OvmfPkg: move tcg configuration to dsc and fdf include files
With this in place the tpm configuration is not duplicated for each of our four ovmf config variants (ia32, ia32x64, x64, amdsev) and it is easier to keep them all in sync when updating the tpm configuration. No functional change. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
This commit is contained in:
Gerd Hoffmann
committed by
mergify[bot]
mergify[bot]
parent
3a72ec71cd
commit
b47575801e
@@ -32,8 +32,8 @@
|
||||
DEFINE SECURE_BOOT_ENABLE = FALSE
|
||||
DEFINE SMM_REQUIRE = FALSE
|
||||
DEFINE SOURCE_DEBUG_ENABLE = FALSE
|
||||
DEFINE TPM_ENABLE = FALSE
|
||||
DEFINE TPM_CONFIG_ENABLE = FALSE
|
||||
|
||||
!include OvmfPkg/OvmfTpmDefines.dsc.inc
|
||||
|
||||
#
|
||||
# Network definition
|
||||
@@ -233,16 +233,7 @@
|
||||
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
|
||||
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
|
||||
|
||||
!if $(TPM_ENABLE) == TRUE
|
||||
Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
|
||||
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
|
||||
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
|
||||
Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
|
||||
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
|
||||
!else
|
||||
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
|
||||
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
|
||||
!endif
|
||||
!include OvmfPkg/OvmfTpmLibs.dsc.inc
|
||||
|
||||
[LibraryClasses.common]
|
||||
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
|
||||
@@ -314,11 +305,7 @@
|
||||
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
|
||||
QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
|
||||
|
||||
!if $(TPM_ENABLE) == TRUE
|
||||
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
|
||||
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
||||
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
|
||||
!endif
|
||||
!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc
|
||||
|
||||
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
|
||||
|
||||
@@ -406,10 +393,8 @@
|
||||
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
|
||||
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
|
||||
QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
|
||||
!if $(TPM_ENABLE) == TRUE
|
||||
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
|
||||
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
|
||||
!endif
|
||||
|
||||
!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc
|
||||
|
||||
[LibraryClasses.common.UEFI_APPLICATION]
|
||||
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
|
||||
@@ -657,9 +642,7 @@
|
||||
|
||||
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
|
||||
|
||||
!if $(TPM_ENABLE) == TRUE
|
||||
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
|
||||
!endif
|
||||
!include OvmfPkg/OvmfTpmPcds.dsc.inc
|
||||
|
||||
# Set ConfidentialComputing defaults
|
||||
gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
|
||||
@@ -670,10 +653,7 @@
|
||||
gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01
|
||||
|
||||
[PcdsDynamicHii]
|
||||
!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE
|
||||
gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
|
||||
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
|
||||
!endif
|
||||
!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc
|
||||
|
||||
################################################################################
|
||||
#
|
||||
@@ -723,24 +703,7 @@
|
||||
!endif
|
||||
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
||||
|
||||
!if $(TPM_ENABLE) == TRUE
|
||||
OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
||||
OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
||||
SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
||||
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
|
||||
<LibraryClasses>
|
||||
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
||||
}
|
||||
SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf {
|
||||
<LibraryClasses>
|
||||
TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
||||
}
|
||||
!endif
|
||||
!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc
|
||||
|
||||
[Components.X64]
|
||||
#
|
||||
@@ -766,10 +729,7 @@
|
||||
!if $(SECURE_BOOT_ENABLE) == TRUE
|
||||
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
|
||||
!endif
|
||||
!if $(TPM_ENABLE) == TRUE
|
||||
NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
||||
NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
|
||||
!endif
|
||||
!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc
|
||||
}
|
||||
|
||||
MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
|
||||
@@ -1042,27 +1002,4 @@
|
||||
#
|
||||
# TPM support
|
||||
#
|
||||
!if $(TPM_ENABLE) == TRUE
|
||||
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
|
||||
<LibraryClasses>
|
||||
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
|
||||
NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
|
||||
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
||||
NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
||||
}
|
||||
!if $(TPM_CONFIG_ENABLE) == TRUE
|
||||
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
||||
!endif
|
||||
SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
|
||||
<LibraryClasses>
|
||||
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
||||
}
|
||||
SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf {
|
||||
<LibraryClasses>
|
||||
TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
||||
}
|
||||
!endif
|
||||
!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
|
||||
|
||||
Reference in New Issue
Block a user