#\r
# Copyright (c) 2011-2015, ARM Limited. All rights reserved.\r
# Copyright (c) 2014, Linaro Limited. All rights reserved.\r
-# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.\r
+# Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.\r
#\r
-# This program and the accompanying materials\r
-# are licensed and made available under the terms and conditions of the BSD License\r
-# which accompanies this distribution. The full text of the license may be found at\r
-# http://opensource.org/licenses/bsd-license.php\r
-#\r
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+# SPDX-License-Identifier: BSD-2-Clause-Patent\r
#\r
#\r
\r
#\r
DEFINE TTY_TERMINAL = FALSE\r
DEFINE SECURE_BOOT_ENABLE = FALSE\r
- DEFINE NETWORK_IP6_ENABLE = FALSE\r
- DEFINE HTTP_BOOT_ENABLE = FALSE\r
+ DEFINE TPM2_ENABLE = FALSE\r
+ DEFINE TPM2_CONFIG_ENABLE = FALSE\r
+\r
+ #\r
+ # Network definition\r
+ #\r
+ DEFINE NETWORK_IP6_ENABLE = FALSE\r
+ DEFINE NETWORK_HTTP_BOOT_ENABLE = FALSE\r
+ DEFINE NETWORK_SNP_ENABLE = FALSE\r
+ DEFINE NETWORK_TLS_ENABLE = FALSE\r
+ DEFINE NETWORK_ALLOW_HTTP_CONNECTIONS = TRUE\r
+ DEFINE NETWORK_ISCSI_ENABLE = TRUE\r
+\r
+!if $(NETWORK_SNP_ENABLE) == TRUE\r
+ !error "NETWORK_SNP_ENABLE is IA32/X64/EBC only"\r
+!endif\r
+\r
+!include NetworkPkg/NetworkDefines.dsc.inc\r
\r
!include ArmVirtPkg/ArmVirt.dsc.inc\r
\r
VirtioMmioDeviceLib|OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDeviceLib.inf\r
QemuFwCfgLib|ArmVirtPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf\r
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/BaseQemuFwCfgS3LibNull.inf\r
+ QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf\r
+ QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf\r
\r
ArmPlatformLib|ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNull.inf\r
\r
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf\r
BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf\r
PlatformBootManagerLib|ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf\r
+ PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrintScLib.inf\r
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf\r
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf\r
QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf\r
PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf\r
PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf\r
\r
+!if $(TPM2_ENABLE) == TRUE\r
+ Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf\r
+ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf\r
+ TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf\r
+!else\r
+ TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf\r
+!endif\r
+\r
[LibraryClasses.common.PEIM]\r
ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoPeiLib.inf\r
\r
+!if $(TPM2_ENABLE) == TRUE\r
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf\r
+ ResetSystemLib|MdeModulePkg/Library/PeiResetSystemLib/PeiResetSystemLib.inf\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf\r
+!endif\r
+\r
+[LibraryClasses.common.DXE_DRIVER]\r
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf\r
+\r
+!if $(TPM2_ENABLE) == TRUE\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf\r
+!endif\r
+\r
[LibraryClasses.common.UEFI_DRIVER]\r
UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf\r
\r
+[BuildOptions]\r
+!include NetworkPkg/NetworkBuildOptions.dsc.inc\r
+\r
################################################################################\r
#\r
# Pcd Section - list of all EDK II PCD Entries defined by this Platform\r
gEfiMdeModulePkgTokenSpaceGuid.PcdConOutGopSupport|TRUE\r
gEfiMdeModulePkgTokenSpaceGuid.PcdConOutUgaSupport|FALSE\r
\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE\r
+\r
+ gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)\r
+\r
[PcdsFixedAtBuild.common]\r
!if $(ARCH) == AARCH64\r
gArmTokenSpaceGuid.PcdVFPEnabled|1\r
gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x4000\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800\r
+!if $(NETWORK_TLS_ENABLE) == TRUE\r
+ #\r
+ # The cumulative and individual VOLATILE variable size limits should be set\r
+ # high enough for accommodating several and/or large CA certificates.\r
+ #\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x80000\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize|0x40000\r
+!endif\r
\r
# Size of the region used by UEFI in permanent memory (Reserved 64MB)\r
gArmPlatformTokenSpaceGuid.PcdSystemMemoryUefiRegionSize|0x04000000\r
#\r
gArmTokenSpaceGuid.PcdArmArchTimerFreqInHz|0\r
\r
-!if $(HTTP_BOOT_ENABLE) == TRUE\r
- gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE\r
-!endif\r
+ #\r
+ # Network Pcds\r
+ #\r
+!include NetworkPkg/NetworkPcds.dsc.inc\r
\r
# System Memory Base -- fixed at 0x4000_0000\r
gArmTokenSpaceGuid.PcdSystemMemoryBase|0x40000000\r
#\r
gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE\r
\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+ # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04\r
+!endif\r
+\r
+ gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|3\r
+ gEfiShellPkgTokenSpaceGuid.PcdShellFileOperationSize|0x20000\r
+\r
[PcdsFixedAtBuild.AARCH64]\r
# Clearing BIT0 in this PCD prevents installing a 32-bit SMBIOS entry point,\r
# if the entry point version is >= 3.0. AARCH64 OSes cannot assume the\r
# point only, for entry point versions >= 3.0.\r
gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosEntryPointProvideMethod|0x2\r
\r
- # ACPI predates the AARCH64 architecture by 5 versions, so\r
