYtBM8v6XOtVHGWnpcXL6qknMlQmg0JILdB6FJJhVrVZUCNbvBFfOsT3++EOKq7ipepqzcf7HY7DBb5kKW5+y331H5Ap3+4Y8dzk5so0qu0ngYSiV5oH98f7hqxTblMFm4Bx0REqHUnBM0M/M5Udm3nVrH8rciJKTbZgOh/lPKOwowA/ffgskNcXxhFF1v4ThRtPOZHqVv83DSzvVtXWQ/77nD78DRXMp9zitEws9to5XbQZ9PVRLZCqEDlXmN3Term+UiuvwNz9QhY4VyzE51EuNFf0NIkXx/BL0f2QlfFxDA7Pyp4w4FNqS6SFF4HWh9W/tO9R00uYEuTMu1LHGZyLDEKVdCLqKdaKgTlklWAigot2IHxhwXFgSFXvAunleVfMw5LMCu8u8w3TixoORsQk8POBLm8AgFWiafyJlcYIYkDt8GRdKOugl45/HX11XftJFSH826+9h/gzffgLxFoW+19eZcHW1zccr8JiakjUlW3KuvMIRm2U+QnykrJ6idr4U= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?d6AKijr64Ilq2pTyEZRNN0NaB80Asaw2AU/YdKG0TtXX7e1TCn3eCOb2MYGF?= =?us-ascii?Q?napMCs9fQWCmWUXMV2Q2NEy7yj6kmVExy12Bj7a5M8b4id2/xhECs2qWbH3S?= =?us-ascii?Q?898qtka2PRhjRiIRrcflCF0tvfLgJDgoziM7AFqNboD9gmjBoIA4K1+SSNuU?= =?us-ascii?Q?kK8/u/QuSctLvsZ7xFIOmqmazFapJDSzz9AKczqPlPhvG7gFbOGOu1nm3W+Z?= =?us-ascii?Q?kAw3VTy0/bZ2XCKtdnedyZ+fTRn/cfeh1bfXkFf8gsClpLfQTXr+9eY3+lZ0?= =?us-ascii?Q?g/wX4GS6inKcqWOi9BduQtNHU25sC63lM61LsFrXw5NLrq7VR3atTetVfrEE?= =?us-ascii?Q?DOKmst89YqwPmzh+BzEF5NCBE0azP3q7LtN3UB6bvXPJTfgVK+I4M68KM9zC?= =?us-ascii?Q?BGUtmMeJlgeZQyJH7IbesYY8+Edtb7dXDcsnyjrX/IDkg0lUS6x3+5DGsyEe?= =?us-ascii?Q?usww8WRRIUVATaujuSeF3ryD6tDnSKal0sOxGF+SLid9O99PXQXAO9bXWZPH?= =?us-ascii?Q?YyZsbg1QDXRX/KvHSIdMSavGWFS4JqB1JlhPoi9IkPjoKkK5xbSvvDGT7E6m?= =?us-ascii?Q?n33CXUCpErz0IEbqV9mpVTEckaseYfFQDqF2goaAR7jtVai1aYABps0p0CLj?= =?us-ascii?Q?GLfaWDpDPryuB4FVlmKxpZYr3MOQOdQNyGxfp3ArLxGe5z5ePpCBdeoBBada?= =?us-ascii?Q?X46anr+KHPFa3tlgx7Wb38y9InX2+X/1YtCAwEmOGzvgyOdC3oxCZupo31LW?= =?us-ascii?Q?ROlkfMPNMEtnlIypVXqwRkAxpck6B5xdBntfel+iv/QB4kL6OklNfalr0Lrf?= =?us-ascii?Q?R0r1ssLknv0aNYON3DjND0O6fFJNpPBvvLxc4fxuXLVJ+XPZTNpZ6NTh0pal?= =?us-ascii?Q?f/vIHf3aYBZIidNuC3w9odfiEE9YhnpdtXaLF04MOZKAS9kYZgZrFsRkmSoG?= =?us-ascii?Q?4Eqs1vm0bIh6JfXC0tRKs6ZK3+roCz1M/cMp50BZIVDmDquG2kRC3Fou/GWP?= =?us-ascii?Q?+weHDBwg58h8Qzrbv/UggW0XYAQbKVG+jYq1Alwb12id8bJUBpNhgNPrxORe?= =?us-ascii?Q?flgUVQrkNUKn5AB8jVE4OMpCaVlZUvtqTAovze4GJ8N99zuX2B0G6rgcmNYG?= =?us-ascii?Q?gjC3ZC7aUgbM0c+2DXz/SNrZLzpGLZll7qyfy+oY8po9tJCUStIHvyuXnl2O?= =?us-ascii?Q?iZlpBmtJwfwYTtBZEXHfGXVfzbULS3J8LZQvvVUIulM09BwAjJXF8/zCPyNu?= =?us-ascii?Q?2AUAPlg00ndyRoTv5CdNcoNaVVeLpsoKJibnVgYnZWkun7kSZ9xCqCPc5bBF?= =?us-ascii?Q?UBqN19sibo50KX5/98IrOkGFVcRw6FGN1Q+XkAxMCEdUH50+39B5NVbYXSwM?= =?us-ascii?Q?73XqN1NRQd6GfwrLp/sYYlBK1UoqdZuMUm/NcqPTy7DjFiTdQAwtw3VfXJ3c?= =?us-ascii?Q?T3Do9frUAdC3wk3k3/4ZENUekEgmOYUryXJg/lbaShrfENGnWW4F+di8tkQW?= =?us-ascii?Q?uUbIt8+7DA56gM74shBGEqw0P7VBtcF0nY47uzU8CNjz5eIrfhWtwSoQmhfw?= =?us-ascii?Q?p2r6nUXGrA7PBCOxH+LPj3ACIROQGtiqMO7Xht2D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3a439a55-8a26-4641-6fcd-08db9ece1822 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Aug 2023 03:00:20.8068 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BFPc3s8iJ384tjd4B5LlDxTbuqau9IQfbVT1KkZGVEcB0THbL6vCIUOQWmns4Xut6WLsRnPoin0ytWCxHnNZKw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR11MB4701 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiewen.yao@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: bLH4vJZzX56227sAcd2tU1bTx7686176AA= Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MW4PR11MB5872863CD09C5864306638468C1AAMW4PR11MB5872namp_" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=uhgvjRnL; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}") --_000_MW4PR11MB5872863CD09C5864306638468C1AAMW4PR11MB5872namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Karunakar Thanks for the patient. I think my concern is universal, no matter it is after user input the key o= r not. The clear-screen behavior is a *change*. And it may break the compatibility= . Unless all BIOS consumer in EDKII community agree the behavior, the risk is= always there. To move forward, I would like to hear the feedback from other OEM/ODM/IBV, = who is consuming DxeTcg2PhysicalPresenceLib. Thank you Yao, Jiewen From: Poosapalli, Karunakar Sent: Thursday, August 17, 2023 1:28 AM To: Yao, Jiewen ; Gao, Liming ; devel@edk2.groups.io Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib f= or Clear Graphics Screen To unblock and Display TPM messages Hi @Yao, Jiewen, Could you please share your thoughts. Please let me know if you have any qu= eries or concerns. Thanks & Regards Karunakar Poosapalli Firmware Principal Engineer, Client BIOS Customer BIOS | Dell Core BIOS CPG Software Engineering | Dell Technologies Mobile +91 9951902957 Karunakar_poosapalli@Dell.Com Internal Use - Confidential From: Poosapalli, Karunakar Sent: Wednesday, August 9, 2023 9:59 AM To: Yao, Jiewen; Gao, Liming; devel@edk2.groups.io Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib f= or Clear Graphics Screen To unblock and Display TPM messages Hi @Yao, Jiewen, The proposed solution to clear screen will be called only when user has to = provide the input key. This call will not execute in other conditions. When there is a pending request in Tcg2, system will wait until user press = input key. If there is no proper UI to customer, they feel it's system hang= and go for customer support. Even BIOS vendors also won't come to what is happening at customer box with= out any user information. This is generic issue and not specific to any platform. Thanks for sharing your thoughts. Thanks & Regards Karunakar Poosapalli Firmware Principal Engineer, Client BIOS Customer BIOS | Dell Core BIOS CPG Software Engineering | Dell Technologies Mobile +91 9951902957 Karunakar_poosapalli@Dell.Com Internal Use - Confidential From: Yao, Jiewen > Sent: Wednesday, August 9, 2023 4:44 AM To: Poosapalli, Karunakar; Gao, Liming; devel@edk2.groups.io Cc: Yao, Jiewen Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib f= or Clear Graphics Screen To unblock and Display TPM messages [EXTERNAL EMAIL] My concern is that you unconditionally clear the screen. What if someone di= d want to show something on the screen? This seems an incompatible change. That is why I think it should be a platf= orm policy. Another way is that you may consider to duplicate the library for your plat= form and clear it for your platform. Thank you Yao, Jiewen From: Poosapalli, Karunakar > Sent: Wednesday, August 9, 2023 2:13 AM To: Yao, Jiewen >; Gao, L= iming >; devel@ed= k2.groups.io; Poosapalli, Karunakar > Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib f= or Clear Graphics Screen To unblock and Display TPM messages Hi @Yao, Jiewen, Thanks for your review and feedback. When there is a pending Tcg request, the control will be in Tcg2 library an= d it will not reach to BDS until user press the input key. As there is no information the screen because of screen is blocked by some = other messages/Logo. So user won't able to press the key without any user information and contro= l will not reach to BDS phase. As TCG user confirmation is the highest priority and it blocks the POST unt= il the user presses the input key. Before TCG messages Print on the console= , there should be logic added to clear the graphics screen Please let me know your thoughts. Thanks & Regards Karunakar Poosapalli Firmware Principal Engineer, Client BIOS Customer BIOS | Dell Core BIOS CPG Software Engineering | Dell Technologies Mobile +91 9951902957 Karunakar_poosapalli@Dell.Com Internal Use - Confidential From: Yao, Jiewen > Sent: Tuesday, July 25, 2023 5:48 PM To: Poosapalli, Karunakar; Gao, Liming; devel@edk2.groups.io Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib f= or Clear Graphics Screen To unblock and Display TPM messages [EXTERNAL EMAIL] Hello I agree with you on the problem statement. But I don't think this is a desired solution. We expect Platform BDS to call the PhysicalPresenceLib. As such, why not cl= ear the screen in the platform BDS? Thank you Yao, Jiewen From: Poosapalli, Karunakar > Sent: Monday, July 24, 2023 11:26 PM To: Yao, Jiewen >; Gao, L= iming >; devel@ed= k2.groups.io Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib f= or Clear Graphics Screen To unblock and Display TPM messages Can you please review and share your feedback? Thanks & Regards Karunakar Poosapalli Firmware Principal Engineer, Client BIOS Customer BIOS | Dell Core BIOS CPG Software Engineering | Dell Technologies Mobile +91 9951902957 Karunakar_poosapalli@Dell.Com Internal Use - Confidential From: Poosapalli, Karunakar Sent: Saturday, July 22, 2023 1:21 AM To: jiewen.yao@intel.com; gaoliming; devel@edk= 2.groups.io Subject: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLib for C= lear Graphics Screen To unblock and Display TPM messages Patch review for Bugzilla - https://bugzilla.tianocore.org/show_bug.cgi?id= =3D4462 [bugzilla.tianocore.org] >From c537f9c5c9e02c54e27466b96fe33555afccd358 Mon Sep 17 00:00:00 2001 From: Karunakar Poosapalli karunakar_poosapalli@dell.com Date: Sat, 22 Jul 2023 01:13:44 +0530 Subject: [PATCH] Patch - Enhance Tcg2 to clear graphics before printing the messages on screen [Background] Tcg2UserConfirm() Function is used to display any user conformation message= s on the console Function Definition Full path - SecurityPkg\Library\DxeTcg2PhysicalPresence= Lib\DxeTcg2PhysicalPresenceLib.c [Issue] In the current Tcg2UserConfirm() implementation, This function forms a dest= ination string to be displayed on the console and directly Print the messag= e on Console. But there is no logic added to clear the graphics before printing the messa= ges on the screen. There are some scenarios where Tcg messages might have been blocked by some= other GUI or messages on Console. 1. When there are some messages or logos already displayed in the content= on the console, TCG message will NOT be displayed or corrupted to the End user. 2. There could be a Custom logo displaying on the screen which actually b= locks the screen. [Solution] 1. As TCG user confirmation is the highest priority and it blocks the POS= T until the user presses the input key. Before TCG messages Print on the console, there= should be logic added to clear the graphics screen Cc: gaoliming gaoliming@byosoft.com.cn Cc: Jiewen Jiewen.yao@intel.com REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4462 [bugzilla.tianoc= ore.org] Signed-off-by: Karunakar Poosapalli karunakar_poosapalli@dell.com --- .../DxeTcg2PhysicalPresenceLib.c | 74 +++++++++++++++++++ .../DxeTcg2PhysicalPresenceLib.inf | 1 + 2 files changed, 75 insertions(+) diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physical= PresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physi= calPresenceLib.c index de4f5e583d..bd486f3b5b 