summaryrefslogtreecommitdiffstats
path: root/meta-efi-secure-boot/recipes-bsp
Commit message (Collapse)AuthorAgeFilesLines
...
* grub-efi: fix compile errors for arm64Kai Kang2018-05-112-20/+32
| | | | | | | It fails to build grub-efi for arm64. Add definitions of missing macros and replace x86 specified asm codes with function grub_halt(). Signed-off-by: Kai Kang <kai.kang@windriver.com>
* grub-efi: refresh patches to fix QA warningYi Zhao2018-05-103-13/+23
| | | | | | | | | Refresh the following patches: 0003-efi-chainloader-implement-an-UEFI-Exit-service-for-s.patch 0005-efi-chainloader-use-shim-to-load-and-verify-an-image.patch Grub-get-and-set-efi-variables.patch Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* efitools: Rework how we deal with rpath and linking of Linux appsTom Rini2018-05-023-30/+28
| | | | | | | | | | | | | | | | - In all cases, when building Linux apps (and thus linking with gcc) we need to pass in the normal set of LDFLAGS for both rpath and link hash type. - Rework Fix-for-the-cross-compilation.patch a bit. When linking EFI apps (and thus linking with ld) we don't need to pass in other special flags. When linking the "openssl" apps we do not need to spell out the crtN files as gcc handles that for us, they are normal Linux apps. Ensure that all Linux apps get our EXTRA_LDFLAGS passed in. With all of these changes we are now able to reuse sstate cache between build directories. Signed-off-by: Tom Rini <trini@konsulko.com>
* grub/boot-menu: Rename _bakup suffix to _backupJia Zhang2018-03-191-3/+3
| | | | Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
* seloader: sync up with upstreamJia Zhang2018-02-281-1/+1
| | | | Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
* efitools: use oe.utils.str_filter_outJackie Huang2018-02-071-2/+2
| | | | | | | oe_filter_out has been removed from oe-core so use the replacement function oe.utils.str_filter_out. Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
* seloader: sync up with upstreamJia Zhang2017-10-271-1/+1
| | | | Signed-off-by: Jia Zhang <qianyue.zj@alibaba-inc.com>
* shim: drop fallbackJia Zhang2017-10-276-136/+0
| | | | | | | | | shim will uninstall MOK Verify Protocol when launching fallack, implying it is impossible to get the instance of MOK Verify Protocol for SELoader. This behavior violates the original intention of introducing fallback. Signed-off-by: Jia Zhang <qianyue.zj@alibaba-inc.com>
* shim: disable OVERRIDE_SECURITY_POLICY for 32bit target (#25)Wenzong Fan2017-09-301-1/+2
| | | | | | | | | | Fix 32bit assembler errors: | /tmp/ccJyZFtJ.s: Assembler messages: | /tmp/ccJyZFtJ.s:268: Error: bad register name `%rsp)' | /tmp/ccJyZFtJ.s:269: Error: bad register name `%rdi' ... | make[1]: *** [<builtin>: security_policy.o] Error 1 Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
* grub-efi: fix build error with qemux86 (#24)Wenzong Fan2017-09-291-1/+1
| | | | | | | | | Fix the error: mok2verify.c:169:53: error: \ format '%lx' expects argument of type 'long unsigned int', \ but argument 3 has type 'grub_efi_status_t {aka int}' \ [-Werror=format=] Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
* shim: sync up with upstreamJia Zhang2017-08-237-335/+22
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* encrypted-storage: use luks as the feature name for current implementationJia Zhang2017-08-201-5/+4
| | | | | | | | encrypted-storage layer will include more security features about encrypted storage so the term "encrypted-storage" won't be used to specify a dedicated technology term such as "LUKS". Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* grub-efi: remove the unused patchJia Zhang2017-08-181-30/+0
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* efitools: fix searching openssl.cnf for target buildJia Zhang2017-08-171-2/+1
| | | | | | | Currently, OPENSSL_LIB is only used for locating openssl.cnf in order to work around openssl-1.1.x. Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* efitools: support to build with openssl-1.1.xLans Zhang2017-08-163-0/+78
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: refresh fallback patchsetLans Zhang2017-08-116-14/+294
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: sync up with upstreamLans Zhang2017-08-091-2/+2
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: sync up with upstreamLans Zhang2017-08-032-8/+8
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: don't set CSV boot entry as the first boot optionLans Zhang2017-08-012-0/+50
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: code style fixupLans Zhang2017-07-281-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* grub-efi: remove the depreciated replacement for initrd= parameterLans Zhang2017-07-281-7/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* grub/boot-menu.inc: use linux and initrd commands instead of chainloader to ↵Lans Zhang2017-07-271-2/+4
| | | | | | | | boot kernel Since bzImage is not signed during the build. Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: use fallback loading SELoaderLans Zhang2017-07-244-24/+69
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: update to the latestLans Zhang2017-07-242-35/+2
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* seloader: sync up with upstreamLans Zhang2017-07-131-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* seloader,libsign: fix homepage URLsLans Zhang2017-07-131-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* efitools: code style fixupLans Zhang2017-07-133-21/+22
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* seloader, libsign, cryptfs-tpm2: code style fixupLans Zhang2017-07-131-13/+16
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* grub-efi: carry forward mok2verify to grub-2.02Lans Zhang2017-07-132-76/+156
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* grub-efi: rebased to 2.02Lans Zhang2017-07-124-110/+24
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Fix the occurrence of checking the existence of signing keysLans Zhang2017-07-124-0/+4
| | | | | | packagegroups are not the end consumers of using user-key-store. Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: enable http boot supportLans Zhang2017-07-111-0/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* seloader: sync up with upstreamLans Zhang2017-07-031-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Rename .pem to .crtLans Zhang2017-07-032-4/+4
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: fix OVMF crashLans Zhang2017-06-303-13/+45
| | | | | | | | - httpboot.o cannot be built if ".PRECIOUS: " is placed ahead of "<tab>CFLAGS +=". - uri pointer should not be freed if NULL. Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: clean up the code styleLans Zhang2017-06-301-27/+29
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* code style fixupLans Zhang2017-06-296-31/+34
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: enable http boot supportLans Zhang2017-06-261-0/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: initial commitLans Zhang2017-06-2250-0/+4729
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-18 18:14:16 +0000