update build config: 64bit pei, tdx sb

Stop using mixed mode builds, switch to 64-bit PEI phase. Enable secure boot for the intel tdx builds. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2023-12-05 16:17:15 +01:00 · 2023-12-05 16:17:15 +01:00 · e23d2f953b
commit e23d2f953b
parent 766cf0772e
2 changed files with 24 additions and 17 deletions
--- a/edk2-build.fedora
+++ b/edk2-build.fedora
@ -80,25 +80,25 @@ cpy1 = FV/OVMF_CODE.fd OVMF_CODE_4M.fd
 cpy2 = FV/OVMF_VARS.fd OVMF_VARS_4M.fd
 [build.ovmf.2m.sb.smm]
-desc = ovmf build (32/64-bit, 2MB, q35 only, needs smm, secure boot)
+desc = ovmf build (64-bit, 2MB, q35 only, needs smm, secure boot)
-conf = OvmfPkg/OvmfPkgIa32X64.dsc
+conf = OvmfPkg/OvmfPkgX64.dsc
-arch = IA32 X64
+arch = X64
 opts = ovmf.common
       ovmf.2m
       ovmf.sb.smm
-plat = Ovmf3264
+plat = OvmfX64
 dest = Fedora/ovmf
 cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd
 cpy2 = X64/EnrollDefaultKeys.efi
 [build.ovmf.4m.sb.smm]
-desc = ovmf build (32/64-bit, 4MB, q35 only, needs smm, secure boot)
+desc = ovmf build (64-bit, 4MB, q35 only, needs smm, secure boot)
-conf = OvmfPkg/OvmfPkgIa32X64.dsc
+conf = OvmfPkg/OvmfPkgX64.dsc
-arch = IA32 X64
+arch = X64
 opts = ovmf.common
       ovmf.4m
       ovmf.sb.smm
-plat = Ovmf3264
+plat = OvmfX64
 dest = Fedora/ovmf
 cpy1 = FV/OVMF_CODE.fd OVMF_CODE_4M.secboot.fd
@ -140,7 +140,9 @@ cpy1 = FV/OVMF.fd OVMF.amdsev.fd
 desc = ovmf build for IntelTdx (2MB)
 conf = OvmfPkg/IntelTdx/IntelTdxX64.dsc
 arch = X64
-opts = ovmf.common ovmf.2m
+opts = ovmf.common
       ovmf.2m
       ovmf.sb.stateless
 plat = IntelTdx
 dest = Fedora/ovmf
 cpy1 = FV/OVMF.fd OVMF.inteltdx.fd
@ -265,14 +267,14 @@ dest = Fedora/experimental
 cpy1 = FV/OVMF.fd OVMF.stateless.fd
 [build.ovmf.strict.nx]
-desc = ovmf build (32/64-bit, 4MB, q35 only, needs smm, secure boot, strict nx)
+desc = ovmf build (64-bit, 4MB, q35 only, needs smm, secure boot, strict nx)
-conf = OvmfPkg/OvmfPkgIa32X64.dsc
+conf = OvmfPkg/OvmfPkgX64.dsc
-arch = IA32 X64
+arch = X64
 opts = ovmf.common
       ovmf.4m
       ovmf.sb.smm
 pcds = nx.strict
-plat = Ovmf3264
+plat = OvmfX64
 dest = Fedora/experimental
 cpy1 = FV/OVMF_CODE.fd OVMF_CODE.4m.secboot.strictnx.fd
--- a/edk2-build.rhel-9
+++ b/edk2-build.rhel-9
@ -21,6 +21,10 @@ EXCLUDE_SHELL_FROM_FD    = TRUE
 # new upstream
 BUILD_SHELL              = FALSE
 [opts.ovmf.sb.stateless]
 SECURE_BOOT_ENABLE       = TRUE
 SMM_REQUIRE              = FALSE
 [opts.armvirt.verbose]
 DEBUG_PRINT_ERROR_LEVEL  = 0x8040004F
@ -50,13 +54,13 @@ cpy2 = FV/OVMF_VARS.fd
 cpy3 = X64/Shell.efi
 [build.ovmf.4m.sb.smm]
-desc = ovmf build (32/64-bit, 4MB, q35 only, needs smm, secure boot)
+desc = ovmf build (64-bit, 4MB, q35 only, needs smm, secure boot)
-conf = OvmfPkg/OvmfPkgIa32X64.dsc
+conf = OvmfPkg/OvmfPkgX64.dsc
-arch = IA32 X64
+arch = X64
 opts = ovmf.common
       ovmf.4m
       ovmf.sb.smm
-plat = Ovmf3264
+plat = OvmfX64
 dest = RHEL-9/ovmf
 cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd
 cpy2 = X64/EnrollDefaultKeys.efi
@ -81,6 +85,7 @@ conf = OvmfPkg/IntelTdx/IntelTdxX64.dsc
 arch = X64
 opts = ovmf.common
       ovmf.4m
       ovmf.sb.stateless
 plat = IntelTdx
 dest = RHEL-9/ovmf
 cpy1 = FV/OVMF.fd OVMF.inteltdx.fd