tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

OvmfPkg: introduce -D SMM_REQUIRE and PcdSmmSmramRequire 

This build time flag and corresponding Feature PCD will control whether
OVMF supports (and, equivalently, requires) SMM/SMRAM support from QEMU.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19034 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Laszlo Ersek 2015-11-30 18:41:10 +00:00 committed by lersek
parent 8786ba4fe7
commit 1f695483e6
4 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
OvmfPkg/OvmfPkg.dec
View File

@ -117,3 +117,13 @@
gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|FALSE|BOOLEAN|3
gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderPciTranslation|TRUE|BOOLEAN|0x1c
gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderMmioTranslation|FALSE|BOOLEAN|0x1d
## This feature flag enables SMM/SMRAM support. Note that it also requires
# such support from the underlying QEMU instance; if that support is not
# present, the firmware will reject continuing after a certain point.
#
# The flag also acts as a general "security switch"; when TRUE, many
# components will change behavior, with the goal of preventing a malicious
# runtime OS from tampering with firmware structures (special memory ranges
# used by OVMF, the varstore pflash chip, LockBox etc).
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|FALSE|BOOLEAN|0x1e

4
OvmfPkg/OvmfPkgIa32.dsc
View File

@ -36,6 +36,7 @@
DEFINE SECURE_BOOT_ENABLE = FALSE
DEFINE NETWORK_IP6_ENABLE = FALSE
DEFINE HTTP_BOOT_ENABLE = FALSE
DEFINE SMM_REQUIRE = FALSE
[BuildOptions]
GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG
@ -310,6 +311,9 @@
!if $(SECURE_BOOT_ENABLE) == TRUE
gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|TRUE
!endif
!if $(SMM_REQUIRE) == TRUE
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|TRUE
!endif
[PcdsFixedAtBuild]
gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1

4
OvmfPkg/OvmfPkgIa32X64.dsc
View File

@ -36,6 +36,7 @@
DEFINE SECURE_BOOT_ENABLE = FALSE
DEFINE NETWORK_IP6_ENABLE = FALSE
DEFINE HTTP_BOOT_ENABLE = FALSE
DEFINE SMM_REQUIRE = FALSE
[BuildOptions]
GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG
@ -315,6 +316,9 @@
!if $(SECURE_BOOT_ENABLE) == TRUE
gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|TRUE
!endif
!if $(SMM_REQUIRE) == TRUE
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|TRUE
!endif
[PcdsFixedAtBuild]
gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1

4
OvmfPkg/OvmfPkgX64.dsc
View File

@ -36,6 +36,7 @@
DEFINE SECURE_BOOT_ENABLE = FALSE
DEFINE NETWORK_IP6_ENABLE = FALSE
DEFINE HTTP_BOOT_ENABLE = FALSE
DEFINE SMM_REQUIRE = FALSE
[BuildOptions]
GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG
@ -315,6 +316,9 @@
!if $(SECURE_BOOT_ENABLE) == TRUE
gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|TRUE
!endif
!if $(SMM_REQUIRE) == TRUE
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|TRUE
!endif
[PcdsFixedAtBuild]
gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1