From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99872+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99872+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938421; cv=none; d=zohomail.com; s=zohoarc; b=b3N7B207eNz1v+bowLMdD2U94/JlaB07ceuzFx5QGLvpDB/xeoD0ADHX5/78TN0fU0m75606wsKRtub0gHX7WpZcIdOlFjQHhjG6uvstiXiPXEo8Fbd4pZ7EmTP7uma929EAIdhtA/w/pccA8Y/flkUG/Rrz/z4C6rej1U6AfTQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938421; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=x6J4dN9HlXtIFTnTzSfEDCOTDGC+Pw5JhSr1LElak30=; b=LXNJCacXwr0GfCunv9ixgvlBcycqTqeYyxstcj4SFluUBecYhT3FDYIQCwpo8LFDvB8VqY7WvH41ICo12tC2k1cMLYqM3AOm1kwuSKaPJdxr4vPTOmJ80dmDqdifaA6m0PEpQrM5zMjKDOAn/mpeg2EH5Ir5VKJ7pTLrGWw9/cc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99872+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938421332990.6974631569747; Thu, 9 Feb 2023 02:27:01 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 17hNYY1788612xQ53Md68DNh; Thu, 09 Feb 2023 02:27:00 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.11188.1675938418897752096 for ; Thu, 09 Feb 2023 02:26:59 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-270-NzCXyUqpNdW_EkvsjDNa1g-1; Thu, 09 Feb 2023 05:26:52 -0500 X-MC-Unique: NzCXyUqpNdW_EkvsjDNa1g-1 X-Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6A294857D07; Thu, 9 Feb 2023 10:26:51 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7CF7A18EC1; Thu, 9 Feb 2023 10:26:50 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id CF03A18000AA; Thu, 9 Feb 2023 11:26:48 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 01/10] CryptoPkg: move Driver PCD configs to include files Date: Thu, 9 Feb 2023 11:26:39 +0100 Message-Id: <20230209102648.2291743-2-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: lLZk1JzxpbKqvZVqosjM2GNvx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938420; bh=bDEfaJaahbmOvjBTLCRAdQeIXWwRmN/0JThZu1dcUO8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=Dtw/e+gALHifkA3IFtBDueAq+qtuaBvX/fRKuXypMTVYtlzh1wtc73UdumuCqqF++V2 k/htdIpcCq4tNqmeEe2ewnEgUT3P49peZyC/ilcw2Bqq5MsnNjbzjEvwLBKdsckwTIGqP GasdZGmn9Wg8gbUwKOYGTYznYzw58xJXJZI= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938422486100013 Content-Type: text/plain; charset="utf-8"; x-default="true" Makes it easier to reuse the predefined config sets in other places. Signed-off-by: Gerd Hoffmann --- .../Include/Dsc/CryptoServicePcd.all.dsc.inc | 29 +++++++ .../Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc | 35 +++++++++ .../Dsc/CryptoServicePcd.min_pei.dsc.inc | 20 +++++ CryptoPkg/CryptoPkg.dsc | 78 +------------------ 4 files changed, 87 insertions(+), 75 deletions(-) create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.= inc create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc b/CryptoPkg= /Include/Dsc/CryptoServicePcd.all.dsc.inc new file mode 100644 index 000000000000..1c3ffa461ca5 --- /dev/null +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc @@ -0,0 +1,29 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.RsaPss.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Fa= mily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc b/C= ryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc new file mode 100644 index 000000000000..aaf35e4c6061 --- /dev/null +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc @@ -0,0 +1,35 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs1v2Encrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.V= erifyEKUsInPkcs7Signature | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7GetSigners | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7FreeSigners | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.A= uthenticodeVerify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ge= tPublicKeyFromX509 | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services= .HashAll | FALSE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etSubjectName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etCommonName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etOrganizationName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etTBSCert | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Encrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Decrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc b/Crypt= oPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc new file mode 100644 index 000000000000..023c6f1d1d04 --- /dev/null +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc @@ -0,0 +1,20 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 4676193e8953..6a5fbd807a17 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -193,32 +193,7 @@ [PcdsFixedAtBuild] # !if $(CRYPTO_SERVICES) IN "ALL TARGET_UINT_TESTS" [PcdsFixedAtBuild] - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.RsaPss.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Fa= mily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY +!include CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc !endif =20 # @@ -227,23 +202,7 @@ [PcdsFixedAtBuild] # !if $(CRYPTO_SERVICES) =3D=3D MIN_PEI [PcdsFixedAtBuild] - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY +!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc !endif =20 # @@ -252,38 +211,7 @@ [PcdsFixedAtBuild] # !if $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM [PcdsFixedAtBuild] - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs1v2Encrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7Verify | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.V= erifyEKUsInPkcs7Signature | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7GetSigners | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7FreeSigners | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.A= uthenticodeVerify | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ge= tPublicKeyFromX509 | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services= .HashAll | FALSE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etSubjectName | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etCommonName | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etOrganizationName | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etTBSCert | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Encrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Decrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY +!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc !endif =20 ##########################################################################= ######################### --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99872): https://edk2.groups.io/g/devel/message/99872 Mute This Topic: https://groups.io/mt/96850390/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99869+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99869+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938420; cv=none; d=zohomail.com; s=zohoarc; b=UhF0/zP+zVtiMHg2vcL8H+amfDOJjNtdJBKqidFZkAgbthWM3jdYV+qNAgBmPTlPSLuhdxTCj+YWZxS8hd1srU/eAIIvKHIn/GVi9uRhiuet+kvC/YbQvp+IPbxYQMWvVDm8diMWTh305didwvu7WgGHrCgvfZSfUGb7tzjpUi8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938420; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=px7dc1fSLkbpDgYpvWJITB4nlyKgmyon6JWFZjJZ78w=; b=Bwls5pvGjblJvkn3Y64vH3YKEapXxStWHLMDjpIeMsKFKdCIckARMAEyQOqRcXCEmSCK4PsATevhEANC9D167qwxh+JO6idxgB5JVZvNPvuEf9YDwSn/j1x9pyA8LhrVDshCPLbAFxyKx3sVPN4UbZSqlOtsXesIvswB6q1Ewvo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99869+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938420384703.5230346649636; Thu, 9 Feb 2023 02:27:00 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id U4CtYY1788612xHaKcVBPpVc; Thu, 09 Feb 2023 02:26:59 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web10.11200.1675938417530343701 for ; Thu, 09 Feb 2023 02:26:57 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-533-Mfwh8YLMN_C3iYMrqy3BRA-1; Thu, 09 Feb 2023 05:26:53 -0500 X-MC-Unique: Mfwh8YLMN_C3iYMrqy3BRA-1 X-Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C0EFC2806046; Thu, 9 Feb 2023 10:26:52 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 75DF72026D4B; Thu, 9 Feb 2023 10:26:52 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id D36F218003B8; Thu, 9 Feb 2023 11:26:48 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 02/10] CryptoPkg: add CryptoServicePcd.hash_only.dsc.inc Date: Thu, 9 Feb 2023 11:26:40 +0100 Message-Id: <20230209102648.2291743-3-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: fPAuDINcWPUrglLT0r1OZehVx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938419; bh=saxagLBBsrXrHmDcgPi7Ie/6EP8pEc08z90tZNfJz6g=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=SAhCbeovzISFQKZucRVlR/Ji1agZwe2jXB6jjUdPSbhlDkdDbZa5IjpVtJhGaay5lei 62JKdcvBh7ks4SLI2wKiFBRV/NtNyMQa8xfWRf0p4NhLQU9voepL8rJM+XMfR4yTsEivL +stkANccHgoel9BrDwAgOmzAX8vLANH7kmU= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938422374100009 Content-Type: text/plain; charset="utf-8"; x-default="true" Contains only hash functions needed for measurements. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc b/Cry= ptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc new file mode 100644 index 000000000000..0d5402be9a1a --- /dev/null +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc @@ -0,0 +1,8 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99869): https://edk2.groups.io/g/devel/message/99869 Mute This Topic: https://groups.io/mt/96850387/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99873+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99873+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938421; cv=none; d=zohomail.com; s=zohoarc; b=DU79A+jh8Wu4qP9REM3ELWysD3LscwWYeUehbCJbtjXqM7Ivxt7yb7dLnlsK/qnts/MuuLolEu3KvvoU9A20rWmuMl0iie/YiIRKyQoP64PpJ0UJO9sVdVqJmoVHyWxfy9XR4Yq9htRPeqgUvJgNrEvI8uuVc44owghZxi4czis= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938421; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=277KSbshUTAxzCscHp2uTTUhX863Z6SG2Y1LABdWYsw=; b=T9ur+6yT/PX+3E7wkGG9utiCB9qHZKr1UO0dh5vefvd9xSSHxyj0wZ40bJhc1cnUNs8s8LpSgtX8htgS+RmkA3Z8eU1gh9T6lXRBgEIx3VRc3fDbCnDWu0VEYBzurufhgGOX6sYy24t8fbmr0Jyn2ffuxYn7cDzgyQvhIr/77jM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99873+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938421678924.1508315455205; Thu, 9 Feb 2023 02:27:01 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id HqDqYY1788612xfwU7zskhAr; Thu, 09 Feb 2023 02:27:01 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.11191.1675938419895139332 for ; Thu, 09 Feb 2023 02:27:00 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-312--aayWoeHPeS_s44riHhs7g-1; Thu, 09 Feb 2023 05:26:53 -0500 X-MC-Unique: -aayWoeHPeS_s44riHhs7g-1 X-Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2F8CD1C05144; Thu, 9 Feb 2023 10:26:53 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D6E6E2166B2A; Thu, 9 Feb 2023 10:26:52 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id D7B9718003BC; Thu, 9 Feb 2023 11:26:48 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 03/10] CryptoPkg: add TPM hashes to CryptoServicePcd.min_dxe_smm.dsc.inc Date: Thu, 9 Feb 2023 11:26:41 +0100 Message-Id: <20230209102648.2291743-4-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: Feu5r481IYWoI5ycXYJpEIrrx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938421; bh=mGvCyIsbDN8n7jsciONY15nKFM3RAXdZyXyqZZhfRPA=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=VFodPUODkXTw45yhC2Esxk0o2ymS7hHAXg2pbfLCbdITkw/BZbLJvJmpTJFKOmn2fXu 2j8aps3Ty+0M5aqaK/y2jC0pI9exDhcG0U9MJjmPt4D1fLlA4oB2RR1RSKgPRZFvpVv2V eFgzlHob+Ndrl8N4AFgXLlduf6TOQrqn0ys= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938422433100011 Content-Type: text/plain; charset="utf-8"; x-default="true" Enable Sha384 + Sha512 + Sm3. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc b/C= ryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc index aaf35e4c6061..9209b4c526a7 100644 --- a/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc @@ -18,7 +18,9 @@ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ge= tPublicKeyFromX509 | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services= .HashAll | FALSE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etSubjectName | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etCommonName | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etOrganizationName | TRUE --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99873): https://edk2.groups.io/g/devel/message/99873 Mute This Topic: https://groups.io/mt/96850391/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99879+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99879+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938431; cv=none; d=zohomail.com; s=zohoarc; b=F0K0T+W4Fkc/6btr49Fg4g6AUlJKta9cq0wL/IHTHwkOyvcuWLT1bDHb5qakU2lGjg9K/rU7GOmtQCi4925auA8K20jrCdV5qzTnKFIs03/UIjyLn4EFP6TPWbfCJafa7Zy63UB5LTHO2UCxyBZq9f/9zVxWptUbjjITfjU9SPI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938431; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=bMmt2+6Bt5jQ4RW5QFZjYf2zHArCzNZU8i1ZSmItNv0=; b=dUqbG3fJ2wG3r7RJwaCjYESlYK2ezN0clw0DiQAqQzXZ/XN/4hp2m+nSHHqNN2auKVfvpNA8VQfOW6LlXOCai/n4qbB24vcvilVd1Wf2sPziKYeok+tj+v7GKoIZZSDe6s7+GgY0Y81yWiJwKhvhVgL8WgvcciJoWkTgpH6m1NY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99879+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938431031322.4391898028132; Thu, 9 Feb 2023 02:27:11 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id e8jwYY1788612xFk1YF5Zz4M; Thu, 09 Feb 2023 02:27:10 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.11199.1675938427296300998 for ; Thu, 09 Feb 2023 02:27:07 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-408-0TG2m1iWP_G6sLbeXC7u-A-1; Thu, 09 Feb 2023 05:26:55 -0500 X-MC-Unique: 0TG2m1iWP_G6sLbeXC7u-A-1 X-Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0718F80D0E3; Thu, 9 Feb 2023 10:26:55 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 57884492C3E; Thu, 9 Feb 2023 10:26:54 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id E23A318003BF; Thu, 9 Feb 2023 11:26:48 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 04/10] OvmfPkg: add OvmfCrypto*.inc Date: Thu, 9 Feb 2023 11:26:42 +0100 Message-Id: <20230209102648.2291743-5-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: RgCBKQkUETlAQrYnU7zecIH1x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938430; bh=CcN/buxpTtuqRz9X3n0qRkfx7bT+o6eVePiiTLn1usg=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=W9uiWojSwcm+QrvnSuATcOgjxVLWhK4eTAxK7OK3l8qhprx7r3t9QlCgkvwOZGHItdt QY0ksXtR0HH2RslSG0t/9vvKs/6V8H4rZyZ7tj36LMJosZsvSH1331+hyIlndTjcuFfXA ypokc3R2RpYfVs7fur5NBvZnKFYiiyMPhHo= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938432459100038 Content-Type: text/plain; charset="utf-8"; x-default="true" Create include files for crypto support, so the configuration can be shared for all OVMF build variants. Also add support for using the Crypto Driver. The Crypto Driver is enabled by default and can be disabled by setting USE_CRYPTO_DRIVER to FALSE. The config option is intended to be temporary and will probably stay for one or two releases as fallback, then be removed. The configuration follows mostly the recommendations given in CryptoPkg/Readme.md, with some minor exceptions like only compiling TLS support in case NETWORK_TLS_ENABLE is TRUE. Signed-off-by: Gerd Hoffmann --- .../Dsc/OvmfCryptoComponentsDxe.dsc.inc | 23 ++++++++ .../Dsc/OvmfCryptoComponentsPei.dsc.inc | 19 +++++++ .../Dsc/OvmfCryptoComponentsSmm.dsc.inc | 18 ++++++ OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc | 5 ++ OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc | 57 +++++++++++++++++++ OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc | 12 ++++ OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc | 9 +++ 7 files changed, 143 insertions(+) create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc create mode 100644 OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc create mode 100644 OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc b/OvmfPkg/= Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc new file mode 100644 index 000000000000..46518cdd33a7 --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc @@ -0,0 +1,23 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# mostly following CryptoPkg/Readme.md recommendations +## + +!if $(USE_CRYPTO_DRIVER) =3D=3D TRUE + + CryptoPkg/Driver/CryptoDxe.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +!else + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +!endif + +!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc + } + +!endif diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc b/OvmfPkg/= Include/Dsc/OvmfCryptoComponentsPei.dsc.inc new file mode 100644 index 000000000000..3cfe541315ca --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc @@ -0,0 +1,19 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# mostly following CryptoPkg/Readme.md recommendations +## + +!if $(USE_CRYPTO_DRIVER) =3D=3D TRUE + + CryptoPkg/Driver/CryptoPei.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +#!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc +!include CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc + } + +!endif diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc b/OvmfPkg/= Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc new file mode 100644 index 000000000000..ca64ea8e5b26 --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc @@ -0,0 +1,18 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# mostly following CryptoPkg/Readme.md recommendations +## + +!if $(USE_CRYPTO_DRIVER) =3D=3D TRUE && $(SMM_REQUIRE) =3D=3D TRUE + + CryptoPkg/Driver/CryptoSmm.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc + } + +!endif diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc b/OvmfPkg/Includ= e/Dsc/OvmfCryptoDefines.dsc.inc new file mode 100644 index 000000000000..42934c3d3855 --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc @@ -0,0 +1,5 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + + DEFINE USE_CRYPTO_DRIVER =3D TRUE diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc b/OvmfPkg/Include/D= sc/OvmfCryptoLibs.dsc.inc new file mode 100644 index 000000000000..4f979274a61e --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc @@ -0,0 +1,57 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# mostly following CryptoPkg/Readme.md recommendations +## + +[LibraryClasses] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + +[LibraryClasses.common.SEC] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +[LibraryClasses.common.DXE_RUNTIME_DRIVER] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +!if $(USE_CRYPTO_DRIVER) =3D=3D TRUE + +[LibraryClasses.common.PEIM] + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf + TlsLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf + +[LibraryClasses.common.DXE_SMM_DRIVER] + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf + TlsLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf + +[LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.UEFI_DRIVER, Libr= aryClasses.common.UEFI_APPLICATION] + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf + TlsLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf + +!else + +[LibraryClasses.common] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +!else + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +!endif + +[LibraryClasses.common.PEIM] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +[LibraryClasses.common.DXE_SMM_DRIVER] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +!endif diff --git a/OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc b/OvmfPkg/Include= /Fdf/OvmfCryptoDxeSmm.fdf.inc new file mode 100644 index 000000000000..ad425a7acfaf --- /dev/null +++ b/OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc @@ -0,0 +1,12 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(USE_CRYPTO_DRIVER) =3D=3D TRUE + +INF CryptoPkg/Driver/CryptoDxe.inf +!if $(SMM_REQUIRE) =3D=3D TRUE +INF CryptoPkg/Driver/CryptoSmm.inf +!endif + +!endif diff --git a/OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc b/OvmfPkg/Include/Fd= f/OvmfCryptoPei.fdf.inc new file mode 100644 index 000000000000..7c357d748acb --- /dev/null +++ b/OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc @@ -0,0 +1,9 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(USE_CRYPTO_DRIVER) =3D=3D TRUE + +INF CryptoPkg/Driver/CryptoPei.inf + +!endif --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99879): https://edk2.groups.io/g/devel/message/99879 Mute This Topic: https://groups.io/mt/96850399/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99871+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99871+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938420; cv=none; d=zohomail.com; s=zohoarc; b=RxH5keSqjryGpG3WeTFWx6Lus1oBLkJS7CO7NSYdriKuhQzO2LCPznooQmRbusreBpab9cF4dmMkfzFFoF+l5pb8RciOmhOgit2DWhXEfxUPIWgd864wxMqQm/fyW4HBFXZIMmtuK/g7mClVn0Qu7c0/H6g7TvY7mJmR0cUaz8U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938420; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=JSRfCO6DIdQB7MZDzqXq/7lJVg4FbMx4bGHDWMgOmmY=; b=Iahq3Y5WoIEBi1wc4SMyNbMTcGp18qmnFp+eMSeZrgjKnn3d2tXUTFreUrX74nrA16myQG5LJMNxMJhe3OobPpCOwr3jgFnKoc/SypVUFtjABk/ARzDfA3iHAZfi3IokliOWxuYhCq19EGH6tmlkfbtcMw9U8QG8nWRRvegrhh0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99871+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938420379192.51046879965998; Thu, 9 Feb 2023 02:27:00 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id VGQQYY1788612xBWhx2IDLCN; Thu, 09 Feb 2023 02:27:00 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web10.11202.1675938418261009898 for ; Thu, 09 Feb 2023 02:26:58 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-161-qDOT2x2xMp23m-DP4EMmpw-1; Thu, 09 Feb 2023 05:26:56 -0500 X-MC-Unique: qDOT2x2xMp23m-DP4EMmpw-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 56DC01C05154; Thu, 9 Feb 2023 10:26:55 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 04969140EBF6; Thu, 9 Feb 2023 10:26:55 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id E6A511800850; Thu, 9 Feb 2023 11:26:48 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 05/10] OvmfPkg: OvmfPkgX64: use crypto includes Date: Thu, 9 Feb 2023 11:26:43 +0100 Message-Id: <20230209102648.2291743-6-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: QbejFhIw52wfegHx3MXpTQ9Lx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938420; bh=ks2t8oMju7JUErSyu4mFGUZCpdOaSnCyaLMxkfbd+KQ=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=ksN9a/pY9K9ywc7Wp4ETE0FQwHWLQSbo5/qkmbWVXfTMBvmCC5DbzdBM6ErE7XJngb4 5cNJ3PIQxYSkEIdMaoSg6ti91PSg8tkR3oWafGiMbvOh/C4fOLLBWFHLDtL+F4sjk4CEV 3DUZy2+edNq2Jfun3/0RXJ9sLCpVYF1O0nk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938422387100010 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/OvmfPkgX64.dsc | 22 +++++++++------------- OvmfPkg/OvmfPkgX64.fdf | 6 ++++++ 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index e3c64456dfef..fc5305350b2a 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -35,6 +35,7 @@ [Defines] DEFINE CC_MEASUREMENT_ENABLE =3D FALSE =20 !include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -232,12 +233,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf -!else - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -!endif RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -260,10 +255,6 @@ [LibraryClasses] # !include NetworkPkg/NetworkLibs.dsc.inc =20 -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf -!endif - !if $(BUILD_SHELL) =3D=3D TRUE ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf !endif @@ -274,9 +265,9 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc =20 [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf TdxLib|MdePkg/Library/TdxLib/TdxLib.