[edk2-devel] [PATCH v2 0/3] OvmfPkg: Disable the TPM 2 platform hierarchy

Mon, 20 Sep 2021 13:03:59 -0700 

This series of patches adds support for disabling the TPM 2 platform
hierarchy to Ovmf. To be able to do this we have to handle TPM 2
physical presence interface (PPI) opcodes before the TPM 2 platform
hierarchy is disabled otherwise TPM 2 commands that are sent due to the
PPI opcodes may fail if the platform hierarchy is already disabled.
Therefore, we need to invoke the handler function
Tcg2PhysicalPresenceLibProcessRequest from within
PlatformBootManagerBeforeConsole. Since handling of PPI opcodes may require
interaction with the user, we also move PlatformInitializeConsole 
to before the handling of PPI codes so that the keyboard is available
when needed. The PPI handling code will activate the default consoles
only if it requires user interaction.

Regards,
   Stefan

v2:
  - Move Null implementation to SecurityPkg
  - Added suggested texts to commit messages and added Sami's R-b tags

Stefan Berger (3):
  ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib
  ArmVirtPkg: Reference new TPM classes in the build system for
    compilation
  ArmVirtPkg: Disable the TPM2 platform hierarchy

 ArmVirtPkg/ArmVirtCloudHv.dsc                 |  1 +
 ArmVirtPkg/ArmVirtQemu.dsc                    |  2 ++
 ArmVirtPkg/ArmVirtQemuKernel.dsc              |  1 +
 ArmVirtPkg/ArmVirtXen.dsc                     |  1 +
 .../PlatformBootManagerLib/PlatformBm.c       |  6 ++++
 .../PlatformBootManagerLib.inf                |  2 ++
 .../PeiDxeTpmPlatformHierarchyLib.c           | 22 +++++++++++++
 .../PeiDxeTpmPlatformHierarchyLib.inf         | 31 +++++++++++++++++++
 SecurityPkg/SecurityPkg.dsc                   |  1 +
 9 files changed, 67 insertions(+)
 create mode 100644 
SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
 create mode 100644 
SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#80917): https://edk2.groups.io/g/devel/message/80917
Mute This Topic: https://groups.io/mt/85750964/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to