Skip to content

[CHERRY-PICK] Adding TPM over FFA ACPI table revision fix#1786

Merged
kuqin12 merged 3 commits intomicrosoft:release/202511from
kuqin12:tpm_ffa_tbl
May 6, 2026
Merged

[CHERRY-PICK] Adding TPM over FFA ACPI table revision fix#1786
kuqin12 merged 3 commits intomicrosoft:release/202511from
kuqin12:tpm_ffa_tbl

Conversation

@kuqin12
Copy link
Copy Markdown
Contributor

@kuqin12 kuqin12 commented May 6, 2026

Description

This change updates the TPM2 table when using TPM over FFA to support the functionality.

For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

  • Impacts functionality?
  • Impacts security?
  • Breaking change?
  • Includes tests?
  • Includes documentation?

How This Was Tested

This was tested on the latest Windows OS and booted to desktop with expected event log entries.

Integration Instructions

  • To use this revision, the platforms have to update the table revision to 5 through gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|5.
  • The Windows OS has to be updated to the latest to support this new revision. Otherwise, the event logs will not be recorded.

@mu-automation
Copy link
Copy Markdown
Contributor

mu-automation Bot commented May 6, 2026
edited
Loading

✅ QEMU Validation Passed

Source Dependencies

Repository Commit
mu_basecore aca2708
mu_tiano_platforms 49f4d80

Results

Platform Target Build Boot Overall Boot Time Build Logs Boot Logs
Q35 DEBUG ✅ success ✅ success 0m 19s Build Logs Boot Logs
SBSA DEBUG ✅ success ✅ success 0m 29s Build Logs Boot Logs

Workflow run: https://github.com/microsoft/mu_basecore/actions/runs/25455647301

This comment was automatically generated by the Mu QEMU PR Validation workflow.

@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented May 6, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 9 lines in your changes missing coverage. Please review.
⚠️ Please upload report for BASE (release/202511@787e18d). Learn more about missing BASE report.

Files with missing lines Patch % Lines
SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c 0.00% 9 Missing ⚠️
Additional details and impacted files 
@@               Coverage Diff                @@
##             release/202511   #1786   +/-   ##
================================================
  Coverage                  ?   1.59%           
================================================
  Files                     ?     160           
  Lines                     ?   37730           
  Branches                  ?     172           
================================================
  Hits                      ?     601           
  Misses                    ?   37129           
  Partials                  ?       0
Flag Coverage Δ
SecurityPkg 1.59% <0.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@kuqin12 kuqin12 self-assigned this May 6, 2026
@kuqin12 kuqin12 enabled auto-merge (rebase) May 6, 2026 18:43
Raymond-MS
Raymond-MS approved these changes May 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@Raymond-MS Raymond-MS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

kuqin12 added 3 commits May 6, 2026 12:05
@kuqin12
[CHERRY-PICK] SecurityPkg: Tcg2AcpiFfa: Remove Tcg2PhysicalPresenceLi…
6e99917 
…b from dependencies

Current implementation of Tcg2AcpiFfa does not rely on the interfaces
defined in `Tcg2PhysicalPresenceLib`. Carrying it in the module inf could
bring in unnecessary external dependencies and cause loading orders to
change.

This change removes the dependency from the current "LibraryClasses"
list.

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
(cherry picked from commit c60df38f10716f60eab4c617623e5c124b8cc2f7)
@kuqin12
[CHERRY-PICK] SecurityPkg: Tcg2AcpiFfa: Fix endianness of partition ID
c113603 
Current Tcg2AcpiFfa will populate the partition ID in byte order of big-
endian. This conflicts with the TCG ACPI Specification, which specifies
the byte-order to be little-endian.

This change corrects the byte order population process by replacing the
platform parameter byte array with MdePkg defined structure.

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
(cherry picked from commit a270773cce476ed0be9eb9b6370164d1d1fb0796)
@kuqin12
[CHERRY-PICK] SecurityPkg: Tcg2AcpiFfa: Polish revision checks for TP…
aca2708 
…M2 table

Given the start method of FFA is only introduced in revision 5 of the TCG
ACPI specification. A TPM2 table with FFA start method and lower than 5
revision should not be allowed.

This change updates the checks for revision PCD and removed a few
conditions based on new revision 5 assumptions.

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
(cherry picked from commit f1fc41cff2a2022e67da3f9f525f9087cf2de507)
@kuqin12 kuqin12 merged commit 5adc5a4 into microsoft:release/202511 May 6, 2026
56 checks passed
@kuqin12 kuqin12 deleted the tpm_ffa_tbl branch May 6, 2026 20:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@apop5 apop5 apop5 approved these changes

@Raymond-MS Raymond-MS Raymond-MS approved these changes

@cfernald cfernald Awaiting requested review from cfernald

@makubacki makubacki Awaiting requested review from makubacki

@os-d os-d Awaiting requested review from os-d

Assignees

@kuqin12 kuqin12

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kuqin12 @codecov-commenter @apop5 @Raymond-MS