EDK II Minimum Platform Specification
EDK II Minimum Platform Specification
EDK II Minimum Platform Specification
EDK II Minimum Platform Specification
EDK II Minimum Platform Specification
Tables
Figures
1 Introduction
2 Architecture
3 Stage I: Minimal Debug
4 Stage II: Memory Functional
5 Stage III: Boot to UEFI Shell
6 Stage IV: Boot to OS
7 Stage V: Security Enable
7.2 Firmware Volumes
7.3 Modules
7.4 Required Functions
7.5 Configuration
7.6 Data Flows
7.7 Additional Control Flows
7.8 Build Files
7.9 Test Point Results
7.10 Functional Exit Criteria
7.11 Stage Enabling Checklist
8 Stage VI: Advanced Feature Selection
9 Stage VII: Tuning
Appendix A Full Maps
Appendix B Global Configuration
Appendix C ACPI
Appendix D Interface Definitions
Powered by GitBook

7.11 Stage Enabling Checklist

The following steps should be followed to enable a platform for Stage V.

  1. Update BoardPkg/Board.

    1. Deploy the UEFI secure boot variables (PK/KEK/db/dbx)

    2. Configure PcdTpmInstanceGuid to select TPM hardware. Default of gEfiTpmDeviceInstanceTpm20DtpmGuidvalue is usually correct.

  2. UEFI secure boot

    1. Update PlatformSecureLib:UserPhysicalPresent (), to check if a

      user is physically present to authorize change of authenticated variables

  3. For TCG trusted boot

    1. May select TPM2 instance PcdTpmInstanceGuid.

    2. May set PcdFirmwareDebuggerInitialized based on whether or not a Firmware Debugger is attached to the platform

  4. For DMA Protection

    1. May include IOMMU driver to do DMA protection, if the silicon supports

      IOMMU.

  5. Ensure all PCDs in the configuration section (DSC files) are correct for your board.

    1. Set gMinPlatformPkgTokenSpaceGuid.PcdBootStage = 5

  6. Ensure all required binaries in the flash file (FDF files) are correct for your board.

  7. Boot, collect log, verify test point results defined in section 7.9 Test Point Results are correct

Previous
7.10 Functional Exit Criteria
Next
8 Stage VI: Advanced Feature Selection
Last updated 9 months ago
Edit on GitHub