From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by groups.io with SMTP; Thu, 04 Jul 2019 06:53:37 -0700
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 7057A83F3B;
	Thu,  4 Jul 2019 13:53:24 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-43.rdu2.redhat.com [10.10.121.43])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 66D601001B0E;
	Thu,  4 Jul 2019 13:53:14 +0000 (UTC)
Subject: Re: [edk2-devel] [PATCH v2] OvmfPkg: use DxeTpmMeasurementLib if and only if TPM2_ENABLE
To: devel@edk2.groups.io, glin@suse.com
Cc: Jordan Justen <jordan.l.justen@intel.com>,
 =?UTF-8?Q?Marc-Andr=c3=a9_Lureau?= <marcandre.lureau@redhat.com>,
 Stefan Berger <stefanb@linux.ibm.com>
References: <20190704040731.5303-1-glin@suse.com>
From: "Laszlo Ersek" <lersek@redhat.com>
Message-ID: <f41fffa0-b196-88d8-8ca1-419815d69401@redhat.com>
Date: Thu, 4 Jul 2019 15:53:13 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <20190704040731.5303-1-glin@suse.com>
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 04 Jul 2019 13:53:29 +0000 (UTC)
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

On 07/04/19 06:07, Gary Lin wrote:
> (a) OvmfPkg first had to resolve the TpmMeasurementLib class -- for
>     SECURE_BOOT_ENABLE only -- when the DxeImageVerificationLib instanc=
e
>     became dependent on TpmMeasurementLib. For details, refer to commit
>     0d28d286bf4d ("OvmfPkg: resolve TpmMeasurementLib dependency
>     introduced in r14687", 2013-09-21).
>=20
> (b) At the time, only one instance of TpmMeasurementLib existed, namely
>     DxeTpmMeasurementLib. This lib instance didn't do anything -- like =
it
>     was desirable for OVMF --, because OVMF didn't include any Tcg / Tr=
EE
>     protocol implementations.
>=20
> (c) In commit 308521b13354 ("MdeModulePkg: Move TpmMeasurementLib
>     LibraryClass from SecurityPkg", 2015-07-01), TpmMeasurementLibNull =
was
>     introduced.
>=20
> (d) In commit 285542ebbb03 ("OvmfPkg: Link AuthVariableLib for followin=
g
>     merged variable driver deploy", 2015-07-01), a TpmMeasurementLib
>     resolution became necessary regardless of SECURE_BOOT_ENABLE. And s=
o
>     TpmMeasurementLib was resolved to TpmMeasurementLibNull in OVMF, bu=
t
>     only in the non-SECURE_BOOT_ENABLE case. This step -- possibly, the
>     larger series containing commit 285542ebbb03 -- missed an opportuni=
ty
>     for simplification: given (b), the DxeTpmMeasurementLib instance
>     should have been simply replaced with the TpmMeasurementLibNull
>     instance, regardless of SECURE_BOOT_ENABLE.
>=20
> (e) In commit 1abfa4ce4835 ("Add TPM2 support defined in trusted comput=
ing
>     group.", 2015-08-13), the TrEE dependency was replaced with a Tcg2
>     dependency in DxeTpmMeasurementLib.
>=20
> (f) Starting with commit 0c0a50d6b3ff ("OvmfPkg: include Tcg2Dxe module=
",
>     2018-03-09), OVMF would include a Tcg2 protocol implementation,
>     thereby satisfying DxeTpmMeasurementLib's dependency. With
>     TPM2_ENABLE, it would actually make sense to consume
>     DxeTpmMeasurementLib -- however, DxeTpmMeasurementLib would never b=
e
>     used without SECURE_BOOT_ENABLE.
>=20
> Therefore, we have the following four scenarios:
>=20
> - TPM2_ENABLE + SECURE_BOOT_ENABLE: works as expected.
>=20
> - Neither enabled: works as expected.
>=20
> - Only TPM2_ENABLE: this build is currently incorrect, because
>   Variable/RuntimeDxe consumes TpmMeasurementLib directly, but
>   TpmMeasureAndLogData() will never reach the TPM because we link
>   TpmMeasurementLibNull into the variable driver. This is a problem fro=
m
>   the larger series containing (f).
>=20
> - Only SECURE_BOOT_ENABLE: this build works as expected, but it is
>   wasteful -- given that the protocol database will never contain Tcg2
>   without TPM2_ENABLE, we should simply use TpmMeasurementLibNull. This=
 is
>   a problem from (d).
>=20
> Resolving TpmMeasurementLib to DxeTpmMeasurementLib as a function of
> *only* TPM2_ENABLE, we can fix / optimize the last two cases.
>=20
> v2:
>   - Amend the title and description suggested by Laszlo
>   - Move TpmMeasurementLib to the existed TPM2_ENABLE block
>=20
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Marc-Andr=C3=A9 Lureau <marcandre.lureau@redhat.com>
> Cc: Stefan Berger <stefanb@linux.ibm.com>
> Signed-off-by: Gary Lin <glin@suse.com>
> ---
>  OvmfPkg/OvmfPkgIa32.dsc    | 4 ++--
>  OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++--
>  OvmfPkg/OvmfPkgX64.dsc     | 4 ++--
>  3 files changed, 6 insertions(+), 6 deletions(-)

