v4: *The size of private variable required in HTTPS boot may be large than the default limitation. So, Add HTTPS_BOOT_ENABLE value check for PcdMaxVariableSize.
This path is used to enable HTTPS boot feature. Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Cc: Long Qin <qin.l...@intel.com> Cc: Ruiyu Ni <ruiyu...@intel.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin...@intel.com> --- Nt32Pkg/Nt32Pkg.dsc | 27 +++++++++++++++++---------- Nt32Pkg/Nt32Pkg.fdf | 6 +++++- 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index 87a08c0..a06b3ee 100644 --- a/Nt32Pkg/Nt32Pkg.dsc +++ b/Nt32Pkg/Nt32Pkg.dsc @@ -2,11 +2,11 @@ # EFI/Framework Emulation Platform with UEFI HII interface supported. # # The Emulation Platform can be used to debug individual modules, prior to creating # a real platform. This also provides an example for how an DSC is created. # -# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> +# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2015, Hewlett-Packard Development Company, L.P.<BR> # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License @@ -43,10 +43,17 @@ # # Defines for default states. These can be changed on the command line. # -D FLAG=VALUE # DEFINE SECURE_BOOT_ENABLE = FALSE + + # + # This flag is to enable or disable HTTPS boot feature. + # These can be changed on the command line. + # -D FLAG=VALUE + # + DEFINE HTTPS_BOOT_ENABLE = FALSE ################################################################################ # # SKU Identification section - list of all SKU IDs supported by this # Platform. @@ -132,15 +139,16 @@ DebugPrintErrorLevelLib|MdeModulePkg/Library/DxeDebugPrintErrorLevelLib/DxeDebugPrintErrorLevelLib.inf PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf LockBoxLib|MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + OpensslTlsLib|CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf !if $(SECURE_BOOT_ENABLE) == TRUE PlatformSecureLib|Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.inf - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf !else TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf @@ -174,13 +182,11 @@ OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf [LibraryClasses.common.PEIM] PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf OemHookStatusCodeLib|Nt32Pkg/Library/PeiNt32OemHookStatusCodeLib/PeiNt32OemHookStatusCodeLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf -!endif [LibraryClasses.common] # # DXE phase common # @@ -191,13 +197,12 @@ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/DxeNt32OemHookStatusCodeLib.inf PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt32PeCoffExtraActionLib.inf ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf -!endif + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf [LibraryClasses.common.DXE_CORE] HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLib/DxeCoreMemoryAllocationLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf @@ -214,13 +219,11 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] # # Runtime # -!if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf -!endif ################################################################################ # # Pcd Section - list of all EDK II PCD Entries defined by this Platform # @@ -239,11 +242,11 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x1f gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareVolume|L"..\\Fv\\Nt32.fd" gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareBlockSize|0x10000 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE -!if $(SECURE_BOOT_ENABLE) == TRUE +!if $(SECURE_BOOT_ENABLE) == TRUE || $(HTTPS_BOOT_ENABLE) == TRUE gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 !endif !ifndef $(USE_OLD_SHELL) gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5, 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0xB4, 0xD1 } @@ -443,10 +446,14 @@ NetworkPkg/HttpBootDxe/HttpBootDxe.inf NetworkPkg/DnsDxe/DnsDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf + +!if $(HTTPS_BOOT_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf +!endif MdeModulePkg/Universal/BdsDxe/BdsDxe.inf { <LibraryClasses> NULL|MdeModulePkg/Library/BmpImageDecoderLib/BmpImageDecoderLib.inf } diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index a10c12f..0372bb4 100644 --- a/Nt32Pkg/Nt32Pkg.fdf +++ b/Nt32Pkg/Nt32Pkg.fdf @@ -1,9 +1,9 @@ ## @file # This is NT32 FDF file with UEFI HII features enabled # -# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR> +# Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR> # (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -260,10 +260,14 @@ INF MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf INF NetworkPkg/DnsDxe/DnsDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf +!if $(HTTPS_BOOT_ENABLE) == TRUE +INF NetworkPkg/TlsDxe/TlsDxe.inf +!endif + ################################################################################ # # FILE statements are provided so that a platform integrator can include # complete EFI FFS files, as well as a method for constructing FFS files # using curly "{}" brace scoping. The following three FILEs are -- 1.9.5.msysgit.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel