From: "Sami Mujawar" <sami.mujawar@arm.com>
To: Stefan Berger <stefanb@linux.ibm.com>, devel@edk2.groups.io
Cc: marcandre.lureau@redhat.com, kraxel@redhat.com,
jiewen.yao@intel.com, ardb+tianocore@kernel.org,
leif@nuviainc.com, Stefan Berger <stefanb@linux.vnet.ibm.com>
Subject: Re: [RFC PATCH 1/3] ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib
Date: Sat, 18 Sep 2021 09:48:27 +0100 [thread overview]
Message-ID: <a7e64e7f-24b2-7092-7ac3-9f17b4559144@arm.com> (raw)
In-Reply-To: <20210916211752.2714332-2-stefanb@linux.ibm.com>
Hi Stefan,
Thank you for this patch.
I have a few minor comments marked inline as [SAMI].
Regards,
Sami Mujawar
On 16/09/2021 10:17 PM, Stefan Berger wrote:
> From: Stefan Berger <stefanb@linux.vnet.ibm.com>
>
> Add a NULL implementation of the library class TpmPlatformHierarchyLib.
[SAMI] Is it possible to add a link to the bugzilla
(https://bugzilla.tianocore.org/show_bug.cgi?id=3510), please?
Also, would it be possible to place 'PeiDxeTpmPlatformHierarchyLibNull'
in SecurityPkg (i.e. if this library can be useful for other
architectures).
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Leif Lindholm <leif@nuviainc.com>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> ---
> ArmVirtPkg/ArmVirtPkg.dec | 1 +
> .../Include/Library/TpmPlatformHierarchyLib.h | 27 +++++++++++++++++
> .../PeiDxeTpmPlatformHierarchyLib.c | 22 ++++++++++++++
> .../PeiDxeTpmPlatformHierarchyLib.inf | 30 +++++++++++++++++++
> 4 files changed, 80 insertions(+)
> create mode 100644 ArmVirtPkg/Include/Library/TpmPlatformHierarchyLib.h
> create mode 100644 ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
> create mode 100644 ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
>
> diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec
> index 4e4d758015..f3bdca118b 100644
> --- a/ArmVirtPkg/ArmVirtPkg.dec
> +++ b/ArmVirtPkg/ArmVirtPkg.dec
> @@ -27,6 +27,7 @@
>
>
> [LibraryClasses]
>
> ArmVirtMemInfoLib|Include/Library/ArmVirtMemInfoLib.h
>
> + TpmPlatformHierarchyLib|Include/Library/TpmPlatformHierarchyLib.h
[SAMI] The file 'ArmVirtPkg/Include/Library/TpmPlatformHierarchyLib.h'
appears to be a copy of the header file
SecurityPkg/Include/Library/TpmPlatformHierarchyLib.h. Is this needed
here or we could reference the one from SecurityPkg?
>
>
>
> [Guids.common]
>
> gArmVirtTokenSpaceGuid = { 0x0B6F5CA7, 0x4F53, 0x445A, { 0xB7, 0x6E, 0x2E, 0x36, 0x5B, 0x80, 0x63, 0x66 } }
>
> diff --git a/ArmVirtPkg/Include/Library/TpmPlatformHierarchyLib.h b/ArmVirtPkg/Include/Library/TpmPlatformHierarchyLib.h
> new file mode 100644
> index 0000000000..8d61a4867b
> --- /dev/null
> +++ b/ArmVirtPkg/Include/Library/TpmPlatformHierarchyLib.h
> @@ -0,0 +1,27 @@
> +/** @file
>
> + TPM Platform Hierarchy configuration library.
>
> +
>
> + This library provides functions for customizing the TPM's Platform Hierarchy
>
> + Authorization Value (platformAuth) and Platform Hierarchy Authorization
>
> + Policy (platformPolicy) can be defined through this function.
