This commit introduces a new build option, TLS_ENABLE, to pull in the TLS-related modules. If HTTP_BOOT_ENABLE and TLS_ENABLE are enabled at the same time, the HTTP driver locates the TLS protocols automatically and thus HTTPS is enabled.
To build OVMF with HTTP Boot: $ ./build.sh -D HTTP_BOOT_ENABLE To build OVMF with HTTPS Boot: $ ./build.sh -D HTTP_BOOT_ENABLE -D TLS_ENABLE Cc: Laszlo Ersek <[email protected]> Cc: Justen Jordan L <[email protected]> Cc: Wu Jiaxin <[email protected]> Cc: Long Qin <[email protected]> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin <[email protected]> --- OvmfPkg/OvmfPkgIa32.dsc | 9 +++++++++ OvmfPkg/OvmfPkgIa32.fdf | 4 ++++ OvmfPkg/OvmfPkgIa32X64.dsc | 9 +++++++++ OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++ OvmfPkg/OvmfPkgX64.dsc | 9 +++++++++ OvmfPkg/OvmfPkgX64.fdf | 4 ++++ 6 files changed, 39 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 77287920e2..e060602587 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -38,6 +38,7 @@ [Defines] DEFINE NETWORK_IP6_ENABLE = FALSE DEFINE HTTP_BOOT_ENABLE = FALSE DEFINE SMM_REQUIRE = FALSE + DEFINE TLS_ENABLE = FALSE [BuildOptions] GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG @@ -162,6 +163,10 @@ [LibraryClasses] HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf !endif +!if $(TLS_ENABLE) == TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf +!endif + S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf @@ -710,6 +715,10 @@ [Components] NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif +!if $(TLS_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif OvmfPkg/VirtioNetDxe/VirtioNet.inf # diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 069e21b7d0..09c165882c 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -326,6 +326,10 @@ [FV.DXEFV] INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif +!if $(TLS_ENABLE) == TRUE + INF NetworkPkg/TlsDxe/TlsDxe.inf + INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif INF OvmfPkg/VirtioNetDxe/VirtioNet.inf # diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 64a7c16d2f..0e24e7a5bc 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -38,6 +38,7 @@ [Defines] DEFINE NETWORK_IP6_ENABLE = FALSE DEFINE HTTP_BOOT_ENABLE = FALSE DEFINE SMM_REQUIRE = FALSE + DEFINE TLS_ENABLE = FALSE [BuildOptions] GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG @@ -167,6 +168,10 @@ [LibraryClasses] HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf !endif +!if $(TLS_ENABLE) == TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf +!endif + S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf @@ -719,6 +724,10 @@ [Components.X64] NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif +!if $(TLS_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif OvmfPkg/VirtioNetDxe/VirtioNet.inf # diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index f29feb27b4..5233314139 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -326,6 +326,10 @@ [FV.DXEFV] INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif +!if $(TLS_ENABLE) == TRUE + INF NetworkPkg/TlsDxe/TlsDxe.inf + INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif INF OvmfPkg/VirtioNetDxe/VirtioNet.inf # diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index ac4bf4f63e..108f7d59bf 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -38,6 +38,7 @@ [Defines] DEFINE NETWORK_IP6_ENABLE = FALSE DEFINE HTTP_BOOT_ENABLE = FALSE DEFINE SMM_REQUIRE = FALSE + DEFINE TLS_ENABLE = FALSE [BuildOptions] GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG @@ -167,6 +168,10 @@ [LibraryClasses] HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf !endif +!if $(TLS_ENABLE) == TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf +!endif + S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf @@ -717,6 +722,10 @@ [Components] NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif +!if $(TLS_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif OvmfPkg/VirtioNetDxe/VirtioNet.inf # diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 8d66da099f..36150101e7 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -326,6 +326,10 @@ [FV.DXEFV] INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif +!if $(TLS_ENABLE) == TRUE + INF NetworkPkg/TlsDxe/TlsDxe.inf + INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif INF OvmfPkg/VirtioNetDxe/VirtioNet.inf # -- 2.11.0 _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
