From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web08.314.1631658377363167897 for ; Tue, 14 Sep 2021 15:26:18 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=WI/bblIF; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10107"; a="209239111" X-IronPort-AV: E=Sophos;i="5.85,292,1624345200"; d="scan'208";a="209239111" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2021 15:26:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,292,1624345200"; d="scan'208";a="609859483" Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86]) by fmsmga001.fm.intel.com with ESMTP; 14 Sep 2021 15:26:14 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Tue, 14 Sep 2021 15:26:14 -0700 Received: from fmsmsx611.amr.corp.intel.com (10.18.126.91) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Tue, 14 Sep 2021 15:26:14 -0700 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx611.amr.corp.intel.com (10.18.126.91) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Tue, 14 Sep 2021 15:26:14 -0700 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.171) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.12; Tue, 14 Sep 2021 15:26:13 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=B5KFlWXHsohqa0vMqMDn/gBFtPtqmRKCUrEvNxPzkT/s/ohS2BIEF1bdhwCImG4V/Vsf0294gJ1h5GkacHzNU+lgtDjYA/b3ekDb/B/2gDNeY3XHbP8dmJAdh9w/ugFIt2tlep3Ddv3HFDdSETeSYydtRc0CXrts1Sarldf3c7apWE9l64CuR0o9WxNHYJQObruv8yEvxIowaWQEeIvZq458HEp4hhJVdYjC2eQf4p5n4OtKhZwIPvCPmV80A7KA2Uvo6CZ3R49Ben1ZwAGgC1jaYJVC14YqtpUFq5tmm1rwJT0HXIw6HEPdo04XLTwj82j3AYnXB6ofYPz9pkEu0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=h5uTQyAXGy0HmN5MUujyEWEfvDZI+3PU+fFpdUjB+rA=; b=cQUS5w3YUe21tjtQGdX97AtSkglPFzC6f7F9QUbN6tvnqJGMYz8Wb9Cn3S9qlljzsyIGizd7MwQ3jwvxTbVLHjPo9W8qagmEYw973OrlBwcd5h4dIjvBrFEIcOSjWWOMqdwgFeYW1wFK6eXytpr5OaDqufyZmD9bO4EWf/T5uJMlUCMUfGRTZ5rVfcJsDoHcVHEBI/COowqGYxmU2VKoIe34USh96Xhaxt6B4jGe8BazPiYD0DP72T6tBFN+PBjLpEj1BrqtRAVDiV5yIGEtxgakrd+XWn73WM09WP32MqQ7VZBIvHq315FIz7mF466Ka5VicVNOEgF7e5MEWcYHOg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=h5uTQyAXGy0HmN5MUujyEWEfvDZI+3PU+fFpdUjB+rA=; b=WI/bblIFo9faMdnMkEQPJCZOPNWPxxreKRfINAYfovNqTUyzBJhlKuUBZxXDvdMdbotNLBHqTwpYGWW8wPv7r8vU30Sn/Q40un4tafv7frfO06U1qT3kOUYdqeiPa+Mynx33xqZj7F8p9X9fS1yvu+34uGbIbpZZckXfqQ8gYqQ= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB5160.namprd11.prod.outlook.com (2603:10b6:510:3e::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.16; Tue, 14 Sep 2021 22:26:12 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::754e:42e9:16cd:1306]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::754e:42e9:16cd:1306%7]) with mapi id 15.20.4500.019; Tue, 14 Sep 2021 22:26:12 +0000 From: "Yao, Jiewen" To: Stefan Berger , "devel@edk2.groups.io" CC: "mhaeuser@posteo.de" , "spbrogan@outlook.com" , "marcandre.lureau@redhat.com" , "kraxel@redhat.com" Subject: Re: [PATCH v2 0/4] OvmfPkg: Disable the TPM 2 platform hierarchy Thread-Topic: [PATCH v2 0/4] OvmfPkg: Disable the TPM 2 platform hierarchy Thread-Index: AQHXqXNseoUvYxKIaEi8ChHdNJLxcKukGrMQ Date: Tue, 14 Sep 2021 22:26:12 +0000 Message-ID: References: <20210914141818.2583900-1-stefanb@linux.ibm.com> In-Reply-To: <20210914141818.2583900-1-stefanb@linux.ibm.