>
> +
>
> +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
>
> +Copyright (c) Microsoft Corporation.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#ifndef TPM_PLATFORM_HIERARCHY_LIB_H_
>
> +#define TPM_PLATFORM_HIERARCHY_LIB_H_
>
> +
>
> +/**
>
> + This service will perform the TPM Platform Hierarchy configuration at the SmmReadyToLock event.
>
> +
>
> +**/
>
> +VOID
>
> +EFIAPI
>
> +ConfigureTpmPlatformHierarchy (
>
> + VOID
>
> + );
>
> +
>
> +#endif
>
> diff --git a/ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c b/ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
> new file mode 100644
> index 0000000000..bac1efda63
> --- /dev/null
> +++ b/ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
> @@ -0,0 +1,22 @@
> +/** @file
>
> + Null TPM Platform Hierarchy configuration library.
>
> +
>
> + This library provides stub functions for customizing the TPM's Platform Hierarchy.
>
> +
>
> + Copyright (c) 2021, IBM Corporation.
>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include <Uefi.h>
>
> +
>
> +/**
>
> + A NULL implementation of ConfigureTpmPlatformHierarchy.
>
> +**/
>
> +VOID
>
> +EFIAPI
>
> +ConfigureTpmPlatformHierarchy (
>
> + )
>
> +{
>
> + /* no nothing */
>
> +}
>
> diff --git a/ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf b/ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
> new file mode 100644
> index 0000000000..4f02818bbc
> --- /dev/null
> +++ b/ArmVirtPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
> @@ -0,0 +1,30 @@
> +### @file
>
> +# NULL TPM Platform Hierarchy configuration library.
>
> +#
>
> +# This library provides functions for customizing the TPM's Platform Hierarchy
>
> +# Authorization Value (platformAuth) and Platform Hierarchy Authorization
>
> +# Policy (platformPolicy) can be defined through this function.
>
> +#
>
> +# Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
>
> +# Copyright (c) Microsoft Corporation.<BR>
>
> +#
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +#
>
> +###
>
> +
>
> +[Defines]
>
> + INF_VERSION = 0x00010005
>
> + BASE_NAME = PeiDxeTpmPlatformHierarchyLibNull
>
> + FILE_GUID = 8947A3F2-BfB4-45EF-968D-5C40C1CE6A58
>
> + MODULE_TYPE = PEIM
>
> + VERSION_STRING = 1.0
>
> + LIBRARY_CLASS = TpmPlatformHierarchyLib|PEIM DXE_DRIVER
>
> +
>
> +[LibraryClasses]
>
> + BaseLib
>
> +
>
> +[Packages]
>
> + MdePkg/MdePkg.dec
>
> +
>
> +[Sources]
>
> + PeiDxeTpmPlatformHierarchyLib.c
>
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
next prev parent reply other threads:[~2021-09-18 8:48 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-16 21:17 [RFC PATCH 0/3] ArmVirtPkg: Disable the TPM 2 platform hierarchy Stefan Berger
2021-09-16 21:17 ` [RFC PATCH 1/3] ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib Stefan Berger
2021-09-18 7:55 ` [edk2-devel] " Ard Biesheuvel
2021-09-18 11:53 ` Stefan Berger
2021-09-22 11:39 ` Ard Biesheuvel
2021-09-22 16:29 ` Stefan Berger
2021-09-18 8:48 ` Sami Mujawar [this message]
2021-09-18 11:57 ` Stefan Berger
2021-09-16 21:17 ` [RFC PATCH 2/3] ArmVirtPkg: Reference new TPM classes in the build system for compilation Stefan Berger
2021-09-18 8:49 ` Sami Mujawar
2021-09-18 11:59 ` [edk2-devel] " Stefan Berger
2021-09-16 21:17 ` [RFC PATCH 3/3] ArmVirtPkg: Disable the TPM2 platform hierarchy Stefan Berger
2021-09-18 8:51 ` Sami Mujawar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a7e64e7f-24b2-7092-7ac3-9f17b4559144@arm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox