From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100932+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100932+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360188; cv=none; d=zohomail.com; s=zohoarc; b=dZPDHuFm4lwqGcgDIzKu74Qg+INDKPadGrkonY0ViTNmp83Z7Udd+i0N2VEf8GG+tQ2fnn9wJ8k91VRydy3W0dSb39URbFhY8jKz/WA0ldY3nG6OS7CgWZ+TDJWNHcdw2AQO68dAgiS1+rDLIH0jWus/UDf2AAcLvOhGcz+9VO8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360188; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=iz7JySXmUCPahqVolfjtq7jB8upax4QzytoV8Ii6/BQ=; b=LJ82QuEu+qvL6ax2unHjg3w/xEuJeKLJBxp4/eVTMJXbOK1PusHCnqm+YQoOVuHPNjXhu/gGU996EWCrtKfS8t59l3RKJPDYVj+4BV9dvsMVhUJkv2nwiEZtyc+4ATC0TKpkhHcygGBxsnoL/GQTi8yGg6RxiqxF0jOHzP2q2W0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100932+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1678360188171588.7578136999721; Thu, 9 Mar 2023 03:09:48 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 0f5BYY1788612xuiNw7XJQrU; Thu, 09 Mar 2023 03:09:47 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web11.10582.1678360186800995356 for ; Thu, 09 Mar 2023 03:09:47 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-481-r9VrlJp5OguDt45gjyPoHA-1; Thu, 09 Mar 2023 06:09:42 -0500 X-MC-Unique: r9VrlJp5OguDt45gjyPoHA-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9BFC8811E6E; Thu, 9 Mar 2023 11:09:41 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A050D140EBF4; Thu, 9 Mar 2023 11:09:40 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 2B9DC1800381; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 01/11] CryptoPkg/Driver: move PCD configs to include files Date: Thu, 9 Mar 2023 12:09:24 +0100 Message-Id: <20230309110934.853991-2-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: vy11pll2cmLSyz4ql5iASAMLx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360187; bh=Q/4x/zfcNDlJkDCENMWk3EBi4XCFbfsvmH4EBDgPzLw=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=QiqLXhKmyGvsDHSbXBBbGTRord3jyTFHWEGefRz03vvOOtFApB+w3sfuD5yypKysi6O Dmn9cgR6VBL3Y/xJgCrk++cUQrwFiAXiHccueMPiobdS+a5B7d0F618rdRb6azfotmxC/ XsebWlrdirzMESp3cOwxPU/nhN/LRGSuiXE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360189266100004 Content-Type: text/plain; charset="utf-8"; x-default="true" Makes it easier to reuse the predefined config sets in other places. Signed-off-by: Gerd Hoffmann --- .../Include/Dsc/CryptoServicePcd.all.dsc.inc | 29 +++++++ .../Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc | 35 +++++++++ .../Dsc/CryptoServicePcd.min_pei.dsc.inc | 20 +++++ CryptoPkg/CryptoPkg.dsc | 78 +------------------ 4 files changed, 87 insertions(+), 75 deletions(-) create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.= inc create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc b/CryptoPkg= /Include/Dsc/CryptoServicePcd.all.dsc.inc new file mode 100644 index 000000000000..1c3ffa461ca5 --- /dev/null +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc @@ -0,0 +1,29 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.RsaPss.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Fa= mily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc b/C= ryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc new file mode 100644 index 000000000000..aaf35e4c6061 --- /dev/null +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc @@ -0,0 +1,35 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs1v2Encrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.V= erifyEKUsInPkcs7Signature | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7GetSigners | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7FreeSigners | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.A= uthenticodeVerify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ge= tPublicKeyFromX509 | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services= .HashAll | FALSE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etSubjectName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etCommonName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etOrganizationName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etTBSCert | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Encrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Decrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc b/Crypt= oPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc new file mode 100644 index 000000000000..023c6f1d1d04 --- /dev/null +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc @@ -0,0 +1,20 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 4676193e8953..6a5fbd807a17 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -193,32 +193,7 @@ [PcdsFixedAtBuild] # !if $(CRYPTO_SERVICES) IN "ALL TARGET_UINT_TESTS" [PcdsFixedAtBuild] - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.RsaPss.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Fa= mily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY +!include CryptoPkg/Include/Dsc/CryptoServicePcd.all.dsc.inc !endif =20 # @@ -227,23 +202,7 @@ [PcdsFixedAtBuild] # !if $(CRYPTO_SERVICES) =3D=3D MIN_PEI [PcdsFixedAtBuild] - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY +!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc !endif =20 # @@ -252,38 +211,7 @@ [PcdsFixedAtBuild] # !if $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM [PcdsFixedAtBuild] - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs1v2Encrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7Verify | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.V= erifyEKUsInPkcs7Signature | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7GetSigners | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7FreeSigners | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.A= uthenticodeVerify | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ge= tPublicKeyFromX509 | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services= .HashAll | FALSE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etSubjectName | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etCommonName | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etOrganizationName | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etTBSCert | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Encrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Decrypt | TRUE - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY +!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc !endif =20 ##########################################################################= ######################### --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100932): https://edk2.groups.io/g/devel/message/100932 Mute This Topic: https://groups.io/mt/97493570/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100933+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100933+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360193; cv=none; d=zohomail.com; s=zohoarc; b=mJikhDkrbi1lpiuCWralcW8e2/nx/I/xAO16hW7cqEZE0bHd+Frb1NATacWvrUjyCUwTDNFjH7A7v4rj4veaZfU3plbbId7WUzyqjydAdLn3a1Hz+kwliuQHM5yulwfPHjzZRjFF12OYJDYlmZw2G/F8JGcZiEcmRkiu6Ci65sY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360193; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=YrnU/rAWBX7cEI2ZaAXPgQmkicpg6g6z5WzINdYGUZc=; b=BpFCpFK8j+KEf62UjFS9QKWi1cfsGlcXHHjaibIsziP7hh6lGYnSJ6RjHXHbKk4nQCEV9Puegp85mo5VXwGZXDxhTrR7+b4lJEw7hA4LMVGibFrhosIlxyS2+d+qHcu2Ap3R2hVT+Qi9BZBBfEZBN3WJsfVw86EDJnsEu/oSSKo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100933+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1678360193782326.4372378961492; Thu, 9 Mar 2023 03:09:53 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id qQMaYY1788612xhtBqEJUctV; Thu, 09 Mar 2023 03:09:53 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.10585.1678360192687051372 for ; Thu, 09 Mar 2023 03:09:52 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-576-_q47EkZfNBub5SNsf7v1Wg-1; Thu, 09 Mar 2023 06:09:48 -0500 X-MC-Unique: _q47EkZfNBub5SNsf7v1Wg-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 403FE85A5B1; Thu, 9 Mar 2023 11:09:48 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 076071410DD9; Thu, 9 Mar 2023 11:09:48 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 3095B18003AB; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 02/11] CryptoPkg/Driver: add CryptoServicePcd.hash_only.dsc.inc Date: Thu, 9 Mar 2023 12:09:25 +0100 Message-Id: <20230309110934.853991-3-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: 68qoBfODnvxd2XUKtoNgCX2tx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360193; bh=Yj95Yt5U1bDXcJ2siSU8AfZwxAe3evA0EZFobupRKr8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=BK3Vl8ZASxb89fu3Qgbp1fknaFf4m7DkcjufVi3WWIMcQtVe6yfLP5eLfc9SR2FVVYK PLg51NWwQ9SqSXlReKuXJ0V8jKZeY3bovvMmDkAxjMOLSXUgEWS4pPiI2pw60XyyKaQfM 5mb5ZNGuuowss50CDSzWr3fF+1xWr8hKFgg= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360195233100003 Content-Type: text/plain; charset="utf-8"; x-default="true" Contains only hash functions needed for measurements. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc b/Cry= ptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc new file mode 100644 index 000000000000..0d5402be9a1a --- /dev/null +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc @@ -0,0 +1,8 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100933): https://edk2.groups.io/g/devel/message/100933 Mute This Topic: https://groups.io/mt/97493571/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100934+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100934+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360194; cv=none; d=zohomail.com; s=zohoarc; b=V1L87hYHlhTgq1TPgg2QVkNok9p7EegsDmVEtgqrua+XJrCfyGGtM684PYD5dTHvUkbeWue7Hl/31FTRLQYFlTx5GRFb+wMgoEVPC56FKzfPfrncryG5H9mx0Or9y2v7ZvxIxmdf0RYvYeOxcpVPNhj0LNr+NYXfreId4s5ipPE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360194; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=48BVJ9uACWfgqxaCptMxT+y5zzLoHPfa2Ftp1Eogtps=; b=VEb6C9wRK0581naOr5dE7lW4MFBK35/Di2FN7LjqNVgA9yThBQbijfooRp87gS0SpM3b7Uuemt8AL3KFqz1Uh+3iJUSHzKEJazJAWsKD8UMSvvCFpgMH4rC7Cgft0U2RBn7qlkWl3bn/azNITwyUFvqChCk07161Nde8r1sbwfI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100934+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1678360194200116.28551867400711; Thu, 9 Mar 2023 03:09:54 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id PfCuYY1788612xuvgI8Rccfk; Thu, 09 Mar 2023 03:09:53 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web11.10587.1678360192803862377 for ; Thu, 09 Mar 2023 03:09:52 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-185-A-KQ390bO1-FugwB0KD2aA-1; Thu, 09 Mar 2023 06:09:49 -0500 X-MC-Unique: A-KQ390bO1-FugwB0KD2aA-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3BE1A3814588; Thu, 9 Mar 2023 11:09:48 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 05B41140EBF4; Thu, 9 Mar 2023 11:09:48 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 34DCB18003B3; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 03/11] CryptoPkg/Driver: add TPM hashes to CryptoServicePcd.min_dxe_smm.dsc.inc Date: Thu, 9 Mar 2023 12:09:26 +0100 Message-Id: <20230309110934.853991-4-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: 1FdQMrdCSQJVD8x3NYJpXUCsx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360193; bh=c6JbDvk6CUm04tx4nBlsh3zQKvfSVsCiUcKu7hEdeMQ=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=PqOCSa5cRwqc7+MX6sArApfBTacDeFtz9u4wn4g2p9KUS5DcMxyEwHr10E9Hax8xQO7 geVXBu3JxXA5mopuEosN3Kt9E2St7yBDgUkSUEOW++GvK3kxEvolMQB2YdVbfRn9/ZPZe Q/FPSXs6DsObCBK3YoOVc3oDSNaXfJzbGMY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360195227100002 Content-Type: text/plain; charset="utf-8"; x-default="true" Enable Sha384 + Sha512 + Sm3. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc b/C= ryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc index aaf35e4c6061..9209b4c526a7 100644 --- a/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc +++ b/CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc @@ -18,7 +18,9 @@ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ge= tPublicKeyFromX509 | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services= .HashAll | FALSE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etSubjectName | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etCommonName | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etOrganizationName | TRUE --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100934): https://edk2.groups.io/g/devel/message/100934 Mute This Topic: https://groups.io/mt/97493572/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100935+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100935+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360195; cv=none; d=zohomail.com; s=zohoarc; b=RrSXiBkML4Z14+4DxXj/n5+HGMl6dG1i6shITTOoGpTDjrsqqrdfUds52H0JrIAJKJGjUXzYYB6i7Zra3ZuVVaTkK/MxHXsyMKCpwpLvjGDtGQqhFQDJDRHF7iIREfnWjAmEFsYJFnP7cwqufYakEseARGlbw5prz40rN/AhfIE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360195; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Xzqh0Zg35QzrUK3zteGXlexJ1Gt3WswnwpZPxdXDEn8=; b=G78AptU3mfixflG8N3fPiMi3FR2OGxHNr04f4L5Z733EUchrzauGhQqSUi80jM2ucQ32mNnYRY2Qzc7d/GU/N3I3I0+L/15RzG+l4pgwaXr+ElwvyLDrDYeKDTnfdK7jHa83ai4kVNpJJh3i18a6IUou4JiUgV1fe1iUknzEF1U= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100935+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 167836019525442.10565487939516; Thu, 9 Mar 2023 03:09:55 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 2DFMYY1788612xoFO0vOa4bD; Thu, 09 Mar 2023 03:09:54 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.10589.1678360194199932148 for ; Thu, 09 Mar 2023 03:09:54 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-590-VoWHhAawPyuNA-vYUBx5xw-1; Thu, 09 Mar 2023 06:09:50 -0500 X-MC-Unique: VoWHhAawPyuNA-vYUBx5xw-1 X-Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 93DA887B2A2; Thu, 9 Mar 2023 11:09:49 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 54E32440D8; Thu, 9 Mar 2023 11:09:49 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 397BA18003BC; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 04/11] BaseTools: GCC5: enable lto for noopt builds on IA32 and X64 Date: Thu, 9 Mar 2023 12:09:27 +0100 Message-Id: <20230309110934.853991-5-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: fB2uHr1e6oFCs3WCaJFH9pELx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360194; bh=G5v1cOdI2KS/gXUqFB0pxiNn4aHLMCPuEPIGoQlN2C8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=kTK7NXs8JkOUKUmGDzC0PI8fM4KP0mU42Qu3aa6+nqb1sE17RkXG51bNmnDjohU0MGm MWTQyKwnqgfudA8A3NkTmDn/7rARFsyY7kiM0zsok/C2+oKjZzw75B5kXVIKiPjznI/Yz 3fiCjAlh8/astJrb+R335KSRVjh2t+5+fNk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360197236100010 Content-Type: text/plain; charset="utf-8"; x-default="true" Signed-off-by: Gerd Hoffmann --- BaseTools/Conf/tools_def.template | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.t= emplate index 471eb67c0c83..7f73ed817cd9 100755 --- a/BaseTools/Conf/tools_def.template +++ b/BaseTools/Conf/tools_def.template @@ -2310,8 +2310,8 @@ RELEASE_GCC49_AARCH64_DLINK_XIPFLAGS =3D -z common-pa= ge-size=3D0x20 RELEASE_GCC5_IA32_CC_FLAGS =3D DEF(GCC5_IA32_CC_FLAGS) -flto -Wno-un= used-but-set-variable -Wno-unused-const-variable RELEASE_GCC5_IA32_DLINK_FLAGS =3D DEF(GCC5_IA32_X64_DLINK_FLAGS) -flto = -Os -Wl,-m,elf_i386,--oformat=3Delf32-i386 =20 - NOOPT_GCC5_IA32_CC_FLAGS =3D DEF(GCC5_IA32_CC_FLAGS) -O0 - NOOPT_GCC5_IA32_DLINK_FLAGS =3D DEF(GCC5_IA32_X64_DLINK_FLAGS) -Wl,-m= ,elf_i386,--oformat=3Delf32-i386 -O0 + NOOPT_GCC5_IA32_CC_FLAGS =3D DEF(GCC5_IA32_CC_FLAGS) -flto -O0 + NOOPT_GCC5_IA32_DLINK_FLAGS =3D DEF(GCC5_IA32_X64_DLINK_FLAGS) -flto = -Wl,-m,elf_i386,--oformat=3Delf32-i386 -O0 =20 ################## # GCC5 X64 definitions @@ -2342,8 +2342,8 @@ RELEASE_GCC5_IA32_DLINK_FLAGS =3D DEF(GCC5_IA32_X6= 4_DLINK_FLAGS) -flto -Os -Wl, RELEASE_GCC5_X64_CC_FLAGS =3D DEF(GCC5_X64_CC_FLAGS) -flto -DUSING_= LTO -Wno-unused-but-set-variable -Wno-unused-const-variable RELEASE_GCC5_X64_DLINK_FLAGS =3D DEF(GCC5_X64_DLINK_FLAGS) -flto -Os =20 - NOOPT_GCC5_X64_CC_FLAGS =3D DEF(GCC5_X64_CC_FLAGS) -O0 - NOOPT_GCC5_X64_DLINK_FLAGS =3D DEF(GCC5_X64_DLINK_FLAGS) -O0 + NOOPT_GCC5_X64_CC_FLAGS =3D DEF(GCC5_X64_CC_FLAGS) -flto -DUSING_= LTO -O0 + NOOPT_GCC5_X64_DLINK_FLAGS =3D DEF(GCC5_X64_DLINK_FLAGS) -flto -O0 =20 ################## # GCC5 ARM definitions --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100935): https://edk2.groups.io/g/devel/message/100935 Mute This Topic: https://groups.io/mt/97493573/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100936+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100936+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360196; cv=none; d=zohomail.com; s=zohoarc; b=YPB8ySCOdWb/X4EXXJFS9lJyPZPHVoP2L4VshjiZ7yeDoVTxFD8fkzpdFvsrC/gTuawSlJDJwfGNtgvRK7212M/WYpC+S8fbqrqEUsERFDTH5sERL/dtQDl09abm1odP/XAMBZvTukhHbauv356mhbHKmNzOF2JMTbXa6cEiJgo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360196; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=KOE9FugHEWUUPqooMsqWZsI4Sd/yzrVnAn1wxlPAkSs=; b=FtEdPI8S+QD0XFz4NTGRmThJvtokQ7V/KOVgzoe2/bh7FylX/ZYYj7sle6U7vI1WbuMFFMGSObK73NoOvJy+q5ygfz6gEfFnBzTUYPahSdmEI7WFa0RBgeOd/6NuBzhyr51mYzmmVFvCUe4nZ7Uva0JYMtDFt43Yitq71h7AFTQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100936+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16783601962021013.6813932102433; Thu, 9 Mar 2023 03:09:56 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id Aw9jYY1788612x2TOuTKbCbw; Thu, 09 Mar 2023 03:09:55 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web11.10590.1678360195175887226 for ; Thu, 09 Mar 2023 03:09:55 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-195-cTUn1Z9wO1ed5ZEBXjBXwg-1; Thu, 09 Mar 2023 06:09:50 -0500 X-MC-Unique: cTUn1Z9wO1ed5ZEBXjBXwg-1 X-Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AE45785A588; Thu, 9 Mar 2023 11:09:49 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 560FE492B04; Thu, 9 Mar 2023 11:09:49 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 3DD8F18003BF; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 05/11] OvmfPkg: add OvmfCrypto*.inc Date: Thu, 9 Mar 2023 12:09:28 +0100 Message-Id: <20230309110934.853991-6-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: v12Hwxw0vakSd8WsHJ5UFGYWx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360195; bh=Qaz5T7n9oy8xHDYsmqNjAumMbW7Q/bD2jdJOLUMuAbU=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=sese4Ui9r+WyWdAAevEfH3VnzVSK/2z6TGd4i5Wg+J3WasKXKU7KCkLXZ1Lzp/ELtMD 8A7caDTbNNlIVxE1c1UM7C3yPNOu1BeIBlKMJhtRRDwEJhRpqj9g/rCx9fa7tShJibdZ8 3UyTeKQR/BWVDV0NiMYSlY2SNUHfClN/l4s= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360197278100014 Content-Type: text/plain; charset="utf-8"; x-default="true" Create include files for crypto support, so the configuration can be shared for all OVMF build variants. Also add support for using the Crypto Driver. The Crypto Driver is by default for enabled SMM + DXE and disabled for PEI. This can be changed using the {PEI,SMM,DXE}_USE_CRYPTO_DRIVER options. The config option is intended to be temporary and will probably stay for one or two releases as fallback, then be removed. The configuration follows mostly the recommendations given in CryptoPkg/Readme.md, with some minor exceptions like only compiling TLS support in case NETWORK_TLS_ENABLE is TRUE. Signed-off-by: Gerd Hoffmann --- .../Dsc/OvmfCryptoComponentsDxe.dsc.inc | 23 ++++++ .../Dsc/OvmfCryptoComponentsPei.dsc.inc | 19 +++++ .../Dsc/OvmfCryptoComponentsSmm.dsc.inc | 18 +++++ OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc | 7 ++ OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc | 72 +++++++++++++++++++ OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc | 12 ++++ OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc | 7 ++ 7 files changed, 158 insertions(+) create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc create mode 100644 OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc create mode 100644 OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc create mode 100644 OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc b/OvmfPkg/= Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc new file mode 100644 index 000000000000..72728aea68f5 --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc @@ -0,0 +1,23 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# mostly following CryptoPkg/Readme.md recommendations +## + +!if $(DXE_USE_CRYPTO_DRIVER) =3D=3D TRUE + + CryptoPkg/Driver/CryptoDxe.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +!else + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +!endif + +!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc + } + +!endif diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc b/OvmfPkg/= Include/Dsc/OvmfCryptoComponentsPei.dsc.inc new file mode 100644 index 000000000000..0457235f8eb0 --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc @@ -0,0 +1,19 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# mostly following CryptoPkg/Readme.md recommendations +## + +!if $(PEI_USE_CRYPTO_DRIVER) =3D=3D TRUE + + CryptoPkg/Driver/CryptoPei.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +#!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_pei.dsc.inc +!include CryptoPkg/Include/Dsc/CryptoServicePcd.hash_only.dsc.inc + } + +!endif diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc b/OvmfPkg/= Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc new file mode 100644 index 000000000000..be1647397a60 --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc @@ -0,0 +1,18 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# mostly following CryptoPkg/Readme.md recommendations +## + +!if $(SMM_USE_CRYPTO_DRIVER) =3D=3D TRUE && $(SMM_REQUIRE) =3D=3D TRUE + + CryptoPkg/Driver/CryptoSmm.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +!include CryptoPkg/Include/Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc + } + +!endif diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc b/OvmfPkg/Includ= e/Dsc/OvmfCryptoDefines.dsc.inc new file mode 100644 index 000000000000..f005f593b4eb --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc @@ -0,0 +1,7 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + + DEFINE PEI_USE_CRYPTO_DRIVER =3D FALSE + DEFINE SMM_USE_CRYPTO_DRIVER =3D TRUE + DEFINE DXE_USE_CRYPTO_DRIVER =3D TRUE diff --git a/OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc b/OvmfPkg/Include/D= sc/OvmfCryptoLibs.dsc.inc new file mode 100644 index 000000000000..f9fdf36c1dab --- /dev/null +++ b/OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc @@ -0,0 +1,72 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# mostly following CryptoPkg/Readme.md recommendations +## + +[LibraryClasses] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + +[LibraryClasses.common.SEC] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +[LibraryClasses.common.DXE_RUNTIME_DRIVER] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + + +!if $(PEI_USE_CRYPTO_DRIVER) =3D=3D TRUE + +[LibraryClasses.common.PEIM] + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf + TlsLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf + +!else + +[LibraryClasses.common.PEIM] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +!endif + + +!if $(SMM_USE_CRYPTO_DRIVER) =3D=3D TRUE + +[LibraryClasses.common.DXE_SMM_DRIVER] + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf + TlsLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf + +!else + +[LibraryClasses.common.DXE_SMM_DRIVER] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + +!endif + + +!if $(DXE_USE_CRYPTO_DRIVER) =3D=3D TRUE + +[LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.UEFI_DRIVER, Libr= aryClasses.common.UEFI_APPLICATION] + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf + TlsLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf + +!else + +[LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.UEFI_DRIVER, Libr= aryClasses.common.UEFI_APPLICATION] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf +!else + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +!endif + +!endif diff --git a/OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc b/OvmfPkg/Include= /Fdf/OvmfCryptoDxeSmm.fdf.inc new file mode 100644 index 000000000000..6fc12ed8656f --- /dev/null +++ b/OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc @@ -0,0 +1,12 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(DXE_USE_CRYPTO_DRIVER) =3D=3D TRUE +INF CryptoPkg/Driver/CryptoDxe.inf +!endif + +!if $(SMM_USE_CRYPTO_DRIVER) =3D=3D TRUE && $(SMM_REQUIRE) =3D=3D TRUE +INF CryptoPkg/Driver/CryptoSmm.inf +!endif + diff --git a/OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc b/OvmfPkg/Include/Fd= f/OvmfCryptoPei.fdf.inc new file mode 100644 index 000000000000..8b42c2da7b2a --- /dev/null +++ b/OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc @@ -0,0 +1,7 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +!if $(PEI_USE_CRYPTO_DRIVER) =3D=3D TRUE +INF CryptoPkg/Driver/CryptoPei.inf +!endif --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100936): https://edk2.groups.io/g/devel/message/100936 Mute This Topic: https://groups.io/mt/97493574/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100938+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100938+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360197; cv=none; d=zohomail.com; s=zohoarc; b=d4ehIPih6olSCw2l8ArqCFR3Nl0m0lmulhrDAeS/2LWaDMEldpxH1WUP2dD6L2lNmf3eK3RGbp6r56iknZgLCiqo5VXxLJVgcLiARj6lkPVmzRLeMdGlvR3roMWNNKEX6wlNb35xnAxcQLwpawP1MPy3Rerx76zeYcqOQOt5VJc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360197; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=z7JyV+9jqgbQTTAwgcnmcPcmGbkHop9WlVQoJ+Cy0O4=; b=PgplSiBRmKfjQBnJmCBnyO6l91xj+yiWSCzdIaxQnL3EqST3lyfnBFd6XyRvJwd+TJUD7NmqE+qTQyzS/Mjw3lt2STPc2zo+Pf30/fkZ09dBmCE9p0/G/cL1VzV4EmugHbxW1J1nRhhZZ6eIcGc5B165GoYcqY8EwIJPS7J2b/s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100938+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1678360197806202.02559301161773; Thu, 9 Mar 2023 03:09:57 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id ELnSYY1788612xjwaOUiaGPf; Thu, 09 Mar 2023 03:09:57 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.10592.1678360196776376946 for ; Thu, 09 Mar 2023 03:09:56 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-266-dNmEn-3iOpqL_hZFl9bzDA-1; Thu, 09 Mar 2023 06:09:52 -0500 X-MC-Unique: dNmEn-3iOpqL_hZFl9bzDA-1 X-Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 563483814585; Thu, 9 Mar 2023 11:09:51 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0D3D5492B04; Thu, 9 Mar 2023 11:09:51 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 4253B1800609; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 06/11] OvmfPkg: OvmfPkgX64: use crypto includes Date: Thu, 9 Mar 2023 12:09:29 +0100 Message-Id: <20230309110934.853991-7-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: QuC9aTK4DxAtwbcymkGjngWtx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360197; bh=tvGqsex0lFhqvclylhtrzQulMul0wCi1gkKvN4El024=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=BVqCSNpfmLogd7A3Hg1ZGh+q/OiSlhaF56kA7dy81bej7bCW0JRF3U5x/yJHIH4RB90 OP5r4IgWm0YGFLr5hYYQ349wcL4JK21ArstwAiPHyHiz+KQ+jFkjpCm3jfAtVjXLAdmqH wz1aRoNhEEf/QWOmbn1lMGkSiRyvoX3tKvE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360199248100021 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/OvmfPkgX64.dsc | 22 +++++++++------------- OvmfPkg/OvmfPkgX64.fdf | 6 ++++++ 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 04d50704c736..fed5723c4c40 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -35,6 +35,7 @@ [Defines] DEFINE CC_MEASUREMENT_ENABLE =3D FALSE =20 !include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -232,12 +233,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf -!else - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -!endif RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -260,10 +255,6 @@ [LibraryClasses] # !include NetworkPkg/NetworkLibs.dsc.inc =20 -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf -!endif - !if $(BUILD_SHELL) =3D=3D TRUE ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf !endif @@ -274,9 +265,9 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc =20 [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf TdxLib|MdePkg/Library/TdxLib/TdxLib.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf @@ -385,7 +376,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -474,7 +464,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf !endif - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezv= ousLib.inf =20 @@ -976,6 +965,13 @@ [Components] =20 OvmfPkg/VirtioNetDxe/VirtioNet.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 16666ba24440..541e0df85e1d 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -189,6 +189,7 @@ [FV.PEIFV] INF FILE_GUID =3D $(UP_CPU_PEI_GUID) UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 !include OvmfPkg/OvmfTpmPei.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -414,6 +415,11 @@ [FV.DXEFV] # !include OvmfPkg/OvmfTpmDxe.fdf.inc =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.FVMAIN_COMPACT] --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100938): https://edk2.groups.io/g/devel/message/100938 Mute This Topic: https://groups.io/mt/97493576/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100937+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100937+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360196; cv=none; d=zohomail.com; s=zohoarc; b=eSpmueo5xoaSLfuSTKm92p86t+yW9myopDyf+7CqnpgVC1K7TMS/S65yMGXa7MmI4hEv1YkhpvYhCq68dH4y6pTSkBruzuKcme4vTIvUnbrPdOBh/9J1kHvMFLysYu/38oqYwuG1RRw7QdTH+c081RCbts8tWxe/taS74FIp4TA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360196; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=sFxPS0yLQm54I3k8rY1e8xjf/TgGI3e4lkq24nu8C8Y=; b=VAKroaINGeXB1OnCujPZRBDY494qbuMchy1q5PJWCGdAyyMShFu5yUzJnZl70kR+FKylpC7Z2IZysScgsFAYCuM5RsCw+zwGDYqMt7kQBtnFZD8RaUmrg6Kad4VaILKZ/R2foJ8qcG7vG+OF6Kf5X660Rb9qe3gjIAu0b44c5ig= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100937+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16783601968031008.1013072558371; Thu, 9 Mar 2023 03:09:56 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id zUB9YY1788612xC0lAcf6kiT; Thu, 09 Mar 2023 03:09:56 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.10591.1678360195889568302 for ; Thu, 09 Mar 2023 03:09:56 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-640-r5OpM9igOFWpQFGvkcK-ag-1; Thu, 09 Mar 2023 06:09:52 -0500 X-MC-Unique: r5OpM9igOFWpQFGvkcK-ag-1 X-Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 926803814588; Thu, 9 Mar 2023 11:09:51 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 240D5440E0; Thu, 9 Mar 2023 11:09:51 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 462961800619; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 07/11] OvmfPkg: OvmfPkgIa32X64: use crypto includes Date: Thu, 9 Mar 2023 12:09:30 +0100 Message-Id: <20230309110934.853991-8-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: vH1Kz4wNCYBNwhfeqCoLvwaZx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360196; bh=DfJFDkZNzTGMqs0i2e8giJ/Yi9YnLWLe2+u2ml3DD3s=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=LzPow2F8cv1Jh2gyGupyb4DjGHt9QXrHs1UX5rNXHFS90zeYoM2ZhRzg++NOiz7atdd 6L2wbbMQjKI7iS0NQyp8pojfmQGB7Rfh5uurU72c/auHo1TDis3DevUUJozEIVCDIPd6w ECU/Ll3s8AyX484sfIZXfTJIbyEe7QjYM+U= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360197247100011 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/OvmfPkgIa32X64.dsc | 22 +++++++++------------- OvmfPkg/OvmfPkgIa32X64.fdf | 6 ++++++ 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 51db692b10fb..b032d4a3c99d 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -34,6 +34,7 @@ [Defines] DEFINE SOURCE_DEBUG_ENABLE =3D FALSE =20 !include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -215,12 +216,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf -!else - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -!endif RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -243,10 +238,6 @@ [LibraryClasses] # !include NetworkPkg/NetworkLibs.dsc.inc =20 -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf -!endif - !if $(BUILD_SHELL) =3D=3D TRUE ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf !endif @@ -257,9 +248,9 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc =20 [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf TdxLib|MdePkg/Library/TdxLib/TdxLib.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLibNull.inf @@ -364,7 +355,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -453,7 +443,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf !endif - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezv= ousLib.inf =20 @@ -740,6 +729,7 @@ [Components.IA32] UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc =20 [Components.X64] # @@ -902,6 +892,12 @@ [Components.X64] =20 OvmfPkg/VirtioNetDxe/VirtioNet.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 4c5bd0dbc3b0..cf287303cb2c 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -173,6 +173,7 @@ [FV.PEIFV] INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 !include OvmfPkg/OvmfTpmPei.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -380,6 +381,11 @@ [FV.DXEFV] # !include OvmfPkg/OvmfTpmDxe.fdf.inc =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.FVMAIN_COMPACT] --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100937): https://edk2.groups.io/g/devel/message/100937 Mute This Topic: https://groups.io/mt/97493575/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100942+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100942+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360207; cv=none; d=zohomail.com; s=zohoarc; b=Iz1T6hGe9kAezCsekDdLqU4UHBb6YjJKwTnIFznNQnBGu4ilGwOj0nbWkvppn3A2GHNZuySOs0y5UVbtAv4tImTMHZDO3OybnDj5iOF61NJDmEzlYMjzfMlM37GlfRMCz/++tjCb6y42ewjiczejYoTceC34UKfTI8Z2NZv13Co= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360207; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=RDSJRxfCq5ZIbND26hzxFsjrhi/unIIKaN1EqF4fHR0=; b=DwZtzzE1Uz+ImrdJoWyGVAx0ctRat6kpeZsWzLmTl6fkA+txWL0nk5fi+qjRSW3j9OlRNVEdLq5zyl2pyaIXnGShhrIBECVVUsXEUAZNmoViZsF0Ng637Eziut0jNLEro6w9kKjwpYJ/DQ6yEi5y0E9oq6iFPAKmL8xIV2Zg9ro= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100942+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1678360207915522.580165081452; Thu, 9 Mar 2023 03:10:07 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id IcZ2YY1788612xj2hrNOyKD8; Thu, 09 Mar 2023 03:10:07 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web10.10640.1678360206830269268 for ; Thu, 09 Mar 2023 03:10:07 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-387-SIFhGD0fM0qiZnfL3n8Axg-1; Thu, 09 Mar 2023 06:09:53 -0500 X-MC-Unique: SIFhGD0fM0qiZnfL3n8Axg-1 X-Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D317986C166; Thu, 9 Mar 2023 11:09:52 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9B3134014D1D; Thu, 9 Mar 2023 11:09:52 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 4AA0A180061A; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 08/11] OvmfPkg: OvmfPkgIa32: use crypto includes Date: Thu, 9 Mar 2023 12:09:31 +0100 Message-Id: <20230309110934.853991-9-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: zuAZRX0rEhbkRxqsBe89HOYlx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360207; bh=48VZVjceqH96DlMQkTB+HGLNk9agWGqcwFt8FgTypvs=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=T8p3GI4OSCvxjX/KaOdbQtnemEvNS7yFT6BGpvhc0BhkewfE6UtTiNMt078zyjn54C/ nyMkdRDVQXt3a87dFJaAPclPQ2MFJdnXTJ17LrnPDrXHnZp/crfBYAvm5Rab75/lN8Haa puNA0zyUpLrj51DJK3y1o8RRP6xcudtbw5E= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360209305100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/OvmfPkgIa32.dsc | 22 +++++++++------------- OvmfPkg/OvmfPkgIa32.fdf | 6 ++++++ 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 22dc29330d2d..8ca29e9747c1 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -35,6 +35,7 @@ [Defines] DEFINE LOAD_X64_ON_IA32_ENABLE =3D FALSE =20 !include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -211,12 +212,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf -!else - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -!endif RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -239,10 +234,6 @@ [LibraryClasses] # !include NetworkPkg/NetworkLibs.dsc.inc =20 -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf -!endif - !if $(BUILD_SHELL) =3D=3D TRUE ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf !endif @@ -253,9 +244,9 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc =20 [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLibNull.inf =20 @@ -359,7 +350,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -447,7 +437,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf !endif - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezv= ousLib.inf =20 @@ -888,6 +877,13 @@ [Components] =20 OvmfPkg/VirtioNetDxe/VirtioNet.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 5451bfb84525..552730485123 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -173,6 +173,7 @@ [FV.PEIFV] INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 !include OvmfPkg/OvmfTpmPei.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -373,6 +374,11 @@ [FV.DXEFV] # !include OvmfPkg/OvmfTpmDxe.fdf.inc =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + !if $(LOAD_X64_ON_IA32_ENABLE) =3D=3D TRUE INF OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf !endif --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100942): https://edk2.groups.io/g/devel/message/100942 Mute This Topic: https://groups.io/mt/97493582/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100939+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100939+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360199; cv=none; d=zohomail.com; s=zohoarc; b=NqIUL/qoKE5cxoUF8ILda8KEplEUh93s8IyCTV8jeJSY8h1wnyinyzLRj8aHvoLknjMmC1rkBv4H1Kf7rFhK4kbJlCjGaeUYThAO9KJVjW58mcQFW1a7Bn4Lyd3t8mFU3AKueH3vx1xcN3gLBu4FbfO4xmnYQtK+ZcaXeVgPP6E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360199; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=dZW/QjgQgXaTTKpp07Wy2clGkk6oaSsVUwN8wTvV2cw=; b=jHT8YwWAZIj6M8wgVCsTqBjjWUIMYwY3E5diRiB/qyNv3qljZLSS+jfR2e+ED2FPbovS5MTcMx7IwlTTvdRqMgMhtJktdnpRzofT47mmCqOHbxisiLlab2iS8+tyoy6wIs6Scw0LvBxMsrlma1ncTSpjjM2h0Tk66lPq6fFnSPI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100939+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1678360199121457.04910651210184; Thu, 9 Mar 2023 03:09:59 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id iFn9YY1788612xLsijEEDlYW; Thu, 09 Mar 2023 03:09:58 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.10593.1678360198168628173 