render / rpms / edk2

Forked from rpms/edk2 2 months ago
Clone

Blame SOURCES/edk2-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch

82dd91
From cbce29f7749477e271f9764fed82de94724af5df Mon Sep 17 00:00:00 2001
82dd91
From: Laszlo Ersek <lersek@redhat.com>
82dd91
Date: Wed, 24 Jun 2020 11:40:09 +0200
82dd91
Subject: [PATCH 3/3] SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent
82dd91
 aa64 build (RH)
82dd91
MIME-Version: 1.0
82dd91
Content-Type: text/plain; charset=UTF-8
82dd91
Content-Transfer-Encoding: 8bit
82dd91
82dd91
RH-Author: Laszlo Ersek <lersek@redhat.com>
82dd91
Message-id: <20200615080105.11859-4-lersek@redhat.com>
82dd91
Patchwork-id: 97534
82dd91
O-Subject: [RHEL-8.3.0 edk2 PATCH 3/3] SecurityPkg/Tcg2Dxe: suppress error on no swtpm in silent aa64 build (RH)
82dd91
Bugzilla: 1844682
82dd91
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
82dd91
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
82dd91
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
82dd91
82dd91
If swtpm / vTPM2 is not being used, Tcg2Dxe should return EFI_UNSUPPORTED,
82dd91
so that the DXE Core can unload it. However, the associated error message,
82dd91
logged by the DXE Core to the serial console, is not desired in the silent
82dd91
edk2-aarch64 build, given that the absence of swtpm / vTPM2 is nothing out
82dd91
of the ordinary. Therefore, return success and stay resident. The wasted
82dd91
guest RAM still gets freed after ExitBootServices().
82dd91
82dd91
(Inspired by RHEL-8.1.0 commit aaaedc1e2cfd.)
82dd91
82dd91
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
82dd91
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
82dd91
---
82dd91
 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c   | 17 +++++++++++++++++
82dd91
 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf |  1 +
82dd91
 2 files changed, 18 insertions(+)
82dd91
82dd91
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
82dd91
index 9a5f987e68..da2153cb25 100644
82dd91
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
82dd91
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
82dd91
@@ -28,6 +28,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
82dd91
 #include <Protocol/ResetNotification.h>
82dd91
 
82dd91
 #include <Library/DebugLib.h>
82dd91
+#include <Library/DebugPrintErrorLevelLib.h>
82dd91
 #include <Library/BaseMemoryLib.h>
82dd91
 #include <Library/UefiRuntimeServicesTableLib.h>
82dd91
 #include <Library/UefiDriverEntryPoint.h>
82dd91
@@ -2642,6 +2643,22 @@ DriverEntry (
82dd91
   if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||
82dd91
       CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){
82dd91
     DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));
82dd91
+#if defined (MDE_CPU_AARCH64)
82dd91
+    //
82dd91
+    // RHBZ#1844682
82dd91
+    //
82dd91
+    // If swtpm / vTPM2 is not being used, this driver should return
82dd91
+    // EFI_UNSUPPORTED, so that the DXE Core can unload it. However, the
82dd91
+    // associated error message, logged by the DXE Core to the serial console,
82dd91
+    // is not desired in the silent edk2-aarch64 build, given that the absence
82dd91
+    // of swtpm / vTPM2 is nothing out of the ordinary. Therefore, return
82dd91
+    // success and stay resident. The wasted guest RAM still gets freed after
82dd91
+    // ExitBootServices().
82dd91
+    //
82dd91
+    if (GetDebugPrintErrorLevel () == DEBUG_ERROR) {
82dd91
+      return EFI_SUCCESS;
82dd91
+    }
82dd91
+#endif
82dd91
     return EFI_UNSUPPORTED;
82dd91
   }
82dd91
 
82dd91
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
82dd91
index 576cf80d06..851471afb7 100644
82dd91
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
82dd91
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
82dd91
@@ -55,6 +55,7 @@
82dd91
   UefiRuntimeServicesTableLib
82dd91
   BaseMemoryLib
82dd91
   DebugLib
82dd91
+  DebugPrintErrorLevelLib
82dd91
   Tpm2CommandLib
82dd91
   PrintLib
82dd91
   UefiLib
82dd91
-- 
82dd91
2.27.0
82dd91