\r
[Defines]\r
USE_ARM_BDS = FALSE\r
+ SECURE_BOOT_ENABLE = FALSE\r
\r
-[BuildOptions.AARCH64.EDKII.DXE_RUNTIME_DRIVER]\r
+[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]\r
+ GCC:*_*_ARM_DLINK_FLAGS = -z common-page-size=0x1000\r
GCC:*_*_AARCH64_DLINK_FLAGS = -z common-page-size=0x10000\r
\r
[LibraryClasses.common]\r
# ARM PL011 UART Driver\r
PL011UartLib|ArmPlatformPkg/Drivers/PL011Uart/PL011Uart.inf\r
SerialPortLib|ArmPlatformPkg/Library/PL011SerialPortLib/PL011SerialPortLib.inf\r
- SerialPortExtLib|ArmPlatformPkg/Library/PL011SerialPortLib/PL011SerialPortExtLib.inf\r
# ARM SP804 Dual Timer Driver\r
TimerLib|ArmPlatformPkg/Library/SP804TimerLib/SP804TimerLib.inf\r
\r
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf\r
SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf\r
\r
+ #\r
+ # Secure Boot dependencies\r
+ #\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf\r
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf\r
+ TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf\r
+ AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf\r
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf\r
+\r
+ # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree\r
+ PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf\r
+!else\r
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf\r
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf\r
+!endif\r
VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf\r
\r
!if $(USE_ARM_BDS) == FALSE\r
\r
[LibraryClasses.common.SEC]\r
ArmPlatformSecExtraActionLib|ArmPlatformPkg/Library/DebugSecExtraActionLib/DebugSecExtraActionLib.inf\r
- ArmPlatformGlobalVariableLib|ArmPlatformPkg/Library/ArmPlatformGlobalVariableLib/Sec/SecArmPlatformGlobalVariableLib.inf\r
\r
DebugAgentLib|ArmPkg/Library/DebugAgentSymbolsBaseLib/DebugAgentSymbolsBaseLib.inf\r
DefaultExceptionHandlerLib|ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerLibBase.inf\r
UefiDecompressLib|MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.inf\r
ExtractGuidedSectionLib|MdePkg/Library/PeiExtractGuidedSectionLib/PeiExtractGuidedSectionLib.inf\r
\r
- ArmPlatformGlobalVariableLib|ArmPlatformPkg/Library/ArmPlatformGlobalVariableLib/Pei/PeiArmPlatformGlobalVariableLib.inf\r
- PeiServicesTablePointerLib|ArmPlatformPkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf\r
+ PeiServicesTablePointerLib|ArmPkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf\r
\r
[LibraryClasses.common.PEIM]\r
HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf\r
UefiDecompressLib|MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.inf\r
ExtractGuidedSectionLib|MdePkg/Library/PeiExtractGuidedSectionLib/PeiExtractGuidedSectionLib.inf\r
\r
- ArmPlatformGlobalVariableLib|ArmPlatformPkg/Library/ArmPlatformGlobalVariableLib/Pei/PeiArmPlatformGlobalVariableLib.inf\r
- PeiServicesTablePointerLib|ArmPlatformPkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf\r
+ PeiServicesTablePointerLib|ArmPkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf\r
\r
[LibraryClasses.common.SEC, LibraryClasses.common.PEIM]\r
MemoryInitPeiLib|ArmPlatformPkg/MemoryInitPei/MemoryInitPeiLib.inf\r
SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf\r
PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf\r
MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf\r
- ArmPlatformGlobalVariableLib|ArmPlatformPkg/Library/ArmPlatformGlobalVariableLib/Dxe/DxeArmPlatformGlobalVariableLib.inf\r
\r
[LibraryClasses.common.UEFI_APPLICATION]\r
UefiDecompressLib|IntelFrameworkModulePkg/Library/BaseUefiTianoCustomDecompressLib/BaseUefiTianoCustomDecompressLib.inf\r
ReportStatusCodeLib|IntelFrameworkModulePkg/Library/DxeReportStatusCodeLibFramework/DxeReportStatusCodeLib.inf\r
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf\r
ArmPlatformSysConfigLib|ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSysConfigRuntimeLib/ArmVExpressSysConfigRuntimeLib.inf\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf\r
+!endif\r
\r
[LibraryClasses.AARCH64.DXE_RUNTIME_DRIVER]\r
#\r
gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5, 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0xB4, 0xD1 }\r
!endif\r
\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+ # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04\r
+!endif\r
+\r
[Components.common]\r
MdeModulePkg/Universal/PCD/Dxe/Pcd.inf\r
\r