diff options
Diffstat (limited to '0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch')
| -rw-r--r-- | 0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch b/0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch new file mode 100644 index 0000000..02d0290 --- /dev/null +++ b/0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch @@ -0,0 +1,79 @@ +From de3d6fb999bd464f08c11b879cb4587295f3c0b1 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek <lersek@redhat.com> +Date: Wed, 24 Jun 2020 11:40:09 +0200 +Subject: [PATCH] SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent + aa64 build (RH) + +Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] -> +RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase: + +- Remove obsolete commit message tags related to downstream patch + management: Message-id, Patchwork-id, O-Subject, Acked-by, From, + RH-Acked-by, RH-Author (RHBZ#1846481). + +Bugzilla: 1844682 + +If swtpm / vTPM2 is not being used, Tcg2Dxe should return EFI_UNSUPPORTED, +so that the DXE Core can unload it. However, the associated error message, +logged by the DXE Core to the serial console, is not desired in the silent +edk2-aarch64 build, given that the absence of swtpm / vTPM2 is nothing out +of the ordinary. Therefore, return success and stay resident. The wasted +guest RAM still gets freed after ExitBootServices(). + +(Inspired by RHEL-8.1.0 commit aaaedc1e2cfd.) + +Signed-off-by: Laszlo Ersek <lersek@redhat.com> +Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com> +(cherry picked from commit cbce29f7749477e271f9764fed82de94724af5df) +--- + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 17 +++++++++++++++++ + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf | 1 + + 2 files changed, 18 insertions(+) + +diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c +index b55b6c12d2..0be885c391 100644 +--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c ++++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c +@@ -29,6 +29,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent + #include <Protocol/ResetNotification.h>
+
+ #include <Library/DebugLib.h>
++#include <Library/DebugPrintErrorLevelLib.h> + #include <Library/BaseMemoryLib.h>
+ #include <Library/UefiRuntimeServicesTableLib.h>
+ #include <Library/UefiDriverEntryPoint.h>
+@@ -2743,6 +2744,22 @@ DriverEntry ( + CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid))
+ {
+ DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));
++#if defined (MDE_CPU_AARCH64) ++ // ++ // RHBZ#1844682 ++ // ++ // If swtpm / vTPM2 is not being used, this driver should return ++ // EFI_UNSUPPORTED, so that the DXE Core can unload it. However, the ++ // associated error message, logged by the DXE Core to the serial console, ++ // is not desired in the silent edk2-aarch64 build, given that the absence ++ // of swtpm / vTPM2 is nothing out of the ordinary. Therefore, return ++ // success and stay resident. The wasted guest RAM still gets freed after ++ // ExitBootServices(). ++ // ++ if (GetDebugPrintErrorLevel () == DEBUG_ERROR) { ++ return EFI_SUCCESS; ++ } ++#endif + return EFI_UNSUPPORTED;
+ }
+
+diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +index a645474bf3..dbb7a52f33 100644 +--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf ++++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +@@ -55,6 +55,7 @@ + UefiRuntimeServicesTableLib
+ BaseMemoryLib
+ DebugLib
++ DebugPrintErrorLevelLib + Tpm2CommandLib
+ PrintLib
+ UefiLib
|