DEFINE HTTP_BOOT_ENABLE = FALSE\r
DEFINE SMM_REQUIRE = FALSE\r
DEFINE TLS_ENABLE = FALSE\r
+ DEFINE TPM2_ENABLE = FALSE\r
\r
#\r
# Flash size selection. Setting FD_SIZE_IN_KB on the command line directly to\r
PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf\r
BaseMemoryLib|MdePkg/Library/BaseMemoryLibRepStr/BaseMemoryLibRepStr.inf\r
BaseLib|MdePkg/Library/BaseLib/BaseLib.inf\r
+ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf\r
+ BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf\r
SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf\r
CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf\r
PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf\r
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf\r
XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf\r
\r
+!if $(TPM2_ENABLE) == TRUE\r
+ Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf\r
+ Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf\r
+ Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf\r
+!endif\r
+\r
[LibraryClasses.common]\r
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf\r
\r
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf\r
QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf\r
\r
+!if $(TPM2_ENABLE) == TRUE\r
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf\r
+!endif\r
+\r
[LibraryClasses.common.DXE_CORE]\r
HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf\r
DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf\r
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf\r
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf\r
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf\r
+!if $(TPM2_ENABLE) == TRUE\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf\r
+!endif\r
\r
[LibraryClasses.common.UEFI_APPLICATION]\r
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf\r
!if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800\r
+!if $(TLS_ENABLE) == FALSE\r
+ # match PcdFlashNvStorageVariableSize purely for convenience\r
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000\r
!endif\r
+!endif\r
!if $(FD_SIZE_IN_KB) == 4096\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x8400\r
+!if $(TLS_ENABLE) == FALSE\r
+ # match PcdFlashNvStorageVariableSize purely for convenience\r
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x40000\r
!endif\r
+!endif\r
+!if $(TLS_ENABLE) == TRUE\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x80000\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize|0x40000\r
+!endif\r
\r
gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0\r
\r
\r
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00\r
\r
+!if $(TPM2_ENABLE) == TRUE\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}\r
+!endif\r
+\r
################################################################################\r
#\r
# Components Section - list of all EDK II Modules needed by this Platform.\r
!endif\r
UefiCpuPkg/CpuMpPei/CpuMpPei.inf\r
\r
+!if $(TPM2_ENABLE) == TRUE\r
+ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf\r
+ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {\r
+ <LibraryClasses>\r
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf\r
+ }\r
+!endif\r
+\r
#\r
# DXE Phase modules\r
#\r
\r
MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf\r
\r
-!if $(SECURE_BOOT_ENABLE) == TRUE\r
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {\r
<LibraryClasses>\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf\r
- }\r
-!else\r
- MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf\r
!endif\r
+!if $(TPM2_ENABLE) == TRUE\r
+ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf\r
+!endif\r
+ }\r
\r
MdeModulePkg/Universal/EbcDxe/EbcDxe.inf\r
PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf\r
NULL|IntelFrameworkModulePkg/Library/LegacyBootMaintUiLib/LegacyBootMaintUiLib.inf\r
!endif\r
}\r
- OvmfPkg/BlockMmioToBlockIoDxe/BlockIo.inf\r
OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf\r
OvmfPkg/Virtio10Dxe/Virtio10.inf\r
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf\r
!endif\r
!if $(TLS_ENABLE) == TRUE\r
NetworkPkg/TlsDxe/TlsDxe.inf\r
- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf\r
+ NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {\r
+ <LibraryClasses>\r
+ NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf\r
+ }\r
!endif\r
OvmfPkg/VirtioNetDxe/VirtioNet.inf\r
\r
!endif\r
HandleParsingLib|ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.inf\r
PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf\r
-# SafeBlockIoLib|ShellPkg/Library/SafeBlockIoLib/SafeBlockIoLib.inf\r
-# SafeOpenProtocolLib|ShellPkg/Library/SafeOpenProtocolLib/SafeOpenProtocolLib.inf\r
BcfgCommandLib|ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.inf\r
\r
<PcdsFixedAtBuild>\r
NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf\r
}\r
!endif\r
+\r
+!if $(TPM2_ENABLE) == TRUE\r
+ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {\r
+ <LibraryClasses>\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf\r
+ NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf\r
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf\r
+ }\r
+!endif\r