From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 6B68D82364 for ; Wed, 21 Dec 2016 23:41:03 -0800 (PST) Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga102.fm.intel.com with ESMTP; 21 Dec 2016 23:41:03 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,387,1477983600"; d="scan'208";a="915081109" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by orsmga003.jf.intel.com with ESMTP; 21 Dec 2016 23:41:02 -0800 Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 21 Dec 2016 23:41:02 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.20]) by SHSMSX101.ccr.corp.intel.com ([169.254.1.177]) with mapi id 14.03.0248.002; Thu, 22 Dec 2016 15:41:00 +0800 From: "Ye, Ting" To: "Wu, Jiaxin" , "edk2-devel@lists.01.org" CC: "Long, Qin" , "Ni, Ruiyu" , "Fu, Siyuan" , "Zhang, Lubo" , "Thomas Palmer" , "Yao, Jiewen" Thread-Topic: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform Thread-Index: AQHSVeDI8nctA4MCskudzqmviT4uNaEToajA Date: Thu, 22 Dec 2016 07:40:59 +0000 Message-ID: References: <1481702685-100424-1-git-send-email-jiaxin.wu@intel.com> In-Reply-To: <1481702685-100424-1-git-send-email-jiaxin.wu@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Dec 2016 07:41:03 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Ye Ting =20 -----Original Message----- From: Wu, Jiaxin=20 Sent: Wednesday, December 14, 2016 4:05 PM To: edk2-devel@lists.01.org Cc: Long, Qin ; Ni, Ruiyu ; Ye, Tin= g ; Fu, Siyuan ; Zhang, Lubo ; Thomas Palmer ; Yao, Jiewen ; Wu, Jiaxin Subject: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platf= orm v2: * Rename flag: HTTPS_BOOT_ENABLE -> TLS_ENABLE This path is used to enable HTTPS boot feature for Nt32 platform. Cc: Long Qin Cc: Ni Ruiyu Cc: Ye Ting Cc: Fu Siyuan Cc: Zhang Lubo Cc: Thomas Palmer Cc: Yao Jiewen Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin --- Nt32Pkg/Nt32Pkg.dsc | 15 ++++++++++++++- Nt32Pkg/Nt32Pkg.fdf | 4 ++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index 79ab2f7..0a59e= 46 100644 --- a/Nt32Pkg/Nt32Pkg.dsc +++ b/Nt32Pkg/Nt32Pkg.dsc @@ -43,10 +43,17 @@ # # Defines for default states. These can be changed on the command line. # -D FLAG=3DVALUE # DEFINE SECURE_BOOT_ENABLE =3D FALSE + =20 + # + # This flag is to enable or disable TLS feature. =20 + # These can be changed on the command line. + # -D FLAG=3DVALUE + # + DEFINE TLS_ENABLE =3D TRUE =20 ##########################################################################= ###### # # SKU Identification section - list of all SKU IDs supported by this # Platform. @@ -189,10 +196,11 @@ OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/DxeNt32= OemHookStatusCodeLib.inf PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt32= PeCoffExtraActionLib.inf ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExt= ractGuidedSectionLib.inf WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf =20 [LibraryClasses.common.DXE_CORE] HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLib/DxeC= oreMemoryAllocationLib.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf @@ -232,11 +240,11 @@ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x1f gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareVolume|L"..\\Fv\\Nt32.fd" gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareBlockSize|0x10000 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FAL= SE -!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE +!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE || $(TLS_ENABLE) =3D=3D TRUE gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 !endif =20 !ifndef $(USE_OLD_SHELL) gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5, 0x0= 4, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0xB4, = 0xD1 } @@ -437,10 +445,15 @@ =20 NetworkPkg/HttpBootDxe/HttpBootDxe.inf NetworkPkg/DnsDxe/DnsDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf + =20 +!if $(TLS_ENABLE) =3D=3D TRUE + NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif =20 MdeModulePkg/Universal/BdsDxe/BdsDxe.inf MdeModulePkg/Application/UiApp/UiApp.inf{ NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index cf00a13..c198d= 73 100644 --- a/Nt32Pkg/Nt32Pkg.fdf +++ b/Nt32Pkg/Nt32Pkg.fdf @@ -260,10 +260,14 @@ INF MdeModulePkg/Universal/Network/UefiPxeBcDxe/Uefi= PxeBcDxe.inf INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf INF NetworkPkg/DnsDxe/DnsDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf +!if $(TLS_ENABLE) =3D=3D TRUE +INF NetworkPkg/TlsDxe/TlsDxe.inf +INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif INF MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf ##########################################################################= ###### # # FILE statements are provided so that a platform integrator can include = # complete EFI FFS files, as well as a method for constructing FFS files -- 1.9.5.msysgit.1