mirror of https://github.com/acidanthera/audk.git
c806b76865
Disable the TPM2 platform hierarchy by directly calling ConfigureTpmPlatformHierarchy(). Per the TCG firmware specification "TCG PC Client Platform Firmware Profile Specification" the TPM 2 platform hierarchy needs to be disabled or a random password set and discarded before the firmware passes control to the next stage bootloader or kernel. Current specs are here: https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_v23_pub.pdf Section 11 states: "Platform Firmware MUST protect access to the Platform Hierarchy and prevent access to the platform hierarchy by non-manufacturer- controlled components." Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3510 Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Sami Mujawar <sami.mujawar@arm.com> |
||
|---|---|---|
| .. | ||
| ArmVirtDxeHobLib | ||
| ArmVirtGicArchLib | ||
| ArmVirtMemoryInitPeiLib | ||
| ArmVirtPL031FdtClientLib | ||
| ArmVirtPciHostBridgeUtilityLib | ||
| ArmVirtPsciResetSystemLib | ||
| ArmVirtPsciResetSystemPeiLib | ||
| ArmVirtTimerFdtClientLib | ||
| BaseCachingPciExpressLib | ||
| Fdt16550SerialPortHookLib | ||
| FdtPL011SerialPortLib | ||
| FdtPciHostBridgeLib | ||
| FdtPciPcdProducerLib | ||
| KvmtoolPlatformPeiLib | ||
| KvmtoolRtcFdtClientLib | ||
| KvmtoolVirtMemInfoLib | ||
| NorFlashKvmtoolLib | ||
| NorFlashQemuLib | ||
| PlatformBootManagerLib | ||
| PlatformPeiLib | ||
| QemuFwCfgLib | ||
| QemuVirtMemInfoLib | ||
| XenArmGenericTimerVirtCounterLib | ||
| XenVirtMemInfoLib | ||