[edk2-devel] [PATCH] UefiPayloadPkg: Include TCG modules in UefiPayloadPkg.

Ni, Ray ray.ni at intel.com
Wed Aug 25 00:33:05 UTC 2021 

The TCG modules need additional changes to include the hash/measure log created from bootloader phase.
Let's not add TCG modules for now until the additional changes to support bootloader are made.

Thanks,
Ray

> -----Original Message-----
> From: Sravanthi, K KavyaX <k.kavyax.sravanthi at intel.com>
> Sent: Tuesday, August 24, 2021 1:34 PM
> To: devel at edk2.groups.io
> Cc: Sravanthi, K KavyaX <k.kavyax.sravanthi at intel.com>; Dong, Guo <guo.dong at intel.com>; Ni, Ray <ray.ni at intel.com>; Ma,
> Maurice <maurice.ma at intel.com>; You, Benjamin <benjamin.you at intel.com>
> Subject: [PATCH] UefiPayloadPkg: Include TCG modules in UefiPayloadPkg.
> 
> From: Sravanthi <k.kavyax.sravanthi at intel.com>
> 
> Include TCG modules in UefiPayloadPkg.dsc and UefiPayloadPkg.fdf
> 
> Cc: Guo Dong <guo.dong at intel.com>
> Cc: Ray Ni <ray.ni at intel.com>
> Cc: Maurice Ma <maurice.ma at intel.com>
> Cc: Benjamin You <benjamin.you at intel.com>
> Signed-off-by: Sravanthi <k.kavyax.sravanthi at intel.com>
> ---
>  UefiPayloadPkg/UefiPayloadPkg.dsc | 24 ++++++++++++++++++++++++
>  UefiPayloadPkg/UefiPayloadPkg.fdf | 13 +++++++++++--
>  2 files changed, 35 insertions(+), 2 deletions(-)
> 
> diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc
> index 7f984a0b10..ff02ac6103 100644
> --- a/UefiPayloadPkg/UefiPayloadPkg.dsc
> +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
> @@ -91,6 +91,7 @@
>    DEFINE EMU_VARIABLE_ENABLE   = TRUE
>    DEFINE DISABLE_RESET_SYSTEM  = FALSE
>    DEFINE SECURE_BOOT_ENABLE    = TRUE
> +  DEFINE ENABLE_TCG_SUPPORT    = TRUE
> 
>    # Dfine the maximum size of the capsule image without a reset flag that the platform can support.
>    DEFINE MAX_SIZE_NON_POPULATE_CAPSULE = 0xa00000
> @@ -258,6 +259,14 @@
>    SecureBootVariableProvisionLib|SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.inf
>  !endif
>    S3BootScriptLib|MdePkg/Library/BaseS3BootScriptLibNull/BaseS3BootScriptLibNull.inf
> +  MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
> +  Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
> +  Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
> +  Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
> +  Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
> +  Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
> +  HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
> +  Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
> 
>  [LibraryClasses.common.SEC]
>    HobLib|UefiPayloadPkg/Library/PayloadEntryHobLib/HobLib.inf
> @@ -582,6 +591,21 @@
>  !endif
>    UefiPayloadPkg/GraphicsOutputDxe/GraphicsOutputDxe.inf
> 
> +!if $(ENABLE_TCG_SUPPORT) == TRUE
> +  SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
> +  SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
> +  SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf {
> +    <LibraryClasses>
> +      Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
> +  }
> +  SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> +  SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
> +  SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf {
> +    <LibraryClasses>
> +      Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
> +  }
> +!endif
> +
>    #------------------------------
>    #  Build the shell
>    #------------------------------
> diff --git a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf
> index 647df997f5..afb57612f7 100644
> --- a/UefiPayloadPkg/UefiPayloadPkg.fdf
> +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf
> @@ -17,8 +17,8 @@ DEFINE FD_SIZE     = 0x00850000
>  DEFINE NUM_BLOCKS  = 0x850
>  !else
> 
> -DEFINE FD_SIZE     = 0x00440000
> -DEFINE NUM_BLOCKS  = 0x440
> +DEFINE FD_SIZE     = 0x00470000
> +DEFINE NUM_BLOCKS  = 0x470
>  !endif
> 
>  ################################################################################
> @@ -205,6 +205,15 @@ INF  MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
>  INF  MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTableDxe/FirmwarePerformanceDxe.inf
>  INF  MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
> 
> +!if $(ENABLE_TCG_SUPPORT) == TRUE
> +INF SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
> +INF SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
> +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> +INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
> +INF SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf
> +!endif
> +
>  #
>  # Shell
>  #
> --
> 2.30.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79781): https://edk2.groups.io/g/devel/message/79781
Mute This Topic: https://groups.io/mt/85125223/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list