From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web11.35943.1688983553015347582 for ; Mon, 10 Jul 2023 03:05:53 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=D7nNdRrz; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: cepingx.sun@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1688983553; x=1720519553; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=p0W8uV038bm1t1vZiQ511I49HoVdGko8HLBS6/hkdoY=; b=D7nNdRrzJFt4Y75kCWIvo/IaGX/AoLpEx6GfgtSHsYJDXpR0Pm+dB0Iy k2UkNxq8rzRcwjBvGNq2etcgXyBwjv5w+nncyv7pjc8xm2duSJXSZvVTR ILDE6tD4iLlXHxGtlgi0uF69yLlaXscFtXq6Ktrzr4qJ0qvXSUEY7PFfk iv8oMvbfRb5Ci1fHTLVIB1KhotqEECS4SsV56/i0kDA0KEr/OYE41x2y3 reb6BWWSk1B28cUWDjR+U509eBhRZpqXGuU4cbLmvS5NwyD9x4oB+ncng zp9Q8bqY9TC8gsaBb1DBcR5HUDUKyg9aBUrdwd2TI2AmxMP/1LQGQ3tg9 g==; X-IronPort-AV: E=McAfee;i="6600,9927,10766"; a="349105767" X-IronPort-AV: E=Sophos;i="6.01,194,1684825200"; d="scan'208";a="349105767" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2023 03:05:52 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10766"; a="1051305386" X-IronPort-AV: E=Sophos;i="6.01,194,1684825200"; d="scan'208";a="1051305386" Received: from cepingsx-mobl1.ccr.corp.intel.com ([10.239.49.140]) by fmsmga005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2023 03:05:49 -0700 From: "sunceping" To: devel@edk2.groups.io Cc: sunceping , Erdem Aktas , James Bottomley , Jiewen Yao , Gerd Hoffmann , Min Xu , Tom Lendacky , Michael Roth Subject: [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported Date: Mon, 10 Jul 2023 18:05:39 +0800 Message-Id: <20230710100539.13518-1-cepingx.sun@intel.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit SECURE_BOOT_FEATURE_ENABLED was dropped by the commit(92da8a154f), but the PeilessStartupLib was not updated with PcdSecureBootSupported, that made SecureBoot no longer work in IntelTdxX64. Fix this by replacing SECURE_BOOT_FEATURE_ENABLED with PcdSecureBootSupported in PeilessStartupLib. Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Gerd Hoffmann Cc: Min Xu Cc: Tom Lendacky Cc: Michael Roth Signed-off-by: Ceping Sun --- OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c | 6 +++--- OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c index 164aa2d619..1632a23177 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c @@ -82,9 +82,9 @@ InitializePlatform ( VariableStore = PlatformReserveEmuVariableNvStore (); PlatformInfoHob->PcdEmuVariableNvStoreReserved = (UINT64)(UINTN)VariableStore; - #ifdef SECURE_BOOT_FEATURE_ENABLED - PlatformInitEmuVariableNvStore (VariableStore); - #endif + if (FeaturePcdGet (PcdSecureBootSupported)) { + PlatformInitEmuVariableNvStore (VariableStore); + } if (TdIsEnabled ()) { PlatformTdxPublishRamRegions (); diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf index 7719b5031d..585d504637 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf @@ -83,3 +83,4 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## CONSUMES gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize + gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootSupported -- 2.34.1