From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 by mx.groups.io with SMTP id smtpd.web12.13145.1596465187301661180
 for <devel@edk2.groups.io>;
 Mon, 03 Aug 2020 07:33:07 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=rAgguF9k;
 spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: jian.j.wang@intel.com)
IronPort-SDR: F3TbH/7OFhf8rJct22w3bGxBly7R8xOdVF6Jcc7lEqLA1FxAJ8MD5rppRlX6MmEfYJDk79Gi8s
 CH5pfUynjwvA==
X-IronPort-AV: E=McAfee;i="6000,8403,9701"; a="170206443"
X-IronPort-AV: E=Sophos;i="5.75,430,1589266800"; 
   d="scan'208";a="170206443"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga001.jf.intel.com ([10.7.209.18])
  by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Aug 2020 07:33:05 -0700
IronPort-SDR: suQKq+iREvJ1OZ2TrqhJIRFctFSwmGJP9AU7LHw21mEajbTGLcRt80upqRlRb3CMkHuWZ8jwb5
 D7pHtAaiaMkw==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.75,430,1589266800"; 
   d="scan'208";a="366358286"
Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14])
  by orsmga001.jf.intel.com with ESMTP; 03 Aug 2020 07:33:06 -0700
Received: from orsmsx608.amr.corp.intel.com (10.22.229.21) by
 ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1713.5; Mon, 3 Aug 2020 07:33:05 -0700
Received: from orsmsx608.amr.corp.intel.com (10.22.229.21) by
 ORSMSX608.amr.corp.intel.com (10.22.229.21) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1713.5; Mon, 3 Aug 2020 07:33:05 -0700
Received: from ORSEDG001.ED.cps.intel.com (10.7.248.4) by
 orsmsx608.amr.corp.intel.com (10.22.229.21) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5
 via Frontend Transport; Mon, 3 Aug 2020 07:33:05 -0700
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.176)
 by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Mon, 3 Aug 2020 07:33:02 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=PvXVcYVfxIJ4mDrBGFXVs/3wZ/sjlyBFQS/5Btb01DebpOz8v3lacN+iITWdrnASqBQCw7V9+ovOPeL6HCxP9UaWtJh/1/LlapohmJbVqMyAA0YNOe7YXVr2Usf+Et1DoxaUpHOQDZFMZyT7yAdyi9EzjhOkcxTwfIyVsTda7MPmTpBI31A6qSEDT+6NK6xBPGzSChtDjH1f/ppwOGCLvj2auOasvlsCLtGV7kaKmnUJ8jKFTgdLXOQzk4YB5GsP1mudNr/b1B9ihVjCAxAqMVb+fATVTlVVIJNpzgoSwq8YpSPkh9GFnfxMorStgH7u4nMWUNQRw303DjDFNqYMZQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=49bhF54Gu9Uri+xOeopQogjoudrJt0Iq0nu93VFV7bU=;
 b=Qprz9XtXTOHa1aZVTb37hmDeW9yEfp9CQQAc0AEY/5KVrPr1CvGF8BQr4VEyaB2ZMQwE+w5RmPR6ySy3w/r2L97A/SK6mIsltBpKTvMipotNltBXCuBy1celkbD2YLqTXpkmxb84VdmZQws+6CKy+iAr3AgA3jqsmSgS2jrvEbD7Acjp2DwSzKfivCxOWYGI3Bpj0z6Px1w6FjnGIB9+GG1Bbu98qWZac4DZcjkM5Pytw4IZEgAMKm38OLMqlCt12SY/vLfD8Q+/G79ttVOxPs6zuY3LGCqZA7GDeP/WPMTI68CxfQkf1rXcomAIZz+R3MGqifBPi/Y31ZOg4ANm2A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=49bhF54Gu9Uri+xOeopQogjoudrJt0Iq0nu93VFV7bU=;
