UnixPkg/Sec: Fixed build

[mirror_edk2.git] / OvmfPkg / OvmfPkgX64.dsc
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc

index 3604a322df447538f37f6824524a916072480108..ee33e83270c8a339313c58564e6288fc4288e364 100644 (file)
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1,7 +1,7 @@
  ## @file\r
  #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform\r
  #\r
-#  Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>\r
+#  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
  #\r
  #  This program and the accompanying materials\r
  #  are licensed and made available under the terms and conditions of the BSD License\r
@@ -29,6 +29,12 @@
    SKUID_IDENTIFIER               = DEFAULT\r
    FLASH_DEFINITION               = OvmfPkg/OvmfPkgX64.fdf\r
  \r
+  #\r
+  # Defines for default states.  These can be changed on the command line.\r
+  # -D FLAG=VALUE\r
+  #\r
+  DEFINE SECURE_BOOT_ENABLE      = FALSE\r
+\r
  [BuildOptions]\r
    GCC:RELEASE_*_*_CC_FLAGS             = -DMDEPKG_NDEBUG\r
    INTEL:RELEASE_*_*_CC_FLAGS           = /D MDEPKG_NDEBUG\r
@@ -88,6 +94,8 @@
    DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf\r
    UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf\r
    SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf\r
+  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf\r
+  LockBoxLib|MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf\r
  \r
  !ifdef $(SOURCE_DEBUG_ENABLE)\r
    PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDebug/PeCoffExtraActionLibDebug.inf\r
@@ -99,7 +107,19 @@
  \r
    ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf\r
    LocalApicLib|UefiCpuPkg/Library/BaseXApicLib/BaseXApicLib.inf\r
-  DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf  \r
+  DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf\r
+  CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf\r
+\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf\r
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf\r
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf\r
+!endif\r
+\r
+[LibraryClasses.common]\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf\r
+!endif\r
  \r
  [LibraryClasses.common.SEC]\r
    DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf\r
@@ -163,6 +183,9 @@
    PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf\r
    UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf\r
    DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf\r
+!endif\r
  \r
  [LibraryClasses.common.UEFI_DRIVER]\r
    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf\r
@@ -202,20 +225,23 @@
    gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeUseMemory|TRUE\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSupportUefiDecompress|FALSE\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode|FALSE\r
-  gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE\r
-\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdConOutGopSupport|TRUE\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdConOutUgaSupport|FALSE\r
-  gOptionRomPkgTokenSpaceGuid.PcdSupportGop|TRUE\r
-  gOptionRomPkgTokenSpaceGuid.PcdSupportUga|FALSE\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|TRUE\r
+!endif\r
  \r
  [PcdsFixedAtBuild]\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1\r
-\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE\r
    gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x10000\r
+!else\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400\r
+!endif\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000\r
@@ -232,7 +258,16 @@
    gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F\r
  !endif\r
  \r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x05\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05\r
+!endif\r
+\r
+!ifdef $(SOURCE_DEBUG_ENABLE)\r
    gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2\r
+!endif\r
  \r
  !if $(BUILD_NEW_SHELL)\r
    gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5, 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0xB4, 0xD1 }\r
@@ -300,9 +335,17 @@
    }\r
  \r
    MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf\r
+\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {\r
+    <LibraryClasses>\r
+      NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf\r
+       }\r
+!else\r
    MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf\r
+!endif\r
+\r
    MdeModulePkg/Universal/EbcDxe/EbcDxe.inf\r
-  MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf\r
    PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf\r
    UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf\r
    UefiCpuPkg/CpuDxe/CpuDxe.inf\r
@@ -323,6 +366,9 @@
    IntelFrameworkModulePkg/Universal/BdsDxe/BdsDxe.inf {\r
      <LibraryClasses>\r
        TimerLib|OvmfPkg/Library/AcpiTimerLib/AcpiTimerLib.inf\r
+!ifdef $(CSM_ENABLE)\r
+      NULL|OvmfPkg/Csm/CsmSupportLib/CsmSupportLib.inf\r
+!endif\r
    }\r
  \r
    OvmfPkg/BlockMmioToBlockIoDxe/BlockIo.inf\r
@@ -366,11 +412,17 @@
    IntelFrameworkModulePkg/Bus/Isa/Ps2KeyboardDxe/Ps2keyboardDxe.inf\r
    IntelFrameworkModulePkg/Bus/Isa/IsaFloppyDxe/IsaFloppyDxe.inf\r
  \r
+  #\r
+  # SMBIOS Support\r
+  #\r
+  MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf\r
+  OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf\r
+\r
    #\r
    # ACPI Support\r
    #\r
    MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf\r
-  MdeModulePkg/Universal/Acpi/AcpiPlatformDxe/AcpiPlatformDxe.inf\r
+  OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf\r
    OvmfPkg/AcpiTables/AcpiTables.inf\r
  \r
    #\r
@@ -401,6 +453,12 @@
    MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf\r
    MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf\r
  \r
+!ifdef $(CSM_ENABLE)\r
+  IntelFrameworkModulePkg/Csm/BiosThunk/VideoDxe/VideoDxe.inf\r
+  IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf\r
+  OvmfPkg/Csm/Csm16/Csm16.inf\r
+!endif\r
+\r
  !if $(BUILD_NEW_SHELL)\r
    ShellPkg/Application/Shell/Shell.inf {\r
      <LibraryClasses>\r
@@ -428,3 +486,11 @@
    }\r
  !endif\r
  \r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf {\r
+    <LibraryClasses>\r
+      BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf\r
+      OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf\r
+  }\r
+  SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf\r
+!endif\r