[edk2-devel] [PATCH 4/4] OvmfPkg: add TPM2_SHA1_ENABLE build option

Gerd Hoffmann kraxel at redhat.com
Thu Oct 21 12:20:03 UTC 2021 

Allows to compile OVMF without HashInstanceLibSha1,
i.e. no SHA1 hash support in TPM/TCG modules.

Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
---
 OvmfPkg/OvmfTpmComponentsDxe.dsc.inc | 2 ++
 OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 2 ++
 OvmfPkg/OvmfTpmDefines.dsc.inc       | 1 +
 3 files changed, 5 insertions(+)

diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
index 6806eb245e2b..1952a848b17c 100644
--- a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
+++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
@@ -8,7 +8,9 @@
       Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
       NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
       HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
+!if $(TPM2_SHA1_ENABLE) == TRUE
       NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+!endif
       NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
       NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
       NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc
index 94bc124f9b78..fbe905603312 100644
--- a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc
+++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc
@@ -13,7 +13,9 @@
   SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
     <LibraryClasses>
       HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
+!if $(TPM2_SHA1_ENABLE) == TRUE
       NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+!endif
       NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
       NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
       NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc
index de55cbdcf852..7db7ad7e7934 100644
--- a/OvmfPkg/OvmfTpmDefines.dsc.inc
+++ b/OvmfPkg/OvmfTpmDefines.dsc.inc
@@ -7,3 +7,4 @@
 
   # has no effect unless TPM2_ENABLE == TRUE
   DEFINE TPM1_ENABLE             = TRUE
+  DEFINE TPM2_SHA1_ENABLE        = TRUE
-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#82456): https://edk2.groups.io/g/devel/message/82456
Mute This Topic: https://groups.io/mt/86487987/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list