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.200.16 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: linux.ibm.com; dkim=none (message not signed) header.d=none;linux.ibm.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 7a3e4c86-ff04-4e25-c9bf-08d977cea8c8 x-ms-traffictypediagnostic: PH0PR11MB5160: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: IguJEAF7Q4aOxFcv1LdSWpQH5kExYd4vZ1FPozHAB31xUWrceJ6/6pceDLSEJVrupBcllRxogeKhy4bx0Th6KeYHfXro1CObTkKCrcV1+0QqoWyt77/6exFTmcrxBaHdfr2srXYURDOl3tCVoXCFvuR10YJ/2K6z76J0S4aZs4csUWR9J4LqJGn7Fv2RMLDHQX7rvJyI+9kS3wdPQp1jLVAfjCS1876o0+98ykdWjdvUsJ0cpI5vUdHqKndxwhRR67+i2JrqiGuLIJVq1IXFDo+2Zju/3HXKLgZRoipfoHyxvfH3gEzpsgXO9PFvxrgNYMayi+AlxINCumOQPcStL5znaAyl7NgRp19fIt84nzUdFjABLi0AXlTcZxlY8XjZ+Kx7nI5NqBF3AR/1XcSWDwZbw0KrfiYJDyw4kCjPOlDZXL8ORX87oSDyhjpXkFQgmQyv/7YOt2M69lpORNuNGoWx6E7qiaEeloviq91z7/zEB18VT/4ydGKRILcVvVuK50rfsPGjJ2z/n71yJeLE5bXLDvwPMb9zVEWhTQCpAUALEWmEOsxvQnV53Nx1ekzCUdy/Jgqas3nhj3MEOl2Thv3aJ0fnim/EL8cpT1JILcsSn/alxb+TNMDwcSW9Dj18543PK/XsbioYJgZ5FsJc3RN6FbP9isqv3JAXTMBJF5b/mKvUCdqAN1gMNjJGYu3HeZuIs2jFjv4y4PxwNfLCeQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39850400004)(366004)(396003)(376002)(136003)(346002)(186003)(52536014)(19627235002)(86362001)(53546011)(38070700005)(5660300002)(33656002)(83380400001)(110136005)(71200400001)(8936002)(316002)(6506007)(2906002)(54906003)(45080400002)(122000001)(4326008)(38100700002)(26005)(9686003)(7696005)(66946007)(66476007)(478600001)(55016002)(76116006)(8676002)(64756008)(66556008)(66446008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?XvPXherzySz8dALm65j79B8s1M/Hd7QBHv3+QjqgfMP7cSkLZLi4qXa3WI0j?= =?us-ascii?Q?y4Z2O4/KxJg3WkyNRDT86my+Xc8lOL40rzJMmEnok22fDAr9laQ6ZWwvayEO?= =?us-ascii?Q?17EbcwRrWjJdWecD+WKs0+AyiV5OSEjPkBMmYUIitcUXbi1eaHT1k3nd3nO7?= =?us-ascii?Q?xrm3co4QOqzj99oHv+vJy/Y3tSaG4TzjkSFDWLIwFLG3ri30h8Oy9cPjEuPp?= =?us-ascii?Q?6Od85qc2C5DROvvJCvEgqfojaB4O+B6IMhuXKLNi2tVDO3Ym1GalqXXS/qI/?= =?us-ascii?Q?ntQaKzrB6qxVcGOKO+GOGIIQk/cmUxa4blrd45RMux0AfK1GMdRoCV7pZ6rC?= =?us-ascii?Q?SwWK/Omlb5HPoFH7K1Fw7N6dL+W9f+oO4ljixsrVhWGLnUACuSOwmd/yfjsu?= =?us-ascii?Q?ytLacOaiX4A+AYnG4xDffEZBw2mtHVNfayfSBE/1Kgntk4/qdkCVZUrzdlm4?= =?us-ascii?Q?FDuBrukGTKZXCLiJGWPEAuXBNGrfmXfaNJXgpOGUAnxmAtkKe5yzXkAJzPjg?= =?us-ascii?Q?2p1u61WP9JOZj1494Xu8QWPGxLSuElKQn34IjRxWvjS5n9vgSUkFjJnmecrl?= =?us-ascii?Q?bqQAy6lF8xB/YM0mWftYEVb+5UFBbFTrNXcCIBM3YDc1OxMmi9zfyYFNNqNF?= =?us-ascii?Q?C3zSl8wsXGwpktrJCnDpIZ6ZAa8DYUUfDcxkgmHlmUZUYsvReKPWW9pwP3qq?= =?us-ascii?Q?C+E/hwcdS5yc0TEeakWMtf7Oxkuf2T3KDG4tdpQID1ENoYrIPGBeG0dXc/iN?= =?us-ascii?Q?/5Vu+AyO6QIHquSya3kNfiJTwFd6g44hqcC93dfiTZAXO/xPNV1rPiISDrD+?= =?us-ascii?Q?TXVsDPm0lfV52jQeJA8MZy6enfyUBxm/CzkexPihaAHOr/3vePStCea4nko0?= =?us-ascii?Q?InzN6xnPIPgxCm1D+bgpM2dAEHDuLEhf4V5372qAxaznffDtnk3ezB4EXYsz?= =?us-ascii?Q?ogg8tx75zyJAiGXFMf6MmHskTlZ/h2tM1Hj4iEoRs4JIIWz2IHDPV5Qbj5M8?= =?us-ascii?Q?2GQnjJ7Z+/klX6CrSIC7eB5Z68xfRy8rRl/cv5PmHlz8ZhkdRCE+ODJ1t3uM?= =?us-ascii?Q?cF7EwTQKj11apw6M/2KQEWc8An3Pb7B3DnFX5BgEdHfd/4CgThRvwIlVIELz?= =?us-ascii?Q?rwOEqXtA6oK1WeVkfr32PO8JtK0VCgzW8Syb/96j09PU4JiVAf5K5KyOe41t?= =?us-ascii?Q?HiU+MmZeEd8Qhg2psUCYfxSRKzlB6xNXzYIHwrFeeZVtJ/pHySF7VAG5Ub3O?= =?us-ascii?Q?jllqRY/kuNV3DhuNPKcwJveiX/J1k0n7t8tTz2Ux4670YXR+fSkxaDL8MHo2?= =?us-ascii?Q?VcqBYyJFbxUywb2HxNmBmCRq?= x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7a3e4c86-ff04-4e25-c9bf-08d977cea8c8 X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Sep 2021 22:26:12.7279 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: /BWAs+oF+7LgX+5R0x2EbsGjV4hYPSisTMg8GFCrtSHGCeM5GBwsKceTKQkR/VocxKZLftx/PmoZiiywedRUvg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5160 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen Yao I will wait for a week, to see if there is any feedback from AMD or Bhyve r= eviewer. Thank you Yao Jiewen > -----Original Message----- > From: Stefan Berger > Sent: Tuesday, September 14, 2021 10:18 PM > To: devel@edk2.groups.io > Cc: mhaeuser@posteo.de; spbrogan@outlook.com; > marcandre.lureau@redhat.com; kraxel@redhat.com; Yao, Jiewen > ; Stefan Berger > Subject: [PATCH v2 0/4] OvmfPkg: Disable the TPM 2 platform hierarchy >=20 > This series of patches adds support for disabling the TPM 2 platform > hierarchy to Ovmf. To be able to do this we have to handle TPM 2 > physical presence interface (PPI) opcodes before the TPM 2 platform > hierarchy is disabled otherwise TPM 2 commands that are sent due to the > PPI opcodes may fail if the platform hierarchy is already disabled. > Therefore, we need to invoke the handler function > Tcg2PhysicalPresenceLibProcessRequest from within > PlatformBootManagerBeforeConsole. Since handling of PPI opcodes may > require > interaction with the user, we also move PlatformInitializeConsole > to before the handling of PPI codes so that the keyboard is available > when needed. The PPI handling code will activate the default consoles > only if it requires user interaction. >=20 > Regards, > Stefan >=20 > v2: > - 1/4: Added missing link library > - 2/4: Modified other BdsPlatform.c files as well > - Added Yao's comments to 1/2 and 2/2 >=20 > Stefan Berger (4): > OvmfPkg/TPM PPI: Connect default consoles for user interaction > OvmfPkg: Handle TPM 2 physical presence opcodes much earlier > OvmfPkg: Reference new Tcg2PlatformDxe in the build system for > compilation > OvmfPkg: Reference new Tcg2PlatformPei in the build system >=20 > OvmfPkg/AmdSev/AmdSevX64.dsc | 8 ++++++++ > OvmfPkg/AmdSev/AmdSevX64.fdf | 2 ++ > .../PlatformBootManagerLib/BdsPlatform.c | 19 +++++++++++-------- > .../PlatformBootManagerLibBhyve/BdsPlatform.c | 16 +++++++++------- > .../PlatformBootManagerLibGrub/BdsPlatform.c | 16 +++++++++------- > .../DxeTcg2PhysicalPresenceLib.c | 5 +++++ > .../DxeTcg2PhysicalPresenceLib.inf | 1 + > OvmfPkg/OvmfPkgIa32.dsc | 8 ++++++++ > OvmfPkg/OvmfPkgIa32.fdf | 2 ++ > OvmfPkg/OvmfPkgIa32X64.dsc | 8 ++++++++ > OvmfPkg/OvmfPkgIa32X64.fdf | 2 ++ > OvmfPkg/OvmfPkgX64.dsc | 8 ++++++++ > OvmfPkg/OvmfPkgX64.fdf | 2 ++ > 13 files changed, 75 insertions(+), 22 deletions(-) >=20 > -- > 2.31.1