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.c +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.c @@ -251,6 +251,74 @@ Tcg2ExecutePhysicalPresence ( } } +/** + Clear Graphics Screen To unblock and Display TPM messages + + @param[in] VOID + @retval EFI_STATUS +**/ +EFI_STATUS +ClearGraphicsScreenToDisplayTpmMessages() +{ + EFI_GRAPHICS_OUTPUT_PROTOCOL *Gop; + EFI_STATUS Status; + EFI_HANDLE *HandleBuffer; + UINTN NumberOfHandles; + UINTN Index; + EFI_DEVICE_PATH_PROTOCOL *GopDevicePath; + + DEBUG((DEBUG_INFO, "ClearGraphicsScreenToDisplayTpmMessages Entry...\n")= ); + + Status =3D gBS->LocateHandleBuffer ( + ByProtocol, + &gEfiGraphicsOutputProtocolGuid, + NULL, + &NumberOfHandles, + &HandleBuffer + ); + DEBUG((DEBUG_INFO, "LocateHandleBuffer Status =3D %r, NumberOfHandles = =3D %x\n", Status, NumberOfHandles)); + + if (EFI_ERROR (Status)) + { + return Status; + } + + for (Index =3D 0; Index < NumberOfHandles; Index++) + { + Status =3D gBS->HandleProtocol ( + HandleBuffer[Index], + &gEfiDevicePathProtocolGuid, + (VOID *)&GopDevicePath + ); + DEBUG((DEBUG_INFO, "HandleProtocol GopDevicePath Status =3D %r, Inde= x =3D %x\n", Status, Index)); + if (EFI_ERROR (Status)) + { + continue; + } + + Status =3D gBS->HandleProtocol ( + HandleBuffer[Index], + &gEfiGraphicsOutputProtocolGuid, + (VOID **) &Gop + ); + DEBUG((DEBUG_INFO, "HandleProtocol Gop Status =3D %r, Index =3D %x\n= ", Status, Index)); + if (EFI_ERROR(Status)) + { + continue; + } + + // Clear the graphics screen to black + Status =3D Gop->Blt(Gop, NULL, EfiBltVideoFill, 0, 0, 0, 0, Gop->Mod= e->Info->HorizontalResolution, Gop->Mode->Info->VerticalResolution, 0); + DEBUG((DEBUG_INFO, "Gop->Blt Status =3D %r, Index =3D %x\n", Status,= Index)); + if (EFI_ERROR(Status)) { + continue; + } + } + + gBS->FreePool (HandleBuffer); + DEBUG((DEBUG_INFO, "ClearGraphicsScreenToDisplayTpmMessages Exit...\n"))= ; + return Status; +} /** Read the specified key for user confirmation. @@ -576,6 +644,12 @@ Tcg2UserConfirm ( BufSize -=3D StrSize (ConfirmText); UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, Tmp= Str2); + // + //Clear Graphics Screen To unblock and Display TPM messages + // + Status =3D ClearGraphicsScreenToDisplayTpmMessages(); + DEBUG((DEBUG_INFO, "ClearGraphicsScreenToDisplayTpmMessages Status =3D %= r\n", Status)); + DstStr[80] =3D L'\0'; for (Index =3D 0; Index < StrLen (ConfirmText); Index +=3D 80) { StrnCpyS (DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Ind= ex, sizeof (DstStr) / sizeof (CHAR16) - 1); diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physical= PresenceLib.inf b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Phy= sicalPresenceLib.inf index e1c7c20d52..de423cfd13 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.inf +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.inf @@ -54,6 +54,7 @@ [Protocols] gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES gEdkiiVariableLockProtocolGuid ## SOMETIMES_CONSUMES + gEfiGraphicsOutputProtocolGuid ## CONSUMES [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ## SOME= TIMES_CONSUMES -- 2.17.0.windows.1 Internal Use - Confidential -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107821): https://edk2.groups.io/g/devel/message/107821 Mute This Topic: https://groups.io/mt/100333271/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --_000_MW4PR11MB5872863CD09C5864306638468C1AAMW4PR11MB5872namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Karunakar

Thanks for the patient.

 

I think my concern is universal, no matter it is aft= er user input the key or not.

The clear-screen behavior is a *change*. And = it may break the compatibility.

 

Unless all BIOS consumer in EDKII community agree th= e behavior, the risk is always there.

 

 

To move forward, I would like to hear the feedback f= rom other OEM/ODM/IBV, who is consuming DxeTcg2PhysicalPresenceLib.

 

Thank you

Yao, Jiewen

 

 

 

From: Poosapalli, Karunakar <KarunakarPoos= apalli@Dell.com>
Sent: Thursday, August 17, 2023 1:28 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; Gao, Liming <gaolim= ing@byosoft.com.cn>; devel@edk2.groups.io
Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresen= ceLib for Clear Graphics Screen To unblock and Display TPM messages

 

Hi @Yao, Jiewen,

 

Could you please share your thoughts. Please let me = know if you have any queries or concerns.

 

Tha= nks & Regards

Kar= unakar Poosapalli

Firmware Principal Engineer, Client BIOS=

Customer BIOS | Dell Core BIOS<= /span>

CPG Software Engineering | Dell Technologies

Mobile +91 9951902957<= /p>

Karunakar_poosapalli@Dell.Com<= /p>

 

 

Internal Use - Confidential

From: Poosapalli, Karunakar
Sent: Wednesday, August 9, 2023 9:59 AM
To: Yao, Jiewen; Gao, Liming; devel@edk2.groups.io
Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresen= ceLib for Clear Graphics Screen To unblock and Display TPM messages

 

Hi @Yao, Jiewen,

 

The proposed solution to clear screen will be called= only when user has to provide the input key. This call will not execute in= other conditions.

When there is a pending request in Tcg2, system will= wait until user press input key. If there is no proper UI to customer, the= y feel it’s system hang and go for customer support.

Even BIOS vendors also won’t come to what is h= appening at customer box without any user information.

This is generic issue and not specific to any platfo= rm.

 

Thanks for sharing your thoughts.

