diff options
| author | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2015-05-07 15:22:31 +0000 |
|---|---|---|
| committer | oliviermartin <oliviermartin@Edk2> | 2015-05-07 15:22:31 +0000 |
| commit | 80f882abd92f43a0f108ce83db58738618a19706 (patch) | |
| tree | 5a2671201a9a2b4a6d191ad9d98165fd9b9f09e2 /ArmPlatformPkg/ArmVirtualizationPkg/ArmVirtualizationQemu.fdf | |
| parent | 6cf1269d9577a50834683f9b0a90197c0dfa1a78 (diff) | |
| download | edk2-platforms-80f882abd92f43a0f108ce83db58738618a19706.tar.xz | |
ArmVirtualizationPkg: Enable secure boot for ArmVirtualizationQemu
This adds all the required modules and library dependencies so that
the ArmVirtualizationQemu platform can be built with support for
UEFI Secure Boot. This support consists of the OpenSSL crypto
library (whose source needs to be downloaded separately), the
authenticated variable store, and authentication of executables
before launching them.
Contributed-under: TianoCore Contribution Agreement 1.0
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Olivier Martin <olivier.martin@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17356 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'ArmPlatformPkg/ArmVirtualizationPkg/ArmVirtualizationQemu.fdf')
| -rw-r--r-- | ArmPlatformPkg/ArmVirtualizationPkg/ArmVirtualizationQemu.fdf | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/ArmPlatformPkg/ArmVirtualizationPkg/ArmVirtualizationQemu.fdf b/ArmPlatformPkg/ArmVirtualizationPkg/ArmVirtualizationQemu.fdf index e0ec44bf3f..33cb495222 100644 --- a/ArmPlatformPkg/ArmVirtualizationPkg/ArmVirtualizationQemu.fdf +++ b/ArmPlatformPkg/ArmVirtualizationPkg/ArmVirtualizationQemu.fdf @@ -116,7 +116,12 @@ READ_LOCK_STATUS = TRUE INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ INF SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf
+ INF SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+!else
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+!endif
INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
INF EmbeddedPkg/ResetRuntimeDxe/ResetRuntimeDxe.inf
INF EmbeddedPkg/RealTimeClockRuntimeDxe/RealTimeClockRuntimeDxe.inf
@@ -134,7 +139,11 @@ READ_LOCK_STATUS = TRUE INF ArmPkg/Drivers/ArmGic/ArmGicDxe.inf
INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ INF ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashAuthenticatedDxe.inf
+!else
INF ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
+!endif
INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
#
@@ -255,7 +264,11 @@ READ_LOCK_STATUS = TRUE INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
INF ArmPkg/Drivers/CpuPei/CpuPei.inf
INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ INF SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf
+!else
INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
+!endif
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
|