From nobody Thu Dec 26 12:54:09 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1505928492722899.5485612462785; Wed, 20 Sep 2017 10:28:12 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 0429221D046DF; Wed, 20 Sep 2017 10:25:02 -0700 (PDT) Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id B74C121D046D7 for ; Wed, 20 Sep 2017 10:25:00 -0700 (PDT) Received: by mail-wm0-x235.google.com with SMTP id 13so9221954wmq.2 for ; Wed, 20 Sep 2017 10:28:06 -0700 (PDT) Received: from vanye.hemma.eciton.net (cpc92316-cmbg19-2-0-cust118.5-4.cable.virginm.net. [82.12.0.119]) by smtp.gmail.com with ESMTPSA id j65sm1920429wmj.3.2017.09.20.10.28.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Sep 2017 10:28:03 -0700 (PDT) X-Original-To: edk2-devel@lists.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=pHlRgljo0XFT0yYBiAfxtNO7DSnFb9kzc9ts7TYZ0PQ=; b=L4GHvZZCKR8KTCzxgoNHeFIFtvVd6+fH/bzm3p3zYmh95FE22/g/Nfic1m80fCEk93 V1Sdx33g9NPRxBHXF6RwHys2zotXSUDbpevrRRdoeHEQLbthErg/y89fs+vkXp2DRX9y +M1FgSmKf0SdeeLhsOqYV2+/dHuHiuDQ7Ka7c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=pHlRgljo0XFT0yYBiAfxtNO7DSnFb9kzc9ts7TYZ0PQ=; b=ZRFOM8EpU/YVbUwaurC7AyxyLT/gzNDZj/97Emr9NM49bHJK6shaTQvmiYza4M8JR/ a7J5nbDlcF+tiDx5cT4NVZ86VmHAMPmd4SklS+CR0C9etZ+4rKk9EE/UHwkUHgPw/LwG 2emq64OLwh2B+QoWdV9HJ1pg2duWT0gT2EmfaGc0OaqfHhAaYNPwtEpCUlAGlivNQNHM dKA6ysqEydNbdJZQW5+F8c7cbaM7dFUscFgQTLGSGNHrCTUSzIogHCSSLqpWtlewoH1o Rdho5u62cNpSVVRdRZNamw/TdpS2JndMUiDMnekbYAGd6oaTuwEPSbEnlKRRki/byaqN 0u0w== X-Gm-Message-State: AHPjjUh5K6RZ+wnSKPOeQ+IBcDlaCvraASG5WCZnVzRo+dEqZh1Y83u0 gAfuq4iASzWt85wubsL6z7P1ZMQwVeQ= X-Google-Smtp-Source: AOwi7QAnPzw64v4Jr2Z/caXQUtvZGBlrgIX5P8ZhqKgBOAjFerpognXDSPKqZaFDcEKv23TX106SrA== X-Received: by 10.28.12.65 with SMTP id 62mr5056967wmm.129.1505928485047; Wed, 20 Sep 2017 10:28:05 -0700 (PDT) From: Leif Lindholm To: edk2-devel@lists.01.org Date: Wed, 20 Sep 2017 18:27:53 +0100 Message-Id: <20170920172755.22767-5-leif.lindholm@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170920172755.22767-1-leif.lindholm@linaro.org> References: <20170920172755.22767-1-leif.lindholm@linaro.org> Subject: [edk2] [RFC 4/6] ConfigPkg: add common Security settings X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Jordan Justen , Laszlo Ersek , Andrew Fish , Ard Biesheuvel MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Collate universal Secure Boot and crypto settings under Security/. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Leif Lindholm --- ConfigPkg/Security/Security.dsc.inc | 67 +++++++++++++++++++++++++++++++++= ++++ ConfigPkg/Security/Security.fdf.inc | 17 ++++++++++ 2 files changed, 84 insertions(+) create mode 100644 ConfigPkg/Security/Security.dsc.inc create mode 100644 ConfigPkg/Security/Security.fdf.inc diff --git a/ConfigPkg/Security/Security.dsc.inc b/ConfigPkg/Security/Secur= ity.dsc.inc new file mode 100644 index 0000000000..88100c992d --- /dev/null +++ b/ConfigPkg/Security/Security.dsc.inc @@ -0,0 +1,67 @@ +## @file +# +# Copyright (c) 2017, Linaro ltd. All rights reserved.
+# +# This program and the accompanying materials are licensed and made avail= able +# under the terms and conditions of the BSD License which accompanies this +# distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +# +## + + +##########################################################################= ###### +# +# Library Class section +# +##########################################################################= ###### +[LibraryClasses.common] +!if $(CONFIG_SECURE_BOOT_ENABLE) =3D=3D TRUE + AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf +# +!else +# + AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf +!endif + +[LibraryClasses.ARM, LibraryClasses.AARCH64] +!if $(CONFIG_SECURE_BOOT_ENABLE) =3D=3D TRUE + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +!endif + +[LibraryClasses.common.DXE_RUNTIME_DRIVER] +!if $(CONFIG_SECURE_BOOT_ENABLE) =3D=3D TRUE + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +!endif + + +##########################################################################= ###### +# +# Pcd Section +# +##########################################################################= ###### +[PcdsFeatureFlag] + + +##########################################################################= ###### +# +# Components Section +# +##########################################################################= ###### +[Components] +!if $(CONFIG_SECURE_BOOT_ENABLE) =3D=3D TRUE + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { + + NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificatio= nLib.inf + } + SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDx= e.inf +!else + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf +!endif diff --git a/ConfigPkg/Security/Security.fdf.inc b/ConfigPkg/Security/Secur= ity.fdf.inc new file mode 100644 index 0000000000..2a75446c9b --- /dev/null +++ b/ConfigPkg/Security/Security.fdf.inc @@ -0,0 +1,17 @@ +## @file +# +# Copyright (c) 2017, Linaro ltd. All rights reserved.
+# +# This program and the accompanying materials are licensed and made avail= able +# under the terms and conditions of the BSD License which accompanies this +# distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +# +## + +!if $(CONFIGURE_SECURE_BOOT_ENABLE) =3D=3D TRUE + INF SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCon= figDxe.inf +!endif --=20 2.11.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel