From e07eb9afab8b516b227b9cc312a7e5b67c55d550 Mon Sep 17 00:00:00 2001 From: Mario Limonciello Date: Fri, 29 Jul 2022 00:36:15 -0500 Subject: [PATCH] trivial: pci-psp: Link FwupdBiosAttr to FwupdSecurityAttr when TSME off Lenovo Z13 offers a BIOS setting called "TSME" that can be potentially controlled from firmware-attributes API. --- plugins/pci-psp/fu-plugin-pci-psp.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/plugins/pci-psp/fu-plugin-pci-psp.c b/plugins/pci-psp/fu-plugin-pci-psp.c index 4b311862a..d48e51f15 100644 --- a/plugins/pci-psp/fu-plugin-pci-psp.c +++ b/plugins/pci-psp/fu-plugin-pci-psp.c @@ -52,8 +52,9 @@ fu_plugin_pci_psp_get_attr(FwupdSecurityAttr *attr, } static void -fu_plugin_add_security_attrs_tsme(const gchar *path, FuSecurityAttrs *attrs) +fu_plugin_add_security_attrs_tsme(FuPlugin *plugin, const gchar *path, FuSecurityAttrs *attrs) { + FwupdBiosAttr *bios_attr; g_autoptr(FwupdSecurityAttr) attr = NULL; g_autoptr(GError) error_local = NULL; gboolean val; @@ -67,6 +68,13 @@ fu_plugin_add_security_attrs_tsme(const gchar *path, FuSecurityAttrs *attrs) return; } + /* BIOS knob used on Lenovo systems */ + bios_attr = fu_context_get_bios_attr(fu_plugin_get_context(plugin), "com.thinklmi.TSME"); + if (bios_attr != NULL) { + fwupd_security_attr_set_bios_attr_id(attr, fwupd_bios_attr_get_id(bios_attr)); + fu_bios_attr_set_preferred_value(bios_attr, "enable"); + } + if (!val) { fwupd_security_attr_set_result(attr, FWUPD_SECURITY_ATTR_RESULT_NOT_ENCRYPTED); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_ACTION_CONFIG_FW); @@ -267,7 +275,7 @@ fu_plugin_pci_psp_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) return; } - fu_plugin_add_security_attrs_tsme(sysfs_path, attrs); + fu_plugin_add_security_attrs_tsme(plugin, sysfs_path, attrs); fu_plugin_add_security_attrs_fused_part(sysfs_path, attrs); fu_plugin_add_security_attrs_debug_locked_part(sysfs_path, attrs); fu_plugin_add_security_attrs_rollback_protection(sysfs_path, attrs);