## @file\r
# EFI/Framework Open Virtual Machine Firmware (OVMF) platform\r
#\r
-# Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.<BR>\r
+# Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>\r
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
# Copyright (c) Microsoft Corporation.\r
#\r
DEFINE SECURE_BOOT_ENABLE = FALSE\r
DEFINE SMM_REQUIRE = FALSE\r
DEFINE SOURCE_DEBUG_ENABLE = FALSE\r
+ DEFINE CC_MEASUREMENT_ENABLE = FALSE\r
\r
-!include OvmfPkg/OvmfTpmDefines.dsc.inc\r
+!include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc\r
+\r
+ #\r
+ # Shell can be useful for debugging but should not be enabled for production\r
+ #\r
+ DEFINE BUILD_SHELL = TRUE\r
\r
#\r
# Network definition\r
#\r
# Device drivers\r
#\r
- DEFINE PVSCSI_ENABLE = TRUE\r
- DEFINE MPT_SCSI_ENABLE = TRUE\r
+ DEFINE PVSCSI_ENABLE = FALSE\r
+ DEFINE MPT_SCSI_ENABLE = FALSE\r
DEFINE LSI_SCSI_ENABLE = FALSE\r
\r
#\r
INTEL:*_*_*_CC_FLAGS = /D TDX_GUEST_SUPPORTED\r
GCC:*_*_*_CC_FLAGS = -D TDX_GUEST_SUPPORTED\r
\r
+ #\r
+ # SECURE_BOOT_FEATURE_ENABLED\r
+ #\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+ MSFT:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED\r
+ INTEL:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED\r
+ GCC:*_*_*_CC_FLAGS = -D SECURE_BOOT_FEATURE_ENABLED\r
+!endif\r
+\r
!include NetworkPkg/NetworkBuildOptions.dsc.inc\r
\r
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]\r
\r
!if $(SMM_REQUIRE) == FALSE\r
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf\r
- CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf\r
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/DxeCcProbeLib.inf\r
!else\r
CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf\r
!endif\r
TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf\r
!endif\r
\r
+!if $(BUILD_SHELL) == TRUE\r
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf\r
+!endif\r
ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf\r
+\r
S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf\r
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf\r
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf\r
\r
-!include OvmfPkg/OvmfTpmLibs.dsc.inc\r
+!include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc\r
\r
[LibraryClasses.common]\r
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf\r
- VmgExitLib|OvmfPkg/Library/VmgExitLib/VmgExitLib.inf\r
+ CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf\r
TdxLib|MdePkg/Library/TdxLib/TdxLib.inf\r
TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf\r
\r
!else\r
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf\r
!endif\r
- VmgExitLib|OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf\r
+ CcExitLib|OvmfPkg/Library/CcExitLib/SecCcExitLib.inf\r
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf\r
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.inf\r
\r
[LibraryClasses.common.PEI_CORE]\r
HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf\r
!ifdef $(DEBUG_ON_SERIAL_PORT)\r
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf\r
!else\r
- DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf\r
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformRomDebugLibIoPort.inf\r
!endif\r
PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf\r
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.inf\r
\r
[LibraryClasses.common.PEIM]\r
HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf\r
!ifdef $(DEBUG_ON_SERIAL_PORT)\r
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf\r
!else\r
- DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf\r
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformRomDebugLibIoPort.inf\r
!endif\r
PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf\r
ResourcePublicationLib|MdePkg/Library/PeiResourcePublicationLib/PeiResourcePublicationLib.inf\r
PlatformInitLib|OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf\r
\r
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf\r
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.inf\r
\r
[LibraryClasses.common.DXE_CORE]\r
HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf\r
DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf\r
!endif\r
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf\r
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf\r
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf\r
+ NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf\r
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf\r
QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf\r
\r
gUefiCpuPkgTokenSpaceGuid.PcdCpuHotPlugSupport|TRUE\r
gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache|FALSE\r
!endif\r
+!if $(SECURE_BOOT_ENABLE) == TRUE\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdRequireSelfSignedPk|TRUE\r
+!endif\r
\r
[PcdsFixedAtBuild]\r
gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1\r
# unknown) workloads / boot paths.\r
#\r
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0x80\r
- gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0x10\r
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0x12\r
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0x80\r
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|0x100\r
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|0x100\r
\r
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00\r
\r
-!include OvmfPkg/OvmfTpmPcds.dsc.inc\r
+!include OvmfPkg/Include/Dsc/OvmfTpmPcds.dsc.inc\r
\r
# IPv4 and IPv6 PXE Boot support.\r
gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01\r
!endif\r
\r
[PcdsDynamicHii]\r
-!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc\r
+!include OvmfPkg/Include/Dsc/OvmfTpmPcdsHii.dsc.inc\r
\r
################################################################################\r
#\r
OvmfPkg/Sec/SecMain.inf {\r
<LibraryClasses>\r
NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf\r
- NULL|OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf\r
+ NULL|OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelperLib.inf\r
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf\r
}\r
\r
#\r
}\r
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf\r
\r
- OvmfPkg/PlatformPei/PlatformPei.inf\r
+ OvmfPkg/PlatformPei/PlatformPei.inf {\r
+ <LibraryClasses>\r
+ NULL|OvmfPkg/IntelTdx/TdxHelperLib/PeiTdxHelperLib.inf\r
+ }\r
UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf {\r
<LibraryClasses>\r
!if $(SMM_REQUIRE) == TRUE\r
NULL|OvmfPkg/Library/MpInitLibDepLib/PeiMpInitLibUpDepLib.inf\r
}\r
\r
-!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc\r
+!include OvmfPkg/Include/Dsc/OvmfTpmComponentsPei.dsc.inc\r
\r
#\r
# DXE Phase modules\r
<LibraryClasses>\r
!if $(SECURE_BOOT_ENABLE) == TRUE\r
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf\r
-!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc\r
!endif\r
+!include OvmfPkg/Include/Dsc/OvmfTpmSecurityStub.dsc.inc\r
}\r
\r
MdeModulePkg/Universal/EbcDxe/EbcDxe.inf\r
# Directly use DxeMpInitLib. It depends on DxeMpInitLibMpDepLib which\r
# checks the Protocol of gEfiMpInitLibMpDepProtocolGuid.\r
#\r
+ CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf\r
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf\r
NULL|OvmfPkg/Library/MpInitLibDepLib/DxeMpInitLibMpDepLib.inf\r
}\r
# Network Support\r
#\r
!include NetworkPkg/NetworkComponents.dsc.inc\r
+!include OvmfPkg/Include/Dsc/NetworkComponents.dsc.inc\r
\r
- NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {\r
- <LibraryClasses>\r
- NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf\r
- }\r
-\r
-!if $(NETWORK_TLS_ENABLE) == TRUE\r
- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {\r
- <LibraryClasses>\r
- NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf\r
- }\r
-!endif\r
OvmfPkg/VirtioNetDxe/VirtioNet.inf\r
\r
#\r
OvmfPkg/Csm/Csm16/Csm16.inf\r
!endif\r
\r
-!if $(TOOL_CHAIN_TAG) != "XCODE5"\r
+!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE\r
ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {\r
<PcdsFixedAtBuild>\r
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE\r
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE\r
}\r
!endif\r
+!if $(BUILD_SHELL) == TRUE\r
ShellPkg/Application/Shell/Shell.inf {\r
<LibraryClasses>\r
ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf\r
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE\r
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000\r
}\r
+!endif\r
\r
!if $(SECURE_BOOT_ENABLE) == TRUE\r
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf\r
#\r
OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf {\r
<LibraryClasses>\r
- VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf\r
+ CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf\r
}\r
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf\r
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {\r
}\r
!endif\r
\r
+ #\r
+ # Cc Measurement Protocol for Td guest\r
+ #\r
+!if $(CC_MEASUREMENT_ENABLE) == TRUE\r
+ SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf {\r
+ <LibraryClasses>\r
+ HashLib|SecurityPkg/Library/HashLibTdx/HashLibTdx.inf\r
+ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf\r
+ }\r
+!endif\r
+\r
#\r
# TPM support\r
#\r
-!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc\r
+!include OvmfPkg/Include/Dsc/OvmfTpmComponentsDxe.dsc.inc\r
projects / mirror_edk2.git / blobdiff