render / rpms / edk2

Forked from rpms/edk2 2 months ago
Clone

Blame SOURCES/0026-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch

0e3eb6
From fd19e4e33d52e843e6e35adde2c1e266497e8a7b Mon Sep 17 00:00:00 2001
1d2c45
From: Laszlo Ersek <lersek@redhat.com>
1d2c45
Date: Wed, 24 Jun 2020 11:40:09 +0200
b6c182
Subject: SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent aa64 build
b6c182
 (RH)
b6c182
b6c182
Notes about the RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] ->
b6c182
RHEL-8.5/20210520-e1999b264f1f [edk2-stable202105] rebase:
b6c182
b6c182
- Remove obsolete commit message tags related to downstream patch
b6c182
  management: Message-id, Patchwork-id, O-Subject, Acked-by, From,
b6c182
  RH-Acked-by, RH-Author (RHBZ#1846481).
1d2c45
1d2c45
Bugzilla: 1844682
1d2c45
1d2c45
If swtpm / vTPM2 is not being used, Tcg2Dxe should return EFI_UNSUPPORTED,
1d2c45
so that the DXE Core can unload it. However, the associated error message,
1d2c45
logged by the DXE Core to the serial console, is not desired in the silent
1d2c45
edk2-aarch64 build, given that the absence of swtpm / vTPM2 is nothing out
1d2c45
of the ordinary. Therefore, return success and stay resident. The wasted
1d2c45
guest RAM still gets freed after ExitBootServices().
1d2c45
1d2c45
(Inspired by RHEL-8.1.0 commit aaaedc1e2cfd.)
1d2c45
1d2c45
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
1d2c45
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
b6c182
(cherry picked from commit cbce29f7749477e271f9764fed82de94724af5df)
1d2c45
---
1d2c45
 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c   | 17 +++++++++++++++++
1d2c45
 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf |  1 +
1d2c45
 2 files changed, 18 insertions(+)
1d2c45
1d2c45
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
b6c182
index 6d17616c1c..f1a97d4b2d 100644
1d2c45
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
1d2c45
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
1d2c45
@@ -28,6 +28,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
1d2c45
 #include <Protocol/ResetNotification.h>
1d2c45
 
1d2c45
 #include <Library/DebugLib.h>
1d2c45
+#include <Library/DebugPrintErrorLevelLib.h>
1d2c45
 #include <Library/BaseMemoryLib.h>
1d2c45
 #include <Library/UefiRuntimeServicesTableLib.h>
1d2c45
 #include <Library/UefiDriverEntryPoint.h>
1d2c45
@@ -2642,6 +2643,22 @@ DriverEntry (
1d2c45
   if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||
1d2c45
       CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){
1d2c45
     DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));
1d2c45
+#if defined (MDE_CPU_AARCH64)
1d2c45
+    //
1d2c45
+    // RHBZ#1844682
1d2c45
+    //
1d2c45
+    // If swtpm / vTPM2 is not being used, this driver should return
1d2c45
+    // EFI_UNSUPPORTED, so that the DXE Core can unload it. However, the
1d2c45
+    // associated error message, logged by the DXE Core to the serial console,
1d2c45
+    // is not desired in the silent edk2-aarch64 build, given that the absence
1d2c45
+    // of swtpm / vTPM2 is nothing out of the ordinary. Therefore, return
1d2c45
+    // success and stay resident. The wasted guest RAM still gets freed after
1d2c45
+    // ExitBootServices().
1d2c45
+    //
1d2c45
+    if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
1d2c45
+      return EFI_SUCCESS;
1d2c45
+    }
1d2c45
+#endif
1d2c45
     return EFI_UNSUPPORTED;
1d2c45
   }
1d2c45
 
1d2c45
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
b6c182
index 7dc7a2683d..3bc8833931 100644
1d2c45
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
1d2c45
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
1d2c45
@@ -55,6 +55,7 @@
1d2c45
   UefiRuntimeServicesTableLib
1d2c45
   BaseMemoryLib
1d2c45
   DebugLib
1d2c45
+  DebugPrintErrorLevelLib
1d2c45
   Tpm2CommandLib
1d2c45
   PrintLib
1d2c45
   UefiLib
1d2c45
-- 
1d2c45
2.27.0
1d2c45