diff options
Diffstat (limited to '0016-SecurityPkg-Introduce-new-PCD-PcdRandomizePlatformHi.patch')
| -rw-r--r-- | 0016-SecurityPkg-Introduce-new-PCD-PcdRandomizePlatformHi.patch | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/0016-SecurityPkg-Introduce-new-PCD-PcdRandomizePlatformHi.patch b/0016-SecurityPkg-Introduce-new-PCD-PcdRandomizePlatformHi.patch new file mode 100644 index 0000000..6b096da --- /dev/null +++ b/0016-SecurityPkg-Introduce-new-PCD-PcdRandomizePlatformHi.patch @@ -0,0 +1,53 @@ +From 0282acbc3dee92ee04f1a212ca3f4c77e8b97207 Mon Sep 17 00:00:00 2001 +From: Stefan Berger <stefanb@linux.vnet.ibm.com> +Date: Mon, 13 Sep 2021 22:21:01 +0800 +Subject: [PATCH 5/8] SecurityPkg: Introduce new PCD + PcdRandomizePlatformHierarchy + +Introduce the new PCD +gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy. +We need it for TpmPlatformHierarchyLib. + +Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> +Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> +--- + .../PeiDxeTpmPlatformHierarchyLib.inf | 3 +-- + SecurityPkg/SecurityPkg.dec | 6 ++++++ + 2 files changed, 7 insertions(+), 2 deletions(-) + +diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +index 7bf666794f..efe560e7ff 100644 +--- a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf ++++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +@@ -35,10 +35,9 @@ + MdeModulePkg/MdeModulePkg.dec
+ SecurityPkg/SecurityPkg.dec
+ CryptoPkg/CryptoPkg.dec
+- MinPlatformPkg/MinPlatformPkg.dec
+
+ [Sources]
+ PeiDxeTpmPlatformHierarchyLib.c
+
+ [Pcd]
+- gMinPlatformPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy
++ gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy
+diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec +index 5335cc5397..276ea6e2dd 100644 +--- a/SecurityPkg/SecurityPkg.dec ++++ b/SecurityPkg/SecurityPkg.dec +@@ -291,6 +291,12 @@ + # @Prompt Physical presence of the platform operator.
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x00010001
+
++ ## Indicates whether the TPM2 platform hierarchy will be disabled by using
++ # a random password or by disabling the hierarchy
++ # TRUE - A random password will be used
++ # FALSE - The hierarchy will be disabled
++ gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy|TRUE|BOOLEAN|0x00010024
++
+ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
+ ## Indicates whether TPM physical presence is locked during platform initialization.
+ # Once it is locked, it can not be unlocked for TPM life time.<BR><BR>
+-- +2.27.0 + |