2023-03-28 10:00:40 +00:00
|
|
|
|
|
|
|
[opts.ovmf.common]
|
|
|
|
NETWORK_HTTP_BOOT_ENABLE = TRUE
|
|
|
|
NETWORK_IP6_ENABLE = TRUE
|
|
|
|
NETWORK_TLS_ENABLE = TRUE
|
|
|
|
NETWORK_ISCSI_ENABLE = TRUE
|
|
|
|
NETWORK_ALLOW_HTTP_CONNECTIONS = TRUE
|
|
|
|
TPM2_ENABLE = TRUE
|
|
|
|
TPM2_CONFIG_ENABLE = TRUE
|
|
|
|
TPM1_ENABLE = FALSE
|
|
|
|
CAVIUM_ERRATUM_27456 = TRUE
|
|
|
|
|
|
|
|
[opts.ovmf.4m]
|
|
|
|
FD_SIZE_4MB = TRUE
|
|
|
|
|
|
|
|
[opts.ovmf.sb.smm]
|
|
|
|
SECURE_BOOT_ENABLE = TRUE
|
|
|
|
SMM_REQUIRE = TRUE
|
|
|
|
# old downstream
|
|
|
|
EXCLUDE_SHELL_FROM_FD = TRUE
|
|
|
|
# new upstream
|
|
|
|
BUILD_SHELL = FALSE
|
|
|
|
|
2024-03-28 10:04:37 +00:00
|
|
|
[opts.ovmf.sb.stateless]
|
|
|
|
SECURE_BOOT_ENABLE = TRUE
|
|
|
|
SMM_REQUIRE = FALSE
|
|
|
|
|
2023-03-28 10:00:40 +00:00
|
|
|
[opts.armvirt.verbose]
|
|
|
|
DEBUG_PRINT_ERROR_LEVEL = 0x8040004F
|
|
|
|
|
|
|
|
[opts.armvirt.silent]
|
|
|
|
DEBUG_PRINT_ERROR_LEVEL = 0x80000000
|
|
|
|
|
2024-03-28 10:04:37 +00:00
|
|
|
|
2023-09-21 18:20:25 +00:00
|
|
|
[pcds.nx.strict]
|
|
|
|
PcdDxeNxMemoryProtectionPolicy = 0xC000000000007FD5
|
2024-03-28 10:04:37 +00:00
|
|
|
PcdUninstallMemAttrProtocol = FALSE
|
2023-09-21 18:20:25 +00:00
|
|
|
|
2024-03-28 10:04:37 +00:00
|
|
|
[pcds.nx.broken.shim.grub]
|
2023-09-21 18:20:25 +00:00
|
|
|
# grub.efi uses EfiLoaderData for code
|
|
|
|
PcdDxeNxMemoryProtectionPolicy = 0xC000000000007FD1
|
2024-03-28 10:04:37 +00:00
|
|
|
# shim.efi has broken MemAttr code
|
|
|
|
PcdUninstallMemAttrProtocol = TRUE
|
|
|
|
|
2023-03-28 10:00:40 +00:00
|
|
|
|
|
|
|
#####################################################################
|
|
|
|
# stateful ovmf builds (with vars in flash)
|
|
|
|
|
|
|
|
[build.ovmf.4m.default]
|
|
|
|
desc = ovmf build (64-bit, 4MB)
|
|
|
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
|
|
|
arch = X64
|
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.4m
|
|
|
|
plat = OvmfX64
|
|
|
|
dest = RHEL-9/ovmf
|
|
|
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.fd
|
|
|
|
cpy2 = FV/OVMF_VARS.fd
|
|
|
|
cpy3 = X64/Shell.efi
|
|
|
|
|
|
|
|
[build.ovmf.4m.sb.smm]
|
2024-03-28 10:04:37 +00:00
|
|
|
desc = ovmf build (64-bit, 4MB, q35 only, needs smm, secure boot)
|
|
|
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
|
|
|
arch = X64
|
2023-03-28 10:00:40 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.4m
|
|
|
|
ovmf.sb.smm
|
2024-03-28 10:04:37 +00:00
|
|
|
plat = OvmfX64
|
2023-03-28 10:00:40 +00:00
|
|
|
dest = RHEL-9/ovmf
|
|
|
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd
|
|
|
|
cpy2 = X64/EnrollDefaultKeys.efi
|
|
|
|
|
|
|
|
|
|
|
|
#####################################################################
|
|
|
|
# stateless ovmf builds (firmware in rom or r/o flash)
|
|
|
|
|
|
|
|
[build.ovmf.amdsev]
|
|
|
|
desc = ovmf build for AmdSev (4MB)
|
|
|
|
conf = OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
|
|
arch = X64
|
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.4m
|
|
|
|
plat = AmdSev
|
|
|
|
dest = RHEL-9/ovmf
|
|
|
|
cpy1 = FV/OVMF.fd OVMF.amdsev.fd
|
|
|
|
|
|
|
|
[build.ovmf.inteltdx]
|
|
|
|
desc = ovmf build for IntelTdx (4MB)
|
|
|
|
conf = OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
|
|
|
arch = X64
|
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.4m
|
2024-03-28 10:04:37 +00:00
|
|
|
ovmf.sb.stateless
|
2023-03-28 10:00:40 +00:00
|
|
|
plat = IntelTdx
|
|
|
|
dest = RHEL-9/ovmf
|
|
|
|
cpy1 = FV/OVMF.fd OVMF.inteltdx.fd
|
|
|
|
|
|
|
|
|
|
|
|
#####################################################################
|
|
|
|
# armvirt builds
|
|
|
|
|
|
|
|
[build.armvirt.aa64.verbose]
|
|
|
|
desc = ArmVirt build for qemu, 64-bit (arm v8), verbose
|
|
|
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
|
arch = AARCH64
|
|
|
|
opts = ovmf.common
|
|
|
|
armvirt.verbose
|
2024-03-28 10:04:37 +00:00
|
|
|
pcds = nx.broken.shim.grub
|
2023-03-28 10:00:40 +00:00
|
|
|
plat = ArmVirtQemu-AARCH64
|
|
|
|
dest = RHEL-9/aarch64
|
|
|
|
cpy1 = FV/QEMU_EFI.fd
|
|
|
|
cpy2 = FV/QEMU_VARS.fd
|
|
|
|
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-pflash.raw
|
|
|
|
cpy4 = FV/QEMU_VARS.fd vars-template-pflash.raw
|
|
|
|
pad3 = QEMU_EFI-pflash.raw 64m
|
|
|
|
pad4 = vars-template-pflash.raw 64m
|
|
|
|
|
|
|
|
[build.armvirt.aa64.silent]
|
|
|
|
desc = ArmVirt build for qemu, 64-bit (arm v8), silent
|
|
|
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
|
arch = AARCH64
|
|
|
|
opts = ovmf.common
|
|
|
|
armvirt.silent
|
2024-03-28 10:04:37 +00:00
|
|
|
pcds = nx.broken.shim.grub
|
2023-03-28 10:00:40 +00:00
|
|
|
plat = ArmVirtQemu-AARCH64
|
|
|
|
dest = RHEL-9/aarch64
|
|
|
|
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.silent.fd
|
|
|
|
cpy2 = FV/QEMU_EFI.fd QEMU_EFI-silent-pflash.raw
|
|
|
|
pad2 = QEMU_EFI-silent-pflash.raw 64m
|