Re: [edk2] [PATCH v3 0/7] ovmf: preliminary TPM2 support

2018-03-09 Thread Laszlo Ersek
Hi Marc-André, On 03/09/18 14:09, marcandre.lur...@redhat.com wrote: > From: Marc-André Lureau > > Hi, > > The following series adds basic TPM2 support for OVMF-on-QEMU (I > haven't tested TPM1, for lack of interest). It links with the modules > to initializes the

Re: [edk2] [PATCH v3 1/1] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Clear C-bit when SEV is active

2018-03-09 Thread Laszlo Ersek
On 03/09/18 17:06, Brijesh Singh wrote: > Commit:24e4ad7 (OvmfPkg: Add AmdSevDxe driver) added a driver which runs > early in DXE phase and clears the C-bit from NonExistent entry -- which > is later split and accommodate the flash MMIO. When SMM is enabled, we > build two sets of page tables;

[edk2] [PATCH 1/2] OvmfPkg/Tcg2ConfigPei: trivial coding style updates

2018-03-09 Thread Laszlo Ersek
- the @file comment block should match between INF and main C file - rewrap / refill columns to 79 characters - insert space before opening paren - prefix and suffix //-style comment block with empty // lines - fix indentation of arguments in multi-line function call - general tab spacing

[edk2] [PATCH 2/2] SecurityPkg/TcgPei: drop PeiReadOnlyVariable from Depex

2018-03-09 Thread Laszlo Ersek
TcgPei doesn't actually use the PEI-phase read-only variable service, so drop that from the Depex. This patch was inspired by commit ab9e11da6651 ("SecurityPkg/Tcg2Pei: drop PeiReadOnlyVariable from Depex", 2018-03-09). Cc: Chao Zhang Cc: Jiewen Yao

[edk2] [PATCH 0/2] OvmfPkg, SecurityPkg: small followup patches after the TPM2 addition to OVMF

2018-03-09 Thread Laszlo Ersek
Repo: https://github.com/lersek/edk2.git Branch: ovmf_tcg2_followup The first patch brings small coding style improvements to OvmfPkg/Tcg/Tcg2Config. The second patch trims a superfluous PPI from SecurityPkg/Tcg/TcgPei's DEPEX. Cc: Ard Biesheuvel Cc: Chao Zhang

Re: [edk2] [PATCH 2/2] SecurityPkg/TcgPei: drop PeiReadOnlyVariable from Depex

2018-03-09 Thread Yao, Jiewen
reviewed by: jiewen@intel.com thank you! Yao, Jiewen > 在 2018年3月10日,上午4:05,Laszlo Ersek 写道: > > TcgPei doesn't actually use the PEI-phase read-only variable service, so > drop that from the Depex. > > This patch was inspired by commit ab9e11da6651

Re: [edk2] [PATCH 0/2] OvmfPkg, SecurityPkg: small followup patches after the TPM2 addition to OVMF

2018-03-09 Thread Jordan Justen
Series Reviewed-by: Jordan Justen On 2018-03-09 12:05:23, Laszlo Ersek wrote: > Repo: https://github.com/lersek/edk2.git > Branch: ovmf_tcg2_followup > > The first patch brings small coding style improvements to > OvmfPkg/Tcg/Tcg2Config. The second patch trims a

Re: [edk2] [PATCH v2 8/8] ovmf: add DxeTpm2MeasureBootLib

2018-03-09 Thread Laszlo Ersek
On 03/09/18 01:39, Yao, Jiewen wrote: > Very good question. > Comment below: > >> -Original Message- >> From: Laszlo Ersek [mailto:ler...@redhat.com] >> Sent: Friday, March 9, 2018 3:54 AM >> To: marcandre.lur...@redhat.com; edk2-devel@lists.01.org; Yao, Jiewen >> >>

Re: [edk2] [RFC] Add Platform Include path in modules

2018-03-09 Thread Pankaj Bansal
Hi All, Will It violate the UEFI Platform Initialization Distribution Packaging Specification if we want to use Computed Includes ? https://gcc.gnu.org/onlinedocs/gcc-3.0.2/cpp_2.html#SEC10 Thanks & Regards, Pankaj Bansal > -Original Message- > From: Gao, Liming

Re: [edk2] [PATCH v2 8/8] ovmf: add DxeTpm2MeasureBootLib

2018-03-09 Thread Yao, Jiewen
Good idea. The additional message looks great!!! thank you! Yao, Jiewen > 在 2018年3月9日,下午6:26,Laszlo Ersek 写道: > > in ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH v1 1/1] BaseTools: GlobalData remove unused variable

2018-03-09 Thread Zhu, Yonghong
Reviewed-by: Yonghong Zhu Best Regards, Zhu Yonghong -Original Message- From: Carsey, Jaben Sent: Thursday, March 08, 2018 8:45 AM To: edk2-devel@lists.01.org Cc: Zhu, Yonghong ; Gao, Liming Subject: [PATCH v1 1/1]

Re: [edk2] [PATCH] BaseTools: Fix parse OFFSET_OF get wrong offset

2018-03-09 Thread Zhu, Yonghong
Reviewed-by: Yonghong Zhu Best Regards, Zhu Yonghong -Original Message- From: Feng, YunhuaX Sent: Friday, March 9, 2018 4:46 PM To: edk2-devel@lists.01.org Cc: Zhu, Yonghong ; Gao, Liming Subject: [PATCH]

[edk2] [PATCH] BaseTools: Fix parse OFFSET_OF get wrong offset

2018-03-09 Thread Feng, YunhuaX
Fix parse OFFSET_OF get wrong offset Cc: Liming Gao Cc: Yonghong Zhu Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Yunhua Feng --- BaseTools/Source/Python/Common/Expression.py | 9 ++--- 1 file

Re: [edk2] [Patch] BaseTools: Fix a bug for --pcd used in ConditionalStatement calculate

2018-03-09 Thread Gao, Liming
Reviewed-by: Liming Gao >-Original Message- >From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of >Yonghong Zhu >Sent: Friday, March 09, 2018 3:19 PM >To: edk2-devel@lists.01.org >Subject: [edk2] [Patch] BaseTools: Fix a bug for --pcd used in

Re: [edk2] [PATCH v3 7/7] OvmfPkg: plug DxeTpm2MeasureBootLib into SecurityStubDxe

2018-03-09 Thread Laszlo Ersek
On 03/09/18 14:09, marcandre.lur...@redhat.com wrote: > From: Marc-André Lureau > > The library registers a security management handler, to measure images > that are not measure in PEI phase. For example with the qemu PXE rom: > > Loading driver at 0x0003E6C2000

[edk2] [PATCH v3 4/7] OvmfPkg: add customized Tcg2ConfigPei clone

2018-03-09 Thread marcandre . lureau
From: Marc-André Lureau The Tcg2ConfigPei module informs the firmware globally about the TPM device type, by setting the PcdTpmInstanceGuid PCD to the appropriate GUID value. The original module under SecurityPkg can perform device detection, or read a cached value

[edk2] [PATCH v3 0/7] ovmf: preliminary TPM2 support

2018-03-09 Thread marcandre . lureau
From: Marc-André Lureau Hi, The following series adds basic TPM2 support for OVMF-on-QEMU (I haven't tested TPM1, for lack of interest). It links with the modules to initializes the device in PEI phase, and do measurements (both PEI and DXE). The Tcg2Dxe module

[edk2] [PATCH v3 1/7] SecurityPkg/Tcg2Pei: drop PeiReadOnlyVariable from Depex

2018-03-09 Thread marcandre . lureau
From: Marc-André Lureau The module doesn't use read-only variable. Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Marc-André Lureau Reviewed-by: Laszlo Ersek

[edk2] [PATCH v3 2/7] MdeModulePkg/Core/Pei: fix REGISITER -> REGISTER typo

2018-03-09 Thread marcandre . lureau
From: Marc-André Lureau No functional changes. Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Marc-André Lureau Reviewed-by: Laszlo Ersek Reviewed-by: Star

[edk2] [PATCH v3 6/7] OvmfPkg: include Tcg2Dxe module

2018-03-09 Thread marcandre . lureau
From: Marc-André Lureau This module measures and log the boot environment. It also produces the Tcg2 protocol, which allows for example to read the log from OS. The linux kernel doesn't yet read the EFI_TCG2_EVENT_LOG_FORMAT_TCG_2, which is required for crypto-agile

[edk2] [PATCH v3 5/7] OvmfPkg: include Tcg2Pei module

2018-03-09 Thread marcandre . lureau
From: Marc-André Lureau This module will initialize TPM device, measure reported FVs and BIOS version. We keep both SHA-1 and SHA-256 for the TCG 1.2 log format compatibility, but the SHA-256 measurements and TCG 2 log format are now recommended. Cc: Laszlo Ersek

[edk2] [PATCH v3 3/7] OvmfPkg: simplify SecurityStubDxe.inf inclusion

2018-03-09 Thread marcandre . lureau
From: Marc-André Lureau SecurityStubDxe.inf should be included unconditionally. Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Marc-André Lureau Reviewed-by: Laszlo Ersek

Re: [edk2] [PATCH v2 0/8] RFC: ovmf: preliminary TPM2 support

2018-03-09 Thread Stefan Berger
On 03/08/2018 10:03 PM, Shi, Steven wrote: Hi Marcandre, Thanks for your command steps and I tried them, but my qemu failed to connect the socket tpmemu.sock. When I added the control channel to the TPM, the swtpm socket command stuck there and never exit. Not sure whether it was successful.

Re: [edk2] [PATCH v2 2/8] SecurityPkg/Tcg2Pei: drop PeiReadOnlyVariable from Depex

2018-03-09 Thread Marc-André Lureau
Hi On Thu, Mar 8, 2018 at 1:36 AM, Zhang, Chao B wrote: > Hi Lureau: >I think we can remove same dependency in TcgPei. > Thanks, feel free to explore that as a separate patch. This is out of scope to me. -- Marc-André Lureau

[edk2] [PATCH v3 7/7] OvmfPkg: plug DxeTpm2MeasureBootLib into SecurityStubDxe

2018-03-09 Thread marcandre . lureau
From: Marc-André Lureau The library registers a security management handler, to measure images that are not measure in PEI phase. For example with the qemu PXE rom: Loading driver at 0x0003E6C2000 EntryPoint=0x0003E6C9076 8086100e.efi And the following

Re: [edk2] [PATCH v3 0/7] ovmf: preliminary TPM2 support

2018-03-09 Thread Marc-André Lureau
Hi On Fri, Mar 9, 2018 at 2:09 PM, wrote: > From: Marc-André Lureau > > Hi, > > The following series adds basic TPM2 support for OVMF-on-QEMU (I > haven't tested TPM1, for lack of interest). It links with the modules > to initializes

Re: [edk2] [PATCH v2 2/8] SecurityPkg/Tcg2Pei: drop PeiReadOnlyVariable from Depex

2018-03-09 Thread Laszlo Ersek
On 03/09/18 14:05, Marc-André Lureau wrote: > Hi > > On Thu, Mar 8, 2018 at 1:36 AM, Zhang, Chao B wrote: >> Hi Lureau: >>I think we can remove same dependency in TcgPei. >> > > Thanks, feel free to explore that as a separate patch. This is out of > scope to me. > >

Re: [edk2] [RFC] Add Platform Include path in modules

2018-03-09 Thread Kinney, Michael D
Pankaj Bansal, Computed includes are really just a shorthand for #if statements around #include statements. These statements appear in the C code to a module. As long as all the platform packages that the include file might be included from are listed in the [Packages] section of the INF file

Re: [edk2] [PATCH v3 1/7] SecurityPkg/Tcg2Pei: drop PeiReadOnlyVariable from Depex

2018-03-09 Thread Laszlo Ersek
On 03/09/18 14:09, marcandre.lur...@redhat.com wrote: > From: Marc-André Lureau > > The module doesn't use read-only variable. > > Cc: Laszlo Ersek > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Marc-André Lureau

[edk2] [PATCH v3 1/1] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Clear C-bit when SEV is active

2018-03-09 Thread Brijesh Singh
Commit:24e4ad7 (OvmfPkg: Add AmdSevDxe driver) added a driver which runs early in DXE phase and clears the C-bit from NonExistent entry -- which is later split and accommodate the flash MMIO. When SMM is enabled, we build two sets of page tables; first page table is used when executing code in non

Re: [edk2] [PATCH v3 5/7] OvmfPkg: include Tcg2Pei module

2018-03-09 Thread Laszlo Ersek
On 03/09/18 14:09, marcandre.lur...@redhat.com wrote: > From: Marc-André Lureau > > This module will initialize TPM device, measure reported FVs and BIOS > version. We keep both SHA-1 and SHA-256 for the TCG 1.2 log format > compatibility, but the SHA-256

Re: [edk2] [PATCH v3 4/7] OvmfPkg: add customized Tcg2ConfigPei clone

2018-03-09 Thread Laszlo Ersek
On 03/09/18 14:09, marcandre.lur...@redhat.com wrote: > From: Marc-André Lureau > > The Tcg2ConfigPei module informs the firmware globally about the TPM > device type, by setting the PcdTpmInstanceGuid PCD to the appropriate > GUID value. The original module under

Re: [edk2] [PATCH v3 6/7] OvmfPkg: include Tcg2Dxe module

2018-03-09 Thread Laszlo Ersek
On 03/09/18 14:09, marcandre.lur...@redhat.com wrote: > From: Marc-André Lureau > > This module measures and log the boot environment. It also produces > the Tcg2 protocol, which allows for example to read the log from OS. > > The linux kernel doesn't yet read the