]> git.proxmox.com Git - mirror_edk2.git/commitdiff
projects / mirror_edk2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2906e57)
SecurityPkg: Introduce new PCD PcdRandomizePlatformHierarchy
authorStefan Berger <stefanb@linux.vnet.ibm.com>
Mon, 13 Sep 2021 14:21:01 +0000 (22:21 +0800)
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Mon, 13 Sep 2021 16:53:14 +0000 (16:53 +0000)
Introduce the new PCD
gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy.
We need it for TpmPlatformHierarchyLib.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf patch | blob | blame | history
SecurityPkg/SecurityPkg.dec patch | blob | blame | history

diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
index 7bf666794f18e6af7dd21bb887aad1160d78e30c..efe560e7ff32c9ed417703242a1496479b9d5297 100644 (file)
--- a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
+++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
@@ -35,10 +35,9 @@
   MdeModulePkg/MdeModulePkg.dec\r
   SecurityPkg/SecurityPkg.dec\r
   CryptoPkg/CryptoPkg.dec\r
-  MinPlatformPkg/MinPlatformPkg.dec\r
 \r
 [Sources]\r
   PeiDxeTpmPlatformHierarchyLib.c\r
 \r
 [Pcd]\r
-  gMinPlatformPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy\r
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index d5ace6f654498f90365f542eca13f6de4c2bb007..2cb5bfa0acd0ad1b3f09fa905964173eeb38da7e 100644 (file)
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -342,6 +342,12 @@
   # @Prompt Physical presence of the platform operator.\r
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x00010001\r
 \r
+  ## Indicates whether the TPM2 platform hierarchy will be disabled by using\r
+  #  a random password or by disabling the hierarchy\r
+  #   TRUE  - A random password will be used\r
+  #   FALSE - The hierarchy will be disabled\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy|TRUE|BOOLEAN|0x00010024\r
+\r
 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]\r
   ## Indicates whether TPM physical presence is locked during platform initialization.\r
   #  Once it is locked, it can not be unlocked for TPM life time.<BR><BR>\r
EFI Development Kit II mirror for PVE