2022-11-16 10:59:20 +00:00
|
|
|
|
|
|
|
[opts.ovmf.common]
|
|
|
|
NETWORK_HTTP_BOOT_ENABLE = TRUE
|
|
|
|
NETWORK_IP6_ENABLE = TRUE
|
|
|
|
NETWORK_TLS_ENABLE = TRUE
|
|
|
|
NETWORK_ISCSI_ENABLE = TRUE
|
|
|
|
NETWORK_ALLOW_HTTP_CONNECTIONS = TRUE
|
|
|
|
TPM2_ENABLE = TRUE
|
|
|
|
TPM2_CONFIG_ENABLE = TRUE
|
|
|
|
TPM1_ENABLE = TRUE
|
2023-01-13 05:17:39 +00:00
|
|
|
CAVIUM_ERRATUM_27456 = TRUE
|
2022-11-16 10:59:20 +00:00
|
|
|
|
|
|
|
[opts.ovmf.4m]
|
|
|
|
FD_SIZE_4MB = TRUE
|
|
|
|
|
|
|
|
[opts.ovmf.2m]
|
|
|
|
FD_SIZE_2MB = TRUE
|
|
|
|
NETWORK_ISCSI_ENABLE = FALSE
|
2023-09-05 10:54:42 +00:00
|
|
|
NETWORK_TLS_ENABLE = FALSE
|
2022-11-16 10:59:20 +00:00
|
|
|
|
|
|
|
[opts.ovmf.sb.smm]
|
|
|
|
SECURE_BOOT_ENABLE = TRUE
|
|
|
|
SMM_REQUIRE = TRUE
|
|
|
|
# old downstream
|
|
|
|
EXCLUDE_SHELL_FROM_FD = TRUE
|
|
|
|
# new upstream
|
|
|
|
BUILD_SHELL = FALSE
|
|
|
|
|
2022-11-17 13:20:21 +00:00
|
|
|
# requires edk2 2022-11 or newer
|
|
|
|
[opts.ovmf.sb.stateless]
|
|
|
|
SECURE_BOOT_ENABLE = TRUE
|
|
|
|
SMM_REQUIRE = FALSE
|
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
[opts.armvirt.verbose]
|
|
|
|
DEBUG_PRINT_ERROR_LEVEL = 0x8040004F
|
|
|
|
|
|
|
|
[opts.armvirt.silent]
|
|
|
|
DEBUG_PRINT_ERROR_LEVEL = 0x80000000
|
|
|
|
|
2023-09-05 11:43:13 +00:00
|
|
|
[opts.armvirt.sb.testonly]
|
|
|
|
SECURE_BOOT_ENABLE = TRUE
|
|
|
|
|
2023-03-28 12:11:34 +00:00
|
|
|
[opts.armvirt.kernel]
|
|
|
|
TPM2_ENABLE = FALSE
|
|
|
|
TPM2_CONFIG_ENABLE = FALSE
|
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
|
2023-01-06 12:05:30 +00:00
|
|
|
[pcds.nx.strict]
