]> git.proxmox.com Git - mirror_edk2.git/blobdiff - OvmfPkg/OvmfPkgX64.dsc
projects / mirror_edk2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
UefiCpuPkg: Move AsmRelocateApLoopStart from Mpfuncs.nasm to AmdSev.nasm
[mirror_edk2.git] / OvmfPkg / OvmfPkgX64.dsc
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 2a8975fd3d296f72a0e055a0571ea26af8e4a997..04d50704c736480426e70c45be9d95faaf0a42bf 100644 (file)
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1,8 +1,9 @@
 ## @file\r
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform\r
 #\r
-#  Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>\r
+#  Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>\r
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
+#  Copyright (c) Microsoft Corporation.\r
 #\r
 #  SPDX-License-Identifier: BSD-2-Clause-Patent\r
 #\r
@@ -31,8 +32,14 @@
   DEFINE SECURE_BOOT_ENABLE      = FALSE\r
   DEFINE SMM_REQUIRE             = FALSE\r
   DEFINE SOURCE_DEBUG_ENABLE     = FALSE\r
-  DEFINE TPM_ENABLE              = FALSE\r
-  DEFINE TPM_CONFIG_ENABLE       = FALSE\r
+  DEFINE CC_MEASUREMENT_ENABLE   = FALSE\r
+\r
+!include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc\r
+\r
+  #\r
+  # Shell can be useful for debugging but should not be enabled for production\r
+  #\r
+  DEFINE BUILD_SHELL             = TRUE\r
 \r
   #\r
   # Network definition\r
@@ -41,14 +48,15 @@
   DEFINE NETWORK_IP6_ENABLE             = FALSE\r
   DEFINE NETWORK_HTTP_BOOT_ENABLE       = FALSE\r
   DEFINE NETWORK_ALLOW_HTTP_CONNECTIONS = TRUE\r
+  DEFINE NETWORK_ISCSI_ENABLE           = TRUE\r
 \r
 !include NetworkPkg/NetworkDefines.dsc.inc\r
 \r
   #\r
   # Device drivers\r
   #\r
-  DEFINE PVSCSI_ENABLE           = TRUE\r
-  DEFINE MPT_SCSI_ENABLE         = TRUE\r
+  DEFINE PVSCSI_ENABLE           = FALSE\r
+  DEFINE MPT_SCSI_ENABLE         = FALSE\r
   DEFINE LSI_SCSI_ENABLE         = FALSE\r
 \r
   #\r
@@ -70,6 +78,12 @@
 !endif\r
 !endif\r
 \r
+  #\r
+  # Define the FILE_GUID of CpuMpPei/CpuDxe for unique-processor version.\r
+  #\r
+  DEFINE UP_CPU_PEI_GUID  = 280251c4-1d09-4035-9062-839acb5f18c1\r
+  DEFINE UP_CPU_DXE_GUID  = 6490f1c5-ebcc-4665-8892-0075b9bb49b7\r
+\r
 [BuildOptions]\r
   GCC:RELEASE_*_*_CC_FLAGS             = -DMDEPKG_NDEBUG\r
   INTEL:RELEASE_*_*_CC_FLAGS           = /D MDEPKG_NDEBUG\r
@@ -82,6 +96,7 @@
   GCC:*_*_X64_GENFW_FLAGS   = --keepexceptiontable\r
   INTEL:*_*_X64_GENFW_FLAGS = --keepexceptiontable\r
 !endif\r
+  RELEASE_*_*_GENFW_FLAGS = --zero\r
 \r
   #\r
   # Disable deprecated APIs.\r
@@ -90,6 +105,24 @@
   INTEL:*_*_*_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES\r
   GCC:*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES\r
 \r
+  #\r
+  # Add TDX_GUEST_SUPPORTED\r
+  #\r
+  MSFT:*_*_*_CC_FLAGS = /D TDX_GUEST_SUPPORTED\r
+  INTEL:*_*_*_CC_FLAGS = /D TDX_GUEST_SUPPORTED\r
+  GCC:*_*_*_CC_FLAGS = -D TDX_GUEST_SUPPORTED\r
+\r
+  #\r
+  # SECURE_BOOT_FEATURE_ENABLED\r
+  #\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  MSFT:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED\r
+  INTEL:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED\r
+  GCC:*_*_*_CC_FLAGS = -D SECURE_BOOT_FEATURE_ENABLED\r
+!endif\r
+\r
+!include NetworkPkg/NetworkBuildOptions.dsc.inc\r
+\r
 [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]\r
   GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000\r
   XCODE:*_*_*_DLINK_FLAGS = -seg1addr 0x1000 -segalign 0x1000\r
@@ -117,6 +150,9 @@
 # Library Class section - list of all Library Classes needed by this Platform.\r
 #\r
 ################################################################################\r
+\r
+!include MdePkg/MdeLibs.dsc.inc\r
+\r
 [LibraryClasses]\r
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf\r
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf\r
@@ -125,6 +161,7 @@
   BaseMemoryLib|MdePkg/Library/BaseMemoryLibRepStr/BaseMemoryLibRepStr.inf\r
   BaseLib|MdePkg/Library/BaseLib/BaseLib.inf\r
   SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf\r
+  TimeBaseLib|EmbeddedPkg/Library/TimeBaseLib/TimeBaseLib.inf\r
   BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf\r
   SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf\r
   CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf\r
@@ -153,6 +190,7 @@