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf @@ -385,7 +376,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -473,7 +463,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf !endif - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezv= ousLib.inf =20 @@ -974,6 +963,13 @@ [Components] =20 OvmfPkg/VirtioNetDxe/VirtioNet.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 16666ba24440..541e0df85e1d 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -189,6 +189,7 @@ [FV.PEIFV] INF FILE_GUID =3D $(UP_CPU_PEI_GUID) UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 !include OvmfPkg/OvmfTpmPei.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -414,6 +415,11 @@ [FV.DXEFV] # !include OvmfPkg/OvmfTpmDxe.fdf.inc =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.FVMAIN_COMPACT] --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99871): https://edk2.groups.io/g/devel/message/99871 Mute This Topic: https://groups.io/mt/96850389/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99874+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99874+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938424; cv=none; d=zohomail.com; s=zohoarc; b=Nmp6FMDWV/0xGgsqQUosVYhGiTLqr1xlG0CxTA4oztz+A+YyGWfS/y2ahHrFvp6UFNzSRJ7nD+9KFbQoy4o9wocX9KrZUTI3m1r8wywlQ09RE/U/1n9H4QiPzJrKT/WHNey+hpa4kbIN33wGbihwC8ppF7FW4Nzx//3hKvpv+b4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938424; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=zm9w1sX8HzGnm1/Ef0tEYscdvjPPfViEa76B57VLyIc=; b=QaNSmbVBZ9Ca4G+G+jZLRUOwfHZcJImkmkdrB3210cV4XBB+GX42TxFRaaGFJHJeHPiey17pmer21c/KMXOLzXR5h+iBQ/voLoyEFQVlgmMMcVZgrCuEjSwD2/W10GjSOFw+BRuwaxyo3QdwUcdGc/zetETOdw1Wn4ouEPtEPPE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99874+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938424880100.32059203074618; Thu, 9 Feb 2023 02:27:04 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id Am1nYY1788612x5hkg1UkhkY; Thu, 09 Feb 2023 02:27:04 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.11194.1675938423653874962 for ; Thu, 09 Feb 2023 02:27:03 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-256-zL3quABxNmKYU6iatljNAA-1; Thu, 09 Feb 2023 05:26:58 -0500 X-MC-Unique: zL3quABxNmKYU6iatljNAA-1 X-Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 30D8D85D060; Thu, 9 Feb 2023 10:26:58 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CEC121121314; Thu, 9 Feb 2023 10:26:56 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id EB2A21800923; Thu, 9 Feb 2023 11:26:48 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 06/10] OvmfPkg: OvmfPkgIa32X64: use crypto includes Date: Thu, 9 Feb 2023 11:26:44 +0100 Message-Id: <20230209102648.2291743-7-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: qsROa114ntRmAOI1x3pOBtfCx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938424; bh=/ku3z26W0oNXc+3vMdjyxhXeWwCs+PJ3XPwV5zvzcC0=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=ubxhAWOfqHQRFmhiDxz7pbM0wNBPdUv8ZiKs4A88ljI/q2fzCpJDlgcesFjX6W4XNvG yz+WYXdvJruZCCl11iu0Ge17dDgLcl2jxyQqXRYKKxzler2dpa9RD0Gr0DOAqGJuL5rSW nTpoJ/XNSZONvhD5ZzHgnEspvQVV1iKobPE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938426369100021 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/OvmfPkgIa32X64.dsc | 22 +++++++++------------- OvmfPkg/OvmfPkgIa32X64.fdf | 6 ++++++ 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 6b539814bdb0..c04f03287d87 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -34,6 +34,7 @@ [Defines] DEFINE SOURCE_DEBUG_ENABLE =3D FALSE =20 !include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -215,12 +216,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf -!else - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -!endif RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -243,10 +238,6 @@ [LibraryClasses] # !include NetworkPkg/NetworkLibs.dsc.inc =20 -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf -!endif - !if $(BUILD_SHELL) =3D=3D TRUE ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf !endif @@ -257,9 +248,9 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc =20 [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf TdxLib|MdePkg/Library/TdxLib/TdxLib.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLibNull.inf @@ -364,7 +355,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -452,7 +442,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf !endif - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezv= ousLib.inf =20 @@ -739,6 +728,7 @@ [Components.IA32] UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc =20 [Components.X64] # @@ -901,6 +891,12 @@ [Components.X64] =20 OvmfPkg/VirtioNetDxe/VirtioNet.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 4c5bd0dbc3b0..cf287303cb2c 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -173,6 +173,7 @@ [FV.PEIFV] INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 !include OvmfPkg/OvmfTpmPei.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -380,6 +381,11 @@ [FV.DXEFV] # !include OvmfPkg/OvmfTpmDxe.fdf.inc =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.FVMAIN_COMPACT] --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99874): https://edk2.groups.io/g/devel/message/99874 Mute This Topic: https://groups.io/mt/96850393/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99875+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99875+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938429; cv=none; d=zohomail.com; s=zohoarc; b=ENLiTKzWcUpmMCQOyT1E5LYkK2WT6f5wt8lyHiYHlRNZKICgGcFE7xj7RfM86/EIHEYM/lCAM2z3TuZBtUlnuXjUbpnqteHY/eConcxWXIByfQsovL6VJUESZrC0dxy4iEFr+7SQFwpTjBkf+C+Z8TjiuG2XXkBNs8raVi+xpeQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938429; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=TllLJgFXq9HK2S/ejQ/J86Nsw3p4FIWhOaneum+ZiGc=; b=IsfusuSf4Z0U4XZ2O1rxA0D60Ooj6MZryKzGpnguvCFW29wU8WzWuVoYAY9yWeKwYjbr5QLeMOP3eiWl1Dbg6/isjnC3r2652Q4G7/bOHF3lgwuhsWZqm3N4od2cbay2JZolXSFwUpzyv8UU1zidjv2nZIYrAhtD0TBycZYbvbg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99875+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 167593842969428.909923097418186; Thu, 9 Feb 2023 02:27:09 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id SnmuYY1788612xxii515zzEY; Thu, 09 Feb 2023 02:27:06 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.11196.1675938425097384851 for ; Thu, 09 Feb 2023 02:27:05 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-582-PR_UvHMIMd6564f7bf7j1g-1; Thu, 09 Feb 2023 05:27:00 -0500 X-MC-Unique: PR_UvHMIMd6564f7bf7j1g-1 X-Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3AC723C10230; Thu, 9 Feb 2023 10:27:00 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DF694C16022; Thu, 9 Feb 2023 10:26:59 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id EF362180093F; Thu, 9 Feb 2023 11:26:48 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 07/10] OvmfPkg: OvmfPkgIa32: use crypto includes Date: Thu, 9 Feb 2023 11:26:45 +0100 Message-Id: <20230209102648.2291743-8-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: U9ax7eWMPKR0Q8Sepn7myNYhx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938426; bh=YEKb2AkwYahFdjPFC/ut4PtPVVJiAxwEEb68QxJtwp0=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=iqkZfo9IfJOwNE91ZejEzfbmvRI1Mht4k7kdYrkosrccvUcr3Q2So/zcOMuxnkwX6Ms mzMhG3gvTyFRyJnVskvYnvX8+VvY2AFfmYFelgjO77Ey/z9HyONr8RYEsTdeqQIylm5AJ PZgNMhcQblCkpgTPjm/1HT/E27LAZIAWDfA= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938430413100027 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/OvmfPkgIa32.dsc | 22 +++++++++------------- OvmfPkg/OvmfPkgIa32.fdf | 6 ++++++ 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 22dc29330d2d..8ca29e9747c1 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -35,6 +35,7 @@ [Defines] DEFINE LOAD_X64_ON_IA32_ENABLE =3D FALSE =20 !include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -211,12 +212,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf -!else - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -!endif RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -239,10 +234,6 @@ [LibraryClasses] # !include NetworkPkg/NetworkLibs.dsc.inc =20 -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf -!endif - !if $(BUILD_SHELL) =3D=3D TRUE ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf !endif @@ -253,9 +244,9 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc =20 [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLibNull.inf =20 @@ -359,7 +350,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -447,7 +437,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf !endif - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezv= ousLib.inf =20 @@ -888,6 +877,13 @@ [Components] =20 OvmfPkg/VirtioNetDxe/VirtioNet.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 5451bfb84525..552730485123 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -173,6 +173,7 @@ [FV.PEIFV] INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 !include OvmfPkg/OvmfTpmPei.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -373,6 +374,11 @@ [FV.DXEFV] # !include OvmfPkg/OvmfTpmDxe.fdf.inc =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + !if $(LOAD_X64_ON_IA32_ENABLE) =3D=3D TRUE INF OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf !endif --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99875): https://edk2.groups.io/g/devel/message/99875 Mute This Topic: https://groups.io/mt/96850395/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99876+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99876+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938428; cv=none; d=zohomail.com; s=zohoarc; b=R9pvZxpPiT9l8z/GpYxi8ecW8kxdZp1/G1A3uvHotjYOpdrISEnnjZnrU9meSE+1kU3Pg0+mGd+/+eHRpS1F+5/3mpRz6M/hgcs1FscJdZ9/Lw29QUHIhKuyqpIxQIH1kKwLtJRYD8Aar6cyZLDxSoABh59Agh0/Eyu0QX6lqe8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938428; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=897X9ZHS2i4PG5EH6meUtu2LkicY5qqfVYf/yEy1TPA=; b=afvniDKh7Gt7oeScz0uyN6pJMSYoalRc9PM9atey7lJ7je/zcoKcFPjd3rFSXqBi/9yDMy7/5Wq65esQ/GUNOiaOw/vo5Lo3FM1rjNg+BDIuUQh0bcq3+I5LIVejjaVB+kFzZbOzoUEyxXQ63N/IJIruoqfiWDWB4LBlwH8+sng= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99876+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938428961201.67941933557893; Thu, 9 Feb 2023 02:27:08 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id T2ZXYY1788612xkAQ0iiOTvd; Thu, 09 Feb 2023 02:27:06 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web10.11207.1675938425762225645 for ; Thu, 09 Feb 2023 02:27:05 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-611-LwXfCamFOtS0YnCkK_y_Ig-1; Thu, 09 Feb 2023 05:27:01 -0500 X-MC-Unique: LwXfCamFOtS0YnCkK_y_Ig-1 X-Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3F80580280C; Thu, 9 Feb 2023 10:27:00 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BF0F4403D0C1; Thu, 9 Feb 2023 10:26:59 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id