From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2503281C75 for ; Tue, 13 Dec 2016 23:34:49 -0800 (PST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP; 13 Dec 2016 23:34:48 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,345,1477983600"; d="scan'208";a="1098918607" Received: from jiaxinwu-mobl2.ccr.corp.intel.com ([10.239.196.26]) by fmsmga002.fm.intel.com with ESMTP; 13 Dec 2016 23:34:46 -0800 From: Jiaxin Wu To: edk2-devel@lists.01.org Cc: Long Qin , Ni Ruiyu , Ye Ting , Fu Siyuan , Zhang Lubo , Thomas Palmer , Wu Jiaxin Date: Wed, 14 Dec 2016 15:34:19 +0800 Message-Id: <1481700859-76060-11-git-send-email-jiaxin.wu@intel.com> X-Mailer: git-send-email 1.9.5.msysgit.1 In-Reply-To: <1481700859-76060-1-git-send-email-jiaxin.wu@intel.com> References: <1481700859-76060-1-git-send-email-jiaxin.wu@intel.com> Subject: [Patch 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Dec 2016 07:34:49 -0000 This path is used to enable HTTPS boot feature for Nt32 platform. Cc: Long Qin Cc: Ni Ruiyu Cc: Ye Ting Cc: Fu Siyuan Cc: Zhang Lubo Cc: Thomas Palmer Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin --- Nt32Pkg/Nt32Pkg.dsc | 15 ++++++++++++++- Nt32Pkg/Nt32Pkg.fdf | 4 ++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index 79ab2f7..07703a3 100644 --- a/Nt32Pkg/Nt32Pkg.dsc +++ b/Nt32Pkg/Nt32Pkg.dsc @@ -43,10 +43,17 @@ # # Defines for default states. These can be changed on the command line. # -D FLAG=VALUE # DEFINE SECURE_BOOT_ENABLE = FALSE + + # + # This flag is to enable or disable HTTPS boot feature. + # These can be changed on the command line. + # -D FLAG=VALUE + # + DEFINE HTTPS_BOOT_ENABLE = TRUE ################################################################################ # # SKU Identification section - list of all SKU IDs supported by this # Platform. @@ -189,10 +196,11 @@ OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/DxeNt32OemHookStatusCodeLib.inf PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt32PeCoffExtraActionLib.inf ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf [LibraryClasses.common.DXE_CORE] HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLib/DxeCoreMemoryAllocationLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf @@ -232,11 +240,11 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x1f gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareVolume|L"..\\Fv\\Nt32.fd" gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareBlockSize|0x10000 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE -!if $(SECURE_BOOT_ENABLE) == TRUE +!if $(SECURE_BOOT_ENABLE) == TRUE || $(HTTPS_BOOT_ENABLE) == TRUE gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 !endif !ifndef $(USE_OLD_SHELL) gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5, 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0xB4, 0xD1 } @@ -437,10 +445,15 @@ NetworkPkg/HttpBootDxe/HttpBootDxe.inf NetworkPkg/DnsDxe/DnsDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf + +!if $(HTTPS_BOOT_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif MdeModulePkg/Universal/BdsDxe/BdsDxe.inf MdeModulePkg/Application/UiApp/UiApp.inf{ NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index cf00a13..094ed91 100644 --- a/Nt32Pkg/Nt32Pkg.fdf +++ b/Nt32Pkg/Nt32Pkg.fdf @@ -260,10 +260,14 @@ INF MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf INF NetworkPkg/DnsDxe/DnsDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf +!if $(HTTPS_BOOT_ENABLE) == TRUE +INF NetworkPkg/TlsDxe/TlsDxe.inf +INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif INF MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf ################################################################################ # # FILE statements are provided so that a platform integrator can include # complete EFI FFS files, as well as a method for constructing FFS files -- 1.9.5.msysgit.1