Skip to content

Commit 39596c4

Browse files
mxu9mergify[bot]
mxu9
authored and
mergify[bot]
committed
OvmfPkg: Add build-flag SECURE_BOOT_FEATURE_ENABLED
SECURE_BOOT_FEATURE_ENABLED is the build-flag defined when secure boot is enabled. Currently this flag is used in below lib: - OvmfPkg/PlatformPei - PeilessStartupLib So it is defined in below 5 .dsc - OvmfPkg/CloudHv/CloudHvX64.dsc - OvmfPkg/IntelTdx/IntelTdxX64.dsc - OvmfPkg/OvmfPkgIa32.dsc - OvmfPkg/OvmfPkgIa32X64.dsc - OvmfPkg/OvmfPkgX64.dsc Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
1 parent 3abaa28 commit 39596c4

File tree

5 files changed

+45
-0
lines changed

5 files changed

+45
-0
lines changed

OvmfPkg/CloudHv/CloudHvX64.dsc

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,15 @@
9393
INTEL:*_*_*_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES
9494
GCC:*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
9595

96+
#
97+
# SECURE_BOOT_FEATURE_ENABLED
98+
#
99+
!if $(SECURE_BOOT_ENABLE) == TRUE
100+
MSFT:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
101+
INTEL:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
102+
GCC:*_*_*_CC_FLAGS = -D SECURE_BOOT_FEATURE_ENABLED
103+
!endif
104+
96105
!include NetworkPkg/NetworkBuildOptions.dsc.inc
97106

98107
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]

OvmfPkg/IntelTdx/IntelTdxX64.dsc

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,15 @@
8585
INTEL:*_*_*_CC_FLAGS = /D TDX_PEI_LESS_BOOT
8686
GCC:*_*_*_CC_FLAGS = -D TDX_PEI_LESS_BOOT
8787

88+
#
89+
# SECURE_BOOT_FEATURE_ENABLED
90+
#
91+
!if $(SECURE_BOOT_ENABLE) == TRUE
92+
MSFT:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
93+
INTEL:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
94+
GCC:*_*_*_CC_FLAGS = -D SECURE_BOOT_FEATURE_ENABLED
95+
!endif
96+
8897
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
8998
GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
9099
XCODE:*_*_*_DLINK_FLAGS = -seg1addr 0x1000 -segalign 0x1000

OvmfPkg/OvmfPkgIa32.dsc

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -94,6 +94,15 @@
9494
INTEL:*_*_*_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES
9595
GCC:*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
9696

97+
#
98+
# SECURE_BOOT_FEATURE_ENABLED
99+
#
100+
!if $(SECURE_BOOT_ENABLE) == TRUE
101+
MSFT:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
102+
INTEL:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
103+
GCC:*_*_*_CC_FLAGS = -D SECURE_BOOT_FEATURE_ENABLED
104+
!endif
105+
97106
!include NetworkPkg/NetworkBuildOptions.dsc.inc
98107

99108
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]

OvmfPkg/OvmfPkgIa32X64.dsc

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,15 @@
9898
INTEL:*_*_*_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES
9999
GCC:*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
100100

101+
#
102+
# SECURE_BOOT_FEATURE_ENABLED
103+
#
104+
!if $(SECURE_BOOT_ENABLE) == TRUE
105+
MSFT:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
106+
INTEL:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
107+
GCC:*_*_*_CC_FLAGS = -D SECURE_BOOT_FEATURE_ENABLED
108+
!endif
109+
101110
!include NetworkPkg/NetworkBuildOptions.dsc.inc
102111

103112
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]

OvmfPkg/OvmfPkgX64.dsc

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -111,6 +111,15 @@
111111
INTEL:*_*_*_CC_FLAGS = /D TDX_GUEST_SUPPORTED
112112
GCC:*_*_*_CC_FLAGS = -D TDX_GUEST_SUPPORTED
113113

114+
#
115+
# SECURE_BOOT_FEATURE_ENABLED
116+
#
117+
!if $(SECURE_BOOT_ENABLE) == TRUE
118+
MSFT:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
119+
INTEL:*_*_*_CC_FLAGS = /D SECURE_BOOT_FEATURE_ENABLED
120+
GCC:*_*_*_CC_FLAGS = -D SECURE_BOOT_FEATURE_ENABLED
121+
!endif
122+
114123
!include NetworkPkg/NetworkBuildOptions.dsc.inc
115124

116125
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]

0 commit comments

Comments
 (0)