Reviewed-by: Laszlo Ersek <lersek@redhat.com>

Pushed as commit 1ec05b81e59f.

Thanks!
Laszlo

> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> index 87716123997a..5bbf87540ab9 100644
> --- a/OvmfPkg/OvmfPkgIa32.dsc
> +++ b/OvmfPkg/OvmfPkgIa32.dsc
> @@ -178,10 +178,8 @@ [LibraryClasses]
> =20
>  !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
>    PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLi=
b.inf
> -  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMea=
surementLib.inf
>    AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.=
inf
>  !else
> -  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeas=
urementLibNull.inf
>    AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariabl=
eLibNull.inf
>  !endif
>    VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> @@ -207,8 +205,10 @@ [LibraryClasses]
>    Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
>    Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/=
DxeTcg2PhysicalPresenceLib.inf
>    Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendor=
LibNull.inf
> +  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMea=
surementLib.inf
>  !else
>    Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/=
DxeTcg2PhysicalPresenceLib.inf
> +  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeas=
urementLibNull.inf
>  !endif
> =20
>  [LibraryClasses.common]
> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
> index ad20531ceb8b..5015e92b6eea 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> @@ -183,10 +183,8 @@ [LibraryClasses]
> =20
>  !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
>    PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLi=
b.inf
> -  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMea=
surementLib.inf
>    AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.=
inf
>  !else
> -  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeas=
urementLibNull.inf
>    AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariabl=
eLibNull.inf
>  !endif
>    VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> @@ -212,8 +210,10 @@ [LibraryClasses]
>    Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
>    Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/=
DxeTcg2PhysicalPresenceLib.inf
>    Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendor=
LibNull.inf
> +  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMea=
surementLib.inf
>  !else
>    Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/=
DxeTcg2PhysicalPresenceLib.inf
> +  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeas=
urementLibNull.inf
>  !endif
> =20
>  [LibraryClasses.common]
> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
> index 0542ac2235b4..dda8dac18441 100644
> --- a/OvmfPkg/OvmfPkgX64.dsc
> +++ b/OvmfPkg/OvmfPkgX64.dsc
> @@ -183,10 +183,8 @@ [LibraryClasses]
> =20
>  !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
>    PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLi=
b.inf
> -  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMea=
surementLib.inf
>    AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.=
inf
>  !else
> -  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeas=
urementLibNull.inf
>    AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariabl=
eLibNull.inf
>  !endif
>    VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> @@ -212,8 +210,10 @@ [LibraryClasses]
>    Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
>    Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/=
DxeTcg2PhysicalPresenceLib.inf
>    Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendor=
LibNull.inf
> +  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMea=
surementLib.inf
>  !else
>    Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/=
DxeTcg2PhysicalPresenceLib.inf
> +  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeas=
urementLibNull.inf
>  !endif
> =20
>  [LibraryClasses.common]
>=20