X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=OvmfPkg%2FOvmfPkgX64.fdf;h=438806fba8f1acb30f8698171636e68785ec338f;hp=b6cc3cabdd692363ec07ea60f0c160da07090bc1;hb=HEAD;hpb=bd298d75934a7a0cf6b9e2863a5e4975e9714285 diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index b6cc3cabdd..16666ba244 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -11,7 +11,7 @@ ################################################################################ [Defines] -!include OvmfPkgDefines.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfPkgDefines.fdf.inc # # Build the variable store and the firmware code as one unified flash device @@ -24,7 +24,7 @@ ErasePolarity = 1 BlockSize = $(BLOCK_SIZE) NumBlocks = $(FW_BLOCKS) -!include VarStore.fdf.inc +!include OvmfPkg/Include/Fdf/VarStore.fdf.inc $(VARS_SIZE)|$(FVMAIN_SIZE) FV = FVMAIN_COMPACT @@ -43,7 +43,7 @@ ErasePolarity = 1 BlockSize = $(BLOCK_SIZE) NumBlocks = $(VARS_BLOCKS) -!include VarStore.fdf.inc +!include OvmfPkg/Include/Fdf/VarStore.fdf.inc [FD.OVMF_CODE] BaseAddress = $(CODE_BASE_ADDRESS) @@ -62,10 +62,10 @@ FV = SECFV [FD.MEMFD] BaseAddress = $(MEMFD_BASE_ADDRESS) -Size = 0xD00000 +Size = 0xE00000 ErasePolarity = 1 BlockSize = 0x10000 -NumBlocks = 0xD0 +NumBlocks = 0xE0 0x000000|0x006000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize @@ -88,6 +88,12 @@ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvm 0x00C000|0x001000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize +0x00D000|0x001000 +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize + +0x00E000|0x001000 +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize + 0x010000|0x010000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize @@ -95,12 +101,13 @@ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.P gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize FV = PEIFV -0x100000|0xC00000 +0x100000|0xD00000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize FV = DXEFV ########################################################################################## -# Set the SEV-ES specific work area PCDs +# Set the SEV-ES specific work area PCDs (used for all forms of SEV since the +# the SEV STATUS MSR is now saved in the work area) # SET gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase = $(MEMFD_BASE_ADDRESS) + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfConfidentialComputingWorkAreaHeader SET gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize - gUefiOvmfPkgTokenSpaceGuid.PcdOvmfConfidentialComputingWorkAreaHeader @@ -179,14 +186,9 @@ INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf INF OvmfPkg/SmmAccess/SmmAccessPei.inf !endif INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf +INF FILE_GUID = $(UP_CPU_PEI_GUID) UefiCpuPkg/CpuMpPei/CpuMpPei.inf -!if $(TPM_ENABLE) == TRUE -INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf -INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf -INF SecurityPkg/Tcg/TcgPei/TcgPei.inf -INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf -INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf -!endif +!include OvmfPkg/OvmfTpmPei.fdf.inc ################################################################################ @@ -214,7 +216,13 @@ READ_LOCK_STATUS = TRUE APRIORI DXE { INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf + # AmdSevDxe must be loaded before TdxDxe. Because in SEV guest AmdSevDxe + # driver performs a MemEncryptSevClearMmioPageEncMask() call against the + # PcdPciExpressBaseAddress range to mark it shared/unencrypted. + # Otherwise #VC handler terminates the guest for trying to do MMIO to an + # encrypted region (Since the range has not been marked shared/unencrypted). INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf + INF OvmfPkg/TdxDxe/TdxDxe.inf !if $(SMM_REQUIRE) == FALSE INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf !endif @@ -232,10 +240,17 @@ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf -INF OvmfPkg/8259InterruptControllerDxe/8259.inf INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf + INF UefiCpuPkg/CpuDxe/CpuDxe.inf -INF OvmfPkg/8254TimerDxe/8254Timer.inf +INF FILE_GUID = $(UP_CPU_DXE_GUID) UefiCpuPkg/CpuDxe/CpuDxe.inf + +!ifdef $(CSM_ENABLE) + INF OvmfPkg/8259InterruptControllerDxe/8259.inf + INF OvmfPkg/8254TimerDxe/8254Timer.inf +!else + INF OvmfPkg/LocalApicTimerDxe/LocalApicTimerDxe.inf +!endif INF OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.inf INF OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf INF MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf @@ -275,7 +290,6 @@ INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf INF MdeModulePkg/Application/UiApp/UiApp.inf INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf -INF MdeModulePkg/Universal/PrintDxe/PrintDxe.inf INF MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf @@ -301,7 +315,7 @@ INF MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf INF OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf -INF OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpiPlatformDxe.inf +INF OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf INF MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf @@ -310,15 +324,19 @@ INF FatPkg/EnhancedFatDxe/Fat.inf INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf -!if $(TOOL_CHAIN_TAG) != "XCODE5" +!if $(BUILD_SHELL) == TRUE && $(TOOL_CHAIN_TAG) != "XCODE5" INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf !endif +!if $(BUILD_SHELL) == TRUE INF ShellPkg/Application/Shell/Shell.inf +!endif INF MdeModulePkg/Logo/LogoDxe.inf +INF OvmfPkg/TdxDxe/TdxDxe.inf + # # Network modules # @@ -385,17 +403,17 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf !endif # -# TPM support +# EFI_CC_MEASUREMENT_PROTOCOL # -!if $(TPM_ENABLE) == TRUE -INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf -INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf -INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf -!if $(TPM_CONFIG_ENABLE) == TRUE -INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf -!endif +!if $(CC_MEASUREMENT_ENABLE) == TRUE +INF SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf !endif +# +# TPM support +# +!include OvmfPkg/OvmfTpmDxe.fdf.inc + ################################################################################ [FV.FVMAIN_COMPACT] @@ -429,7 +447,7 @@ FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { } } -!include FvmainCompactScratchEnd.fdf.inc +!include OvmfPkg/Include/Fdf/FvmainCompactScratchEnd.fdf.inc ################################################################################