From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web10.3199.1684367793145561615 for ; Wed, 17 May 2023 16:56:33 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=mOymgIDs; spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: subash.lakkimsetti@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684367793; x=1715903793; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=9CHIgAuV5QVDNQld4/DV85O2eiVjGkYcG9Dp6IkrUpo=; b=mOymgIDs6PTBr3GaWi2hXAciiR6zXHJXRjHjaxnSu8AwiaBAa7meAt/w 3B0DSjJmPLHFoF/3ila/GDCRy8IvDdjPb6Uj3AF01p4eDPe25k2b/NjXI SKdMWT4btJRz9nY7CRf8URY7Gi5ls5JHS1GyMJ0NSdJwRNPVps7fMaMEA Yt+4AIJLfomfnDcXMSns5R7eyggtkCB6Gub4JuZmuKM/X3DuCZVtkxDpx P5S9GzbvC2C85g/Jq3GldqNZTPujdKV1AKRRtmKwMRRL4hvJC+WaXmWXi rYWq2Qh0wDLks/8RqK+OEtJtuXDiNKaA3uPfkxw5NRdAWK+ks6LfAmYdX w==; X-IronPort-AV: E=McAfee;i="6600,9927,10713"; a="332275955" X-IronPort-AV: E=Sophos;i="5.99,283,1677571200"; d="scan'208";a="332275955" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 May 2023 16:56:31 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10713"; a="876208853" X-IronPort-AV: E=Sophos;i="5.99,283,1677571200"; d="scan'208";a="876208853" Received: from slakkim-mobl.amr.corp.intel.com ([10.212.56.110]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 May 2023 16:56:28 -0700 From: "Subash Lakkimsetti" To: devel@edk2.groups.io Cc: Subash Lakkimsetti Subject: [PATCH v2 0/6] Universal payload secure boot and measured boot Date: Wed, 17 May 2023 16:55:28 -0700 Message-Id: X-Mailer: git-send-email 2.39.1.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Subash Lakkimsetti Support added in universal payload to enable secure boot and measured boot Hob structure header for universal payload for secure boot and measure boot information from bootloaders as per the universal payload spec defined at https://universalscalablefirmware.github.io/documentation/2_universal_payload.html TCG2ACPI: uninstall TPM2 ACPI if updated from Bootloaders and create a new ACPI tables. Secure boot configuration and flags are added to UefiPayloadPkg Measured boot and TPM configurations are added for UefiPayloadPkg edk2 poull request: https://github.com/tianocore/edk2/pull/3872 Subash Lakkimsetti (6): MdeModulePkg: universal payload HOB for secure boot info UefiPayloadPkg: Add secureboot information HOBs UefiPayloadPkg: Uninstall the TPM2 ACPI if present UefiPayloadPkg: Add secure boot configurations Uefipayloadpkg Enable TPM measured boot UefiPayloadPkg: Add secure boot definitions to ci build .../UniversalPayload/SecureBootInfoGuid.h | 37 +++ UefiPayloadPkg/BlSupportDxe/BlSupportDxe.c | 77 ++++- UefiPayloadPkg/BlSupportDxe/BlSupportDxe.inf | 13 +- UefiPayloadPkg/TcgSupportDxe/TcgSupportDxe.c | 282 ++++++++++++++++++ UefiPayloadPkg/TcgSupportDxe/TcgSupportDxe.h | 28 ++ .../TcgSupportDxe/TcgSupportDxe.inf | 54 ++++ UefiPayloadPkg/UefiPayloadPkg.ci.yaml | 2 + UefiPayloadPkg/UefiPayloadPkg.dec | 4 +- UefiPayloadPkg/UefiPayloadPkg.dsc | 148 ++++++++- UefiPayloadPkg/UefiPayloadPkg.fdf | 74 +++++ UefiPayloadPkg/UniversalPayloadBuild.py | 1 + 11 files changed, 709 insertions(+), 11 deletions(-) create mode 100644 MdeModulePkg/Include/UniversalPayload/SecureBootInfoGuid.h create mode 100644 UefiPayloadPkg/TcgSupportDxe/TcgSupportDxe.c create mode 100644 UefiPayloadPkg/TcgSupportDxe/TcgSupportDxe.h create mode 100644 UefiPayloadPkg/TcgSupportDxe/TcgSupportDxe.inf -- 2.39.1.windows.1