 

Tha= nks & Regards

Kar= unakar Poosapalli

Firmware Principal Engineer, Client BIOS=

Customer BIOS | Dell Core BIOS<= /span>

CPG Software Engineering | Dell Technologies

Mobile +91 9951902957<= /p>

Karunakar_poosapalli@Dell.Com<= /p>

 

 

Internal Use - Confidential

From: Yao, Jiewen <jiewen.yao@intel.com>
Sent: Wednesday, August 9, 2023 4:44 AM
To: Poosapalli, Karunakar; Gao, Liming; devel@edk2.groups.io
Cc: Yao, Jiewen
Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresen= ceLib for Clear Graphics Screen To unblock and Display TPM messages

 

[EXTERNAL EMAIL]

My concern is that you unconditionally clear the scr= een. What if someone did want to show something on the screen?

 

This seems an incompatible change. That is why I thi= nk it should be a platform policy.

 

Another way is that you may consider to duplicate th= e library for your platform and clear it for your platform.

 

Thank you

Yao, Jiewen

 

 

From: Poosapalli, Karunakar <KarunakarPoosapalli@Dell.com>
Sent: Wednesday, August 9, 2023 2:13 AM
To: Yao, Jiewen <jiewen.y= ao@intel.com>; Gao, Liming <gaoliming@byosoft.com.cn>; devel@edk2.groups.io; Poosapall= i, Karunakar <KarunakarP= oosapalli@Dell.com>
Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresen= ceLib for Clear Graphics Screen To unblock and Display TPM messages

 

Hi @Yao, Jiewen,

 

Thanks for your review and feedback.

When there is a pending Tcg request, the control wil= l be in Tcg2 library and it will not reach to BDS until user press the inpu= t key.

As there is no information the screen because of scr= een is blocked by some other messages/Logo.

So user won’t able to press the key without an= y user information and control will not reach to BDS phase.

 

As TCG user confirmation is the highest priority and= it blocks the POST until the user presses the input key. Before TCG messag= es Print on the console, there should be logic added to clear the graphics = screen

 

Please let me know your thoughts.

 

Tha= nks & Regards

Kar= unakar Poosapalli

Firmware Principal Engineer, Client BIOS=

Customer BIOS | Dell Core BIOS<= /span>

CPG Software Engineering | Dell Technologies

Mobile +91 9951902957<= /p>

Karunakar_poosapalli@Dell.Com<= /p>

 

 

Internal Use - Confidential

From: Yao, Jiewen <jiewen.yao@intel.com>
Sent: Tuesday, July 25, 2023 5:48 PM
To: Poosapalli, Karunakar; Gao, Liming; devel@edk2.groups.io
Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresen= ceLib for Clear Graphics Screen To unblock and Display TPM messages

 

[EXTERNAL EMAIL]

Hello

I agree with you on the problem statement.

 

But I don’t think this is a desired solution.<= o:p>

We expect Platform BDS to call the PhysicalPresenceL= ib. As such, why not clear the  screen in the platform BDS?=

 

Thank you

Yao, Jiewen

 

From: Poosapalli, Karunakar <KarunakarPoosapalli@Dell.com>
Sent: Monday, July 24, 2023 11:26 PM
To: Yao, Jiewen <jiewen.y= ao@intel.com>; Gao, Liming <gaoliming@byosoft.com.cn>; devel@edk2.groups.io
Subject: RE: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresen= ceLib for Clear Graphics Screen To unblock and Display TPM messages

 

Can you please review and share your feedback?<= /o:p>

 

 

Tha= nks & Regards

Kar= unakar Poosapalli

Firmware Principal Engineer, Client BIOS=

Customer BIOS | Dell Core BIOS<= /span>

CPG Software Engineering | Dell Technologies

Mobile +91 9951902957<= /p>

Karunakar_poosapalli@Dell.Com<= /p>

 

 

Internal Use - Confidential

From: Poosapalli, Karunakar
Sent: Saturday, July 22, 2023 1:21 AM
To: jiewen.yao@intel.com= ; gaoliming; devel@edk2.groups.io
Subject: [edk2-devel] [PATCH] SecurityPkg: DxeTcg2PhysicalPresenceLi= b for Clear Graphics Screen To unblock and Display TPM messages

 

Patch review for Bugzilla -  https://bugzilla.tianocore.org/show_bug.cgi?id=3D= 4462 [bugzilla.tianocore.org]

