[edk2-devel] [RFC PATCH 0/7] OVMF: Disable the TPM2 platform hierarchy

Stefan Berger stefanb at linux.vnet.ibm.com
Fri Aug 6 15:33:19 UTC 2021 

This series imports code from the edk2-platforms project related to
changing the password of the TPM2 platform hierarchy and uses it to
disable the TPM2 platform hierarchy in OVMF. It addresses the OVMF
aspects of the following bugs:

https://bugzilla.tianocore.org/show_bug.cgi?id=3510
https://bugzilla.tianocore.org/show_bug.cgi?id=3499

There's no doubt that my struggles with the build system and handling
of dependencies are visible in this series. Quite a few aspects of
getting things right are more or less guesswork and I am often not sure
what the correct way of doing things are. If 'you' wanted to fix
things up and repost it, please go ahead...

Stefan

Stefan Berger (7):
  SecurityPkg/TPM: Import PeiDxeTpmPlatformHierarchyLib.c from
    edk2-platforms
  SecruityPkg/TPM: Disable dependency on MinPlatformPkg
  SecurityPkg/TPM: Disable PcdGetBool (PcdRandomizePlatformHierarchy)
  SecurityPkg/TPM: Disable a Pcd
  SecurityPkg/TPM: Add a NULL implementation of
    PeiDxeTpmPlatformHierarchyLib
  OVMF: Reference new classes in the build system for compilation
  OVMF: Disable the TPM2 platform hierarchy

 OvmfPkg/AmdSev/AmdSevX64.dsc                  |   3 +
 .../PlatformBootManagerLib/BdsPlatform.c      |   6 +
 .../PlatformBootManagerLib.inf                |   1 +
 .../PlatformBootManagerLibBhyve/BdsPlatform.c |   6 +
 .../PlatformBootManagerLibGrub/BdsPlatform.c  |   6 +
 OvmfPkg/OvmfPkgIa32.dsc                       |   3 +
 OvmfPkg/OvmfPkgIa32X64.dsc                    |   3 +
 OvmfPkg/OvmfPkgX64.dsc                        |   3 +
 .../Include/Library/TpmPlatformHierarchyLib.h |  27 ++
 .../PeiDxeTpmPlatformHierarchyLib.c           | 266 ++++++++++++++++++
 .../PeiDxeTpmPlatformHierarchyLib.inf         |  46 +++
 .../PeiDxeTpmPlatformHierarchyLib.c           |  23 ++
 .../PeiDxeTpmPlatformHierarchyLib.inf         |  39 +++
 13 files changed, 432 insertions(+)
 create mode 100644 SecurityPkg/Include/Library/TpmPlatformHierarchyLib.h
 create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c
 create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
 create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
 create mode 100644 SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78817): https://edk2.groups.io/g/devel/message/78817
Mute This Topic: https://groups.io/mt/84712022/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list