diff --git a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf index a96497457542..03db92891f3b 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.fdf +++ b/UefiPayloadPkg/UefiPayloadPkg.fdf @@ -51,8 +51,10 @@ INF MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf INF UefiPayloadPkg/BlSupportPei/BlSupportPei.inf INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf +!if $(TPM2_ENABLE) == TRUE INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +!endif ################################################################################ @@ -164,9 +166,12 @@ INF MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf +!if $(TPM2_ENABLE) == TRUE INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf -# INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf - +!if $(TPM2_CONFIG_ENABLE) == TRUE +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif +!endif # # Shell diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc index 1b4c39be9ada..d79d8c3be1cf 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc @@ -25,6 +25,8 @@ FLASH_DEFINITION = UefiPayloadPkg/UefiPayloadPkg.fdf DEFINE SOURCE_DEBUG_ENABLE = FALSE + DEFINE TPM2_ENABLE = FALSE + DEFINE TPM2_CONFIG_ENABLE = FALSE # # SBL: UEFI payload for Slim Bootloader @@ -209,6 +211,7 @@ # # TPM2 # +!if $(TPM2_ENABLE) == TRUE Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf @@ -216,6 +219,7 @@ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +!endif [LibraryClasses.IA32.SEC] DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf @@ -235,9 +239,11 @@ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib.inf !endif +!if $(TPM2_ENABLE) == TRUE [LibraryClasses.common.PEIM] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +!endif [LibraryClasses.common.DXE_CORE] PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf @@ -261,7 +267,9 @@ !endif CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +!if $(TPM2_ENABLE) == TRUE Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +!endif [LibraryClasses.common.DXE_RUNTIME_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -376,7 +384,9 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdConOutRow|31 gEfiMdeModulePkgTokenSpaceGuid.PcdConOutColumn|100 +!if $(TPM2_ENABLE) == TRUE gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} +!endif ################################################################################ # @@ -410,6 +420,7 @@ # # TPM2 # +!if $(TPM2_ENABLE) == TRUE OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { @@ -420,8 +431,7 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } - - #SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif [Components.X64] @@ -436,10 +446,14 @@ # # Components that produce the architectural protocols # + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { +!if $(TPM2_ENABLE) == TRUE NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +!endif } + UefiCpuPkg/CpuDxe/CpuDxe.inf MdeModulePkg/Universal/BdsDxe/BdsDxe.inf MdeModulePkg/Application/UiApp/UiApp.inf { @@ -541,6 +555,7 @@ MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf UefiPayloadPkg/GraphicsOutputDxe/GraphicsOutputDxe.inf +!if $(TPM2_ENABLE) == TRUE SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf @@ -552,6 +567,10 @@ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif +!endif #------------------------------ # Build the shell