SecurityPkg/DxeImageVerificationLib: Fix memory leaks (CVE-2019-14575)

[mirror_edk2.git] / ArmVirtPkg / ArmVirtQemuKernel.dsc

diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
index 2a83c7469424ee17e1eebc70105a0df9c9760f14..3b0f04967a4b244b495c79ee95c69f4db7d2bcc8 100644 (file)
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -29,8 +29,21 @@
   #\r
   DEFINE TTY_TERMINAL            = FALSE\r
   DEFINE SECURE_BOOT_ENABLE      = FALSE\r
-  DEFINE NETWORK_IP6_ENABLE      = FALSE\r
-  DEFINE HTTP_BOOT_ENABLE        = FALSE\r
+\r
+  #\r
+  # Network definition\r
+  #\r
+  DEFINE NETWORK_IP6_ENABLE              = FALSE\r
+  DEFINE NETWORK_HTTP_BOOT_ENABLE        = FALSE\r
+  DEFINE NETWORK_SNP_ENABLE              = FALSE\r
+  DEFINE NETWORK_TLS_ENABLE              = FALSE\r
+  DEFINE NETWORK_ALLOW_HTTP_CONNECTIONS  = TRUE\r
+\r
+!if $(NETWORK_SNP_ENABLE) == TRUE\r
+  !error "NETWORK_SNP_ENABLE is IA32/X64/EBC only"\r
+!endif\r
+\r
+!include NetworkPkg/NetworkDefines.dsc.inc\r
 \r
 !include ArmVirtPkg/ArmVirt.dsc.inc\r
 \r
@@ -101,6 +114,14 @@
   gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x4000\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800\r
+!if $(NETWORK_TLS_ENABLE) == TRUE\r
+  #\r
+  # The cumulative and individual VOLATILE variable size limits should be set\r
+  # high enough for accommodating several and/or large CA certificates.\r
+  #\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x80000\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize|0x40000\r
+!endif\r
 \r
   # Size of the region used by UEFI in permanent memory (Reserved 64MB)\r
   gArmPlatformTokenSpaceGuid.PcdSystemMemoryUefiRegionSize|0x04000000\r
@@ -127,9 +148,10 @@
   #\r
   gArmTokenSpaceGuid.PcdArmArchTimerFreqInHz|0\r
 \r
-!if $(HTTP_BOOT_ENABLE) == TRUE\r
-  gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE\r
-!endif\r
+  #\r
+  # Network Pcds\r
+  #\r
+!include NetworkPkg/NetworkPcds.dsc.inc\r
 \r
   gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }\r
@@ -337,28 +359,12 @@
   #\r
   # Networking stack\r
   #\r
-  MdeModulePkg/Universal/Network/DpcDxe/DpcDxe.inf\r
-  MdeModulePkg/Universal/Network/ArpDxe/ArpDxe.inf\r
-  MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Dxe.inf\r
-  MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Dxe.inf\r
-  MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf\r
-  MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf\r
-  MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Dxe.inf\r
-  MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Dxe.inf\r
-  NetworkPkg/TcpDxe/TcpDxe.inf\r
-  NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf\r
-  NetworkPkg/IScsiDxe/IScsiDxe.inf\r
-!if $(NETWORK_IP6_ENABLE) == TRUE\r
-  NetworkPkg/Ip6Dxe/Ip6Dxe.inf\r
-  NetworkPkg/Udp6Dxe/Udp6Dxe.inf\r
-  NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf\r
-  NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf\r
-!endif\r
-!if $(HTTP_BOOT_ENABLE) == TRUE\r
-  NetworkPkg/DnsDxe/DnsDxe.inf\r
-  NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf\r
-  NetworkPkg/HttpDxe/HttpDxe.inf\r
-  NetworkPkg/HttpBootDxe/HttpBootDxe.inf\r
+!include NetworkPkg/NetworkComponents.dsc.inc\r
+!if $(NETWORK_TLS_ENABLE) == TRUE\r
+  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {\r
+    <LibraryClasses>\r
+      NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf\r
+  }\r
 !endif\r
 \r
   #\r