## @file\r
# EFI/Framework Open Virtual Machine Firmware (OVMF) platform\r
#\r
-# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>\r
+# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
#\r
# This program and the accompanying materials\r
DEFINE HTTP_BOOT_ENABLE = FALSE\r
DEFINE SMM_REQUIRE = FALSE\r
DEFINE TLS_ENABLE = FALSE\r
+ DEFINE TPM2_ENABLE = FALSE\r
\r
#\r
# Flash size selection. Setting FD_SIZE_IN_KB on the command line directly to\r
!ifdef $(FD_SIZE_4MB)\r
DEFINE FD_SIZE_IN_KB = 4096\r
!else\r
- DEFINE FD_SIZE_IN_KB = 2048\r
+ DEFINE FD_SIZE_IN_KB = 4096\r
!endif\r
!endif\r
!endif\r
GCC:RELEASE_*_*_CC_FLAGS = -DMDEPKG_NDEBUG\r
INTEL:RELEASE_*_*_CC_FLAGS = /D MDEPKG_NDEBUG\r
MSFT:RELEASE_*_*_CC_FLAGS = /D MDEPKG_NDEBUG\r
+!if $(TOOL_CHAIN_TAG) != "XCODE5"\r
GCC:*_*_*_CC_FLAGS = -mno-mmx -mno-sse\r
+!endif\r
!ifdef $(SOURCE_DEBUG_ENABLE)\r
MSFT:*_*_X64_GENFW_FLAGS = --keepexceptiontable\r
GCC:*_*_X64_GENFW_FLAGS = --keepexceptiontable\r
\r
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]\r
GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000\r
+ XCODE:*_*_*_DLINK_FLAGS =\r
\r
# Force PE/COFF sections to be aligned at 4KB boundaries to support page level\r
# protection of DXE_SMM_DRIVER/SMM_CORE modules\r
[BuildOptions.common.EDKII.DXE_SMM_DRIVER, BuildOptions.common.EDKII.SMM_CORE]\r
GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000\r
+ XCODE:*_*_*_DLINK_FLAGS =\r
\r
################################################################################\r
#\r
PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf\r
BaseMemoryLib|MdePkg/Library/BaseMemoryLibRepStr/BaseMemoryLibRepStr.inf\r
BaseLib|MdePkg/Library/BaseLib/BaseLib.inf\r
+ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf\r
+ BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf\r
SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf\r
CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf\r
PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf\r
PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf\r
PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf\r
PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf\r
- IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf\r
+ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf\r
OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf\r
SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf\r
MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf\r
DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf\r
UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf\r
SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf\r
- QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf\r
+ QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf\r
VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf\r
LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf\r
+ MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf\r
!if $(SMM_REQUIRE) == FALSE\r
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf\r
!endif\r
TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf\r
!endif\r
\r
+ ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf\r
S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf\r
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf\r
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf\r
XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf\r
\r
+!if $(TPM2_ENABLE) == TRUE\r
+ Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf\r
+ Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf\r
+ Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf\r
+!endif\r
+\r
[LibraryClasses.common]\r
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf\r
\r
!ifdef $(DEBUG_ON_SERIAL_PORT)\r
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf\r
!else\r
- DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf\r
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformRomDebugLibIoPort.inf\r
!endif\r
ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf\r
ExtractGuidedSectionLib|MdePkg/Library/BaseExtractGuidedSectionLib/BaseExtractGuidedSectionLib.inf\r
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf\r
MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf\r
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf\r
+ PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf\r
+ QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf\r
+\r
+!if $(TPM2_ENABLE) == TRUE\r
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf\r
+!endif\r
\r
[LibraryClasses.common.DXE_CORE]\r
HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf\r
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf\r
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf\r
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf\r
+!if $(TPM2_ENABLE) == TRUE\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf\r
+!endif\r
\r
[LibraryClasses.common.UEFI_APPLICATION]\r
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf\r
gEfiMdeModulePkgTokenSpaceGuid.PcdConOutGopSupport|TRUE\r
gEfiMdeModulePkgTokenSpaceGuid.PcdConOutUgaSupport|FALSE\r
gEfiMdeModulePkgTokenSpaceGuid.PcdInstallAcpiSdtProtocol|TRUE\r
-!if $(SECURE_BOOT_ENABLE) == TRUE\r
- gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|TRUE\r
-!endif\r
!if $(SMM_REQUIRE) == TRUE\r
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|TRUE\r
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmEnableBspElection|FALSE\r
!if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000\r
!endif\r
!if $(FD_SIZE_IN_KB) == 4096\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x8400\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x40000\r
!endif\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000\r
\r
gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0\r
\r
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x4000\r
!endif\r
\r
