From cbce29f7749477e271f9764fed82de94724af5df Mon Sep 17 00:00:00 2001

From: Laszlo Ersek <lersek@redhat.com>

Date: Wed, 24 Jun 2020 11:40:09 +0200

Subject: [PATCH 3/3] SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent

 aa64 build (RH)

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

RH-Author: Laszlo Ersek <lersek@redhat.com>

Message-id: <20200615080105.11859-4-lersek@redhat.com>

Patchwork-id: 97534

O-Subject: [RHEL-8.3.0 edk2 PATCH 3/3] SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent aa64 build (RH)

Bugzilla: 1844682

RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>

RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>

RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>

If swtpm / vTPM2 is not being used, Tcg2Dxe should return EFI_UNSUPPORTED,

so that the DXE Core can unload it. However, the associated error message,

logged by the DXE Core to the serial console, is not desired in the silent

edk2-aarch64 build, given that the absence of swtpm / vTPM2 is nothing out

of the ordinary. Therefore, return success and stay resident. The wasted

guest RAM still gets freed after ExitBootServices().

(Inspired by RHEL-8.1.0 commit aaaedc1e2cfd.)

Signed-off-by: Laszlo Ersek <lersek@redhat.com>

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>

---

 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c   | 17 +++++++++++++++++

 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf |  1 +

 2 files changed, 18 insertions(+)

diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c

index 9a5f987e68..da2153cb25 100644

--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c

+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c

@@ -28,6 +28,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

 #include <Protocol/ResetNotification.h>

 #include <Library/DebugLib.h>

+#include <Library/DebugPrintErrorLevelLib.h>

 #include <Library/BaseMemoryLib.h>

 #include <Library/UefiRuntimeServicesTableLib.h>

 #include <Library/UefiDriverEntryPoint.h>

@@ -2642,6 +2643,22 @@ DriverEntry (

   if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||

       CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){

     DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));

+#if defined (MDE_CPU_AARCH64)

+    //

+    // RHBZ#1844682

+    //

+    // If swtpm / vTPM2 is not being used, this driver should return

+    // EFI_UNSUPPORTED, so that the DXE Core can unload it. However, the

+    // associated error message, logged by the DXE Core to the serial console,

+    // is not desired in the silent edk2-aarch64 build, given that the absence

+    // of swtpm / vTPM2 is nothing out of the ordinary. Therefore, return

+    // success and stay resident. The wasted guest RAM still gets freed after

+    // ExitBootServices().

+    //

+    if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {

+      return EFI_SUCCESS;

+    }

+#endif

     return EFI_UNSUPPORTED;

   }

diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf

index 576cf80d06..851471afb7 100644

--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf

+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf

@@ -55,6 +55,7 @@

   UefiRuntimeServicesTableLib

   BaseMemoryLib

   DebugLib

+  DebugPrintErrorLevelLib

   Tpm2CommandLib

   PrintLib

   UefiLib

-- 

2.27.0