On 01/25/19 22:30, Stefan Berger wrote: > This patch adds the TCG2 Configuration menu to the Device Manager > menu. We can apparently reuse the sample Tcg2ConfigDxe from > SecurityPkg/Tcg/Tcg2Config without obvious adverse effects. The > added TCG2 Configuration menu now shows details about the attached > TPM 2.0 and lets one for example configure the active PCR banks > or issue commands, among other things. > > The code is added to Ovmf by building with -DTPM2_ENABLE and > -DTPM2_CONFIG_ENABLE. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Stefan Berger <stef...@linux.ibm.com> > --- > OvmfPkg/OvmfPkgIa32.dsc | 4 ++++ > OvmfPkg/OvmfPkgIa32.fdf | 3 +++ > OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++++ > OvmfPkg/OvmfPkgIa32X64.fdf | 3 +++ > OvmfPkg/OvmfPkgX64.dsc | 4 ++++ > OvmfPkg/OvmfPkgX64.fdf | 3 +++ > 6 files changed, 21 insertions(+) > > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index aee19b75d7..2b642ab5dc 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -40,6 +40,7 @@ > DEFINE SMM_REQUIRE = FALSE > DEFINE TLS_ENABLE = FALSE > DEFINE TPM2_ENABLE = FALSE > + DEFINE TPM2_CONFIG_ENABLE = FALSE > > # > # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly > to > @@ -632,6 +633,9 @@ > > NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > > NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > } > +!if $(TPM2_CONFIG_ENABLE) == TRUE > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > # > diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf > index e013099136..4999403ad7 100644 > --- a/OvmfPkg/OvmfPkgIa32.fdf > +++ b/OvmfPkg/OvmfPkgIa32.fdf > @@ -381,6 +381,9 @@ INF > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > > !if $(TPM2_ENABLE) == TRUE > INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf > +!if $(TPM2_CONFIG_ENABLE) == TRUE > +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > > ################################################################################ > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index 90cbd8e341..14a5c1bb29 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -40,6 +40,7 @@ > DEFINE SMM_REQUIRE = FALSE > DEFINE TLS_ENABLE = FALSE > DEFINE TPM2_ENABLE = FALSE > + DEFINE TPM2_CONFIG_ENABLE = FALSE > > # > # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly > to > @@ -640,6 +641,9 @@ > > NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > > NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > } > +!if $(TPM2_CONFIG_ENABLE) == TRUE > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > [Components.X64] > diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf > index afaa334384..d0cc107928 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.fdf > +++ b/OvmfPkg/OvmfPkgIa32X64.fdf > @@ -388,6 +388,9 @@ INF > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > > !if $(TPM2_ENABLE) == TRUE > INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf > +!if $(TPM2_CONFIG_ENABLE) == TRUE > +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > > ################################################################################ > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index 83d16eb00b..aa7197f533 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -40,6 +40,7 @@ > DEFINE SMM_REQUIRE = FALSE > DEFINE TLS_ENABLE = FALSE > DEFINE TPM2_ENABLE = FALSE > + DEFINE TPM2_CONFIG_ENABLE = FALSE > > # > # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly > to > @@ -639,6 +640,9 @@ > > NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > > NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > } > +!if $(TPM2_CONFIG_ENABLE) == TRUE > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > # > diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf > index afaa334384..d0cc107928 100644 > --- a/OvmfPkg/OvmfPkgX64.fdf > +++ b/OvmfPkg/OvmfPkgX64.fdf > @@ -388,6 +388,9 @@ INF > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > > !if $(TPM2_ENABLE) == TRUE > INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf > +!if $(TPM2_CONFIG_ENABLE) == TRUE > +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > !endif > > > ################################################################################ >
Reviewed-by: Laszlo Ersek <ler...@redhat.com> I'll wait a few more days before pushing this, in order to give time to others to comment. In particular, Marc-André, could you please ACK the patch? (Subsequently, I should submit a patch that adds both Marc-André and Stefan as "R" to OvmfPkg, for TPM stuff.) Thanks! Laszlo _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel