Hi Stefan I think it might OK to add commands to Tpm2CommandLib, as long as there is valid usage. Would you please help to describe more on a whole picture on below 2 cases? E.g. Why and how TPM firmware upgrade use this command in BIOS? Why and how OEM delegate TPM_RH_PLATFORM role, and for which TPM command, as example?
Do you think TPM2_SetPrimaryPolicy is only missing command, or there are more needed in above 2 cases? Like TPM2_CreatePrimary? Thank you Yao Jiewen -----Original Message----- From: stefan.kae...@infineon.com [mailto:stefan.kae...@infineon.com] Sent: Friday, November 14, 2014 12:10 AM To: edk2-devel@lists.sourceforge.net Subject: [edk2] SecurityPkg: TPM2_SetPrimaryPolicy command Hello! Would it be possible to add the command TPM2_SetPrimaryPolicy to Tpm2CommandLib? The command is required to set platformPolicy and use cases are: * OEM/BIOS sets platformPolicy to authorize TPM firmware upgrade. * OEM/BIOS delegates the TPM_RH_PLATFORM role for a specific TPM command. For further information on the command please refer to chapter 24.3 in http://www.trustedcomputinggroup.org/files/static_page_files/8C68ADA8-1A4B-B294-D0FC06D3773F7DAA/TPM%20Rev%202.0%20Part%203%20-%20Commands%2001.16-code.pdf. Regards, Stefan Stefan Käser Infineon Technologies AG CCS TI SWT SW PC Staff Engineer Software Development Phone: +49 (0)821 25851 65 Fax: +49 (0)821 25851 40 stefan.kae...@infineon.com<mailto:stefan.kae...@infineon.com> ***** VISIT US AT: http://www.infineon.com ***** Infineon Technologies AG Chairman of the Supervisory Board: Wolfgang Mayrhuber Management Board: Dr. Reinhard Ploss (CEO), Dominik Asam, Arunjai Mittal Registered Office: Neubiberg Commercial Register: München HRB 126492 This e-mail and any attachments are confidential. They are intended solely for the attention and use of the named addressee(s). If you are not the named addressee(s) you must not use, disclose, retain or reproduce all or any part of the information contained in this e-mail or any attachments. Any unauthorized use or disclosure may be unlawful. If you have received this e-mail by mistake, please inform the sender immediately and delete it and all copies from your system and destroy any hard copies of it. ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
