From ea13ea4c0b9809255bd4f029898f8b32e3a478de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Thu, 12 Sep 2019 11:33:55 +0200 Subject: [PATCH 1/8] UefiPayloadPkg: initial support for TPM2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michał Żygowski --- UefiPayloadPkg/UefiPayloadPkg.fdf | 6 +++ UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc | 51 +++++++++++++++++++++++- 2 files changed, 56 insertions(+), 1 deletion(-) diff --git a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf index 4cd88a3f855d..063c66cdae54 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.fdf +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf @@ -51,6 +51,9 @@ INF MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf INF UefiPayloadPkg/BlSupportPei/BlSupportPei.inf INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf +INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf + ################################################################################ [FV.DXEFV] @@ -161,6 +164,9 @@ INF MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf +INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +# INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf + # # Shell diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc index 5b7994a62cda..acddb067560b 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc @@ -205,6 +205,16 @@ TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + + # + # TPM2 + # + Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf + Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf + TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + [LibraryClasses.IA32.SEC] DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf @@ -223,6 +233,10 @@ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib.inf !endif +[LibraryClasses.common.PEIM] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf + [LibraryClasses.common.DXE_CORE] PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf @@ -245,6 +259,7 @@ !endif CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf [LibraryClasses.common.DXE_RUNTIME_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -359,6 +374,8 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdConOutRow|31 gEfiMdeModulePkgTokenSpaceGuid.PcdConOutColumn|100 + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} + ################################################################################ # # Components Section - list of all EDK II Modules needed by this Platform. @@ -388,6 +405,23 @@ UefiPayloadPkg/BlSupportPei/BlSupportPei.inf MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf + # + # TPM2 + # + OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { + + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } + + #SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf + + [Components.X64] # # DXE Core @@ -400,7 +434,10 @@ # # Components that produce the architectural protocols # - MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { + + NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf + } UefiCpuPkg/CpuDxe/CpuDxe.inf MdeModulePkg/Universal/BdsDxe/BdsDxe.inf MdeModulePkg/Application/UiApp/UiApp.inf { @@ -502,6 +539,18 @@ MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf UefiPayloadPkg/GraphicsOutputDxe/GraphicsOutputDxe.inf + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { + + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf + NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } + #------------------------------ # Build the shell #------------------------------ From 27b31947ddf47e035652e3a669271cb741215a0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Thu, 12 Sep 2019 12:22:55 +0200 Subject: [PATCH 2/8] fixes for apu2 build MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michał Żygowski --- .../PcatRealTimeClockRuntimeDxe/PcRtc.c | 4 +- .../PlatformBootManager.c | 76 +++++++++++++++++++ .../PlatformBootManagerLib.inf | 1 + UefiPayloadPkg/UefiPayloadPkg.dec | 15 ++++ 4 files changed, 94 insertions(+), 2 deletions(-) diff --git a/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c b/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c index 8b68b0f19252..e674f8e9feb0 100644 --- a/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c +++ b/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c @@ -140,8 +140,8 @@ PcRtcInit ( // // Clear RTC register D // - RegisterD.Data = FixedPcdGet8 (PcdInitialValueRtcRegisterD); - RtcWrite (RTC_ADDRESS_REGISTER_D, RegisterD.Data); + RegisterD.Data = RtcRead (RTC_ADDRESS_REGISTER_D); + RtcWrite (RTC_ADDRESS_REGISTER_D, RegisterD.Data & 0x80); // // Wait for up to 0.1 seconds for the RTC to be updated diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c index c5c6af0abcb2..ec25b6eada84 100644 --- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c +++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c @@ -10,6 +10,65 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "PlatformBootManager.h" #include "PlatformConsole.h" +#define DP_NODE_LEN(Type) { (UINT8)sizeof (Type), (UINT8)(sizeof (Type) >> 8) } + +#pragma pack (1) +typedef struct { + VENDOR_DEVICE_PATH SerialDxe; + UART_DEVICE_PATH Uart; + VENDOR_DEFINED_DEVICE_PATH TermType; + EFI_DEVICE_PATH_PROTOCOL End; +} PLATFORM_SERIAL_CONSOLE; +#pragma pack () + +#define SERIAL_DXE_FILE_GUID { \ + 0xD3987D4B, 0x971A, 0x435F, \ + { 0x8C, 0xAF, 0x49, 0x67, 0xEB, 0x62, 0x72, 0x41 } \ + } + +STATIC PLATFORM_SERIAL_CONSOLE mSerialConsole = { + // + // VENDOR_DEVICE_PATH SerialDxe + // + { + { HARDWARE_DEVICE_PATH, HW_VENDOR_DP, DP_NODE_LEN (VENDOR_DEVICE_PATH) }, + SERIAL_DXE_FILE_GUID + }, + + // + // UART_DEVICE_PATH Uart + // + { + { MESSAGING_DEVICE_PATH, MSG_UART_DP, DP_NODE_LEN (UART_DEVICE_PATH) }, + 0, // Reserved + 0, // BaudRate + 0, // DataBits + 0, // Parity + 0 // StopBits + }, + + // + // VENDOR_DEFINED_DEVICE_PATH TermType + // + { + { + MESSAGING_DEVICE_PATH, MSG_VENDOR_DP, + DP_NODE_LEN (VENDOR_DEFINED_DEVICE_PATH) + } + // + // Guid to be filled in dynamically + // + }, + + // + // EFI_DEVICE_PATH_PROTOCOL End + // + { + END_DEVICE_PATH_TYPE, END_ENTIRE_DEVICE_PATH_SUBTYPE, + DP_NODE_LEN (EFI_DEVICE_PATH_PROTOCOL) + } +}; + VOID InstallReadyToLock ( VOID @@ -182,6 +241,23 @@ PlatformBootManagerBeforeConsole ( EfiBootManagerGetBootManagerMenu (&BootOption); EfiBootManagerAddKeyOptionVariable (NULL, (UINT16) BootOption.OptionNumber, 0, &Down, NULL); + mSerialConsole.Uart.BaudRate = PcdGet64 (PcdUartDefaultBaudRate); + mSerialConsole.Uart.DataBits = PcdGet8 (PcdUartDefaultDataBits); + mSerialConsole.Uart.Parity = PcdGet8 (PcdUartDefaultParity); + mSerialConsole.Uart.StopBits = PcdGet8 (PcdUartDefaultStopBits); + // + // Add the hardcoded serial console device path to ConIn, ConOut, ErrOut. + // + CopyGuid (&mSerialConsole.TermType.Guid, + PcdGetPtr (PcdTerminalTypeGuidBuffer)); + EfiBootManagerUpdateConsoleVariable (ConIn, + (EFI_DEVICE_PATH_PROTOCOL *)&mSerialConsole, NULL); + EfiBootManagerUpdateConsoleVariable (ConOut, + (EFI_DEVICE_PATH_PROTOCOL *)&mSerialConsole, NULL); + EfiBootManagerUpdateConsoleVariable (ErrOut, + (EFI_DEVICE_PATH_PROTOCOL *)&mSerialConsole, NULL); + + // // Install ready to lock. // This needs to be done before option rom dispatched. diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf index 1f5a0bcad038..8de469ae501a 100644 --- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf @@ -69,3 +69,4 @@ gEfiMdePkgTokenSpaceGuid.PcdUartDefaultDataBits gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits + gUefiPayloadPkgTokenSpaceGuid.PcdTerminalTypeGuidBuffer diff --git a/UefiPayloadPkg/UefiPayloadPkg.dec b/UefiPayloadPkg/UefiPayloadPkg.dec index 1559735db23f..c72d32b5f793 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dec +++ b/UefiPayloadPkg/UefiPayloadPkg.dec @@ -68,4 +68,19 @@ gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0x04|UINT32|0x0 gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|0xC0|UINT32|0x00000015 gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|0x80|UINT32|0x00000016 +[PcdsFixedAtBuild] +## Specifies the initial value for Register_A in RTC. +# @Prompt Initial value for Register_A in RTC. +gPcAtChipsetPkgTokenSpaceGuid.PcdInitialValueRtcRegisterA|0x26|UINT8|0x00000006 + +## Specifies the initial value for Register_B in RTC. +# @Prompt Initial value for Register_B in RTC. +gPcAtChipsetPkgTokenSpaceGuid.PcdInitialValueRtcRegisterB|0x02|UINT8|0x00000002 + +# +# Binary representation of the GUID that determines the terminal type. The +# size must be exactly 16 bytes. The default value corresponds to +# EFI_VT_100_GUID. +# +gUefiPayloadPkgTokenSpaceGuid.PcdTerminalTypeGuidBuffer|{0x65, 0x60, 0xA6, 0xDF, 0x19, 0xB4, 0xD3, 0x11, 0x9A, 0x2D, 0x00, 0x90, 0x27, 0x3F, 0xC1, 0x4D}|VOID*|0x00000007 From bc62fbd05740e67751c84bd49cec68b26a3656fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Thu, 12 Sep 2019 12:24:47 +0200 Subject: [PATCH 3/8] UefiPayloadPkg: fix PP lib for TPM2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michał Żygowski --- UefiPayloadPkg/UefiPayloadPkg.fdf | 4 ++-- UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf index 063c66cdae54..a96497457542 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.fdf +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf @@ -16,10 +16,10 @@ ErasePolarity = 1 BlockSize = 0x1000 NumBlocks = 0x410 -0x00000000|0x030000 +0x00000000|0x040000 FV = PEIFV -0x00030000|0x3E0000 +0x00040000|0x3D0000 FV = DXEFV ################################################################################ diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc index acddb067560b..1b4c39be9ada 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc @@ -210,10 +210,12 @@ # TPM2 # Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf - Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf + Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf [LibraryClasses.IA32.SEC] DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf From 1385790845c185b0040e74df33124833348012ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Thu, 12 Sep 2019 14:31:43 +0200 Subject: [PATCH 4/8] UefiPayloadPkg/Library/PciHostBridgeLib/PciHostBridgeSupport.c: fix MMIO PCI enumaration for apu MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michał Żygowski --- UefiPayloadPkg/Library/PciHostBridgeLib/PciHostBridgeSupport.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/UefiPayloadPkg/Library/PciHostBridgeLib/PciHostBridgeSupport.c b/UefiPayloadPkg/Library/PciHostBridgeLib/PciHostBridgeSupport.c index fffbf04cad3f..cf9c2e9fe6e4 100644 --- a/UefiPayloadPkg/Library/PciHostBridgeLib/PciHostBridgeSupport.c +++ b/UefiPayloadPkg/Library/PciHostBridgeLib/PciHostBridgeSupport.c @@ -319,7 +319,7 @@ ScanForRootBridges ( // update the Primary Bus Number for the next PCI root bridge to be this PCI // root bridge's subordinate bus number + 1. // - for (PrimaryBus = 0; PrimaryBus <= PCI_MAX_BUS; PrimaryBus = SubBus + 1) { + for (PrimaryBus = 0; PrimaryBus <= 63; PrimaryBus = SubBus + 1) { SubBus = PrimaryBus; Attributes = 0; From 595515f1ca5e1cd8d4feb660c9a1638cb66ee512 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Thu, 12 Sep 2019 15:41:24 +0200 Subject: [PATCH 5/8] UefiPayloadPkg: make TPM2 support variable dependent MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michał Żygowski --- UefiPayloadPkg/UefiPayloadPkg.fdf | 9 +++++++-- UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc | 23 +++++++++++++++++++++-- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf index a96497457542..03db92891f3b 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.fdf +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf @@ -51,8 +51,10 @@ INF MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf INF UefiPayloadPkg/BlSupportPei/BlSupportPei.inf INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf +!if $(TPM2_ENABLE) == TRUE INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +!endif ################################################################################ @@ -164,9 +166,12 @@ INF MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf +!if $(TPM2_ENABLE) == TRUE INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf -# INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf - +!if $(TPM2_CONFIG_ENABLE) == TRUE +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif +!endif # # Shell diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc index 1b4c39be9ada..d79d8c3be1cf 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc @@ -25,6 +25,8 @@ FLASH_DEFINITION = UefiPayloadPkg/UefiPayloadPkg.fdf DEFINE SOURCE_DEBUG_ENABLE = FALSE + DEFINE TPM2_ENABLE = FALSE + DEFINE TPM2_CONFIG_ENABLE = FALSE # # SBL: UEFI payload for Slim Bootloader @@ -209,6 +211,7 @@ # # TPM2 # +!if $(TPM2_ENABLE) == TRUE Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf @@ -216,6 +219,7 @@ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +!endif [LibraryClasses.IA32.SEC] DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf @@ -235,9 +239,11 @@ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib.inf !endif +!if $(TPM2_ENABLE) == TRUE [LibraryClasses.common.PEIM] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +!endif [LibraryClasses.common.DXE_CORE] PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf @@ -261,7 +267,9 @@ !endif CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +!if $(TPM2_ENABLE) == TRUE Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +!endif [LibraryClasses.common.DXE_RUNTIME_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -376,7 +384,9 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdConOutRow|31 gEfiMdeModulePkgTokenSpaceGuid.PcdConOutColumn|100 +!if $(TPM2_ENABLE) == TRUE gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} +!endif ################################################################################ # @@ -410,6 +420,7 @@ # # TPM2 # +!if $(TPM2_ENABLE) == TRUE OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { @@ -420,8 +431,7 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } - - #SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif [Components.X64] @@ -436,10 +446,14 @@ # # Components that produce the architectural protocols # + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { +!if $(TPM2_ENABLE) == TRUE NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +!endif } + UefiCpuPkg/CpuDxe/CpuDxe.inf MdeModulePkg/Universal/BdsDxe/BdsDxe.inf MdeModulePkg/Application/UiApp/UiApp.inf { @@ -541,6 +555,7 @@ MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf UefiPayloadPkg/GraphicsOutputDxe/GraphicsOutputDxe.inf +!if $(TPM2_ENABLE) == TRUE SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf @@ -552,6 +567,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif +!endif #------------------------------ # Build the shell From 17b937649dd3f013574c4ffd07c8dc3542f943eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Thu, 12 Sep 2019 18:15:25 +0200 Subject: [PATCH 6/8] UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc: fix issues with TPM2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michał Żygowski --- UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc index d79d8c3be1cf..ded19d0ffd22 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc @@ -314,6 +314,8 @@ gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|$(PCIE_BASE) + gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE + !if $(SOURCE_DEBUG_ENABLE) gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2 !endif @@ -385,7 +387,8 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdConOutColumn|100 !if $(TPM2_ENABLE) == TRUE - gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{ 0x28, 0x6b ,0xf2, 0x5a, 0xc2, 0xc3, 0x40, 0x8c, 0xb3, 0xb4, 0x25, 0xe6, 0x75, 0x8b, 0x73, 0x17 } + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|3 !endif ################################################################################ From d8b233754502311417a5fc26b3c8fded461c1567 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Thu, 12 Sep 2019 18:47:45 +0200 Subject: [PATCH 7/8] UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc: change console to COM1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michał Żygowski --- UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc index ded19d0ffd22..d50801d12537 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc @@ -333,7 +333,7 @@ # The following parameters are set by Library/PlatformHookLib # gEfiMdeModulePkgTokenSpaceGuid.PcdSerialUseMmio|FALSE - gEfiMdeModulePkgTokenSpaceGuid.PcdSerialRegisterBase|0x3f8 + gEfiMdeModulePkgTokenSpaceGuid.PcdSerialRegisterBase|0x2f8 gEfiMdeModulePkgTokenSpaceGuid.PcdSerialBaudRate|$(BAUD_RATE) gEfiMdeModulePkgTokenSpaceGuid.PcdSerialRegisterStride|1 From 626a717142033b3e294bbcabf0bc24acef25309d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20=C5=BBygowski?= Date: Fri, 13 Sep 2019 12:34:39 +0200 Subject: [PATCH 8/8] UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc: set the same TPM2 ACPI table rev as in coreboot MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michał Żygowski --- UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc index d50801d12537..edf798482d2a 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc @@ -313,8 +313,10 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 } gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|$(PCIE_BASE) - gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE +!if $(TPM2_ENABLE) == TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|4 +!endif !if $(SOURCE_DEBUG_ENABLE) gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2