https://bugzilla.tianocore.org/show_bug.cgi?id=2420
Based on the following package with changes to merge into
CryptoPkg.
https://github.com/microsoft/mu_plus/tree/dev/201908/SharedCryptoPkg
Add Crypto library instances and modules that consume/produce
the EDK II Crypto Protocols/PPIs to the CryptoPkg DSC file.
The default build of CryptoPkg performs a package verification
build.
The CRYPTO_SERVICES define is added that supports the following
settings.
* PACKAGE - Package verification build of all components. Null
versions of libraries are used to minimize build times.
* ALL - Build PEIM, DXE, and SMM drivers. Protocols and PPIs
publish all services.
* NONE - Build PEIM, DXE, and SMM drivers. Protocols and PPIs
publish no services. Used to verify compiler/linker
optimizations are working correctly.
* MIN_PEI - Build PEIM with PPI that publishes minimum required
services.
* MIN_DXE_MIN_SMM - Build DXE and SMM drivers with Protocols that publish
minimum required services.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
---
CryptoPkg/CryptoPkg.dsc | 209 +++++++++++++++++++++++++++++++++++-----
1 file changed, 183 insertions(+), 26 deletions(-)
diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index ec43c1f0a4..72324fe75f 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -1,7 +1,8 @@
## @file
# Cryptographic Library Package for UEFI Security Implementation.
+# PEIM, DXE Driver, and SMM Driver with all crypto services enabled.
#
-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -21,6 +22,28 @@ [Defines]
BUILD_TARGETS = DEBUG|RELEASE|NOOPT
SKUID_IDENTIFIER = DEFAULT
+ #
+ # Flavor of PEI, DXE, SMM modules to build.
+ # Must be one of ALL, NONE, MIN_PEI, MIN_DXE_MIN_SMM.
+ # Default is ALL that is used for package build verification.
+ # PACKAGE - Package verification build of all components. Null
+ # versions of libraries are used to minimize build times.
+ # ALL - Build PEIM, DXE, and SMM drivers. Protocols and PPIs
+ # publish all services.
+ # NONE - Build PEIM, DXE, and SMM drivers. Protocols and PPIs
+ # publish no services. Used to verify compiler/linker
+ # optimizations are working correctly.
+ # MIN_PEI - Build PEIM with PPI that publishes minimum required
+ # services.
+ # MIN_DXE_MIN_SMM - Build DXE and SMM drivers with Protocols that publish
+ # minimum required services.
+ #
+ DEFINE CRYPTO_SERVICES = PACKAGE
+!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_PEI MIN_DXE_MIN_SMM"
+!else
+ !error CRYPTO_SERVICES must be set to one of PACKAGE ALL NONE MIN_PEI MIN_DXE_MIN_SMM.
+!endif
+
################################################################################
#
# Library Class section - list of all Library Classes needed by this Platform.
@@ -29,21 +52,12 @@ [Defines]
[LibraryClasses]
BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
- MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
- DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
- PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
- UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
- DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
- UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
- UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
- UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
-
- IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
- OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
+ TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
[LibraryClasses.ARM, LibraryClasses.AARCH64]
#
@@ -57,41 +71,140 @@ [LibraryClasses.ARM, LibraryClasses.AARCH64]
# Add support for stack protector
NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
+[LibraryClasses.common.PEIM]
+ PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
+ MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
+ PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf
+ PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
+ HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
+
+[LibraryClasses.common.DXE_SMM_DRIVER]
+ SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
+ MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
+
+!if $(CRYPTO_SERVICES) IN "ALL NONE MIN_PEI MIN_DXE_MIN_SMM"
+[LibraryClasses]
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
+ DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebugLibReportStatusCode.inf
+ DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
+ OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
+ PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
+ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
+ UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf #???
+ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf #???