-!if $(SECURE_BOOT_ENABLE) == TRUE\r
- gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00\r
-!endif\r
-\r
# IRQs 5, 9, 10, 11 are level-triggered\r
gPcAtChipsetPkgTokenSpaceGuid.Pcd8259LegacyModeEdgeLevel|0x0E20\r
\r
################################################################################\r
\r
[PcdsDynamicDefault]\r
+ # only set when\r
+ # ($(SMM_REQUIRE) == FALSE)\r
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0\r
+\r
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0\r
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0\r
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0\r
gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64\r
gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|50000\r
\r
+ # Set memory encryption mask\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0\r
+\r
!if $(SMM_REQUIRE) == TRUE\r
+ gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8\r
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01\r
gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|100000\r
!endif\r
\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00\r
+\r
+!if $(TPM2_ENABLE) == TRUE\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}\r
+!endif\r
+\r
################################################################################\r
#\r
# Components Section - list of all EDK II Modules needed by this Platform.\r
<LibraryClasses>\r
PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf\r
}\r
- MdeModulePkg/Universal/ReportStatusCodeRouter/Pei/ReportStatusCodeRouterPei.inf\r
- MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf\r
- MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {\r
+ MdeModulePkg/Universal/ReportStatusCodeRouter/Pei/ReportStatusCodeRouterPei.inf {\r
<LibraryClasses>\r
- PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf\r
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf\r
}\r
-\r
- OvmfPkg/PlatformPei/PlatformPei.inf {\r
+ MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf {\r
<LibraryClasses>\r
- PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf\r
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf\r
}\r
+ MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf\r
+\r
+ OvmfPkg/PlatformPei/PlatformPei.inf\r
UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf {\r
<LibraryClasses>\r
- PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf\r
!if $(SMM_REQUIRE) == TRUE\r
LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf\r
!endif\r
}\r
!if $(SMM_REQUIRE) == TRUE\r
- OvmfPkg/SmmAccess/SmmAccessPei.inf {\r
- <LibraryClasses>\r
- PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf\r
- }\r
+ OvmfPkg/SmmAccess/SmmAccessPei.inf\r
!endif\r
- UefiCpuPkg/CpuMpPei/CpuMpPei.inf {\r
+ UefiCpuPkg/CpuMpPei/CpuMpPei.inf\r
+\r
+!if $(TPM2_ENABLE) == TRUE\r
+ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf\r
+ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {\r
<LibraryClasses>\r
- PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf\r
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf\r
}\r
+!endif\r
\r
[Components.X64]\r
#\r
\r
MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf\r
\r
-!if $(SECURE_BOOT_ENABLE) == TRUE\r
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {\r
<LibraryClasses>\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf\r
- }\r
-!else\r
- MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf\r
!endif\r
+!if $(TPM2_ENABLE) == TRUE\r
+ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf\r
+!endif\r
+ }\r
\r
MdeModulePkg/Universal/EbcDxe/EbcDxe.inf\r
PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf\r
MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf {\r
<LibraryClasses>\r
PciHostBridgeLib|OvmfPkg/Library/PciHostBridgeLib/PciHostBridgeLib.inf\r
+ NULL|OvmfPkg/Library/PlatformHasIoMmuLib/PlatformHasIoMmuLib.inf\r
}\r
MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf {\r
<LibraryClasses>\r
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf\r
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf\r
FatPkg/EnhancedFatDxe/Fat.inf\r
+ MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf\r
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf\r
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf\r
OvmfPkg/SataControllerDxe/SataControllerDxe.inf\r
!endif\r
\r
!ifndef $(USE_OLD_SHELL)\r
+ ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {\r
+ <PcdsFixedAtBuild>\r
+ gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE\r
+ }\r
ShellPkg/Application/Shell/Shell.inf {\r
<LibraryClasses>\r
ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf\r
!if $(NETWORK_IP6_ENABLE) == TRUE\r
NULL|ShellPkg/Library/UefiShellNetwork2CommandsLib/UefiShellNetwork2CommandsLib.inf\r
!endif\r
- NULL|ShellPkg/Library/UefiShellTftpCommandLib/UefiShellTftpCommandLib.inf\r
HandleParsingLib|ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.inf\r
- ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf\r
- FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf\r
PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf\r
-# SafeBlockIoLib|ShellPkg/Library/SafeBlockIoLib/SafeBlockIoLib.inf\r
-# SafeOpenProtocolLib|ShellPkg/Library/SafeOpenProtocolLib/SafeOpenProtocolLib.inf\r
BcfgCommandLib|ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.inf\r
\r
<PcdsFixedAtBuild>\r
!endif\r
\r
OvmfPkg/PlatformDxe/Platform.inf\r
+ OvmfPkg/AmdSevDxe/AmdSevDxe.inf\r
+ OvmfPkg/IoMmuDxe/IoMmuDxe.inf\r
\r
!if $(SMM_REQUIRE) == TRUE\r
OvmfPkg/SmmAccess/SmmAccess2Dxe.inf\r
NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf\r
}\r
!endif\r
+\r
+!if $(TPM2_ENABLE) == TRUE\r
+ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {\r
+ <LibraryClasses>\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf\r
+ NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf\r
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf\r
+ }\r
+!endif\r