 

From c537f9c5c9e02c54e27466b96fe33555afccd358 Mon Se= p 17 00:00:00 2001

From: Karunakar Poosapalli karunakar_poosapalli@dell.com

Date: Sat, 22 Jul 2023 01:13:44 +0530

Subject: [PATCH] Patch - Enhance Tcg2 to clear graph= ics before printing the

messages on screen

 

[Background]

Tcg2UserConfirm() Function is used to display any us= er conformation messages on the console

Function Definition Full path - SecurityPkg\Library\= DxeTcg2PhysicalPresenceLib\DxeTcg2PhysicalPresenceLib.c

 

[Issue]

In the current Tcg2UserConfirm() implementation, Thi= s function forms a destination string to be displayed on the console and di= rectly Print the message on Console.

 

But there is no logic added to clear the graphics be= fore printing the messages on the screen.

 

There are some scenarios where Tcg messages might ha= ve been blocked by some other GUI or messages on Console.

  1. When there are some messages or logos alre= ady displayed in the content on the console,

     TCG message will NOT be dis= played or corrupted to the End user.

  2. There could be a Custom logo displaying on= the screen which actually blocks the screen.

 

[Solution]

  1. As TCG user confirmation is the highest pr= iority and it blocks the POST until the user

     presses the input key. Befo= re TCG messages Print on the console, there should be logic

     added to clear the graphics= screen

 

Cc: gaoliming gaoliming@byosoft.com.cn

Cc: Jiewen  Jiewen.yao@intel.com

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4462 [bugzilla.tianocore.o= rg]

Signed-off-by: Karunakar Poosapalli karunakar_poosapalli@dell.com

---

.../DxeTcg2PhysicalPresenceLib.c   &n= bsp;          | 74 +++++++++++= ++++++++

.../DxeTcg2PhysicalPresenceLib.inf   =          |  1 +

2 files changed, 75 insertions(+)

 

diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPres= enceLib/DxeTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalP= resenceLib/DxeTcg2PhysicalPresenceLib.c

index de4f5e583d..bd486f3b5b 100644

--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib= /DxeTcg2PhysicalPresenceLib.c

+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib= /DxeTcg2PhysicalPresenceLib.c

@@ -251,6 +251,74 @@ Tcg2ExecutePhysicalPresence (

   }

}

 

+/**

+  Clear Graphics Screen To unblock and Display= TPM messages 

+

+  @param[in]  VOID

+  @retval     EFI_STATUS

+**/

+EFI_STATUS

+ClearGraphicsScreenToDisplayTpmMessages()

+{

+  EFI_GRAPHICS_OUTPUT_PROTOCOL *Gop;

+  EFI_STATUS Status;

+  EFI_HANDLE     &nbs= p;            &= nbsp;           *HandleBu= ffer;

+  UINTN      &nb= sp;            =             &nb= sp;   NumberOfHandles;

+  UINTN      &nb= sp;            =             &nb= sp;   Index;

+  EFI_DEVICE_PATH_PROTOCOL   &n= bsp;            *Gop= DevicePath;

+

+  DEBUG((DEBUG_INFO, "ClearGraphicsScreen= ToDisplayTpmMessages Entry...\n"));

+

+  Status =3D gBS->LocateHandleBuffer (=

+        &nb= sp;   ByProtocol,

+        &nb= sp;   &gEfiGraphicsOutputProtocolGuid,

+        &nb= sp;   NULL,

+        &nb= sp;   &NumberOfHandles,

+        &nb= sp;   &HandleBuffer

+        &nb= sp;   );

+  DEBUG((DEBUG_INFO, "LocateHandleBuffer = Status =3D %r, NumberOfHandles =3D %x\n", Status, NumberOfHandles));

+

+  if (EFI_ERROR (Status))

+  {

+    return Status;

+  }

+  for (Index =3D 0; Index < NumberOfHandles= ; Index++)

