[edk2-devel] [PATCH v5 4/8] SecurityPkg: Introduce new PCD PcdRandomizePlatformHierarchy
Stefan Berger
stefanb at linux.vnet.ibm.com
Wed Sep 1 20:12:34 UTC 2021
Introduce the new PCD
gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy.
Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
---
.../PeiDxeTpmPlatformHierarchyLib.inf | 3 +--
SecurityPkg/SecurityPkg.dec | 6 ++++++
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
index b7a7fb0a08..1161d6fa1f 100644
--- a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
+++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
@@ -36,10 +36,9 @@
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
CryptoPkg/CryptoPkg.dec
- MinPlatformPkg/MinPlatformPkg.dec
[Sources]
PeiDxeTpmPlatformHierarchyLib.c
[Pcd]
- gMinPlatformPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy
+ gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index d5ace6f654..2cb5bfa0ac 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -342,6 +342,12 @@
# @Prompt Physical presence of the platform operator.
gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x00010001
+ ## Indicates whether the TPM2 platform hierarchy will be disabled by using
+ # a random password or by disabling the hierarchy
+ # TRUE - A random password will be used
+ # FALSE - The hierarchy will be disabled
+ gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy|TRUE|BOOLEAN|0x00010024
+
[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
## Indicates whether TPM physical presence is locked during platform initialization.
# Once it is locked, it can not be unlocked for TPM life time.<BR><BR>
--
2.31.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#80119): https://edk2.groups.io/g/devel/message/80119
Mute This Topic: https://groups.io/mt/85316777/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list