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf\r
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf\r
   MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf\r
+  MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf\r
   UefiLib|MdePkg/Library/UefiLib/UefiLib.inf\r
   UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf\r
   UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf\r
@@ -169,9 +207,16 @@
   QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf\r
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf\r
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf\r
-  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf\r
+  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf\r
+  MemEncryptTdxLib|OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLib.inf\r
+  PeiHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/PeiHardwareInfoLib.inf\r
+  DxeHardwareInfoLib|OvmfPkg/Library/HardwareInfoLib/DxeHardwareInfoLib.inf\r
+\r
 !if $(SMM_REQUIRE) == FALSE\r
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf\r
+  CcProbeLib|OvmfPkg/Library/CcProbeLib/DxeCcProbeLib.inf\r
+!else\r
+  CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf\r
 !endif\r
   CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf\r
   FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf\r
@@ -193,14 +238,21 @@
 !else\r
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf\r
 !endif\r
+  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf\r
 \r
 !if $(SECURE_BOOT_ENABLE) == TRUE\r
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf\r
   AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf\r
+  SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf\r
+  PlatformPKProtectionLib|SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectionLibVarPolicy.inf\r
+  SecureBootVariableProvisionLib|SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.inf\r
 !else\r
   AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf\r
 !endif\r
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf\r
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf\r
+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf\r
+  VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf\r
 \r
 \r
   #\r
@@ -212,28 +264,22 @@
   TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf\r
 !endif\r
 \r
+!if $(BUILD_SHELL) == TRUE\r
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf\r
+!endif\r
   ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf\r
+\r
   S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf\r
   SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf\r
   OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf\r
-  XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf\r
-  XenPlatformLib|OvmfPkg/Library/XenPlatformLib/XenPlatformLib.inf\r
-\r
-!if $(TPM_ENABLE) == TRUE\r
-  Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf\r
-  Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf\r
-  Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf\r
-  Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf\r
-  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf\r
-!else\r
-  Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf\r
-  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf\r
-!endif\r
+\r
+!include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc\r
 \r
 [LibraryClasses.common]\r
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf\r
-  VmgExitLib|OvmfPkg/Library/VmgExitLib/VmgExitLib.inf\r
+  CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf\r
+  TdxLib|MdePkg/Library/TdxLib/TdxLib.inf\r
+  TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf\r
 \r
 [LibraryClasses.common.SEC]\r
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf\r
@@ -257,6 +303,9 @@
 !else\r
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf\r
 !endif\r
+  CcExitLib|OvmfPkg/Library/CcExitLib/SecCcExitLib.inf\r
+  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf\r
+  CcProbeLib|OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.inf\r
 \r
 [LibraryClasses.common.PEI_CORE]\r
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf\r
@@ -270,9 +319,10 @@
 !ifdef $(DEBUG_ON_SERIAL_PORT)\r
   DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf\r
 !else\r