+    {

+      Status =3D gBS->H= andleProtocol (

+        &nb= sp;       HandleBuffer[Index],

+        &nb= sp;       &gEfiDevicePathProtocolGuid,

+        &nb= sp;       (VOID *)&GopDevicePath

+        &nb= sp;       );

+      DEBUG((DEBUG_INFO, &= quot;HandleProtocol GopDevicePath Status =3D %r, Index =3D %x\n", Stat= us, Index));

+      if (EFI_ERROR (Statu= s))

+        {

+        &nb= sp; continue;

+        }

+

+      Status =3D gBS->H= andleProtocol (

+        &nb= sp;       HandleBuffer[Index],

+        &nb= sp;       &gEfiGraphicsOutputProtocolGuid= ,

+        &nb= sp;       (VOID **) &Gop

+        &nb= sp;       );

+      DEBUG((DEBUG_INFO, &= quot;HandleProtocol Gop Status =3D %r, Index =3D %x\n", Status, Index)= );

+      if (EFI_ERROR(Status= ))

+        {

+        &nb= sp;   continue;

+        }

+

+      // Clear the graphic= s screen to black

+      Status =3D Gop->B= lt(Gop, NULL, EfiBltVideoFill, 0, 0, 0, 0, Gop->Mode->Info->Horizo= ntalResolution, Gop->Mode->Info->VerticalResolution, 0);

+      DEBUG((DEBUG_INFO, &= quot;Gop->Blt Status =3D %r, Index =3D %x\n", Status, Index));=

+      if (EFI_ERROR(Status= )) {

+        continue= ;

+      }

+    }

+

+  gBS->FreePool (HandleBuffer);<= /p>

+  DEBUG((DEBUG_INFO, "ClearGraphicsScreen= ToDisplayTpmMessages Exit...\n"));

+  return Status;

+}

/**

   Read the specified key for user confirm= ation.

 

@@ -576,6 +644,12 @@ Tcg2UserConfirm (

   BufSize -=3D StrSize (ConfirmText);

   UnicodeSPrint (ConfirmText + StrLen (Co= nfirmText), BufSize, TmpStr1, TmpStr2);

 

+  //

+  //Clear Graphics Screen To unblock and Displ= ay TPM messages

+  //

+  Status =3D ClearGraphicsScreenToDisplayTpmMe= ssages();

+  DEBUG((DEBUG_INFO, "ClearGraphicsScreen= ToDisplayTpmMessages Status =3D %r\n", Status));

+

   DstStr[80] =3D L'\0';

   for (Index =3D 0; Index < StrLen (Co= nfirmText); Index +=3D 80) {

     StrnCpyS (DstStr, sizeof (D= stStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CH= AR16) - 1);

diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPres= enceLib/DxeTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcg2Physica= lPresenceLib/DxeTcg2PhysicalPresenceLib.inf

index e1c7c20d52..de423cfd13 100644

--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib= /DxeTcg2PhysicalPresenceLib.inf

+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib= /DxeTcg2PhysicalPresenceLib.inf

@@ -54,6 +54,7 @@

[Protocols]

   gEfiTcg2ProtocolGuid   &= nbsp;           &nbs= p; ## SOMETIMES_CONSUMES

   gEdkiiVariableLockProtocolGuid &nb= sp;     ## SOMETIMES_CONSUMES

+  gEfiGraphicsOutputProtocolGuid  &n= bsp;    ## CONSUMES

 

 [Pcd]

   gEfiSecurityPkgTokenSpaceGuid.PcdTcg2Ph= ysicalPresenceFlags       ## SOMETIMES_CONSUM= ES

--

2.17.0.windows.1

 

 

Internal Use - Confidential

_._,_._,_
Groups.io Links:

=20 You receive all messages sent to this group. =20 =20

View/Reply Online (#107821) | =20 | Mute= This Topic | New Topic
Your Subscriptio= n | Contact Group Owner | Unsubscribe [rebecca@openfw.io]

_._,_._,_
--_000_MW4PR11MB5872863CD09C5864306638468C1AAMW4PR11MB5872namp_--