tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

OvmfPkg: Enable secure-boot support when SECURE_BOOT_ENABLE==TRUE 

Adjust PCD settings, library mappings and driver usage
to enable secure-boot when -D SECURE_BOOT_ENABLE=TRUE
is used on the build command line.

Signed-off-by: lgrosenb
Reviewed-by: jljusten
Reviewed-by: mdkinney

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13093 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
jljusten 2012-03-09 17:38:53 +00:00
parent bdf93df856
commit 8cee3de7e9
6 changed files with 151 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
OvmfPkg/OvmfPkgIa32.dsc
View File

@ -105,7 +105,18 @@
ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf
LocalApicLib|UefiCpuPkg/Library/BaseXApicLib/BaseXApicLib.inf LocalApicLib|UefiCpuPkg/Library/BaseXApicLib/BaseXApicLib.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
!endif
[LibraryClasses.common]
!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
!endif
[LibraryClasses.common.SEC] [LibraryClasses.common.SEC]
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
@ -169,6 +180,9 @@
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
!endif
[LibraryClasses.common.UEFI_DRIVER] [LibraryClasses.common.UEFI_DRIVER]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
@ -222,7 +236,11 @@
gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10 gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6 gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32 gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32
!if $(SECURE_BOOT_ENABLE) == TRUE
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x10000
!else
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400 gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400
!endif
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000 gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000 gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000
@ -239,6 +257,13 @@
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F
!endif !endif
!if $(SECURE_BOOT_ENABLE) == TRUE
# override the default values from SecurityPkg to ensure images from all sources are verified in secure boot
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x05
gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05
gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05
!endif
!ifdef $(SOURCE_DEBUG_ENABLE) !ifdef $(SOURCE_DEBUG_ENABLE)
gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2 gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
!endif !endif
@ -309,7 +334,18 @@
} }
MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
<LibraryClasses>
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
}
!else
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
!endif
MdeModulePkg/Universal/EbcDxe/EbcDxe.inf MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
@ -451,3 +487,10 @@
} }
!endif !endif
!if $(SECURE_BOOT_ENABLE) == TRUE
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf {
<LibraryClasses>
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
}
!endif

6
OvmfPkg/OvmfPkgIa32.fdf
View File

@ -167,7 +167,11 @@ INF PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
INF OvmfPkg/BlockMmioToBlockIoDxe/BlockIo.inf INF OvmfPkg/BlockMmioToBlockIoDxe/BlockIo.inf
INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf !if $(SECURE_BOOT_ENABLE) == TRUE
INF SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf
!else
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
!endif
INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf

45
OvmfPkg/OvmfPkgIa32X64.dsc
View File

@ -106,7 +106,18 @@
ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf
LocalApicLib|UefiCpuPkg/Library/BaseXApicLib/BaseXApicLib.inf LocalApicLib|UefiCpuPkg/Library/BaseXApicLib/BaseXApicLib.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
!endif
[LibraryClasses.common]
!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
!endif
[LibraryClasses.common.SEC] [LibraryClasses.common.SEC]
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
@ -170,6 +181,9 @@
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
!endif
[LibraryClasses.common.UEFI_DRIVER] [LibraryClasses.common.UEFI_DRIVER]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
@ -223,7 +237,11 @@
gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10 gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6 gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32 gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32
!if $(SECURE_BOOT_ENABLE) == TRUE
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x10000
!else
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400 gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400
!endif
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000 gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000 gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000
@ -240,6 +258,13 @@
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F
!endif !endif
!if $(SECURE_BOOT_ENABLE) == TRUE
# override the default values from SecurityPkg to ensure images from all sources are verified in secure boot
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x05
gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05
gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05
!endif
!ifdef $(SOURCE_DEBUG_ENABLE) !ifdef $(SOURCE_DEBUG_ENABLE)
gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2 gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
!endif !endif
@ -311,7 +336,18 @@
} }
MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
<LibraryClasses>
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
}
!else
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
!endif
MdeModulePkg/Universal/EbcDxe/EbcDxe.inf MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
@ -453,3 +489,10 @@
} }
!endif !endif
!if $(SECURE_BOOT_ENABLE) == TRUE
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf {
<LibraryClasses>
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
}
!endif

8
OvmfPkg/OvmfPkgIa32X64.fdf
View File

@ -167,7 +167,13 @@ INF PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
INF OvmfPkg/BlockMmioToBlockIoDxe/BlockIo.inf INF OvmfPkg/BlockMmioToBlockIoDxe/BlockIo.inf
INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
INF SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf
!else
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
!endif
INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf

45
OvmfPkg/OvmfPkgX64.dsc
View File

@ -106,7 +106,18 @@
ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf ResetSystemLib|OvmfPkg/Library/ResetSystemLib/ResetSystemLib.inf
LocalApicLib|UefiCpuPkg/Library/BaseXApicLib/BaseXApicLib.inf LocalApicLib|UefiCpuPkg/Library/BaseXApicLib/BaseXApicLib.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
!endif
[LibraryClasses.common]
!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
!endif
[LibraryClasses.common.SEC] [LibraryClasses.common.SEC]
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
@ -170,6 +181,9 @@
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
!endif
[LibraryClasses.common.UEFI_DRIVER] [LibraryClasses.common.UEFI_DRIVER]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
@ -223,7 +237,11 @@
gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10 gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6 gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32 gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32
!if $(SECURE_BOOT_ENABLE) == TRUE
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x10000
!else
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400 gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400
!endif
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000 gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000 gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000
@ -240,6 +258,13 @@
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F
!endif !endif
!if $(SECURE_BOOT_ENABLE) == TRUE
# override the default values from SecurityPkg to ensure images from all sources are verified in secure boot
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x05
gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05
gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05
!endif
!ifdef $(SOURCE_DEBUG_ENABLE) !ifdef $(SOURCE_DEBUG_ENABLE)
gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2 gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
!endif !endif
@ -310,7 +335,18 @@
} }
MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
<LibraryClasses>
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
}
!else
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
!endif
MdeModulePkg/Universal/EbcDxe/EbcDxe.inf MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf
UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
@ -452,3 +488,10 @@
} }
!endif !endif
!if $(SECURE_BOOT_ENABLE) == TRUE
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf {
<LibraryClasses>
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
}
!endif

8
OvmfPkg/OvmfPkgX64.fdf
View File

@ -167,7 +167,13 @@ INF PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
INF OvmfPkg/BlockMmioToBlockIoDxe/BlockIo.inf INF OvmfPkg/BlockMmioToBlockIoDxe/BlockIo.inf
INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
INF SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf
!else
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
!endif
INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf