* Re: [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu [not found] <20190125165527.1059649-1-stefanb@linux.ibm.com> @ 2019-01-25 17:12 ` Stefan Berger 0 siblings, 0 replies; 4+ messages in thread From: Stefan Berger @ 2019-01-25 17:12 UTC (permalink / raw) To: lersek, edk2-devel; +Cc: chao.b.zhang, jiewen.yao, marcandre.lureau I have to repost this since my email has changed. On 1/25/19 11:55 AM, Stefan Berger wrote: > This patch adds the TCG2 Configuration menu to the Device Manager > menu. We can reuse all the code in the SecurityPkg and need to > only add it to the build and flash config files. > > The code is added to Ovfm by building with -DTPM2_ENABLE and > -DTPM2_CONFIG_ENABLE. > > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > --- > OvmfPkg/OvmfPkgIa32.dsc | 3 +++ > OvmfPkg/OvmfPkgIa32.fdf | 4 ++++ > OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ > OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++ > OvmfPkg/OvmfPkgX64.dsc | 3 +++ > OvmfPkg/OvmfPkgX64.fdf | 4 ++++ > 6 files changed, 21 insertions(+) > > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index aee19b75d7..68e707e7e5 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -632,6 +632,9 @@ > NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > } > +!if $(TPM2_CONFIG_ENABLE) == TRUE > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > # > diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf > index e013099136..a46598f2c3 100644 > --- a/OvmfPkg/OvmfPkgIa32.fdf > +++ b/OvmfPkg/OvmfPkgIa32.fdf > @@ -295,6 +295,10 @@ INF ShellPkg/Application/Shell/Shell.inf > > INF MdeModulePkg/Logo/LogoDxe.inf > > +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE) > +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > + > # > # Network modules > # > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index 90cbd8e341..dd6c700774 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -640,6 +640,9 @@ > NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > } > +!if $(TPM2_CONFIG_ENABLE) == TRUE > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > [Components.X64] > diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf > index afaa334384..8a02b3cc79 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.fdf > +++ b/OvmfPkg/OvmfPkgIa32X64.fdf > @@ -296,6 +296,10 @@ INF ShellPkg/Application/Shell/Shell.inf > > INF MdeModulePkg/Logo/LogoDxe.inf > > +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE) > +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > + > # > # Network modules > # > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index 83d16eb00b..828a1d9999 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -639,6 +639,9 @@ > NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > } > +!if $(TPM2_CONFIG_ENABLE) == TRUE > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > # > diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf > index afaa334384..8a02b3cc79 100644 > --- a/OvmfPkg/OvmfPkgX64.fdf > +++ b/OvmfPkg/OvmfPkgX64.fdf > @@ -296,6 +296,10 @@ INF ShellPkg/Application/Shell/Shell.inf > > INF MdeModulePkg/Logo/LogoDxe.inf > > +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE) > +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > + > # > # Network modules > # ^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu @ 2019-01-25 17:12 Stefan Berger 2019-01-25 19:30 ` Laszlo Ersek 0 siblings, 1 reply; 4+ messages in thread From: Stefan Berger @ 2019-01-25 17:12 UTC (permalink / raw) To: lersek, edk2-devel Cc: chao.b.zhang, jiewen.yao, marcandre.lureau, Stefan Berger This patch adds the TCG2 Configuration menu to the Device Manager menu. We can reuse all the code in the SecurityPkg and need to only add it to the build and flash config files. The code is added to Ovfm by building with -DTPM2_ENABLE and -DTPM2_CONFIG_ENABLE. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- OvmfPkg/OvmfPkgIa32.dsc | 3 +++ OvmfPkg/OvmfPkgIa32.fdf | 4 ++++ OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++ OvmfPkg/OvmfPkgX64.dsc | 3 +++ OvmfPkg/OvmfPkgX64.fdf | 4 ++++ 6 files changed, 21 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index aee19b75d7..68e707e7e5 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -632,6 +632,9 @@ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index e013099136..a46598f2c3 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -295,6 +295,10 @@ INF ShellPkg/Application/Shell/Shell.inf INF MdeModulePkg/Logo/LogoDxe.inf +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE) +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif + # # Network modules # diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 90cbd8e341..dd6c700774 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -640,6 +640,9 @@ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif [Components.X64] diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index afaa334384..8a02b3cc79 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -296,6 +296,10 @@ INF ShellPkg/Application/Shell/Shell.inf INF MdeModulePkg/Logo/LogoDxe.inf +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE) +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif + # # Network modules # diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 83d16eb00b..828a1d9999 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -639,6 +639,9 @@ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index afaa334384..8a02b3cc79 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -296,6 +296,10 @@ INF ShellPkg/Application/Shell/Shell.inf INF MdeModulePkg/Logo/LogoDxe.inf +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE) +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif + # # Network modules # -- 2.20.1 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu 2019-01-25 17:12 Stefan Berger @ 2019-01-25 19:30 ` Laszlo Ersek 2019-01-25 21:25 ` Stefan Berger 0 siblings, 1 reply; 4+ messages in thread From: Laszlo Ersek @ 2019-01-25 19:30 UTC (permalink / raw) To: Stefan Berger, edk2-devel Cc: chao.b.zhang, jiewen.yao, marcandre.lureau, Jordan Justen (Intel address), Ard Biesheuvel, Anthony Perard, Julien Grall Hi, (1) when posting a patch, please CC all people marked with "M" for the subject package in Maintainers.txt. And, if in doubt, please CC the "R" people too. Adding the others now. (2) In [a] [b], you mentioned a need to repost, due to your email address having changed. However, that posting, and this posting, seem to come from the same email address, and to use the same S-o-b: "Stefan Berger <stefanb@linux.ibm.com>". [a] http://mid.mail-archive.com/d0222c94-4578-74bd-94ad-90d10911b534@linux.ibm.com [b] https://lists.01.org/pipermail/edk2-devel/2019-January/035701.html On 01/25/19 18:12, Stefan Berger wrote: > This patch adds the TCG2 Configuration menu to the Device Manager > menu. OK. > We can reuse all the code in the SecurityPkg and need to > only add it to the build and flash config files. (3) I disagree with this formulation. Instead, we can apparently include the *sample* Tcg2ConfigDxe from SecurityPkg as-is, without obvious adverse effects. I consider this an experimental feature that's being enabled (not by default) in order to support further R&D. The Tcg2ConfigDxe has not been trimmed / modified for OVMF / QEMU specifics (unlike Tcg2ConfigPei in commit 6cf1880fb5b6). That's why we are gating Tcg2ConfigDxe with TPM2_CONFIG_ENABLE, and not enabling it simply as part of TPM2_ENABLE. > The code is added to Ovfm by building with -DTPM2_ENABLE and > -DTPM2_CONFIG_ENABLE. (4) Typo, s/Ovfm/OVMF/. "OVMF" stands for Open Virtual Machine Firmware. > > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> (5) Before your S-o-b, please add: """ Contributed-under: TianoCore Contribution Agreement 1.1 """ after reviewing "Contributions.txt" in the project root dir. > --- > OvmfPkg/OvmfPkgIa32.dsc | 3 +++ > OvmfPkg/OvmfPkgIa32.fdf | 4 ++++ > OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ > OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++ > OvmfPkg/OvmfPkgX64.dsc | 3 +++ > OvmfPkg/OvmfPkgX64.fdf | 4 ++++ > 6 files changed, 21 insertions(+) (6) In all three DSC files, please DEFINE TPM2_CONFIG_ENABLE = FALSE as well, just below TPM2_ENABLE. > > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index aee19b75d7..68e707e7e5 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -632,6 +632,9 @@ > NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > } > +!if $(TPM2_CONFIG_ENABLE) == TRUE > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > # This looks good. > diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf > index e013099136..a46598f2c3 100644 > --- a/OvmfPkg/OvmfPkgIa32.fdf > +++ b/OvmfPkg/OvmfPkgIa32.fdf > @@ -295,6 +295,10 @@ INF ShellPkg/Application/Shell/Shell.inf > > INF MdeModulePkg/Logo/LogoDxe.inf > > +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE) > +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > + (7) In this file, we already have """ !if $(TPM2_ENABLE) == TRUE INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf !endif """ elsewhere. Can you please nest the addition in that scope? Thanks, Laszlo ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu 2019-01-25 19:30 ` Laszlo Ersek @ 2019-01-25 21:25 ` Stefan Berger 0 siblings, 0 replies; 4+ messages in thread From: Stefan Berger @ 2019-01-25 21:25 UTC (permalink / raw) To: Laszlo Ersek, edk2-devel Cc: chao.b.zhang, jiewen.yao, marcandre.lureau, Jordan Justen (Intel address), Ard Biesheuvel, Anthony Perard, Julien Grall On 1/25/19 2:30 PM, Laszlo Ersek wrote: > Hi, > > (1) when posting a patch, please CC all people marked with "M" for the > subject package in Maintainers.txt. And, if in doubt, please CC the "R" > people too. > > Adding the others now. > > (2) In [a] [b], you mentioned a need to repost, due to your email > address having changed. However, that posting, and this posting, seem to > come from the same email address, and to use the same S-o-b: "Stefan > Berger <stefanb@linux.ibm.com>". I re-subscribed to the ml. Old address was stefanb@linux.vnet.ibm.com. > > [a] http://mid.mail-archive.com/d0222c94-4578-74bd-94ad-90d10911b534@linux.ibm.com > [b] https://lists.01.org/pipermail/edk2-devel/2019-January/035701.html > > On 01/25/19 18:12, Stefan Berger wrote: >> This patch adds the TCG2 Configuration menu to the Device Manager >> menu. > OK. > >> We can reuse all the code in the SecurityPkg and need to >> only add it to the build and flash config files. > (3) I disagree with this formulation. > > Instead, we can apparently include the *sample* Tcg2ConfigDxe from > SecurityPkg as-is, without obvious adverse effects. I consider this an I will reuse some of this formulation. > experimental feature that's being enabled (not by default) in order to > support further R&D. The Tcg2ConfigDxe has not been trimmed / modified > for OVMF / QEMU specifics (unlike Tcg2ConfigPei in commit 6cf1880fb5b6). > That's why we are gating Tcg2ConfigDxe with TPM2_CONFIG_ENABLE, and not > enabling it simply as part of TPM2_ENABLE. > >> The code is added to Ovfm by building with -DTPM2_ENABLE and >> -DTPM2_CONFIG_ENABLE. > (4) Typo, s/Ovfm/OVMF/. "OVMF" stands for Open Virtual Machine Firmware. :-) > >> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > (5) Before your S-o-b, please add: > > """ > Contributed-under: TianoCore Contribution Agreement 1.1 > """ > > after reviewing "Contributions.txt" in the project root dir. Done. > >> --- >> OvmfPkg/OvmfPkgIa32.dsc | 3 +++ >> OvmfPkg/OvmfPkgIa32.fdf | 4 ++++ >> OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ >> OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++ >> OvmfPkg/OvmfPkgX64.dsc | 3 +++ >> OvmfPkg/OvmfPkgX64.fdf | 4 ++++ >> 6 files changed, 21 insertions(+) > (6) In all three DSC files, please DEFINE TPM2_CONFIG_ENABLE = FALSE as > well, just below TPM2_ENABLE. Done. > >> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc >> index aee19b75d7..68e707e7e5 100644 >> --- a/OvmfPkg/OvmfPkgIa32.dsc >> +++ b/OvmfPkg/OvmfPkgIa32.dsc >> @@ -632,6 +632,9 @@ >> NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf >> NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf >> } >> +!if $(TPM2_CONFIG_ENABLE) == TRUE >> + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf >> +!endif >> !endif >> >> # > This looks good. > >> diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf >> index e013099136..a46598f2c3 100644 >> --- a/OvmfPkg/OvmfPkgIa32.fdf >> +++ b/OvmfPkg/OvmfPkgIa32.fdf >> @@ -295,6 +295,10 @@ INF ShellPkg/Application/Shell/Shell.inf >> >> INF MdeModulePkg/Logo/LogoDxe.inf >> >> +!if ($(TPM2_ENABLE) == TRUE) && ($(TPM2_CONFIG_ENABLE) == TRUE) >> +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf >> +!endif >> + > (7) In this file, we already have > > """ > !if $(TPM2_ENABLE) == TRUE > INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf > !endif > """ > > elsewhere. Can you please nest the addition in that scope? Done. > > Thanks, > Laszlo > ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-01-25 21:25 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- [not found] <20190125165527.1059649-1-stefanb@linux.ibm.com> 2019-01-25 17:12 ` [PATCH] OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu Stefan Berger 2019-01-25 17:12 Stefan Berger 2019-01-25 19:30 ` Laszlo Ersek 2019-01-25 21:25 ` Stefan Berger
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox