From 0ecb863aaca8d71a35763645ced278589666ada2 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Wed, 15 Dec 2021 12:39:19 +0100 Subject: [PATCH 4/6] OvmfPkg: create Tcg12ConfigPei.inf RH-Author: Gerd Hoffmann RH-MergeRequest: 9: backport tpm build updates, disable tpm 1.2 support RH-Commit: [4/6] 92926b9a05aaff38aab9a2aeee211be736863ab9 (kraxel/centos-edk2) RH-Bugzilla: 1935497 RH-Acked-by: Oliver Steffen Split Tcg2ConfigPei.inf into two variants: Tcg12ConfigPei.inf with TPM 1.2 support included and Tcg2ConfigPei.inf supporting TPM 2.0 only. This allows x86 builds to choose whenever TPM 1.2 support should be included or not by picking the one or the other inf file. Switch x86 builds to Tcg12ConfigPei.inf, so they continue to have TPM 1.2 support. No functional change. Signed-off-by: Gerd Hoffmann Reviewed-by: Stefan Berger Tested-by: Stefan Berger (cherry picked from commit b81938877276e808b6535e612b320eee559c4c2f) --- OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 2 +- OvmfPkg/OvmfTpmPei.fdf.inc | 2 +- OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf | 56 +++++++++++++++++++++++ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf | 11 +---- 4 files changed, 59 insertions(+), 12 deletions(-) create mode 100644 OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc index 99fa7c13b3..87d491da50 100644 --- a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc +++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc @@ -4,7 +4,7 @@ !if $(TPM_ENABLE) == TRUE OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf - OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf + OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf SecurityPkg/Tcg/TcgPei/TcgPei.inf SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc index 9aefd73d21..709a608cc3 100644 --- a/OvmfPkg/OvmfTpmPei.fdf.inc +++ b/OvmfPkg/OvmfTpmPei.fdf.inc @@ -4,7 +4,7 @@ !if $(TPM_ENABLE) == TRUE INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf -INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +INF OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf diff --git a/OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf b/OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf new file mode 100644 index 0000000000..e8e0b88e60 --- /dev/null +++ b/OvmfPkg/Tcg/Tcg2Config/Tcg12ConfigPei.inf @@ -0,0 +1,56 @@ +## @file +# Set TPM device type - supports TPM 1.2 and 2.0 +# +# In SecurityPkg, this module initializes the TPM device type based on a UEFI +# variable and/or hardware detection. In OvmfPkg, the module only performs TPM +# hardware detection. +# +# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+# Copyright (C) 2018, Red Hat, Inc. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = Tcg2ConfigPei + FILE_GUID = 8AD3148F-945F-46B4-8ACD-71469EA73945 + MODULE_TYPE = PEIM + VERSION_STRING = 1.0 + ENTRY_POINT = Tcg2ConfigPeimEntryPoint + +[Sources] + Tcg2ConfigPeim.c + Tpm12Support.h + Tpm12Support.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + OvmfPkg/OvmfPkg.dec + SecurityPkg/SecurityPkg.dec + +[LibraryClasses] + PeimEntryPoint + DebugLib + PeiServicesLib + Tpm2DeviceLib + BaseLib + Tpm12DeviceLib + +[Guids] + gEfiTpmDeviceSelectedGuid ## PRODUCES ## GUID # Used as a PPI GUID + gEfiTpmDeviceInstanceTpm20DtpmGuid ## SOMETIMES_CONSUMES + gEfiTpmDeviceInstanceTpm12Guid ## SOMETIMES_CONSUMES + +[Ppis] + gPeiTpmInitializationDonePpiGuid ## SOMETIMES_PRODUCES + +[Pcd] + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## PRODUCES + +[Depex.IA32, Depex.X64] + gOvmfTpmMmioAccessiblePpiGuid + +[Depex.ARM, Depex.AARCH64] + gOvmfTpmDiscoveredPpiGuid diff --git a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf b/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf index 39d1deeed1..51078c9813 100644 --- a/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +++ b/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf @@ -1,5 +1,5 @@ ## @file -# Set TPM device type +# Set TPM device type - supports TPM 2.0 only # # In SecurityPkg, this module initializes the TPM device type based on a UEFI # variable and/or hardware detection. In OvmfPkg, the module only performs TPM @@ -22,11 +22,6 @@ [Sources] Tcg2ConfigPeim.c Tpm12Support.h - -[Sources.IA32, Sources.X64] - Tpm12Support.c - -[Sources.ARM, Sources.AARCH64] Tpm12SupportNull.c [Packages] @@ -41,10 +36,6 @@ PeiServicesLib Tpm2DeviceLib -[LibraryClasses.IA32, LibraryClasses.X64] - BaseLib - Tpm12DeviceLib - [Guids] gEfiTpmDeviceSelectedGuid ## PRODUCES ## GUID # Used as a PPI GUID gEfiTpmDeviceInstanceTpm20DtpmGuid ## SOMETIMES_CONSUMES -- 2.27.0