 b=rAgguF9k63UHlLQ1MR1MZ0Esy4ny6R0UG8m62hIzTKjotRNViRrjNBjHMZpszLLiyUHMoB72ss+s2Iau2Cb7T4hklRlOtFP0DNeP+8RbF3E0/eXG8s4M4hR2yIBTfXMTdI+dsl8cY6jW+m8DwQpTIdSOoHbKKeDcjsO369pDqW0=
Received: from SN6PR11MB3312.namprd11.prod.outlook.com (2603:10b6:805:c8::14)
 by SN6PR11MB3405.namprd11.prod.outlook.com (2603:10b6:805:c0::27) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.20; Mon, 3 Aug
 2020 14:32:56 +0000
Received: from SN6PR11MB3312.namprd11.prod.outlook.com
 ([fe80::bc48:4db0:9666:124e]) by SN6PR11MB3312.namprd11.prod.outlook.com
 ([fe80::bc48:4db0:9666:124e%7]) with mapi id 15.20.3239.021; Mon, 3 Aug 2020
 14:32:56 +0000
From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "Zhang, Qi1"
	<qi1.zhang@intel.com>
CC: "Yao, Jiewen" <jiewen.yao@intel.com>, Chao Zhang <chao.b.zhang@intel.com>,
	"Kumar, Rahul1" <rahul1.kumar@intel.com>
Subject: Re: [edk2-devel] [PATCH v4 2/2] SecurityPkg/Tcg2Config: remove TPM2_ChangEPS if it is not supported.
Thread-Topic: [edk2-devel] [PATCH v4 2/2] SecurityPkg/Tcg2Config: remove
 TPM2_ChangEPS if it is not supported.
Thread-Index: AQHWZLgQovCEVdVF8Uqm8VDuUb/aaqkmfHiQ
Date: Mon, 3 Aug 2020 14:32:56 +0000
Message-ID: <SN6PR11MB33125EBE65E583EFE7BEA830B64D0@SN6PR11MB3312.namprd11.prod.outlook.com>
References: <20200728082040.13955-1-qi1.zhang@intel.com>
 <20200728082040.13955-3-qi1.zhang@intel.com>
In-Reply-To: <20200728082040.13955-3-qi1.zhang@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiODVlNDMwNmYtNDZiMi00Yzc0LWIzMzktZWZjZDc1ODc2ZTZkIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiejdCdnRVcjhIQm9DTjUyY2NKam9aSVlyNGFnUFpDNTdcL0VCbHFVYWRpM1wvYm5iWWh6WE1vUmFKWTVyWklKM1VjIn0=
dlp-reaction: no-action
dlp-version: 11.5.1.3
dlp-product: dlpe-windows
x-ctpclassification: CTP_NT
authentication-results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com;
x-originating-ip: [192.198.147.196]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 91180505-ee39-4568-c60d-08d837ba1d2b
x-ms-traffictypediagnostic: SN6PR11MB3405:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <SN6PR11MB3405F27D8A0DB891139519BFB64D0@SN6PR11MB3405.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: eICG5GoWpIIBip4OZt5Wt/vZW2TXzqMPEaqx3lMGZLB0XcUCvTi96J6RxG0drtwP+JcgZd309tjS0N0YSpatY8XHjQebz2zGJ4hgtZ53oxspeW0A0ERKvWx4LrJiWZwhCu3+qxAcoLTBOWAVsilipyui2k8a6h7MaMK0LxJCifBJZfcrQP+OD2FmUX4JpBG8IswsYynvI8yzL3Xusx89CH13cinUx1KI8ejiXirxBc04CGvif0AiDouzq1FFSpAPII2U2clWGI2wZd2+rQ4bRIYE51wslZSgvpZIEeMxmvq5T56jH2dGdnI3ppSGw3QQKOW4ABKkW4IjmHw3I6rFhNsn5glTsGb4ppLYuZR9ac+W6866J3m9ef5Oze1O4fRxaAVO1VQH+7RgbGRXUawDbQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR11MB3312.