for ; Thu, 09 Mar 2023 03:09:58 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-606-wpL53WDDPSiLUpsTvlaOwQ-1; Thu, 09 Mar 2023 06:09:53 -0500 X-MC-Unique: wpL53WDDPSiLUpsTvlaOwQ-1 X-Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 086BF18E53C8; Thu, 9 Mar 2023 11:09:53 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A541A492B04; Thu, 9 Mar 2023 11:09:52 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 4EA051800623; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 09/11] OvmfPkg: Microvm: use crypto includes Date: Thu, 9 Mar 2023 12:09:32 +0100 Message-Id: <20230309110934.853991-10-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: 6MA6KVZaM8GCck8zY1Xf06fmx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360198; bh=uVqH2e7voS3JiZSOcVRc1RNu1zgRgnHdkXteOst/fsI=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=uHb/aCV3RVI5Of44wXMn/84YBOy139zCb3ZX/+qmYb/OyVb3OP6anpr/U0YSXWQ7ygg ud6BUezlecGQhL1HBm2uFNjX01G3XY9eINBNFoSnPVkfHF2zCsMN0kMW/ERgLY5j+MoIO +lAJhNjEkqF54xY185jjfPllxF4OkKmPaA0= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360201274100028 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/Microvm/MicrovmX64.dsc | 24 +++++++++++------------- OvmfPkg/Microvm/MicrovmX64.fdf | 7 +++++++ 2 files changed, 18 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index 76fc54865015..9ae375107414 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -33,6 +33,8 @@ [Defines] DEFINE SMM_REQUIRE =3D FALSE DEFINE SOURCE_DEBUG_ENABLE =3D FALSE =20 +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc + # # Network definition # @@ -206,12 +208,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf -!else - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -!endif RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -234,10 +230,6 @@ [LibraryClasses] # !include NetworkPkg/NetworkLibs.dsc.inc =20 -!if $(NETWORK_TLS_ENABLE) =3D=3D TRUE - TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf -!endif - ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScrip= tLib.inf @@ -247,8 +239,9 @@ [LibraryClasses] Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf =20 +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc + [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf SerialPortLib|MdeModulePkg/Library/BaseSerialPortLib16550/BaseSerialPort= Lib16550.inf PlatformHookLib|MdeModulePkg/Library/BasePlatformHookLibNull/BasePlatfor= mHookLibNull.inf @@ -356,7 +349,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf # PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf # PciPcdProducerLib|OvmfPkg/Fdt/FdtPciPcdProducerLib/FdtPciPcdProducerLib= .inf # PciExpressLib|OvmfPkg/Library/BaseCachingPciExpressLib/BaseCachingPciEx= pressLib.inf @@ -442,7 +434,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf !endif - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf PciPcdProducerLib|OvmfPkg/Fdt/FdtPciPcdProducerLib/FdtPciPcdProducerLib.= inf PciExpressLib|OvmfPkg/Library/BaseCachingPciExpressLib/BaseCachingPciExp= ressLib.inf @@ -830,6 +821,13 @@ [Components] =20 OvmfPkg/VirtioNetDxe/VirtioNet.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsSmm.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/Microvm/MicrovmX64.fdf b/OvmfPkg/Microvm/MicrovmX64.fdf index b83fd1e6e4fe..92d4b446b7fe 100644 --- a/OvmfPkg/Microvm/MicrovmX64.fdf +++ b/OvmfPkg/Microvm/MicrovmX64.fdf @@ -149,6 +149,8 @@ [FV.PEIFV] INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf =20 +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc + ##########################################################################= ###### =20 [FV.DXEFV] @@ -302,6 +304,11 @@ [FV.DXEFV] INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.FVMAIN_COMPACT] --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100939): https://edk2.groups.io/g/devel/message/100939 Mute This Topic: https://groups.io/mt/97493577/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100941+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100941+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360208; cv=none; d=zohomail.com; s=zohoarc; b=hmsiz9LU6YImmw2zGcdaEywRK6ZWz6IgCFKihaNIneuXAo9dfDYr1/Wn7bSG4Ma4v+lW+2rD4xo6U9OdHmjfdSU3rSIlOvhIW1aoZS4U2Qy4XV+qltj26uFPNYuG7NzymyzWLkjfBD5rXZAgsuOqWtCucxW5Zl2VAVtkAqXZ5DM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360208; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=/vLOS3+e2wAXTMp/t2mViW74GG7Uj5n3yJu7fyH8VEE=; b=S1aepXydALTwp4p6cxkA3HwknrfJhPzkwPjn6IaqBpUOXe/EZOYP1ywSyT8ImCMVS0xZfz1Cki/6/Pfn5Zy5TFC943syLMwUOd5EOTvTUyzyVHRMpyrO3gsRu8O6fsySS4kJ6uHrWeWMKxVUf1GdM3htowZ44rkQzrZ19cHIJig= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100941+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1678360208403825.5112204453603; Thu, 9 Mar 2023 03:10:08 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id OiyHYY1788612xZPbnPujszQ; Thu, 09 Mar 2023 03:10:08 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web11.10599.1678360206666004239 for ; Thu, 09 Mar 2023 03:10:06 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-351-ldZSazE1Og6XzF6Am8HZZg-1; Thu, 09 Mar 2023 06:09:55 -0500 X-MC-Unique: ldZSazE1Og6XzF6Am8HZZg-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 34318811E9C; Thu, 9 Mar 2023 11:09:54 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E9323140EBF4; Thu, 9 Mar 2023 11:09:53 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 531FF1800627; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 10/11] OvmfPkg: IntelTdx: use crypto includes Date: Thu, 9 Mar 2023 12:09:33 +0100 Message-Id: <20230309110934.853991-11-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: k4IZMINn90mAPWdWvvreMWGqx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360208; bh=lT5GnCPGDPU080EWu6RQY4XpYs+2tcJchNpzaud1XY8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=F16HSGI48bKTyK89SrqlVF/S/m4L0pGnCo8D5YVD/+rujSsqM22awdpY6jkHsQDXFcN fEz1xNwLMAD6lpAOdCMkgfu3u6JYPcmyoB2rtxIOa8ntzoYRc58B229DDJ1YfQojnwVJD vF/d6fo7ztDiBfqcOVOVOrzrI3S/ndf7YWE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360209326100003 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 15 +++++++++------ OvmfPkg/IntelTdx/IntelTdxX64.fdf | 5 +++++ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index d093660283dd..88f7b3c2cce2 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -36,6 +36,8 @@ [Defines] # DEFINE BUILD_SHELL =3D TRUE =20 +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc + # # Device drivers # @@ -191,8 +193,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE @@ -220,8 +220,9 @@ [LibraryClasses] Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf =20 +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc + [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf TdxLib|MdePkg/Library/TdxLib/TdxLib.