From f88e9c5bb9b4e50390cc79ca81547f89911a4e0c Mon Sep 17 00:00:00 2001 From: Samer El-Haj-Mahmoud Date: Tue, 18 Aug 2015 05:46:50 +0000 Subject: [PATCH] SecurityPkg: Fixed build error due to FixedAtBuild PcdTcg2HashAlgorithmBitmap PcdTcg2HashAlgorithmBitmap is declared in a section that allows it to be Fixed or PatchableAtBuild, but there is code that sets it. This breaks the build on some platforms. Changed it to be PcdsDynamic and PcdsDynamicEx only. We move PcdTpm2HashMask to Dynamic section too, because now Tcg2Pei will set this PCD according to TPM2 device capability. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Samer El-Haj-Mahmoud" Reviewed-by: "Yao, Jiewen" git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18233 6f19259b-4bc3-4df7-8a09-765794883524 --- SecurityPkg/SecurityPkg.dec | 35 +++++++++++++++++++---------------- 1 file changed, 19 insertions(+), 16 deletions(-) diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 48f714f289..63f67da5bb 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -6,6 +6,7 @@ # and libraries instances, which are used for those features. # # Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+# (C) Copyright 2015 Hewlett Packard Enterprise Development LP
# This program and the accompanying materials are licensed and made available under # the terms and conditions of the BSD License which accompanies this distribution. # The full text of the license may be found at @@ -354,17 +355,6 @@ # @Prompt TPM device type identifier gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid |{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }|VOID*|0x0001000F - ## This PCD indicates Hash mask for TPM 2.0.

- # If this bit is set, that means this algorithm is needed to extend to PCR.
- # If this bit is clear, that means this algorithm is NOT needed to extend to PCR.
- # BIT0 - SHA1.
- # BIT1 - SHA256.
- # BIT2 - SHA384.
- # BIT3 - SHA512.
- # @Prompt Hash mask for TPM 2.0 - # @ValidRange 0x80000001 | 0x00000000 - 0x0000000F - gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000000F|UINT32|0x00010010 - ## This PCD indicates if BIOS auto detect TPM1.2 or dTPM2.0.

# FALSE - No auto detection.
# TRUE - Auto detection.
@@ -375,11 +365,6 @@ # @Prompt TPM device address. gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0xFED40000|UINT64|0x00010012 - ## This PCD indicated final BIOS supported Hash mask. - # Bios may choose to register a subset of PcdTpm2HashMask. - # So this PCD is final value of how many hash algo is extended to PCR. - gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|0xFFFFFFFF|UINT32|0x00010016 - ## This PCR means the OEM configurated number of PCR banks. # 0 means dynamic get from supported HASH algorithm gEfiSecurityPkgTokenSpaceGuid.PcdTcg2NumberOfPCRBanks|0x0|UINT32|0x00010015 @@ -389,6 +374,24 @@ # @Prompt One or more SHA 256 Hashes of RSA 2048 bit public keys used to verify Recovery and Capsule Update images # gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013 + +[PcdsDynamic, PcdsDynamicEx] + + ## This PCD indicates Hash mask for TPM 2.0.

+ # If this bit is set, that means this algorithm is needed to extend to PCR.
+ # If this bit is clear, that means this algorithm is NOT needed to extend to PCR.
+ # BIT0 - SHA1.
+ # BIT1 - SHA256.
+ # BIT2 - SHA384.
+ # BIT3 - SHA512.
+ # @Prompt Hash mask for TPM 2.0 + # @ValidRange 0x80000001 | 0x00000000 - 0x0000000F + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000000F|UINT32|0x00010010 + + ## This PCD indicated final BIOS supported Hash mask. + # Bios may choose to register a subset of PcdTpm2HashMask. + # So this PCD is final value of how many hash algo is extended to PCR. + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|0xFFFFFFFF|UINT32|0x00010016 [UserExtensions.TianoCore."ExtraFiles"] SecurityPkgExtra.uni -- 2.39.2