Adding TPM 2.0 support to UEFI Payload

[AndrewFalanga]

Hello,

I'm currently working to add support for a TPM into my UEFI Payload for Slimbootloader. I'm trying to get the right "cocktail" of libraries and modules from the SecurityPkg but seem to be meeting with difficulty. I have verified through serial output during boot that Slimbootloader is finding the TPM and initializing it. This is verified by the presence of

...
TPM2Startup: TPM_RC_SUCCESS
..
TPM initialization completed succesfully

in the serial output from the processor. However, whenever the UEFI payload starts I am greeted with:

Loading driver at ... Tcg2Dxe.efi
WARNING: Tpm2RegisterTpm2DeviceLib - does not support <GUID of gEfiTcg2Protocol> registration
TPM2 not detected

I know that this comes from the Tpm2DeviceLibRouter library which I'm using in my declaration of Tcg2Dxe. I'm taking "inspiration" for my declaration from the OVMF declaration of Tcg2Dxe.

With limited documentation in SecurityPkg I'm referencing the UEFI spec, the TCG spec and whatever else I can find from Google searches. These explain a lot of "higher" level pieces, but not how to establish communication with the hardware.

The implementation of Tcg2Dxe.c seems to indicate that there is something of a "chicken-and-the-egg" situation for which one must adjust. How does one do this?

I suspect that I have to use something "concrete" for a Tcg2PpVendor*Lib and I'm currently using SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.Inf. Anything with "Null" in the name is probably not what I need. I'm not sure where to turn. Since Slimbootloader is doing a lot of what PEI would do (if I understand correctly) in it's 1A and 1B stages, I'm hesitant to put PEI drivers into the UEFI Payload.

Since this isn't a programming question, I expect I'm missing something in correct configuration of my UefiPayloadPkg.dsc file mods (and subsequent UefiPayloadPkg.fdf).

Thanks,
Andy