mirror of https://github.com/acidanthera/audk.git
c806b76865
Disable the TPM2 platform hierarchy by directly calling ConfigureTpmPlatformHierarchy(). Per the TCG firmware specification "TCG PC Client Platform Firmware Profile Specification" the TPM 2 platform hierarchy needs to be disabled or a random password set and discarded before the firmware passes control to the next stage bootloader or kernel. Current specs are here: https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_v23_pub.pdf Section 11 states: "Platform Firmware MUST protect access to the Platform Hierarchy and prevent access to the platform hierarchy by non-manufacturer- controlled components." Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3510 Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Sami Mujawar <sami.mujawar@arm.com> |
||
|---|---|---|
| .. | ||
| CloudHvAcpiPlatformDxe | ||
| CloudHvPlatformHasAcpiDtDxe | ||
| FdtClientDxe | ||
| HighMemDxe | ||
| Include | ||
| KvmtoolPlatformDxe | ||
| Library | ||
| PlatformCI | ||
| PlatformHasAcpiDtDxe | ||
| PrePi | ||
| VirtioFdtDxe | ||
| XenAcpiPlatformDxe | ||
| XenPlatformHasAcpiDtDxe | ||
| XenioFdtDxe | ||
| ArmVirt.dsc.inc | ||
| ArmVirtCloudHv.dsc | ||
| ArmVirtCloudHv.fdf | ||
| ArmVirtKvmTool.dsc | ||
| ArmVirtKvmTool.fdf | ||
| ArmVirtPkg.ci.yaml | ||
| ArmVirtPkg.dec | ||
| ArmVirtQemu.dsc | ||
| ArmVirtQemu.fdf | ||
| ArmVirtQemuFvMain.fdf.inc | ||
| ArmVirtQemuKernel.dsc | ||
| ArmVirtQemuKernel.fdf | ||
| ArmVirtRules.fdf.inc | ||
| ArmVirtXen.dsc | ||
| ArmVirtXen.fdf | ||
| VarStore.fdf.inc | ||