-  DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf\r
+  DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformRomDebugLibIoPort.inf\r
 !endif\r
   PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf\r
+  CcProbeLib|OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.inf\r
 \r
 [LibraryClasses.common.PEIM]\r
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf\r
@@ -286,7 +336,7 @@
 !ifdef $(DEBUG_ON_SERIAL_PORT)\r
   DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf\r
 !else\r
-  DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf\r
+  DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformRomDebugLibIoPort.inf\r
 !endif\r
   PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf\r
   ResourcePublicationLib|MdePkg/Library/PeiResourcePublicationLib/PeiResourcePublicationLib.inf\r
@@ -299,12 +349,10 @@
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf\r
   PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf\r
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf\r
+  PlatformInitLib|OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf\r
 \r
-!if $(TPM_ENABLE) == TRUE\r
-  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf\r
-  Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf\r
-  Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf\r
-!endif\r
+  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf\r
+  CcProbeLib|OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.inf\r
 \r
 [LibraryClasses.common.DXE_CORE]\r
   HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf\r
@@ -340,6 +388,10 @@
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf\r
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf\r
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf\r
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf\r
+!if $(SMM_REQUIRE) == TRUE\r
+  MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf\r
+!endif\r
 \r
 [LibraryClasses.common.UEFI_DRIVER]\r
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf\r
@@ -383,13 +435,11 @@
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf\r
 !endif\r
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf\r
+  CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf\r
   MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf\r
+  NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf\r
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf\r
   QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf\r
-!if $(TPM_ENABLE) == TRUE\r
-  Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf\r
-  Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf\r
-!endif\r
 \r
 [LibraryClasses.common.UEFI_APPLICATION]\r
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf\r
@@ -426,6 +476,7 @@
 !endif\r
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf\r
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf\r
+  SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf\r
 \r
 [LibraryClasses.common.SMM_CORE]\r
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf\r
@@ -464,6 +515,9 @@
   gUefiCpuPkgTokenSpaceGuid.PcdCpuHotPlugSupport|TRUE\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache|FALSE\r
 !endif\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdRequireSelfSignedPk|TRUE\r
+!endif\r
 \r
 [PcdsFixedAtBuild]\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1\r
@@ -471,6 +525,7 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE\r
 !endif\r
   gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10\r
+  gEfiMdePkgTokenSpaceGuid.PcdMaximumLinkedListLength|0\r
 !if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800\r
@@ -545,16 +600,22 @@
   # unknown) workloads / boot paths.\r
   #\r
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0x80\r
-  gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0x10\r
+  gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0x12\r
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0x80\r
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|0x100\r
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|0x100\r
 \r
+  #\r
+  # TDX need 1G PageTable support\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable|TRUE\r
+\r
   #\r
   # Network Pcds\r
   #\r
 !include NetworkPkg/NetworkPcds.dsc.inc\r
 \r
+  gEfiShellPkgTokenSpaceGuid.PcdShellFileOperationSize|0x20000\r
