From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 645E981E9C for ; Thu, 15 Dec 2016 00:16:01 -0800 (PST) Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga102.fm.intel.com with ESMTP; 15 Dec 2016 00:16:00 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,351,1477983600"; d="scan'208";a="1072306440" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by orsmga001.jf.intel.com with ESMTP; 15 Dec 2016 00:16:00 -0800 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.248.2; Thu, 15 Dec 2016 00:16:00 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.11]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.235]) with mapi id 14.03.0248.002; Thu, 15 Dec 2016 16:15:57 +0800 From: "Long, Qin" To: "Wu, Jiaxin" , "edk2-devel@lists.01.org" CC: "Ni, Ruiyu" , "Ye, Ting" , "Fu, Siyuan" , "Zhang, Lubo" , "Thomas Palmer" , "Yao, Jiewen" Thread-Topic: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform Thread-Index: AQHSVeDHLV0IR3pRo0WY9J+ZOYBm3qEIqs9A Date: Thu, 15 Dec 2016 08:15:57 +0000 Message-ID: References: <1481702685-100424-1-git-send-email-jiaxin.wu@intel.com> In-Reply-To: <1481702685-100424-1-git-send-email-jiaxin.wu@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Dec 2016 08:16:01 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Qin Long > -----Original Message----- > From: Wu, Jiaxin > Sent: Wednesday, December 14, 2016 4:05 PM > To: edk2-devel@lists.01.org > Cc: Long, Qin; Ni, Ruiyu; Ye, Ting; Fu, Siyuan; Zhang, Lubo; Thomas Palme= r; > Yao, Jiewen; Wu, Jiaxin > Subject: [PATCH v2 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 > platform >=20 > v2: > * Rename flag: HTTPS_BOOT_ENABLE -> TLS_ENABLE >=20 > This path is used to enable HTTPS boot feature for Nt32 platform. >=20 > Cc: Long Qin > Cc: Ni Ruiyu > Cc: Ye Ting > Cc: Fu Siyuan > Cc: Zhang Lubo > Cc: Thomas Palmer > Cc: Yao Jiewen > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Wu Jiaxin > --- > Nt32Pkg/Nt32Pkg.dsc | 15 ++++++++++++++- Nt32Pkg/Nt32Pkg.fdf | 4 > ++++ > 2 files changed, 18 insertions(+), 1 deletion(-) >=20 > diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index > 79ab2f7..0a59e46 100644 > --- a/Nt32Pkg/Nt32Pkg.dsc > +++ b/Nt32Pkg/Nt32Pkg.dsc > @@ -43,10 +43,17 @@ > # > # Defines for default states. These can be changed on the command lin= e. > # -D FLAG=3DVALUE > # > DEFINE SECURE_BOOT_ENABLE =3D FALSE > + > + # > + # This flag is to enable or disable TLS feature. > + # These can be changed on the command line. > + # -D FLAG=3DVALUE > + # > + DEFINE TLS_ENABLE =3D TRUE >=20 >=20 > ########################################################## > ###################### > # > # SKU Identification section - list of all SKU IDs supported by this > # Platform. > @@ -189,10 +196,11 @@ >=20 > OemHookStatusCodeLib|Nt32Pkg/Library/DxeNt32OemHookStatusCodeLib/ > DxeNt32OemHookStatusCodeLib.inf >=20 > PeCoffExtraActionLib|Nt32Pkg/Library/DxeNt32PeCoffExtraActionLib/DxeNt > 32PeCoffExtraActionLib.inf >=20 > ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeE > xtractGuidedSectionLib.inf > WinNtLib|Nt32Pkg/Library/DxeWinNtLib/DxeWinNtLib.inf > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf >=20 > [LibraryClasses.common.DXE_CORE] > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf >=20 > MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLi > b/DxeCoreMemoryAllocationLib.inf > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf > @@ -232,11 +240,11 @@ > gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x1f >=20 > gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareVolume|L"..\\Fv\\Nt32.fd" > gEfiNt32PkgTokenSpaceGuid.PcdWinNtFirmwareBlockSize|0x10000 > gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f >=20 > gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationC > hange|FALSE > -!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE > +!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE || $(TLS_ENABLE) =3D=3D TRUE > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 > !endif >=20 > !ifndef $(USE_OLD_SHELL) > gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile|{ 0x83, 0xA5, > 0x04, 0x7C, 0x3E, 0x9E, 0x1C, 0x4F, 0xAD, 0x65, 0xE0, 0x52, 0x68, 0xD0, 0= xB4, > 0xD1 } @@ -437,10 +445,15 @@ >=20 > NetworkPkg/HttpBootDxe/HttpBootDxe.inf > NetworkPkg/DnsDxe/DnsDxe.inf > NetworkPkg/HttpDxe/HttpDxe.inf > NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf > + > +!if $(TLS_ENABLE) =3D=3D TRUE > + NetworkPkg/TlsDxe/TlsDxe.inf > + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf > +!endif >=20 > MdeModulePkg/Universal/BdsDxe/BdsDxe.inf > MdeModulePkg/Application/UiApp/UiApp.inf{ > >=20 > NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf > diff --git a/Nt32Pkg/Nt32Pkg.fdf b/Nt32Pkg/Nt32Pkg.fdf index > cf00a13..c198d73 100644 > --- a/Nt32Pkg/Nt32Pkg.fdf > +++ b/Nt32Pkg/Nt32Pkg.fdf > @@ -260,10 +260,14 @@ INF > MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf > INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf > INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf > INF NetworkPkg/DnsDxe/DnsDxe.inf > INF NetworkPkg/HttpDxe/HttpDxe.inf > INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf > +!if $(TLS_ENABLE) =3D=3D TRUE > +INF NetworkPkg/TlsDxe/TlsDxe.inf > +INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf > +!endif > INF > MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuAp > p.inf >=20 > ########################################################## > ###################### > # > # FILE statements are provided so that a platform integrator can include= # > complete EFI FFS files, as well as a method for constructing FFS files > -- > 1.9.5.msysgit.1