From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 50A3B81A34 for ; Wed, 14 Dec 2016 00:18:56 -0800 (PST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga104.jf.intel.com with ESMTP; 14 Dec 2016 00:18:55 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,346,1477983600"; d="scan'208";a="1098933591" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by fmsmga002.fm.intel.com with ESMTP; 14 Dec 2016 00:18:55 -0800 Received: from fmsmsx151.amr.corp.intel.com (10.18.125.4) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 14 Dec 2016 00:18:55 -0800 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by FMSMSX151.amr.corp.intel.com (10.18.125.4) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 14 Dec 2016 00:18:55 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.11]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.77]) with mapi id 14.03.0248.002; Wed, 14 Dec 2016 16:18:51 +0800 From: "Ni, Ruiyu" To: "Wu, Jiaxin" , "edk2-devel@lists.01.org" CC: "Long, Qin" , "Ye, Ting" , "Fu, Siyuan" , "Zhang, Lubo" , "Thomas Palmer" , "Yao, Jiewen" Thread-Topic: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform Thread-Index: AQHSVeDHTi3/34C24E+JCc0yWr1hCaEHGUwA Date: Wed, 14 Dec 2016 08:18:50 +0000 Deferred-Delivery: Wed, 14 Dec 2016 08:18:00 +0000 Message-ID: <734D49CCEBEEF84792F5B80ED585239D5B83076A@SHSMSX103.ccr.corp.intel.com> References: <1481702685-100424-1-git-send-email-jiaxin.wu@intel.com> In-Reply-To: <1481702685-100424-1-git-send-email-jiaxin.wu@intel.com> Accept-Language: en-US, zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Dec 2016 08:18:56 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Ruiyu Ni Thanks/Ray > -----Original Message----- > From: Wu, Jiaxin > Sent: Wednesday, December 14, 2016 4:05 PM > To: edk2-devel@lists.01.org > Cc: Long, Qin ; Ni, Ruiyu ; Ye, T= ing > ; Fu, Siyuan ; Zhang, Lubo > ; Thomas Palmer ; Yao, > Jiewen ; Wu, Jiaxin > Subject: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 > platform >=20 > v2: > * Rename flag: HTTPS_BOOT_ENABLE -> TLS_ENABLE >=20 > This path is used to enable HTTPS boot feature for Nt32 platform. >=20 > Cc: Long Qin > Cc: Ni Ruiyu > Cc: Ye Ting > Cc: Fu Siyuan > Cc: Zhang Lubo > Cc: Thomas Palmer > Cc: Yao Jiewen > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Wu Jiaxin > --- > Nt32Pkg/Nt32Pkg.dsc | 15 ++++++++++++++- Nt32Pkg/Nt32Pkg.fdf | 4 > ++++ > 2 files changed, 18 insertions(+), 1 deletion(-) >=20 > diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index > 79ab2f7..0a59e46 100644 > --- a/Nt32Pkg/Nt32Pkg.dsc > +++ b/Nt32Pkg/Nt32Pkg.dsc > @@ -43,10 +43,17 @@ > # > # Defines for default states. These can be changed on the command lin= e. > # -D FLAG=3DVALUE > # > DEFINE SECURE_BOOT_ENABLE =3D FALSE > + > + # > + # This flag is to enable or disable TLS feature. > + # These can be changed on the command line. > + # -D FLAG=3DVALUE > + # > + DEFINE TLS_ENABLE =3D TRUE >=20 >=20 > ########################################################## > ###################### > # > # SKU Identification section - list of all SKU IDs supported by this > # Platform. > @@ -189,10 +196,11 @@ >=20 > OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/ > DxeNt32OemHookStatusCodeLib.inf >=20 > PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt > 32PeCoffExtraActionLib.inf >=20 > ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeE > xtractGuidedSectionLib.inf > WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf >=20 > [LibraryClasses.common.DXE_CORE] > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf >=20 > MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLi > b/DxeCoreMemoryAllocationLib.inf > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf > @@ -232,11 +240,11 @@ > gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x1f >=20 > gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareVolume|L"..\\Fv\\Nt32.fd" > gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareBlockSize|0x10000 > gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f >=20 > gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationC > hange|FALSE > -!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE > +!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE || $(TLS_ENABLE) =3D=3D TRUE > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 > !endif >=20 > !ifndef $(USE_OLD_SHELL) > gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5, > 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0= xB4, > 0xD1 } @@ -437,10 +445,15 @@ >=20 > NetworkPkg/HttpBootDxe/HttpBootDxe.inf > NetworkPkg/DnsDxe/DnsDxe.inf > NetworkPkg/HttpDxe/HttpDxe.inf > NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf > + > +!if $(TLS_ENABLE) =3D=3D TRUE > + NetworkPkg/TlsDxe/TlsDxe.inf > + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf > +!endif >=20 > MdeModulePkg/Universal/BdsDxe/BdsDxe.inf > MdeModulePkg/Application/UiApp/UiApp.inf{ > >=20 > NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf > diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index > cf00a13..c198d73 100644 > --- a/Nt32Pkg/Nt32Pkg.fdf > +++ b/Nt32Pkg/Nt32Pkg.fdf > @@ -260,10 +260,14 @@ INF > MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf > INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf > INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf > INF NetworkPkg/DnsDxe/DnsDxe.inf > INF NetworkPkg/HttpDxe/HttpDxe.inf > INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf > +!if $(TLS_ENABLE) =3D=3D TRUE > +INF NetworkPkg/TlsDxe/TlsDxe.inf > +INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf > +!endif > INF > MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuAp > p.inf >=20 > ########################################################## > ###################### > # > # FILE statements are provided so that a platform integrator can include= # > complete EFI FFS files, as well as a method for constructing FFS files > -- > 1.9.5.msysgit.1