+\r
 !if $(SMM_REQUIRE) == TRUE\r
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x4000\r
 !endif\r
@@ -578,13 +639,17 @@
 \r
 !if $(SMM_REQUIRE) == FALSE\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|0\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|0\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0\r
 !endif\r
-  gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration|FALSE\r
-  gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution|800\r
-  gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution|600\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution|1280\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution|800\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdConOutRow|0\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdConOutColumn|0\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable|FALSE\r
+  gUefiOvmfPkgTokenSpaceGuid.PcdVideoResolutionSource|0\r
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId|0\r
   gUefiOvmfPkgTokenSpaceGuid.PcdPciIoBase|0x0\r
   gUefiOvmfPkgTokenSpaceGuid.PcdPciIoSize|0x0\r
@@ -617,7 +682,12 @@
   # Set memory encryption mask\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0\r
 \r
+  # Set Tdx shared bit mask\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0\r
+\r
   # Set SEV-ES defaults\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0\r
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0\r
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0\r
 \r
 !if $(SMM_REQUIRE) == TRUE\r
@@ -629,20 +699,22 @@
 \r
   gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00\r
 \r
-!if $(TPM_ENABLE) == TRUE\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}\r
-!endif\r
+!include OvmfPkg/Include/Dsc/OvmfTpmPcds.dsc.inc\r
 \r
   # IPv4 and IPv6 PXE Boot support.\r
   gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01\r
   gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01\r
 \r
-[PcdsDynamicHii]\r
-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS\r
+  # Set ConfidentialComputing defaults\r
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0\r
+\r
+!if $(CSM_ENABLE) == FALSE\r
+  gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000\r
 !endif\r
 \r
+[PcdsDynamicHii]\r
+!include OvmfPkg/Include/Dsc/OvmfTpmPcdsHii.dsc.inc\r
+\r
 ################################################################################\r
 #\r
 # Components Section - list of all EDK II Modules needed by this Platform.\r
@@ -657,6 +729,8 @@
   OvmfPkg/Sec/SecMain.inf {\r
     <LibraryClasses>\r
       NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf\r
+      NULL|OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelperLib.inf\r
+      BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf\r
   }\r
 \r
   #\r
@@ -677,7 +751,10 @@
   }\r
   MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf\r
 \r
-  OvmfPkg/PlatformPei/PlatformPei.inf\r
+  OvmfPkg/PlatformPei/PlatformPei.inf {\r
+    <LibraryClasses>\r
+      NULL|OvmfPkg/IntelTdx/TdxHelperLib/PeiTdxHelperLib.inf\r
+  }\r
   UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf {\r
     <LibraryClasses>\r
 !if $(SMM_REQUIRE) == TRUE\r
@@ -689,21 +766,31 @@
   MdeModulePkg/Universal/Variable/Pei/VariablePei.inf\r
   OvmfPkg/SmmAccess/SmmAccessPei.inf\r
 !endif\r
-  UefiCpuPkg/CpuMpPei/CpuMpPei.inf\r
 \r
-!if $(TPM_ENABLE) == TRUE\r
-  OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf\r
-  SecurityPkg/Tcg/TcgPei/TcgPei.inf\r
-  SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {\r
+  UefiCpuPkg/CpuMpPei/CpuMpPei.inf {\r
     <LibraryClasses>\r
-      HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf\r
+      #\r
+      # Directly use PeiMpInitLib. It depends on PeiMpInitLibMpDepLib which\r
+      # checks the PPI of gEfiPeiMpInitLibMpDepPpiGuid.\r
+      #\r
+      MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf\r
+      NULL|OvmfPkg/Library/MpInitLibDepLib/PeiMpInitLibMpDepLib.inf\r
   }\r
-!endif\r
+\r
+  UefiCpuPkg/CpuMpPei/CpuMpPei.inf {\r
+    <Defines>\r
+      FILE_GUID = $(UP_CPU_PEI_GUID)\r
+\r
+    <LibraryClasses>\r
+      #\r
+      # Directly use MpInitLibUp. It depends on PeiMpInitLibUpDepLib which\r
+      # checks the PPI of gEfiPeiMpInitLibUpDepPpiGuid.\r
+      #\r
+      MpInitLib|UefiCpuPkg/Library/MpInitLibUp/MpInitLibUp.inf\r
+      NULL|OvmfPkg/Library/MpInitLibDepLib/PeiMpInitLibUpDepLib.inf\r
+  }\r
+\r
+!include OvmfPkg/Include/Dsc/OvmfTpmComponentsPei.dsc.inc\r
 \r
   #\r
   # DXE Phase modules\r
@@ -728,22 +815,48 @@
 !if $(SECURE_BOOT_ENABLE) == TRUE\r
       NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf\r
 !endif\r
-!if $(TPM_ENABLE) == TRUE\r
-      NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf\r
-      NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf\r
-!endif\r
+!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc\r
   }\r
 \r
   MdeModulePkg/Universal/EbcDxe/EbcDxe.inf\r
-  OvmfPkg/8259InterruptControllerDxe/8259.inf\r
   UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf\r
-  UefiCpuPkg/CpuDxe/CpuDxe.inf\r
+\r
+  UefiCpuPkg/CpuDxe/CpuDxe.inf {\r
+    <LibraryClasses>\r
+      #\r
+      # Directly use DxeMpInitLib. It depends on DxeMpInitLibMpDepLib which\r
+      # checks the Protocol of gEfiMpInitLibMpDepProtocolGuid.\r
+      #\r
+      CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf\r
+      MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf\r
+      NULL|OvmfPkg/Library/MpInitLibDepLib/DxeMpInitLibMpDepLib.inf\r
+  }\r
+\r
+  UefiCpuPkg/CpuDxe/CpuDxe.inf {\r
+    <Defines>\r
+      FILE_GUID = $(UP_CPU_DXE_GUID)\r
+\r
+    <LibraryClasses>\r
+      #\r
+      # Directly use MpInitLibUp. It depends on DxeMpInitLibUpDepLib which\r
+      # checks the Protocol of gEfiMpInitLibUpDepProtocolGuid.\r
+      #\r
+      MpInitLib|UefiCpuPkg/Library/MpInitLibUp/MpInitLibUp.inf\r
+      NULL|OvmfPkg/Library/MpInitLibDepLib/DxeMpInitLibUpDepLib.inf\r
+  }\r
+\r
+!ifdef $(CSM_ENABLE)\r
+  OvmfPkg/8259InterruptControllerDxe/8259.inf\r
   OvmfPkg/8254TimerDxe/8254Timer.inf\r
+!else\r
+  OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf\r
+!endif\r
   OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.inf\r
   OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf\r
   MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf {\r
     <LibraryClasses>\r
       PciHostBridgeLib|OvmfPkg/Library/PciHostBridgeLib/PciHostBridgeLib.inf\r
+      PciHostBridgeUtilityLib|OvmfPkg/Library/PciHostBridgeUtilityLib/PciHostBridgeUtilityLib.inf\r
       NULL|OvmfPkg/Library/PlatformHasIoMmuLib/PlatformHasIoMmuLib.inf\r
   }\r
   MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf {\r
@@ -756,6 +869,7 @@
   MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf\r
   MdeModulePkg/Universal/BdsDxe/BdsDxe.inf {\r
     <LibraryClasses>\r
+      XenPlatformLib|OvmfPkg/Library/XenPlatformLib/XenPlatformLib.inf\r
 !ifdef $(CSM_ENABLE)\r
       NULL|OvmfPkg/Csm/CsmSupportLib/CsmSupportLib.inf\r
       NULL|OvmfPkg/Csm/LegacyBootManagerLib/LegacyBootManagerLib.inf\r
@@ -772,15 +886,15 @@
       NULL|OvmfPkg/Csm/LegacyBootMaintUiLib/LegacyBootMaintUiLib.inf\r
 !endif\r
   }\r
-  OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf\r
+  OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf {\r
+    <LibraryClasses>\r
+      NULL|OvmfPkg/Library/BlobVerifierLibNull/BlobVerifierLibNull.inf\r
+  }\r
   OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf\r
   OvmfPkg/Virtio10Dxe/Virtio10.inf\r
   OvmfPkg/VirtioBlkDxe/VirtioBlk.inf\r
   OvmfPkg/VirtioScsiDxe/VirtioScsi.inf\r
   OvmfPkg/VirtioRngDxe/VirtioRng.inf\r
-  OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf\r
-  OvmfPkg/XenBusDxe/XenBusDxe.inf\r
-  OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf\r
 !if $(PVSCSI_ENABLE) == TRUE\r
   OvmfPkg/PvScsiDxe/PvScsiDxe.inf\r
 !endif\r
@@ -805,13 +919,13 @@
       DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf\r
       PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf\r
   }\r
-  MdeModulePkg/Universal/PrintDxe/PrintDxe.inf\r
   MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf\r
   MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf\r
   MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf\r
   MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf\r
   FatPkg/EnhancedFatDxe/Fat.inf\r
   MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf\r
+  OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf\r
   MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf\r
   MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf\r
