From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiewen.yao@intel.com>
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 3A76281A33
 for <edk2-devel@lists.01.org>; Tue, 13 Dec 2016 23:45:00 -0800 (PST)
Received: from orsmga001.jf.intel.com ([10.7.209.18])
 by orsmga105.jf.intel.com with ESMTP; 13 Dec 2016 23:44:59 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.33,345,1477983600"; d="scan'208";a="1071868302"
Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201])
 by orsmga001.jf.intel.com with ESMTP; 13 Dec 2016 23:44:59 -0800
Received: from fmsmsx118.amr.corp.intel.com (10.18.116.18) by
 FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Tue, 13 Dec 2016 23:44:59 -0800
Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by
 fmsmsx118.amr.corp.intel.com (10.18.116.18) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Tue, 13 Dec 2016 23:44:59 -0800
Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.9]) by
 SHSMSX101.ccr.corp.intel.com ([169.254.1.97]) with mapi id 14.03.0248.002;
 Wed, 14 Dec 2016 15:44:57 +0800
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Wu, Jiaxin" <jiaxin.wu@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: "Ni, Ruiyu" <ruiyu.ni@intel.com>, "Ye, Ting" <ting.ye@intel.com>, "Zhang, 
 Lubo" <lubo.zhang@intel.com>, "Wu, Jiaxin" <jiaxin.wu@intel.com>, "Long,
 Qin" <qin.long@intel.com>, "Fu, Siyuan" <siyuan.fu@intel.com>
Thread-Topic: [edk2] [Patch 10/10] Nt32Pkg: Enable HTTPS boot feature for
 Nt32 platform
Thread-Index: AQHSVdykEUsGtveat0qORhCiESL+G6EHD+Gg
Date: Wed, 14 Dec 2016 07:44:56 +0000
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A8BD069@SHSMSX104.ccr.corp.intel.com>
References: <1481700859-76060-1-git-send-email-jiaxin.wu@intel.com>
 <1481700859-76060-11-git-send-email-jiaxin.wu@intel.com>
In-Reply-To: <1481700859-76060-11-git-send-email-jiaxin.wu@intel.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [Patch 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Dec 2016 07:45:00 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi Jiaxin
Thanks to contribute this.

I found below update is NOT related to HTTPS.

Can we use a better name, such as TLS_ENABLE ?

+!if $(HTTPS_BOOT_ENABLE) =3D=3D TRUE
+  NetworkPkg/TlsDxe/TlsDxe.inf
+  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
+!endif

Thank you
Yao Jiewen

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ji=
axin
> Wu
> Sent: Wednesday, December 14, 2016 3:34 PM
> To: edk2-devel@lists.01.org
> Cc: Ni, Ruiyu <ruiyu.ni@intel.com>; Ye, Ting <ting.ye@intel.com>; Zhang, =
Lubo
> <lubo.zhang@intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Long, Qin
> <qin.long@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: [edk2] [Patch 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32
> platform
>=20
> This path is used to enable HTTPS boot feature for Nt32 platform.
>=20
> Cc: Long Qin <qin.long@intel.com>
> Cc: Ni Ruiyu <ruiyu.ni@intel.com>
> Cc: Ye Ting <ting.ye@intel.com>
> Cc: Fu Siyuan <siyuan.fu@intel.com>
> Cc: Zhang Lubo <lubo.zhang@intel.com>
> Cc: Thomas Palmer <thomas.palmer@hpe.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
> ---
>  Nt32Pkg/Nt32Pkg.dsc | 15 ++++++++++++++-
>  Nt32Pkg/Nt32Pkg.fdf |  4 ++++
>  2 files changed, 18 insertions(+), 1 deletion(-)
>=20
> diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc
> index 79ab2f7..07703a3 100644
> --- a/Nt32Pkg/Nt32Pkg.dsc
> +++ b/Nt32Pkg/Nt32Pkg.dsc
> @@ -43,10 +43,17 @@
>    #
>    # Defines for default states.  These can be changed on the command lin=
e.
>    # -D FLAG=3DVALUE
>    #
>    DEFINE SECURE_BOOT_ENABLE      =3D FALSE
> +
> +  #
> +  # This flag is to enable or disable HTTPS boot feature.
> +  # These can be changed on the command line.
> +  # -D FLAG=3DVALUE
> +  #
> +  DEFINE HTTPS_BOOT_ENABLE      =3D TRUE
>=20
>=20
> #############################################################
> ###################
>  #
>  # SKU Identification section - list of all SKU IDs supported by this
>  #                              Platform.
> @@ -189,10 +196,11 @@
>=20
> OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/Dxe
> Nt32OemHookStatusCodeLib.inf
>=20
> PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt32P
> eCoffExtraActionLib.inf
>=20
> ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtr=
a
> ctGuidedSectionLib.inf
>    WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf
>    BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +  TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
>=20
>  [LibraryClasses.common.DXE_CORE]
>    HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
>=20
> MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLib/Dx
> eCoreMemoryAllocationLib.inf
>    PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> @@ -232,11 +240,11 @@
>    gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x1f
>    gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareVolume|L"..\\Fv\\Nt32.fd"
>    gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareBlockSize|0x10000
>    gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f
>=20
> gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChang
> e|FALSE
> -!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
> +!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE || $(HTTPS_BOOT_ENABLE) =3D=3D TRU=
E
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
>  !endif
>=20
>  !ifndef $(USE_OLD_SHELL)
>    gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5,
> 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0=
xB4,
> 0xD1 }
> @@ -437,10 +445,15 @@
>=20
>    NetworkPkg/HttpBootDxe/HttpBootDxe.inf
>    NetworkPkg/DnsDxe/DnsDxe.inf
>    NetworkPkg/HttpDxe/HttpDxe.inf
>    NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
> +
> +!if $(HTTPS_BOOT_ENABLE) =3D=3D TRUE
> +  NetworkPkg/TlsDxe/TlsDxe.inf
> +  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
> +!endif
>=20
>    MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
>    MdeModulePkg/Application/UiApp/UiApp.inf{
>      <LibraryClasses>
>=20
> NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
> diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf
> index cf00a13..094ed91 100644
> --- a/Nt32Pkg/Nt32Pkg.fdf
> +++ b/Nt32Pkg/Nt32Pkg.fdf
> @@ -260,10 +260,14 @@ INF
> MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf
>  INF  MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf
>  INF  NetworkPkg/HttpBootDxe/HttpBootDxe.inf
>  INF  NetworkPkg/DnsDxe/DnsDxe.inf
>  INF  NetworkPkg/HttpDxe/HttpDxe.inf
>  INF  NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
> +!if $(HTTPS_BOOT_ENABLE) =3D=3D TRUE
> +INF  NetworkPkg/TlsDxe/TlsDxe.inf
> +INF  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
> +!endif
>  INF
> MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.in
> f
>=20
> #############################################################
> ###################
>  #
>  # FILE statements are provided so that a platform integrator can include
>  # complete EFI FFS files, as well as a method for constructing FFS files
> --
> 1.9.5.msysgit.1
>=20
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel