Re: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform

["Ni, Ruiyu" <ruiyu.ni@intel.com>]

Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

Thanks/Ray

> -----Original Message-----
> From: Wu, Jiaxin
> Sent: Wednesday, December 14, 2016 4:05 PM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin <qin.long@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>; Ye, Ting
> <ting.ye@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Zhang, Lubo
> <lubo.zhang@intel.com>; Thomas Palmer <thomas.palmer@hpe.com>; Yao,
> Jiewen <jiewen.yao@intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>
> Subject: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32
> platform
> 
> v2:
> * Rename flag: HTTPS_BOOT_ENABLE -> TLS_ENABLE
> 
> This path is used to enable HTTPS boot feature for Nt32 platform.
> 
> Cc: Long Qin <qin.long@intel.com>
> Cc: Ni Ruiyu <ruiyu.ni@intel.com>
> Cc: Ye Ting <ting.ye@intel.com>
> Cc: Fu Siyuan <siyuan.fu@intel.com>
> Cc: Zhang Lubo <lubo.zhang@intel.com>
> Cc: Thomas Palmer <thomas.palmer@hpe.com>
> Cc: Yao Jiewen <jiewen.yao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
> ---
>  Nt32Pkg/Nt32Pkg.dsc | 15 ++++++++++++++-  Nt32Pkg/Nt32Pkg.fdf |  4
> ++++
>  2 files changed, 18 insertions(+), 1 deletion(-)
> 
> diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index
> 79ab2f7..0a59e46 100644
> --- a/Nt32Pkg/Nt32Pkg.dsc
> +++ b/Nt32Pkg/Nt32Pkg.dsc
> @@ -43,10 +43,17 @@
>    #
>    # Defines for default states.  These can be changed on the command line.
>    # -D FLAG=VALUE
>    #
>    DEFINE SECURE_BOOT_ENABLE      = FALSE
> +
> +  #
> +  # This flag is to enable or disable TLS feature.
> +  # These can be changed on the command line.
> +  # -D FLAG=VALUE
> +  #
> +  DEFINE TLS_ENABLE      = TRUE
> 
> 
> ##########################################################
> ######################
>  #
>  # SKU Identification section - list of all SKU IDs supported by this
>  #                              Platform.
> @@ -189,10 +196,11 @@
> 
> OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/
> DxeNt32OemHookStatusCodeLib.inf
> 
> PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt
> 32PeCoffExtraActionLib.inf
> 
> ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeE
> xtractGuidedSectionLib.inf
>    WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +  TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
> 
>  [LibraryClasses.common.DXE_CORE]
>    HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
> 
> MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLi
> b/DxeCoreMemoryAllocationLib.inf
>    PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> @@ -232,11 +240,11 @@
>    gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x1f
> 
> gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareVolume|L"..\\Fv\\Nt32.fd"
>    gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareBlockSize|0x10000
>    gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f
> 
> gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationC
> hange|FALSE
> -!if $(SECURE_BOOT_ENABLE) == TRUE
> +!if $(SECURE_BOOT_ENABLE) == TRUE || $(TLS_ENABLE) == TRUE
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
>  !endif
> 
>  !ifndef $(USE_OLD_SHELL)
>    gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5,
> 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0xB4,
> 0xD1 } @@ -437,10 +445,15 @@
> 
>    NetworkPkg/HttpBootDxe/HttpBootDxe.inf
>    NetworkPkg/DnsDxe/DnsDxe.inf
>    NetworkPkg/HttpDxe/HttpDxe.inf
>    NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
> +
> +!if $(TLS_ENABLE) == TRUE
> +  NetworkPkg/TlsDxe/TlsDxe.inf
> +  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
> +!endif
> 
>    MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
>    MdeModulePkg/Application/UiApp/UiApp.inf{
>      <LibraryClasses>
> 
> NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
> diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index
> cf00a13..c198d73 100644
> --- a/Nt32Pkg/Nt32Pkg.fdf
> +++ b/Nt32Pkg/Nt32Pkg.fdf
> @@ -260,10 +260,14 @@ INF
> MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf
>  INF  MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf
>  INF  NetworkPkg/HttpBootDxe/HttpBootDxe.inf
>  INF  NetworkPkg/DnsDxe/DnsDxe.inf
>  INF  NetworkPkg/HttpDxe/HttpDxe.inf
>  INF  NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
> +!if $(TLS_ENABLE) == TRUE
> +INF  NetworkPkg/TlsDxe/TlsDxe.inf
> +INF  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
> +!endif
>  INF
> MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuAp
> p.inf
> 
> ##########################################################
> ######################
>  #
>  # FILE statements are provided so that a platform integrator can include  #
> complete EFI FFS files, as well as a method for constructing FFS files
> --
> 1.9.5.msysgit.1