F36391800987; Thu, 9 Feb 2023 11:26:48 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 08/10] OvmfPkg: Microvm: use crypto includes Date: Thu, 9 Feb 2023 11:26:46 +0100 Message-Id: <20230209102648.2291743-9-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: 0tgA7URQuuH6dymmxbDo4DwGx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938426; bh=pJM0b6UDqjO+GJ7701+m0e5iqLE3IeBXWFSd0VDPsK0=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=tqREtB8HDU4kSq5VS60jJdt2Yovv2ei1sIVk8NiSbiBEZf4H7xz4+0c8Jf5zlBDGJY3 bzMocFeT8ooHcilKMBua4bCc4csbPbn8besvyNbIvA1fRqkDGUR5DLhQIkLJM4kFmlMIB hOt4vCPWZLE403minj4iYOTYfJ3ey8SLzDQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938430415100028 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/Microvm/MicrovmX64.dsc | 24 +++++++++++------------- OvmfPkg/Microvm/MicrovmX64.fdf | 7 +++++++ 2 files changed, 18 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index 0d65d21e651c..35b2dcb2b833 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -33,6 +33,8 @@ [Defines] DEFINE SMM_REQUIRE =3D FALSE DEFINE SOURCE_DEBUG_ENABLE =3D FALSE =20 +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc + # # Network definition # @@ -206,12 +208,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf -!else - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -!endif RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -234,10 +230,6 @@ [LibraryClasses] # !include NetworkPkg/NetworkLibs.dsc.inc =20 -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf -!endif - ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScrip= tLib.inf @@ -247,8 +239,9 @@ [LibraryClasses] Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf =20 +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc + [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf SerialPortLib|MdeModulePkg/Library/BaseSerialPortLib16550/BaseSerialPort= Lib16550.inf PlatformHookLib|MdeModulePkg/Library/BasePlatformHookLibNull/BasePlatfor= mHookLibNull.inf @@ -356,7 +349,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf # PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf # PciPcdProducerLib|OvmfPkg/Fdt/FdtPciPcdProducerLib/FdtPciPcdProducerLib= .inf # PciExpressLib|OvmfPkg/Library/BaseCachingPciExpressLib/BaseCachingPciEx= pressLib.inf @@ -441,7 +433,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf !endif - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf PciPcdProducerLib|OvmfPkg/Fdt/FdtPciPcdProducerLib/FdtPciPcdProducerLib.= inf PciExpressLib|OvmfPkg/Library/BaseCachingPciExpressLib/BaseCachingPciExp= ressLib.inf @@ -829,6 +820,13 @@ [Components] =20 OvmfPkg/VirtioNetDxe/VirtioNet.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/Microvm/MicrovmX64.fdf b/OvmfPkg/Microvm/MicrovmX64.fdf index b83fd1e6e4fe..92d4b446b7fe 100644 --- a/OvmfPkg/Microvm/MicrovmX64.fdf +++ b/OvmfPkg/Microvm/MicrovmX64.fdf @@ -149,6 +149,8 @@ [FV.PEIFV] INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc + ##########################################################################= ###### =20 [FV.DXEFV] @@ -302,6 +304,11 @@ [FV.DXEFV] INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.FVMAIN_COMPACT] --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99876): https://edk2.groups.io/g/devel/message/99876 Mute This Topic: https://groups.io/mt/96850396/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99877+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99877+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938430; cv=none; d=zohomail.com; s=zohoarc; b=Xl7UfCqKCZyMPo2VcYHugmnFDRRpCFckh9LIpuxnVTUE0wCsZCyWgantXjsjSc9k5Dd7/zYashG1axY8KywliY8pMCrXjaUUxIoOF4x/NYc9hTMxu8KsAMbqq2hB24JelvRajEEphhGZyQHJk8kD9ZSb1w6JNXPnhUMTe+hJCH4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938430; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=QG8YkV9Xg54Ydxbw5S700K0G7BxzTWdEEZobcYhtDzs=; b=PnKG+jJZcpUtT8wYGLOv/eLBnfkOpYHOtDtggN0KSJz03nil2AIaIBk1QzLXXRkvZSyC72/0v25/WIniVe/5rxWq7HB4upYdHNHhITJCgfGnrJi/MLsoCsnpmAFmCgY6a/cxE+RevKBBL6BPNMgxiwJVRgsLGwHFR20U92iXLg8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99877+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938430291246.11744039460632; Thu, 9 Feb 2023 02:27:10 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id IUWWYY1788612xigOs7uJRcJ; Thu, 09 Feb 2023 02:27:09 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.11197.1675938426697975552 for ; Thu, 09 Feb 2023 02:27:06 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-592-XS1_YpCpNq-tShm--dz5Zg-1; Thu, 09 Feb 2023 05:27:02 -0500 X-MC-Unique: XS1_YpCpNq-tShm--dz5Zg-1 X-Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 15D933811F3C; Thu, 9 Feb 2023 10:27:02 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BDF521121314; Thu, 9 Feb 2023 10:27:01 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 03A8A180098E; Thu, 9 Feb 2023 11:26:49 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 09/10] OvmfPkg: IntelTdx: use crypto includes Date: Thu, 9 Feb 2023 11:26:47 +0100 Message-Id: <20230209102648.2291743-10-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: tKrBrkTgOrG7IYjD8aBAR5cDx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938429; bh=pVQHobHEldEHI1EyKLbG0WLhQBj/mVRh//XCPbuTwtc=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=uC1gqRQPRdq8WNREMUwzqQI9cc/xtFCo1ZwFK8T4vh+QumvX/p+AIWvJszrvIPUxb4Y qopLr1CRM4odJ0VNmf571TVWPj4cxQVTx2pIaVtthatWzDwwdcec3KUAG0JsfwqUOsTov FNIQqAmieXbt4biAz7QfoLWt0cAwxoweo6Y= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938432445100036 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 15 +++++++++------ OvmfPkg/IntelTdx/IntelTdxX64.fdf | 5 +++++ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index 95b9594ddce0..6b028361e163 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -36,6 +36,8 @@ [Defines] # DEFINE BUILD_SHELL =3D TRUE =20 +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc + # # Device drivers # @@ -191,8 +193,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -220,8 +220,9 @@ [LibraryClasses] Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf =20 +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc + [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf TdxLib|MdePkg/Library/TdxLib/TdxLib.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf @@ -280,7 +281,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -355,7 +355,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuE= xceptionHandlerLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf =20 [LibraryClasses.common.SMM_CORE] @@ -552,7 +551,6 @@ [Components] NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompre= ssLib.inf NULL|OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelperLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf } =20 # @@ -718,6 +716,11 @@ [Components] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.= inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsRes= ourceTableDxe.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX6= 4.fdf index 73dffc104301..e1b07449b7a9 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf +++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf @@ -257,6 +257,11 @@ [FV.DXEFV] # INF SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.NCCFV] --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99877): https://edk2.groups.io/g/devel/message/99877 Mute This Topic: https://groups.io/mt/96850397/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 18:35:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99878+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99878+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675938431; cv=none; d=zohomail.com; s=zohoarc; b=F3waUsVlOviL9kQhtir/dGVV3v5YqU8CuW2vYs99Of1VO8fxi97r9qdR4GgA2yMvG0dgMRzGUZrNowcaXXz+nIrtJ/I9IXy5UdUn6i9HDyZr1muju/iH12vPdP2G5YkNmYWHb+pA7SoUe7nAhPzQ0mA+jHhHWmR5Tat8uC+bdp4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675938431; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=kJRp/Z6nQN9eW9fR5H9IAzEl9uGAvyppZdgl/T5CF7M=; b=OCG5wFS8DfFyt1R18ZSex6O/sMDNEC7v3yd8duqaVYSgF5fzPwT1DjlVCIA44JYYzP9oeaTwkB1y+J76jFlyTjJJ9r/jBQvQ/FtTJyny7YenN/SS3thjr/tEH5PmC0+RfKsDRcOFUKRtCvTuEoY5NiiP3516T1mJ1vJIF6CLge0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99878+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675938431406924.2343180463598; Thu, 9 Feb 2023 02:27:11 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id ZsUlYY1788612x8MTdiW49cq; Thu, 09 Feb 2023 02:27:11 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web11.11198.1675938427139101465 for ; Thu, 09 Feb 2023 02:27:07 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-673-T2DvjRNmOy6eO6bLZUpZLQ-1; Thu, 09 Feb 2023 05:27:03 -0500 X-MC-Unique: T2DvjRNmOy6eO6bLZUpZLQ-1 X-Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 405593C10233; Thu, 9 Feb 2023 10:27:02 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.85]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BFE91403D0C1; Thu, 9 Feb 2023 10:27:01 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 07EE31800993; Thu, 9 Feb 2023 11:26:49 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Tom Lendacky , Jiewen Yao , Xiaoyu Lu , Jordan Justen , Min Xu , Jian J Wang , Michael Roth , Oliver Steffen , James Bottomley , Erdem Aktas , Gerd Hoffmann , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 10/10] OvmfPkg: AmdSev: use crypto includes Date: Thu, 9 Feb 2023 11:26:48 +0100 Message-Id: <20230209102648.2291743-11-kraxel@redhat.com> In-Reply-To: <20230209102648.2291743-1-kraxel@redhat.com> References: <20230209102648.2291743-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: 445yFhbPoxI6OL4rz574VKfox1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675938431; bh=h0oRcxcZFhBjM71Bwyq1ADD10FQ1zdeDt0nrBek1Eo8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=X1/BgLbF2k3S5cugfh55+DqYdP8cLr44/af1oAKeIijVV/2msR23zwrD9eJIyXXaL5m Af1sluBegtx2JaAjZnl5LUAwRTilqzNoH6ry41ZZBh2Jqrd0Pc8oiHlmfhjjPiCY2i2gq mllMQhPyTZYtmKil6KpCH0si0KUWuctqWas= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675938432425100035 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/AmdSev/AmdSevX64.dsc | 12 ++++++++---- OvmfPkg/AmdSev/AmdSevX64.fdf | 6 ++++++ 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 1cebd6b4bcc2..0bb34b8b258b 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -34,6 +34,7 @@ [Defines] DEFINE SOURCE_DEBUG_ENABLE =3D FALSE =20 !include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -182,8 +183,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf @@ -201,9 +200,9 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc =20 [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf TdxLib|MdePkg/Library/TdxLib/TdxLib.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLibNull.inf @@ -310,7 +309,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -708,6 +706,12 @@ [Components] OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsRes= ourceTableDxe.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 5fb3b5d27632..84842a601262 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -163,6 +163,7 @@ [FV.PEIFV] INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf =20 !include OvmfPkg/OvmfTpmPei.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -318,6 +319,11 @@ [FV.DXEFV] # !include OvmfPkg/OvmfTpmDxe.fdf.inc =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.FVMAIN_COMPACT] --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99878): https://edk2.groups.io/g/devel/message/99878 Mute This Topic: https://groups.io/mt/96850398/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-