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
+
[LibraryClasses.ARM]
ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
[LibraryClasses.common.PEIM]
+ PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+ TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
+
+[LibraryClasses.IA32.PEIM, LibraryClasses.X64.PEIM]
+ PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
+
+[LibraryClasses.ARM.PEIM, LibraryClasses.AARCH64.PEIM]
+ PeiServicesTablePointerLib|ArmPkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf
[LibraryClasses.common.DXE_DRIVER]
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-
-[LibraryClasses.common.DXE_RUNTIME_DRIVER]
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+ TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
[LibraryClasses.common.DXE_SMM_DRIVER]
+ ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmReportStatusCodeLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
-
-[LibraryClasses.common.UEFI_DRIVER]
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-
-[LibraryClasses.common.UEFI_APPLICATION]
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
+!endif
################################################################################
#
# Pcd Section - list of all EDK II PCD Entries defined by this Platform
#
################################################################################
-[PcdsFeatureFlag]
- gEfiMdePkgTokenSpaceGuid.PcdComponentName2Disable|TRUE
- gEfiMdePkgTokenSpaceGuid.PcdDriverDiagnostics2Disable|TRUE
-
[PcdsFixedAtBuild]
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0f
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000000
gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x06
+!if $(CRYPTO_SERVICES) IN "PACKAGE ALL"
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacMd5.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md4.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+!endif
+
+!if $(CRYPTO_SERVICES) == MIN_PEI
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkcs1Verify | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Free | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.SetKey | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs5HashPassword | TRUE
+!endif
+
+!if $(CRYPTO_SERVICES) == MIN_DXE_MIN_SMM
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs1v2Encrypt | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs5HashPassword | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs7Verify | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.VerifyEKUsInPkcs7Signature | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs7GetSigners | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs7FreeSigners | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.AuthenticodeVerify | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkcs1Verify | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Free | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.SetKey | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.GetPublicKeyFromX509 | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.HashAll | FALSE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.GetSubjectName | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.GetCommonName | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.GetOrganizationName | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.GetTBSCert | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Init | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcEncrypt | TRUE
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcDecrypt | TRUE
+!endif
+
###################################################################################################
#
# Components Section - list of the modules and components that will be processed by compilation
@@ -110,9 +223,11 @@ [PcdsFixedAtBuild]
# generated for it, but the binary will not be put into any firmware volume.
#
###################################################################################################
+!if $(CRYPTO_SERVICES) == PACKAGE
[Components]
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+ CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
@@ -121,8 +236,50 @@ [Components]
CryptoPkg/Library/OpensslLib/OpensslLib.inf
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+ CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf
+ CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf
+ CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf
+!endif
+
+!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_PEI"
+[Components.IA32, Components.X64, Components.ARM, Components.AARCH64]
+ CryptoPkg/Driver/CryptoPei.inf {
+ <Defines>
+ !if $(CRYPTO_SERVICES) == ALL
+ FILE_GUID = 8DF53C2E-3380-495F-A8B7-370CFE28E1C6
+ !elseif $(CRYPTO_SERVICES) == NONE
+ FILE_GUID = E5A97EE3-71CC-407F-9DA9-6BE0C8A6C7DF
+ !elseif $(CRYPTO_SERVICES) == MIN_PEI
+ FILE_GUID = 0F5827A9-35FD-4F41-8D38-9BAFCE594D31
+ !endif
+ }
+!endif
+
+!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_DXE_MIN_SMM"
+[Components.IA32, Components.X64, Components.AARCH64]
+ CryptoPkg/Driver/CryptoDxe.inf {
+ <Defines>
+ !if $(CRYPTO_SERVICES) == ALL
+ FILE_GUID = D9444B06-060D-42C5-9344-F04707BE0169
+ !elseif $(CRYPTO_SERVICES) == NONE
+ FILE_GUID = C7A340F4-A6CC-4F95-A2DA-42BEA4C3944A
+ !elseif $(CRYPTO_SERVICES) == MIN_DXE_MIN_SMM
+ FILE_GUID = DDF5BE9E-159A-4B77-B6D7-82B84B5763A2
+ !endif
+ }
+
[Components.IA32, Components.X64]
- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+ CryptoPkg/Driver/CryptoSmm.inf {
+ <Defines>
+ !if $(CRYPTO_SERVICES) == ALL
+ FILE_GUID = A3542CE8-77F7-49DC-A834-45D37D2EC1FA
+ !elseif $(CRYPTO_SERVICES) == NONE
+ FILE_GUID = 6DCB3127-01E7-4131-A487-DC77A965A541
+ !elseif $(CRYPTO_SERVICES) == MIN_DXE_MIN_SMM
+ FILE_GUID = 85F7EA15-3A2B-474A-8875-180542CD6BF3
+ !endif
+ }
+!endif
[BuildOptions]
*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
--
2.21.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#53558): https://edk2.groups.io/g/devel/message/53558
Mute This Topic: https://groups.io/mt/70266455/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Regards,
Jian
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Thursday, January 30, 2020 3:01 PM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Subject: [Patch 5/5] CryptoPkg/CryptoPkg.dsc: Add build of Crypto
> libraries/modules
>
> https://bugzilla.tianocore.org/show_bug.cgi?id=2420
>
> Based on the following package with changes to merge into
> CryptoPkg.
>
> https://github.com/microsoft/mu_plus/tree/dev/201908/SharedCryptoPkg
>
> Add Crypto library instances and modules that consume/produce
> the EDK II Crypto Protocols/PPIs to the CryptoPkg DSC file.
>
> The default build of CryptoPkg performs a package verification
> build.
>
> The CRYPTO_SERVICES define is added that supports the following
> settings.
>
> * PACKAGE - Package verification build of all components. Null
> versions of libraries are used to minimize build times.
> * ALL - Build PEIM, DXE, and SMM drivers. Protocols and PPIs
> publish all services.
> * NONE - Build PEIM, DXE, and SMM drivers. Protocols and PPIs
> publish no services. Used to verify compiler/linker
> optimizations are working correctly.
> * MIN_PEI - Build PEIM with PPI that publishes minimum required
> services.
> * MIN_DXE_MIN_SMM - Build DXE and SMM drivers with Protocols that publish
> minimum required services.
>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
> ---
> CryptoPkg/CryptoPkg.dsc | 209 +++++++++++++++++++++++++++++++++++-----
> 1 file changed, 183 insertions(+), 26 deletions(-)
>
> diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
> index ec43c1f0a4..72324fe75f 100644
> --- a/CryptoPkg/CryptoPkg.dsc
> +++ b/CryptoPkg/CryptoPkg.dsc
> @@ -1,7 +1,8 @@
> ## @file
> # Cryptographic Library Package for UEFI Security Implementation.
> +# PEIM, DXE Driver, and SMM Driver with all crypto services enabled.
> #
> -# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
> #
> ##
> @@ -21,6 +22,28 @@ [Defines]
> BUILD_TARGETS = DEBUG|RELEASE|NOOPT
> SKUID_IDENTIFIER = DEFAULT
>
> + #
> + # Flavor of PEI, DXE, SMM modules to build.
> + # Must be one of ALL, NONE, MIN_PEI, MIN_DXE_MIN_SMM.
> + # Default is ALL that is used for package build verification.
> + # PACKAGE - Package verification build of all components. Null
> + # versions of libraries are used to minimize build times.
> + # ALL - Build PEIM, DXE, and SMM drivers. Protocols and PPIs
> + # publish all services.
> + # NONE - Build PEIM, DXE, and SMM drivers. Protocols and PPIs
> + # publish no services. Used to verify compiler/linker
> + # optimizations are working correctly.
> + # MIN_PEI - Build PEIM with PPI that publishes minimum required
> + # services.
> + # MIN_DXE_MIN_SMM - Build DXE and SMM drivers with Protocols that
> publish
> + # minimum required services.
> + #
> + DEFINE CRYPTO_SERVICES = PACKAGE
> +!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_PEI
> MIN_DXE_MIN_SMM"
> +!else
> + !error CRYPTO_SERVICES must be set to one of PACKAGE ALL NONE MIN_PEI
> MIN_DXE_MIN_SMM.
> +!endif
> +
>
> #################################################################
> ###############
> #
> # Library Class section - list of all Library Classes needed by this Platform.
> @@ -29,21 +52,12 @@ [Defines]
> [LibraryClasses]
> BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
> BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
> -
> MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryA
> llocationLib.inf
> PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
> -
> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDe
> bugPrintErrorLevelLib.inf
> - PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
> - UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
> - DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
>
> UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootS
> ervicesTableLib.inf
> -
> UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/Ue
> fiRuntimeServicesTableLib.inf
> - UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
>
> UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoin
> t.inf
> -
> UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiAppli
> cationEntryPoint.inf
> -
> - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
>
> [LibraryClasses.ARM, LibraryClasses.AARCH64]
> #
> @@ -57,41 +71,140 @@ [LibraryClasses.ARM, LibraryClasses.AARCH64]
> # Add support for stack protector
> NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
>
> +[LibraryClasses.common.PEIM]
> + PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
> +
> MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllo
> cationLib.inf
> +
> PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiServi
> cesTablePointerLib.inf
> + PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
> + HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
> +
> +[LibraryClasses.common.DXE_SMM_DRIVER]
> +
> SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTable
> Lib.inf
> +
> MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemory
> AllocationLib.inf
> +
> +!if $(CRYPTO_SERVICES) IN "ALL NONE MIN_PEI MIN_DXE_MIN_SMM"
> +[LibraryClasses]
> +
> MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryA
> llocationLib.inf
> +
> DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDe
> bugLibReportStatusCode.inf
> +
> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDe
> bugPrintErrorLevelLib.inf
> +
> OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/
> OemHookStatusCodeLibNull.inf
> + PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
> + DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> +
> TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat
> e.inf
> +
> UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/Ue
> fiRuntimeServicesTableLib.inf #???
> + IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
> #???
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> +
> [LibraryClasses.ARM]
> ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
>
> [LibraryClasses.common.PEIM]
> + PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
> +
> ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiRepo
> rtStatusCodeLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
> +
> +[LibraryClasses.IA32.PEIM, LibraryClasses.X64.PEIM]
> +
> PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiSe
> rvicesTablePointerLibIdt.inf
> +
> +[LibraryClasses.ARM.PEIM, LibraryClasses.AARCH64.PEIM]
> +
> PeiServicesTablePointerLib|ArmPkg/Library/PeiServicesTablePointerLib/PeiServi
> cesTablePointerLib.inf
>
> [LibraryClasses.common.DXE_DRIVER]
> +
> ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRep
> ortStatusCodeLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> -
> -[LibraryClasses.common.DXE_RUNTIME_DRIVER]
> - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
>
> [LibraryClasses.common.DXE_SMM_DRIVER]
> +
> ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmR
> eportStatusCodeLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> -
> -[LibraryClasses.common.UEFI_DRIVER]
> - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> -
> -[LibraryClasses.common.UEFI_APPLICATION]
> - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
> +!endif
>
>
> #################################################################
> ###############
> #
> # Pcd Section - list of all EDK II PCD Entries defined by this Platform
> #
>
> #################################################################
> ###############
> -[PcdsFeatureFlag]
> - gEfiMdePkgTokenSpaceGuid.PcdComponentName2Disable|TRUE
> - gEfiMdePkgTokenSpaceGuid.PcdDriverDiagnostics2Disable|TRUE
> -
> [PcdsFixedAtBuild]
> gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0f
> gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000000
> gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x06
>
> +!if $(CRYPTO_SERVICES) IN "PACKAGE ALL"
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacMd5.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fam
> ily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md4.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family |
> PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +!endif
> +
> +!if $(CRYPTO_SERVICES) == MIN_PEI
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fam
> ily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkcs
> 1Verify | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New
> | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Free
> | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.SetK
> ey | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkc
> s5HashPassword | TRUE
> +!endif
> +
> +!if $(CRYPTO_SERVICES) == MIN_DXE_MIN_SMM
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fam
> ily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkc
> s1v2Encrypt | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkc
> s5HashPassword | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkc
> s7Verify | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Veri
> fyEKUsInPkcs7Signature | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkc
> s7GetSigners | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkc
> s7FreeSigners | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Aut
> henticodeVerify | TRUE
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkcs
> 1Verify | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New
> | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Free
> | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.SetK
> ey | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.GetP
> ublicKeyFromX509 | TRUE
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.
> HashAll | FALSE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.Get
> SubjectName | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.Get
> CommonName | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.Get
> OrganizationName | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.Get
> TBSCert | TRUE
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family
> | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Init
> | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcE
> ncrypt | TRUE
> +
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cbc
> Decrypt | TRUE
> +!endif
> +
>
> #################################################################
> ##################################
> #
> # Components Section - list of the modules and components that will be
> processed by compilation
> @@ -110,9 +223,11 @@ [PcdsFixedAtBuild]
> # generated for it, but the binary will not be put into any firmware volume.
> #
>
> #################################################################
> ##################################
> +!if $(CRYPTO_SERVICES) == PACKAGE
> [Components]
> CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> + CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> @@ -121,8 +236,50 @@ [Components]
> CryptoPkg/Library/OpensslLib/OpensslLib.inf
> CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>
> + CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf
> + CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf
> + CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf
> +!endif
> +
> +!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_PEI"
> +[Components.IA32, Components.X64, Components.ARM,
> Components.AARCH64]
> + CryptoPkg/Driver/CryptoPei.inf {
> + <Defines>
> + !if $(CRYPTO_SERVICES) == ALL
> + FILE_GUID = 8DF53C2E-3380-495F-A8B7-370CFE28E1C6
> + !elseif $(CRYPTO_SERVICES) == NONE
> + FILE_GUID = E5A97EE3-71CC-407F-9DA9-6BE0C8A6C7DF
> + !elseif $(CRYPTO_SERVICES) == MIN_PEI
> + FILE_GUID = 0F5827A9-35FD-4F41-8D38-9BAFCE594D31
> + !endif
> + }
> +!endif
> +
> +!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_DXE_MIN_SMM"
> +[Components.IA32, Components.X64, Components.AARCH64]
> + CryptoPkg/Driver/CryptoDxe.inf {
> + <Defines>
> + !if $(CRYPTO_SERVICES) == ALL
> + FILE_GUID = D9444B06-060D-42C5-9344-F04707BE0169
> + !elseif $(CRYPTO_SERVICES) == NONE
> + FILE_GUID = C7A340F4-A6CC-4F95-A2DA-42BEA4C3944A
> + !elseif $(CRYPTO_SERVICES) == MIN_DXE_MIN_SMM
> + FILE_GUID = DDF5BE9E-159A-4B77-B6D7-82B84B5763A2
> + !endif
> + }
> +
> [Components.IA32, Components.X64]
> - CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> + CryptoPkg/Driver/CryptoSmm.inf {
> + <Defines>
> + !if $(CRYPTO_SERVICES) == ALL
> + FILE_GUID = A3542CE8-77F7-49DC-A834-45D37D2EC1FA
> + !elseif $(CRYPTO_SERVICES) == NONE
> + FILE_GUID = 6DCB3127-01E7-4131-A487-DC77A965A541
> + !elseif $(CRYPTO_SERVICES) == MIN_DXE_MIN_SMM
> + FILE_GUID = 85F7EA15-3A2B-474A-8875-180542CD6BF3
> + !endif
> + }
> +!endif
>
> [BuildOptions]
> *_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
> --
> 2.21.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#53715): https://edk2.groups.io/g/devel/message/53715
Mute This Topic: https://groups.io/mt/70266455/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2026 Red Hat, Inc.