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(136003)(346002)(376002)(366004)(396003)(39860400002)(71200400001)(54906003)(26005)(66556008)(107886003)(186003)(110136005)(66476007)(66946007)(53546011)(66446008)(316002)(8676002)(6506007)(8936002)(64756008)(76116006)(7696005)(5660300002)(15650500001)(52536014)(9686003)(33656002)(6636002)(4326008)(478600001)(966005)(19627235002)(55016002)(83380400001)(86362001)(2906002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata: iRK005aFKcw59EBZcOXHdTlu1WgNwkPsKoBgWHYjU8czRGI5Xs67TsyLGBrS1wOFZ46hLvvtEyu0zmpnXSR6Vls5ER0fI/XxIWkEEvObsl34WpaRuowTXPZV2g8Kqg5YPzV3qzg5MG6IGKF0YFnUo6XALbkHKkVqQ6T+NItiQWlRG841iSruVFTJPAI64c9wVcL+F2OKit8WKymiUxuSy+eowsl+hul4b24pJzO3iezAeAtPwQxRAseOfePbXnNQEOTK7uuqHTZtaXczX2miLS7Aqxy2SDZF6U/Ukr50rUZEuil+C7inEruznzeOyRnspyeOfgL8+v+Q5l8HOqt+6S2Q8ZHQSX/P1ep7WyqXoTNuh7MWywrdKOcXWYRFk0S7IRlDl05i2kfa9q7tNPn0Bxz7iNXlwsuAYjM6d/edi9yBVxsuq7S1N9XPB8e6oWFAdUh8OsbILNGNLr1AjV/chpXjY54yFRGUl+DsOlDGrz82m27CY8DJFhxeC4cChMMvSM5FKZDSX+6ovNupFOmy5ldNof0vzmmGqIMjmg1+coAwgI1Y0y6g3ekqjprI0Vcs/SeXDO1tzcW+GMDvsPalifGG3nxNjO6w4DZPUZvYUkRlbiZ7nA8CBHHsadrVt15lWfGcWoPseuNILhBlDWGK9w==
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN6PR11MB3312.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 91180505-ee39-4568-c60d-08d837ba1d2b
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Aug 2020 14:32:56.4508
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QentU0gwgHG7oXmUVBurzLIIEuuPJliuqDlSp4Z4aPMfjzcLfnDtcBfqA8FBiCFhouCJdTglRFZIpaWb3wVIUg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR11MB3405
Return-Path: jian.j.wang@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable



Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

Regards,
Jian

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Qi Zhang
> Sent: Tuesday, July 28, 2020 4:21 PM
> To: devel@edk2.groups.io
> Cc: Zhang, Qi1 <qi1.zhang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Chao Zhang <chao.b.zhang@intel.com>=
;
> Kumar, Rahul1 <rahul1.kumar@intel.com>
> Subject: [edk2-devel] [PATCH v4 2/2] SecurityPkg/Tcg2Config: remove
> TPM2_ChangEPS if it is not supported.
>=20
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2793
>=20
> In current implementation TPM2_ChangeEPS command is always available
> in the TPM2 operation pull down list in TCG2 Configuration, which
> is confusing when the command is not supported by specific TPM chip.
> As a user experience improvement, TPM2_ChangeEPS command should be
> removed from the list when it is not supported.
>=20
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Rahul Kumar <rahul1.kumar@intel.com>
> Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
> ---
>  SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr     | 2 ++
>  SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c   | 7 +++++++
>  SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h | 1 +
>  3 files changed, 10 insertions(+)
>=20
> diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr
> b/SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr
> index 91a463997c..47d63b009d 100644
> --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr
> +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr
> @@ -144,7 +144,9 @@ formset
>              option text =3D STRING_TOKEN(STR_TCG2_DISABLE), value =3D
> TCG2_PHYSICAL_PRESENCE_DISABLE, flags =3D RESET_REQUIRED;
>=20
>              option text =3D STRING_TOKEN(STR_TCG2_CLEAR), value =3D
> TCG2_PHYSICAL_PRESENCE_CLEAR, flags =3D RESET_REQUIRED;
>=20
>              option text =3D STRING_TOKEN(STR_TCG2_SET_PCD_BANKS), value =
=3D
> TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS, flags =3D RESET_REQUIRED;
>=20
> +            suppressif ideqval TCG2_CONFIGURATION_INFO.ChangeEPSSupporte=
d
> =3D=3D 0;
>=20
>              option text =3D STRING_TOKEN(STR_TCG2_CHANGE_EPS), value =3D
> TCG2_PHYSICAL_PRESENCE_CHANGE_EPS, flags =3D RESET_REQUIRED;
>=20
> +            endif
>=20
>              option text =3D STRING_TOKEN(STR_TCG2_LOG_ALL_DIGESTS), valu=
e =3D
> TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS, flags =3D RESET_REQUIRED;
>=20
>              option text =3D
> STRING_TOKEN(STR_TCG2_DISABLE_ENDORSEMENT_ENABLE_STORAGE_HIER
> ARCHY), value =3D
> TCG2_PHYSICAL_PRESENCE_DISABLE_ENDORSEMENT_ENABLE_STORAGE_HIER
> ARCHY, flags =3D RESET_REQUIRED;
>=20
>      endoneof;
>=20
> diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c
> b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c
> index baa8fcd08d..2946f95db0 100644
> --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c
> +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c
> @@ -788,6 +788,7 @@ InstallTcg2ConfigForm (
>    CHAR16                          TempBuffer[1024];
>=20
>    TCG2_CONFIGURATION_INFO         Tcg2ConfigInfo;
>=20
>    TPM2_PTP_INTERFACE_TYPE         TpmDeviceInterfaceDetected;
>=20
> +  BOOLEAN                         IsCmdImp =3D FALSE;
>=20
>=20
>=20
>    DriverHandle =3D NULL;
>=20
>    ConfigAccess =3D &PrivateData->ConfigAccess;
>=20
> @@ -870,6 +871,12 @@ InstallTcg2ConfigForm (
>      HiiSetString (PrivateData->HiiHandle, STRING_TOKEN
> (STR_TPM2_SUPPORTED_HASH_ALGO_CONTENT), TempBuffer, NULL);
>=20
>    }
>=20
>=20
>=20
> +  Status =3D Tpm2GetCapabilityIsCommandImplemented (TPM_CC_ChangeEPS,
> &IsCmdImp);
>=20
> +  if (EFI_ERROR (Status)) {
>=20
> +    DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityIsCmdImpl fails %r\n", Status=
));
>=20
> +  }
>=20
> +  Tcg2ConfigInfo.ChangeEPSSupported =3D IsCmdImp;
>=20
> +
>=20
>    FillBufferWithBootHashAlg (TempBuffer, sizeof(TempBuffer), PcdGet32
> (PcdTcg2HashAlgorithmBitmap));
>=20
>    HiiSetString (PrivateData->HiiHandle, STRING_TOKEN
> (STR_BIOS_HASH_ALGO_CONTENT), TempBuffer, NULL);
>=20
>=20
>=20
> diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h
> b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h
> index a91c052850..b84af40a04 100644
> --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h
> +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h
> @@ -70,6 +70,7 @@ typedef struct {
>    UINT8    TpmDeviceInterfaceAttempt;
>=20
>    BOOLEAN  TpmDeviceInterfacePtpFifoSupported;
>=20
>    BOOLEAN  TpmDeviceInterfacePtpCrbSupported;
>=20
> +  BOOLEAN  ChangeEPSSupported;
>=20
>  } TCG2_CONFIGURATION_INFO;
>=20
>=20
>=20
>  //
>=20
> --
> 2.26.2.windows.1
>=20
>=20
> -=3D-=3D-=3D-=3D-=3D-=3D
> Groups.io Links: You receive all messages sent to this group.
>=20
> View/Reply Online (#63393): https://edk2.groups.io/g/devel/message/63393
> Mute This Topic: https://groups.io/mt/75840054/1768734
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub  [jian.j.wang@intel.com=
]
> -=3D-=3D-=3D-=3D-=3D-=3D