If Tpm2Startup(TPM_SU_STATE) fails, call ConfigureTPMPlatformHierarchy() to disable the platform hierarchy.
Signed-off-by: Stefan Berger <[email protected]> --- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 2 ++ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf | 1 + 2 files changed, 3 insertions(+) diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c index 93a8803ff6..63323b9509 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -30,6 +30,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/PeimEntryPoint.h> #include <Library/Tpm2CommandLib.h> #include <Library/Tpm2DeviceLib.h> +#include <Library/TpmPlatformHierarchyLib.h> #include <Library/HashLib.h> #include <Library/HobLib.h> #include <Library/PcdLib.h> @@ -1050,6 +1051,7 @@ PeimEntryMA ( if (!EFI_ERROR(Status)) { S3ErrorReport = TRUE; } + ConfigureTpmPlatformHierarchy (); } } else { Status = Tpm2Startup (TPM_SU_CLEAR); diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf index 06c26a2904..2f4988eb6b 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf @@ -55,6 +55,7 @@ ReportStatusCodeLib ResetSystemLib PrintLib + TpmPlatformHierarchyLib [Guids] gTcgEventEntryHobGuid ## PRODUCES ## HOB -- 2.31.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80360): https://edk2.groups.io/g/devel/message/80360 Mute This Topic: https://groups.io/mt/85459207/21656 Group Owner: [email protected] Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
