[PATCH v3 1/8] OvmfPkg: Move processing of physical presence opcode before End-of-Dxe


Stefan Berger
 

For variable creation and locking to work later on we need to
move the processing of the TPM physical presence opcode to before
End-of-Dxe.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
.../PlatformBootManagerLib/BdsPlatform.c | 20 +++++++++----------
.../PlatformBootManagerLibBhyve/BdsPlatform.c | 18 ++++++++---------
.../PlatformBootManagerLibGrub/BdsPlatform.c | 18 ++++++++---------
3 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg=
/Library/PlatformBootManagerLib/BdsPlatform.c
index 186401296a..2905356fc4 100644
--- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
@@ -371,6 +371,16 @@ PlatformBootManagerBeforeConsole (
//=0D
EfiEventGroupSignal (&gRootBridgesConnectedEventGroupGuid);=0D
=0D
+ // We need to connect all trusted consoles for TCG PP. Here we treat all=
=0D
+ // consoles in OVMF to be trusted consoles.=0D
+ PlatformInitializeConsole (=0D
+ XenDetected() ? gXenPlatformConsole : gPlatformConsole);=0D
+=0D
+ //=0D
+ // Process TPM PPI request; this may require keyboard input=0D
+ //=0D
+ Tcg2PhysicalPresenceLibProcessRequest (NULL);=0D
+=0D
//=0D
// We can't signal End-of-Dxe earlier than this. Namely, End-of-Dxe trig=
gers=0D
// the preparation of S3 system information. That logic has a hard depen=
dency=0D
@@ -388,16 +398,6 @@ PlatformBootManagerBeforeConsole (
SaveS3BootScript ();=0D
}=0D
=0D
- // We need to connect all trusted consoles for TCG PP. Here we treat all=
=0D
- // consoles in OVMF to be trusted consoles.=0D
- PlatformInitializeConsole (=0D
- XenDetected() ? gXenPlatformConsole : gPlatformConsole);=0D
-=0D
- //=0D
- // Process TPM PPI request; this may require keyboard input=0D
- //=0D
- Tcg2PhysicalPresenceLibProcessRequest (NULL);=0D
-=0D
//=0D
// Prevent further changes to LockBoxes or SMRAM.=0D
// Any TPM 2 Physical Presence Interface opcode must be handled before.=
=0D
diff --git a/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c b/Ov=
mfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c
index e767c3b172..950ab12c94 100644
--- a/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c
@@ -366,15 +366,6 @@ PlatformBootManagerBeforeConsole (
//=0D
EfiEventGroupSignal (&gRootBridgesConnectedEventGroupGuid);=0D
=0D
- //=0D
- // We can't signal End-of-Dxe earlier than this. Namely, End-of-Dxe trig=
gers=0D
- // the preparation of S3 system information. That logic has a hard depen=
dency=0D
- // on the presence of the FACS ACPI table. Since our ACPI tables are onl=
y=0D
- // installed after PCI enumeration completes, we must not trigger the S3=
save=0D
- // earlier, hence we can't signal End-of-Dxe earlier.=0D
- //=0D
- EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);=0D
-=0D
// We need to connect all trusted consoles for TCG PP. Here we treat all=
=0D
// consoles in OVMF to be trusted consoles.=0D
PlatformInitializeConsole (gPlatformConsole);=0D
@@ -384,6 +375,15 @@ PlatformBootManagerBeforeConsole (
//=0D
Tcg2PhysicalPresenceLibProcessRequest (NULL);=0D
=0D
+ //=0D
+ // We can't signal End-of-Dxe earlier than this. Namely, End-of-Dxe trig=
gers=0D
+ // the preparation of S3 system information. That logic has a hard depen=
dency=0D
+ // on the presence of the FACS ACPI table. Since our ACPI tables are onl=
y=0D
+ // installed after PCI enumeration completes, we must not trigger the S3=
save=0D
+ // earlier, hence we can't signal End-of-Dxe earlier.=0D
+ //=0D
+ EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);=0D
+=0D
//=0D
// Prevent further changes to LockBoxes or SMRAM.=0D
// Any TPM 2 Physical Presence Interface opcode must be handled before.=
=0D
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c b/Ovm=
fPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
index fd80577355..fbc40dcb68 100644
--- a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
@@ -329,15 +329,6 @@ PlatformBootManagerBeforeConsole (
//=0D
EfiEventGroupSignal (&gRootBridgesConnectedEventGroupGuid);=0D
=0D
- //=0D
- // We can't signal End-of-Dxe earlier than this. Namely, End-of-Dxe trig=
gers=0D
- // the preparation of S3 system information. That logic has a hard depen=
dency=0D
- // on the presence of the FACS ACPI table. Since our ACPI tables are onl=
y=0D
- // installed after PCI enumeration completes, we must not trigger the S3=
save=0D
- // earlier, hence we can't signal End-of-Dxe earlier.=0D
- //=0D
- EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);=0D
-=0D
// We need to connect all trusted consoles for TCG PP. Here we treat all=
=0D
// consoles in OVMF to be trusted consoles.=0D
PlatformInitializeConsole (gPlatformConsole);=0D
@@ -347,6 +338,15 @@ PlatformBootManagerBeforeConsole (
//=0D
Tcg2PhysicalPresenceLibProcessRequest (NULL);=0D
=0D
+ //=0D
+ // We can't signal End-of-Dxe earlier than this. Namely, End-of-Dxe trig=
gers=0D
+ // the preparation of S3 system information. That logic has a hard depen=
dency=0D
+ // on the presence of the FACS ACPI table. Since our ACPI tables are onl=
y=0D
+ // installed after PCI enumeration completes, we must not trigger the S3=
save=0D
+ // earlier, hence we can't signal End-of-Dxe earlier.=0D
+ //=0D
+ EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);=0D
+=0D
//=0D
// Prevent further changes to LockBoxes or SMRAM.=0D
// Any TPM 2 Physical Presence Interface opcode must be handled before.=
=0D
--=20
2.31.1