[edk2-devel] [PATCH v5 0/8] Ovmf: Disable the TPM2 platform hierarchy
Stefan Berger
stefanb at linux.ibm.com
Wed Sep 8 12:53:57 UTC 2021
On 9/6/21 8:34 AM, Yao, Jiewen wrote:
>
> 2) I am curious, why you don't use a DXE driver, but choose to like to BDS lib for the DXE case.
> You also include a NULL lib there, which seems unnecessary, if you use a DXE/PEI module.
>
> The downside of linking to BDS lib is that you have to change all BDS lib instance, which is a big burden.
> And you still have code to choose NULL lib v.s. real Lib based upon TPM enable flag.
We have to call ConfigureTpmPlatformHierarchy () some time *after* the
handling of physical presence interface (PPI) platform opcodes since the
TPM 2 commands they produce may require access to the TPM 2's platform
hierarchy, so we cannot disable that hierarchy before handling PPI. For
x86 machines I found the call to handling the PPI opcodes in different
files and placed that call right after it. On ARM it's a bit different.
Here it's the fact that I placed that call into the same function
PlatformBootManagerAfterConsole as it is on x86. This seemed a safe place.
Stefan
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#80352): https://edk2.groups.io/g/devel/message/80352
Mute This Topic: https://groups.io/mt/85316773/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list