|
|
|
|
PcdDxeNxMemoryProtectionPolicy = 0xC000000000007FD5
|
2023-12-22 10:32:14 +00:00
|
|
|
PcdImageProtectionPolicy = 0x03
|
2023-12-12 11:20:40 +00:00
|
|
|
# Default is FALSE, so there no need to actually set it.
|
|
|
|
#PcdUninstallMemAttrProtocol = FALSE
|
2023-01-06 12:05:30 +00:00
|
|
|
|
2023-12-12 11:20:40 +00:00
|
|
|
[pcds.nx.broken.shim.grub]
|
2023-01-06 12:05:30 +00:00
|
|
|
# grub.efi uses EfiLoaderData for code
|
|
|
|
PcdDxeNxMemoryProtectionPolicy = 0xC000000000007FD1
|
2023-12-12 11:20:40 +00:00
|
|
|
# shim.efi has broken MemAttr code
|
|
|
|
PcdUninstallMemAttrProtocol = TRUE
|
2023-01-06 12:05:30 +00:00
|
|
|
|
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
#####################################################################
|
|
|
|
# stateful ovmf builds (with vars in flash)
|
|
|
|
|
|
|
|
[build.ovmf.2m.default]
|
|
|
|
desc = ovmf build (64-bit, 2MB)
|
|
|
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
|
|
|
arch = X64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.2m
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = OvmfX64
|
|
|
|
dest = Fedora/ovmf
|
|
|
|
cpy1 = FV/OVMF_CODE.fd
|
|
|
|
cpy2 = FV/OVMF_VARS.fd
|
|
|
|
cpy3 = X64/Shell.efi
|
|
|
|
|
|
|
|
[build.ovmf.4m.default]
|
|
|
|
desc = ovmf build (64-bit, 4MB)
|
|
|
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
|
|
|
arch = X64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.4m
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = OvmfX64
|
2023-05-17 10:01:54 +00:00
|
|
|
dest = Fedora/ovmf
|
|
|
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE_4M.fd
|
|
|
|
cpy2 = FV/OVMF_VARS.fd OVMF_VARS_4M.fd
|
2022-11-16 10:59:20 +00:00
|
|
|
|
|
|
|
[build.ovmf.2m.sb.smm]
|
2023-12-05 15:17:15 +00:00
|
|
|
desc = ovmf build (64-bit, 2MB, q35 only, needs smm, secure boot)
|
|
|
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
|
|
|
arch = X64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.2m
|
|
|
|
ovmf.sb.smm
|
2023-12-05 15:17:15 +00:00
|
|
|
plat = OvmfX64
|
2022-11-16 10:59:20 +00:00
|
|
|
dest = Fedora/ovmf
|
|
|
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd
|
|
|
|
cpy2 = X64/EnrollDefaultKeys.efi
|
|
|
|
|
|
|
|
[build.ovmf.4m.sb.smm]
|
2023-12-05 15:17:15 +00:00
|
|
|
desc = ovmf build (64-bit, 4MB, q35 only, needs smm, secure boot)
|
|
|
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
|
|
|
arch = X64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.4m
|
|
|
|
ovmf.sb.smm
|
2023-12-05 15:17:15 +00:00
|
|
|
plat = OvmfX64
|
2023-05-17 10:01:54 +00:00
|
|
|
dest = Fedora/ovmf
|
|
|
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE_4M.secboot.fd
|
2022-11-16 10:59:20 +00:00
|
|
|
|
|
|
|
|
|
|
|
#####################################################################
|
|
|
|
# stateless ovmf builds (firmware in rom or r/o flash)
|
|
|
|
|
|
|
|
[build.ovmf.microvm]
|
|
|
|
desc = ovmf build for qemu microvm (2MB)
|
|
|
|
conf = OvmfPkg/Microvm/MicrovmX64.dsc
|
|
|
|
arch = X64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.2m
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = MicrovmX64
|
|
|
|
dest = Fedora/ovmf
|
|
|
|
cpy1 = FV/MICROVM.fd
|
|
|
|
|
2023-02-17 10:38:41 +00:00
|
|
|
[build.ovmf.xen]
|
|
|
|
desc = ovmf build for Xen
|
|
|
|
conf = OvmfPkg/OvmfXen.dsc
|
|
|
|
arch = X64
|
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.2m
|
|
|
|
plat = OvmfXen
|
|
|
|
dest = Fedora/xen
|
|
|
|
cpy1 = FV/OVMF.fd
|
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
[build.ovmf.amdsev]
|
|
|
|
desc = ovmf build for AmdSev (2MB)
|
|
|