   OvmfPkg/SataControllerDxe/SataControllerDxe.inf\r
@@ -850,7 +964,6 @@
   #\r
   MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf\r
   OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf\r
-  OvmfPkg/AcpiTables/AcpiTables.inf\r
   MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf\r
   MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf\r
   MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf\r
@@ -859,18 +972,8 @@
   # Network Support\r
   #\r
 !include NetworkPkg/NetworkComponents.dsc.inc\r
+!include OvmfPkg/Include/Dsc/NetworkComponents.dsc.inc\r
 \r
-  NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {\r
-    <LibraryClasses>\r
-      NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf\r
-  }\r
-\r
-!if $(NETWORK_TLS_ENABLE) == TRUE\r
-  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {\r
-    <LibraryClasses>\r
-      NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf\r
-  }\r
-!endif\r
   OvmfPkg/VirtioNetDxe/VirtioNet.inf\r
 \r
   #\r
@@ -892,16 +995,21 @@
   OvmfPkg/Csm/Csm16/Csm16.inf\r
 !endif\r
 \r
-!if $(TOOL_CHAIN_TAG) != "XCODE5"\r
+!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE\r
   ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {\r
     <PcdsFixedAtBuild>\r
       gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE\r
   }\r
+  ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf {\r
+    <PcdsFixedAtBuild>\r
+      gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE\r
+  }\r
   OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {\r
     <PcdsFixedAtBuild>\r
       gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE\r
   }\r
 !endif\r
+!if $(BUILD_SHELL) == TRUE\r
   ShellPkg/Application/Shell/Shell.inf {\r
     <LibraryClasses>\r
       ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf\r
@@ -924,6 +1032,7 @@
       gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE\r
       gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000\r
   }\r
+!endif\r
 \r
 !if $(SECURE_BOOT_ENABLE) == TRUE\r
   SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf\r
@@ -931,9 +1040,14 @@
 !endif\r
 \r
   OvmfPkg/PlatformDxe/Platform.inf\r
-  OvmfPkg/AmdSevDxe/AmdSevDxe.inf\r
+  OvmfPkg/AmdSevDxe/AmdSevDxe.inf {\r
+    <LibraryClasses>\r
+    PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf\r
+  }\r
   OvmfPkg/IoMmuDxe/IoMmuDxe.inf\r
 \r
+  OvmfPkg/TdxDxe/TdxDxe.inf\r
+\r
 !if $(SMM_REQUIRE) == TRUE\r
   OvmfPkg/SmmAccess/SmmAccess2Dxe.inf\r
   OvmfPkg/SmmControl2Dxe/SmmControl2Dxe.inf\r
@@ -967,11 +1081,15 @@
   #\r
   # Variable driver stack (SMM)\r
   #\r
-  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf\r
+  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf {\r
+    <LibraryClasses>\r
+    CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf\r
+  }\r
   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf\r
   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {\r
     <LibraryClasses>\r
       NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf\r
+      NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf\r
   }\r
   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf\r
 \r
@@ -993,25 +1111,17 @@
 !endif\r
 \r
   #\r
-  # TPM support\r
+  # Cc Measurement Protocol for Td guest\r
   #\r
-!if $(TPM_ENABLE) == TRUE\r
-  SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {\r
+!if $(CC_MEASUREMENT_ENABLE) == TRUE\r
+  SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf {\r
     <LibraryClasses>\r
-      Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf\r
-      NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf\r
-      HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf\r
+      HashLib|SecurityPkg/Library/HashLibTdx/HashLibTdx.inf\r
       NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf\r
-      NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf\r
-  }\r
-!if $(TPM_CONFIG_ENABLE) == TRUE\r
-  SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf\r
-!endif\r
-  SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {\r
-    <LibraryClasses>\r
-      Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf\r
   }\r
 !endif\r
+\r
+  #\r
+  # TPM support\r
+  #\r
+!include OvmfPkg/Include/Dsc/OvmfTpmComponentsDxe.dsc.inc\r
EFI Development Kit II mirror for PVE