ArmVirtPkg/ArmVirtQemu: enable the TPM2 configuration module

Enable the DXE phase component that publishes the HII pages and
associated logic to enable TPM2 parameters to be configured by
the user via the setup menu.

This patch ports (parts of) the following commits to ArmVirtQemu:

- 3103389043bd ("OvmfPkg: Add TCG2 Configuration menu to the Device
                Manager menu", 2019-02-11)

- cf3ad972a210 ("OvmfPkg: reorganize TPM2 support in DSC/FDF files",
                2020-01-09)

- f55477fe2d62 ("OvmfPkg: use HII type PCDs for TPM2 config related
                variables", 2020-01-09)

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 598ac49b3c403e594a4ed4f0acb20d9eed58b7bb..f93e13987db489b228f9b161bb6dd856aa35eeb3 100644 (file)
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -30,6 +30,7 @@
   DEFINE TTY_TERMINAL            = FALSE\r
   DEFINE SECURE_BOOT_ENABLE      = FALSE\r
   DEFINE TPM2_ENABLE             = FALSE\r
+  DEFINE TPM2_CONFIG_ENABLE      = FALSE\r
 \r
   #\r
   # Network definition\r
@@ -270,6 +271,11 @@
 [PcdsDynamicHii]\r
   gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS\r
 \r
+!if $(TPM2_CONFIG_ENABLE) == TRUE\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS\r
+!endif\r
+\r
 ################################################################################\r
 #\r
 # Components Section - list of all EDK II Modules needed by this Platform\r
@@ -492,6 +498,9 @@
       NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf\r
       NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf\r
   }\r
+!if $(TPM2_CONFIG_ENABLE) == TRUE\r
+  SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf\r
+!endif\r
 !endif\r
 \r
   #\r

diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index a93a9970c8d269a25aff23a8f8a9777b50c0a93e..211f7aeb6f62707861e328fd7281ff970853e142 100644 (file)
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -178,6 +178,9 @@ READ_LOCK_STATUS   = TRUE
   #\r
 !if $(TPM2_ENABLE) == TRUE\r
   INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf\r
+!if $(TPM2_CONFIG_ENABLE) == TRUE\r
+  INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf\r
+!endif\r
 !endif\r
 \r
   #\r