- # we only target OSes that support ACPI v5.0 or later\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiExposedTableVersions|0x20\r
-\r
[PcdsDynamicDefault.common]\r
gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|3\r
\r
gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0\r
gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE\r
\r
+ #\r
+ # IPv4 and IPv6 PXE Boot support.\r
+ #\r
+ gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01\r
+ gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01\r
+\r
+ #\r
+ # TPM2 support\r
+ #\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0\r
+!if $(TPM2_ENABLE) == TRUE\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0\r
+!endif\r
+\r
[PcdsDynamicHii]\r
gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS\r
\r
+!if $(TPM2_CONFIG_ENABLE) == TRUE\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS\r
+!endif\r
+\r
################################################################################\r
#\r
# Components Section - list of all EDK II Modules needed by this Platform\r
\r
MdeModulePkg/Universal/Variable/Pei/VariablePei.inf\r
\r
+!if $(TPM2_ENABLE) == TRUE\r
+ MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf {\r
+ <LibraryClasses>\r
+ ResetSystemLib|ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVirtPsciResetSystemPeiLib.inf\r
+ }\r
+ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf\r
+ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {\r
+ <LibraryClasses>\r
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf\r
+ }\r
+!endif\r
+\r
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {\r
<LibraryClasses>\r
NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf\r
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {\r
<LibraryClasses>\r
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf\r
+!if $(TPM2_ENABLE) == TRUE\r
+ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf\r
+!endif\r
}\r
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf\r
+ OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf\r
!else\r
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf\r
!endif\r
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf\r
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf\r
\r
+ #\r
+ # Status Code Routing\r
+ #\r
+ MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportStatusCodeRouterRuntimeDxe.inf\r
+\r
#\r
# Platform Driver\r
#\r
OvmfPkg/VirtioRngDxe/VirtioRng.inf\r
\r
#\r
- # FAT filesystem + GPT/MBR partitioning + UDF filesystem\r
+ # FAT filesystem + GPT/MBR partitioning + UDF filesystem + virtio-fs\r
#\r
MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf\r
MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf\r
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf\r
FatPkg/EnhancedFatDxe/Fat.inf\r
MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf\r
+ OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf\r
\r
#\r
# Bds\r
NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf\r
NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf\r
}\r
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf\r
\r
#\r
# Networking stack\r
#\r
- MdeModulePkg/Universal/Network/DpcDxe/DpcDxe.inf\r
- MdeModulePkg/Universal/Network/ArpDxe/ArpDxe.inf\r
- MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Dxe.inf\r
- MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Dxe.inf\r
- MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf\r
- MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf\r
- MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Dxe.inf\r
- MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Dxe.inf\r
- NetworkPkg/TcpDxe/TcpDxe.inf\r
- NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf\r
- NetworkPkg/IScsiDxe/IScsiDxe.inf\r
-!if $(NETWORK_IP6_ENABLE) == TRUE\r
- NetworkPkg/Ip6Dxe/Ip6Dxe.inf\r
- NetworkPkg/Udp6Dxe/Udp6Dxe.inf\r
- NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf\r
- NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf\r
-!endif\r
-!if $(HTTP_BOOT_ENABLE) == TRUE\r
- NetworkPkg/DnsDxe/DnsDxe.inf\r
- NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf\r
- NetworkPkg/HttpDxe/HttpDxe.inf\r
- NetworkPkg/HttpBootDxe/HttpBootDxe.inf\r
+!include NetworkPkg/NetworkComponents.dsc.inc\r
+\r
+ NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {\r
+ <LibraryClasses>\r
+ NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf\r
+ }\r
+\r
+!if $(NETWORK_TLS_ENABLE) == TRUE\r
+ NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {\r
+ <LibraryClasses>\r
+ NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf\r
+ }\r
!endif\r
\r
#\r
MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf\r
MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf\r
\r
+ #\r
+ # NVME Driver\r
+ #\r
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf\r
+\r
#\r
# SMBIOS Support\r
#\r
MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf\r
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf\r
\r
+ #\r
+ # TPM2 support\r
+ #\r
+!if $(TPM2_ENABLE) == TRUE\r
+ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {\r
+ <LibraryClasses>\r
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf\r
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf\r
+ NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf\r
+ }\r
+!if $(TPM2_CONFIG_ENABLE) == TRUE\r
+ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf\r
+!endif\r
+!endif\r
+\r
#\r
# ACPI Support\r
#\r
projects / mirror_edk2.git / blobdiff