diff options
author | Min M Xu <min.m.xu@intel.com> | 2023-02-03 11:31:47 +0800 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2023-02-04 03:38:15 +0000 |
commit | 4d37059d8e1eeda124270a158416795605327cbd (patch) | |
tree | b5ab0ea80b76ec8b31f43478cd4af5a76d55a76d /OvmfPkg/OvmfPkgX64.fdf | |
parent | 1f9bd937b3bc991ff5e273b37793896a6821b06a (diff) | |
download | edk2-4d37059d8e1eeda124270a158416795605327cbd.tar.gz edk2-4d37059d8e1eeda124270a158416795605327cbd.tar.bz2 edk2-4d37059d8e1eeda124270a158416795605327cbd.zip |
OvmfPkg: Support Tdx measurement in OvmfPkgX64
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
This patch enables Tdx measurement in OvmfPkgX64 with below changes:
1) CC_MEASUREMENT_ENABLE is introduced in OvmfPkgX64.dsc. This flag
indicates if Intel TDX measurement is enabled in OvmfPkgX64. Its
default value is FALSE.
2) Include TdTcg2Dxe in OvmfPkgX64 so that CC_MEASUREMENT_PROTOCOL
is installed in a Td-guest. TdTcg2Dxe is controlled by
TDX_MEASUREMENT_ENABLE because it is only valid when Intel TDX
measurement is enabled.
3) OvmfTpmLibs.dsc.inc and OvmfTpmSecurityStub.dsc.inc are updated
because DxeTpm2MeasureBootLib.inf and DxeTpmMeasurementLib.inf
should be included to support CC_MEASUREMENT_PROTOCOL.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Diffstat (limited to 'OvmfPkg/OvmfPkgX64.fdf')
-rw-r--r-- | OvmfPkg/OvmfPkgX64.fdf | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 8c02dfe11e..16666ba244 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -403,6 +403,13 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf !endif
#
+# EFI_CC_MEASUREMENT_PROTOCOL
+#
+!if $(CC_MEASUREMENT_ENABLE) == TRUE
+INF SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf
+!endif
+
+#
# TPM support
#
!include OvmfPkg/OvmfTpmDxe.fdf.inc
|