From 3103389043bd7389fd7cef3eb291a2150af8b929 Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Fri, 25 Jan 2019 16:30:29 -0500 Subject: OvmfPkg: Add TCG2 Configuration menu to the Device Manager menu MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch adds the TCG2 Configuration menu to the Device Manager menu. We can apparently reuse the sample Tcg2ConfigDxe from SecurityPkg/Tcg/Tcg2Config without obvious adverse effects. The added TCG2 Configuration menu now shows details about the attached TPM 2.0 and lets one for example configure the active PCR banks or issue commands, among other things. The code is added to Ovmf by building with -DTPM2_ENABLE and -DTPM2_CONFIG_ENABLE. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Stefan Berger Reviewed-by: Laszlo Ersek Reviewed-by: Marc-André Lureau --- OvmfPkg/OvmfPkgIa32.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32.fdf | 3 +++ OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32X64.fdf | 3 +++ OvmfPkg/OvmfPkgX64.dsc | 4 ++++ OvmfPkg/OvmfPkgX64.fdf | 3 +++ 6 files changed, 21 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index aee19b75d7..2b642ab5dc 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -40,6 +40,7 @@ DEFINE SMM_REQUIRE = FALSE DEFINE TLS_ENABLE = FALSE DEFINE TPM2_ENABLE = FALSE + DEFINE TPM2_CONFIG_ENABLE = FALSE # # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly to @@ -632,6 +633,9 @@ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index e013099136..4999403ad7 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -381,6 +381,9 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf !if $(TPM2_ENABLE) == TRUE INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +!if $(TPM2_CONFIG_ENABLE) == TRUE +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif ################################################################################ diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 90cbd8e341..14a5c1bb29 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -40,6 +40,7 @@ DEFINE SMM_REQUIRE = FALSE DEFINE TLS_ENABLE = FALSE DEFINE TPM2_ENABLE = FALSE + DEFINE TPM2_CONFIG_ENABLE = FALSE # # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly to @@ -640,6 +641,9 @@ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif [Components.X64] diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index afaa334384..d0cc107928 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -388,6 +388,9 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf !if $(TPM2_ENABLE) == TRUE INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +!if $(TPM2_CONFIG_ENABLE) == TRUE +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif ################################################################################ diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 83d16eb00b..aa7197f533 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -40,6 +40,7 @@ DEFINE SMM_REQUIRE = FALSE DEFINE TLS_ENABLE = FALSE DEFINE TPM2_ENABLE = FALSE + DEFINE TPM2_CONFIG_ENABLE = FALSE # # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly to @@ -639,6 +640,9 @@ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index afaa334384..d0cc107928 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -388,6 +388,9 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf !if $(TPM2_ENABLE) == TRUE INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +!if $(TPM2_CONFIG_ENABLE) == TRUE +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif !endif ################################################################################ -- cgit v1.2.3