|
conf = OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
|
|
arch = X64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.2m
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = AmdSev
|
|
|
|
dest = Fedora/ovmf
|
|
|
|
cpy1 = FV/OVMF.fd OVMF.amdsev.fd
|
|
|
|
|
|
|
|
[build.ovmf.inteltdx]
|
|
|
|
desc = ovmf build for IntelTdx (2MB)
|
|
|
|
conf = OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
|
|
|
arch = X64
|
2023-12-05 15:17:15 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.2m
|
|
|
|
ovmf.sb.stateless
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = IntelTdx
|
|
|
|
dest = Fedora/ovmf
|
|
|
|
cpy1 = FV/OVMF.fd OVMF.inteltdx.fd
|
|
|
|
|
|
|
|
|
|
|
|
#####################################################################
|
|
|
|
# armvirt builds
|
|
|
|
|
|
|
|
[build.armvirt.aa64.verbose]
|
|
|
|
desc = ArmVirt build for qemu, 64-bit (arm v8), verbose
|
|
|
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
|
arch = AARCH64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
armvirt.verbose
|
2023-12-12 11:20:40 +00:00
|
|
|
pcds = nx.broken.shim.grub
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = ArmVirtQemu-AARCH64
|
|
|
|
dest = Fedora/aarch64
|
|
|
|
cpy1 = FV/QEMU_EFI.fd
|
|
|
|
cpy2 = FV/QEMU_VARS.fd
|
|
|
|
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-pflash.raw
|
|
|
|
cpy4 = FV/QEMU_VARS.fd vars-template-pflash.raw
|
|
|
|
pad3 = QEMU_EFI-pflash.raw 64m
|
|
|
|
pad4 = vars-template-pflash.raw 64m
|
|
|
|
|
|
|
|
[build.armvirt.aa64.silent]
|
|
|
|
desc = ArmVirt build for qemu, 64-bit (arm v8), silent
|
|
|
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
|
arch = AARCH64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
armvirt.silent
|
2023-12-12 11:20:40 +00:00
|
|
|
pcds = nx.broken.shim.grub
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = ArmVirtQemu-AARCH64
|
|
|
|
dest = Fedora/aarch64
|
|
|
|
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.silent.fd
|
|
|
|
cpy2 = FV/QEMU_EFI.fd QEMU_EFI-silent-pflash.raw
|
|
|
|
pad2 = QEMU_EFI-silent-pflash.raw 64m
|
|
|
|
|
2023-03-28 12:11:34 +00:00
|
|
|
[build.armvirt.aa64.kernel]
|
|
|
|
desc = ArmVirt build for qemu, 64-bit (arm v8)
|
|
|
|
conf = ArmVirtPkg/ArmVirtQemuKernel.dsc
|
|
|
|
arch = AARCH64
|
|
|
|
opts = ovmf.common
|
|
|
|
armvirt.silent
|
|
|
|
armvirt.kernel
|
2023-12-12 11:20:40 +00:00
|
|
|
pcds = nx.broken.shim.grub
|
2023-03-28 12:11:34 +00:00
|
|
|
plat = ArmVirtQemuKernel-AARCH64
|
|
|
|
dest = Fedora/aarch64
|
|
|
|
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.kernel.fd
|
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
|
2023-03-02 11:48:56 +00:00
|
|
|
#####################################################################
|
|
|
|
# riscv
|
|
|
|
|
|
|
|
[build.riscv.qemu]
|
|
|
|
conf = OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc
|
|
|
|
arch = RISCV64
|
|
|
|
plat = RiscVVirtQemu
|
|
|
|
dest = Fedora/riscv
|
2023-09-05 11:41:15 +00:00
|
|
|
cpy1 = FV/RISCV_VIRT_CODE.fd
|
|
|
|
cpy2 = FV/RISCV_VIRT_CODE.fd RISCV_VIRT_CODE.raw
|
|
|
|
cpy3 = FV/RISCV_VIRT_VARS.fd
|
|
|
|
cpy4 = FV/RISCV_VIRT_VARS.fd RISCV_VIRT_VARS.raw
|
|
|
|
pad1 = RISCV_VIRT_CODE.raw 32m
|
|
|
|
pad2 = RISCV_VIRT_VARS.raw 32m
|
2023-03-02 11:48:56 +00:00
|
|
|
|
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
#####################################################################
|
|
|
|
# 32-bit builds
|
|
|
|
|
|
|
|
[build.ovmf.ia32.default]
|
|
|
|
desc = ovmf build (32-bit, 2MB)
|
|
|
|
conf = OvmfPkg/OvmfPkgIa32.dsc
|
|
|
|
arch = IA32
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.2m
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = OvmfIa32
|
|
|
|
dest = Fedora/ovmf-ia32
|
|
|
|
cpy1 = FV/OVMF_CODE.fd
|
|
|
|
cpy2 = FV/OVMF_VARS.fd
|
|
|
|
cpy3 = IA32/Shell.efi
|
|
|
|
|
|
|
|
[build.ovmf.ia32.sb.smm]
|
|
|
|
desc = ovmf build (32-bit, 2MB, q35 only, needs smm, secure boot)
|
|
|
|
conf = OvmfPkg/OvmfPkgIa32.dsc
|
|
|
|
arch = IA32
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.2m
|
|
|
|
ovmf.sb.smm
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = OvmfIa32
|
|
|
|
dest = Fedora/ovmf-ia32
|
|
|
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd
|
|
|
|
cpy2 = IA32/EnrollDefaultKeys.efi
|
|
|
|
|
|
|
|
[build.armvirt.arm]
|
|
|
|
desc = ArmVirt build for qemu, 32-bit (arm v7)
|
|
|
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
|
arch = ARM
|
|
|
|
opts = ovmf.common
|
2023-12-12 11:20:40 +00:00
|
|
|
pcds = nx.broken.shim.grub
|
2022-11-16 10:59:20 +00:00
|
|
|
plat = ArmVirtQemu-ARM
|
|
|
|
dest = Fedora/arm
|
|
|
|
cpy1 = FV/QEMU_EFI.fd
|
|
|
|
cpy2 = FV/QEMU_VARS.fd
|
|
|
|
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-pflash.raw
|
|
|
|
cpy4 = FV/QEMU_VARS.fd vars-template-pflash.raw
|
|
|
|
pad3 = QEMU_EFI-pflash.raw 64m
|
|
|
|
pad4 = vars-template-pflash.raw 64m
|
2022-11-17 13:20:21 +00:00
|
|
|
|
|
|
|
|
|
|
|
#####################################################################
|
|
|
|
# experimental builds
|
|
|
|
|
|
|
|
[build.ovmf.sb.stateless]
|
|
|
|
desc = ovmf build (64-bit, stateless secure boot)
|
|
|
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
|
|
|
arch = X64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.4m
|
|
|
|
ovmf.sb.stateless
|
2022-11-17 13:20:21 +00:00
|
|
|
plat = OvmfX64
|
|
|
|
dest = Fedora/experimental
|
|
|
|
cpy1 = FV/OVMF.fd OVMF.stateless.fd
|
2023-01-06 12:05:30 +00:00
|
|
|
|
|
|
|
[build.ovmf.strict.nx]
|
2023-12-05 15:17:15 +00:00
|
|
|
desc = ovmf build (64-bit, 4MB, q35 only, needs smm, secure boot, strict nx)
|
|
|
|
conf = OvmfPkg/OvmfPkgX64.dsc
|
|
|
|
arch = X64
|
2023-01-06 12:05:30 +00:00
|
|
|
opts = ovmf.common
|
|
|
|
ovmf.4m
|
|
|
|
ovmf.sb.smm
|
|
|
|
pcds = nx.strict
|
2023-12-05 15:17:15 +00:00
|
|
|
plat = OvmfX64
|
2023-01-06 12:05:30 +00:00
|
|
|
dest = Fedora/experimental
|
2023-12-13 12:42:35 +00:00
|
|
|
cpy1 = FV/OVMF_CODE.fd OVMF_CODE_4M.secboot.strictnx.fd
|
2023-01-06 12:05:30 +00:00
|
|
|
|
|
|
|
[build.armvirt.aa64.strict.nx]
|
|
|
|
desc = ArmVirt build for qemu, 64-bit (arm v8), verbose
|
|
|
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
|
arch = AARCH64
|
|
|
|
opts = ovmf.common
|
|
|
|
armvirt.verbose
|
|
|
|
pcds = nx.strict
|
|
|
|
plat = ArmVirtQemu-AARCH64
|
|
|
|
dest = Fedora/experimental
|
|
|
|
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.strictnx.fd
|
|
|
|
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-strictnx-pflash.raw
|
|
|
|
pad3 = QEMU_EFI-strictnx-pflash.raw 64m
|
2023-09-05 11:43:13 +00:00
|
|
|
|
|
|
|
[build.armvirt.aa64.secboot.testonly]
|
|
|
|
desc = ArmVirt build for qemu, 64-bit (arm v8), secure boot
|
|
|
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
|
arch = AARCH64
|
|
|
|
opts = ovmf.common
|
|
|
|
armvirt.verbose
|
|
|
|
armvirt.sb.testonly
|
|
|
|
pcds = nx.strict
|
|
|
|
plat = ArmVirtQemu-AARCH64
|
|
|
|
dest = Fedora/experimental
|
|
|
|
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.secboot.testonly.fd
|
|
|
|
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-secboot-testonly-pflash.raw
|
|
|
|
pad3 = QEMU_EFI-secboot-testonly-pflash.raw 64m
|