discuss@edk2.groups.io | OvmfPkgX64.dsc - how to enable MOR and MORlock variables in firmware

Home Messages Hashtags

Date Date 1 - 3 of 3

OvmfPkgX64.dsc - how to enable MOR and MORlock variables in firmware

Abhimanyu Singh #1249 Hi everyone, I am attempting to boot built firmware images of OvmfPkgX64 using QEMU. The reason I am doing this is so that I can investigate MOR and MORlock UEFI variables, and for this to happen they need to be enabled and set in the firmware. To start, I have built the firmware with the following flags enabled: build -a X64 -p edk2/OvmfPkg/OvmfPkgX64.dsc -b DEBUG -t GCCdm5 -n 56 -D SECURE_BOOT_ENABLE -D SMM_REQUIRE -D DEBUG_ON_SERIAL_PORT I included SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf in OvmfPkgX64.dsc file, and I noticed that the build picks up this module. When I boot the firmware with QEMU using this command: qemu-system-x86_64 -machine q35,smm=on,accel=kvm -m 2048M -smp 1 \ -global driver=cfi.pflash01,property=secure,value=on \ -drive if=pflash,format=raw,unit=0,file=OVMF_CODE.fd,readonly=on \ -drive if=pflash,format=raw,unit=1,file=OVMF_VARS.fd \ -global ICH9-LPC.disable_s3=1 \ --nographic I am unable to see the TcgMor driver get loaded at any point, and the UEFI variables are not present when I run dmpstore -all. I am stuck on trying to figure out what I am still missing. Is TPM 2.0 a requirement for a platform to create these MOR/MORlock variables in firmware? How does the
More All Messages By This Member
Abhimanyu Singh #1250 Hi everyone, I am attempting to boot firmware images of OvmfPkgX64 using QEMU. The reason I am doing this is so that I can investigate MOR and MORlock UEFI variables in the UEFI shell, and for this to happen they need to be enabled and set in the firmware. To start, I have built the firmware with the following flags enabled: build -a X64 -p edk2/OvmfPkg/OvmfPkgX64.dsc -b DEBUG -t GCCdm5 -n 56 -D SECURE_BOOT_ENABLE -D SMM_REQUIRE -D DEBUG_ON_SERIAL_PORT I included SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf in OvmfPkgX64.dsc file, and I noticed that the build picks up this module. When I boot the firmware with QEMU using this command: qemu-system-x86_64 -machine q35,smm=on,accel=kvm -m 2048M -smp 1 \ -global driver=cfi.pflash01,property=secure,value=on \ -drive if=pflash,format=raw,unit=0,file=OVMF_CODE.fd,readonly=on \ -drive if=pflash,format=raw,unit=1,file=OVMF_VARS.fd \ -global ICH9-LPC.disable_s3=1 \ --nographic I am unable to see the TcgMor driver get loaded at any point, and the UEFI variables are not present when I run dmpstore -all. I am stuck on trying to figure out what I am still missing. Is TPM 2.0 a requirement for a platform to create these MOR/MORlock variables in firmware? How does the MorDriverEntryPoint get called? I apologize for my lack of understanding, but I am still getting up to speed with edk2. Thank you, Abhi
More All Messages By This Member
Abhimanyu Singh #1252 Disregard this message as it is a duplicate of https://edk2.groups.io/g/discuss/message/1250.
More All Messages By This Member

1 - 3 of 3

1

Previous Topic Next Topic

Home Hashtags About Features Pricing Updates Terms Help Twitter