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf @@ -280,7 +281,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -356,7 +356,6 @@ [LibraryClasses.common.DXE_SMM_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuE= xceptionHandlerLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf =20 [LibraryClasses.common.SMM_CORE] @@ -553,7 +552,6 @@ [Components] NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompre= ssLib.inf NULL|OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelperLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf } =20 # @@ -720,6 +718,11 @@ [Components] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.= inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsRes= ourceTableDxe.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX6= 4.fdf index 73dffc104301..e1b07449b7a9 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf +++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf @@ -257,6 +257,11 @@ [FV.DXEFV] # INF SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.NCCFV] --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100941): https://edk2.groups.io/g/devel/message/100941 Mute This Topic: https://groups.io/mt/97493581/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 05:09:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100940+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100940+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678360200; cv=none; d=zohomail.com; s=zohoarc; b=icdrFGtHROr7XYTHglvPi11gm0PKCeR4fMt1XZsEEBK2VcEw2KImSWAI9BOdZoC/LYryqxdK47nvRhFAdWxeBwsFC0/2m4nS4ccEn3yUTMSw8q1e9lQvfk9M5SnPp9A+1B2nqJ8+C6nnbNRDy37Ig/NSfnvdq6ynQJF1lv7iWfQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678360200; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=1SabzqT88cl0ZwPOB4zGoOSzkhjwPcE8JSRkha8ur74=; b=NcnUnTxvPbj1NAgvUUjDNyU9aWT71DKc913xTS9V29QUH4s1zRct18FQ/SgVSvFL90S2V3H7mfUTnh60rLQFDKCKAW++cE5gW16IZdN7UA04y/FP8OFs8IOqnw4pLMHp+tV++/EFhnxHNwn4XMZBJmIftZyexG4dknQcVSNANY8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100940+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1678360200070724.4165593279539; Thu, 9 Mar 2023 03:10:00 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 6gDrYY1788612xIgYQ6lZv7B; Thu, 09 Mar 2023 03:09:59 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.10594.1678360198968955025 for ; Thu, 09 Mar 2023 03:09:59 -0800 X-Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-648-Ao__mHyzN4ykOcC0mDwDHQ-1; Thu, 09 Mar 2023 06:09:55 -0500 X-MC-Unique: Ao__mHyzN4ykOcC0mDwDHQ-1 X-Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 57A023814586; Thu, 9 Mar 2023 11:09:54 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 201B84010E7B; Thu, 9 Mar 2023 11:09:54 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 57E171800634; Thu, 9 Mar 2023 12:09:34 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Pawel Polawski , Guomin Jiang , Jordan Justen , Jian J Wang , James Bottomley , Gerd Hoffmann , Oliver Steffen , Erdem Aktas , Min Xu , Xiaoyu Lu , Jiewen Yao , Ard Biesheuvel , Michael Roth , Tom Lendacky Subject: [edk2-devel] [PATCH v3 11/11] OvmfPkg: AmdSev: use crypto includes Date: Thu, 9 Mar 2023 12:09:34 +0100 Message-Id: <20230309110934.853991-12-kraxel@redhat.com> In-Reply-To: <20230309110934.853991-1-kraxel@redhat.com> References: <20230309110934.853991-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com X-Gm-Message-State: EARjWCOLxq4kduftHNJkb7sqx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1678360199; bh=QXJA/FtwAg1igtaSk33f8daFYifNqs/rjwaTn+g6CDU=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=UQ8jDdd6lPZb3FnYMw6Nm4MPimT6+C9DrJhMkCx/mHT1G2hvvY94CkpEH9ezrXZfC9e iz8bzTwU+y7jkgy93yoxhpTeRRGavogOtm8V1+Z3YoTDvU9hJVwkYbjzik77mpLXQ8mXQ qd3DqvOsX9a+5TUp2jemRnWyxjjsQpiw6Do= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1678360201258100025 Content-Type: text/plain; charset="utf-8"; x-default="true" Use the new crypto support include files. Signed-off-by: Gerd Hoffmann --- OvmfPkg/AmdSev/AmdSevX64.dsc | 12 ++++++++---- OvmfPkg/AmdSev/AmdSevX64.fdf | 6 ++++++ 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index f0c4dc231071..69710469e9c7 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -34,6 +34,7 @@ [Defines] DEFINE SOURCE_DEBUG_ENABLE =3D FALSE =20 !include OvmfPkg/Include/Dsc/OvmfTpmDefines.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoDefines.dsc.inc =20 # # Shell can be useful for debugging but should not be enabled for produc= tion @@ -182,8 +183,6 @@ [LibraryClasses] LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf =20 - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf @@ -201,9 +200,9 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoLibs.dsc.inc =20 [LibraryClasses.common] - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf TdxLib|MdePkg/Library/TdxLib/TdxLib.inf TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLibNull.inf @@ -310,7 +309,6 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf @@ -709,6 +707,12 @@ [Components] OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsRes= ourceTableDxe.inf =20 + # + # Crypto Support + # +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsPei.dsc.inc +!include OvmfPkg/Include/Dsc/OvmfCryptoComponentsDxe.dsc.inc + # # Usb Support # diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 5fb3b5d27632..84842a601262 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -163,6 +163,7 @@ [FV.PEIFV] INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf =20 !include OvmfPkg/OvmfTpmPei.fdf.inc +!include OvmfPkg/Include/Fdf/OvmfCryptoPei.fdf.inc =20 ##########################################################################= ###### =20 @@ -318,6 +319,11 @@ [FV.DXEFV] # !include OvmfPkg/OvmfTpmDxe.fdf.inc =20 +# +# Crypto support +# +!include OvmfPkg/Include/Fdf/OvmfCryptoDxeSmm.fdf.inc + ##########################################################################= ###### =20 [FV.FVMAIN_COMPACT] --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100940): https://edk2.groups.io/g/devel/message/100940 Mute This Topic: https://groups.io/mt/97493578/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-