From e664a331d51d7cebc4bf8bfdd39eb534632f90d1 Mon Sep 17 00:00:00 2001 From: Lans Zhang Date: Thu, 29 Jun 2017 10:50:23 +0800 Subject: code style fixup Signed-off-by: Lans Zhang --- .../packagegroups/packagegroup-efi-secure-boot.bb | 10 +++--- .../recipes-bsp/efitools/efitools-native_git.bb | 2 +- .../recipes-bsp/efitools/efitools.inc | 4 +-- .../recipes-bsp/efitools/efitools_git.bb | 6 ++-- .../recipes-bsp/grub/grub-efi_2.02.bbappend | 6 ++-- .../recipes-bsp/seloader/seloader_git.bb | 41 ++++++++++++---------- meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb | 6 ++-- .../recipes-core/systemd/systemd_%.bbappend | 8 +++-- .../linux/linux-yocto-efi-secure-boot.inc | 2 +- 9 files changed, 46 insertions(+), 39 deletions(-) (limited to 'meta-efi-secure-boot') diff --git a/meta-efi-secure-boot/recipes-base/packagegroups/packagegroup-efi-secure-boot.bb b/meta-efi-secure-boot/recipes-base/packagegroups/packagegroup-efi-secure-boot.bb index a2b35b1..ab0281c 100644 --- a/meta-efi-secure-boot/recipes-base/packagegroups/packagegroup-efi-secure-boot.bb +++ b/meta-efi-secure-boot/recipes-base/packagegroups/packagegroup-efi-secure-boot.bb @@ -1,13 +1,15 @@ DESCRIPTION = "EFI Secure Boot packages for secure-environment." LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ - file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" +LIC_FILES_CHKSUM = "\ + file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ + file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420 \ +" S = "${WORKDIR}" ALLOW_EMPTY_${PN} = "1" -pkgs = " \ +pkgs = "\ grub-efi \ efitools \ efibootmgr \ @@ -19,7 +21,7 @@ pkgs = " \ RDEPENDS_${PN}_x86 = "${pkgs}" RDEPENDS_${PN}_x86-64 = "${pkgs}" -kmods = " \ +kmods = "\ kernel-module-efivarfs \ kernel-module-efivars \ " diff --git a/meta-efi-secure-boot/recipes-bsp/efitools/efitools-native_git.bb b/meta-efi-secure-boot/recipes-bsp/efitools/efitools-native_git.bb index 890abcf..d7159d8 100644 --- a/meta-efi-secure-boot/recipes-bsp/efitools/efitools-native_git.bb +++ b/meta-efi-secure-boot/recipes-bsp/efitools/efitools-native_git.bb @@ -4,7 +4,7 @@ inherit native DEPENDS_append = " gnu-efi-native" -EXTRA_OEMAKE_append = " \ +EXTRA_OEMAKE_append = "\ INCDIR_PREFIX='${STAGING_DIR_NATIVE}' \ CRTPATH_PREFIX='${STAGING_DIR_NATIVE}' \ EXTRA_LDFLAGS='-Wl,-rpath,${libdir}' \ diff --git a/meta-efi-secure-boot/recipes-bsp/efitools/efitools.inc b/meta-efi-secure-boot/recipes-bsp/efitools/efitools.inc index 9a9888c..c9de4db 100644 --- a/meta-efi-secure-boot/recipes-bsp/efitools/efitools.inc +++ b/meta-efi-secure-boot/recipes-bsp/efitools/efitools.inc @@ -10,7 +10,7 @@ in the Linux 3.8 kernel. \ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=e28f66b16cb46be47b20a4cdfe6e99a1" -SRC_URI = " \ +SRC_URI = "\ git://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git \ file://Fix-for-the-cross-compilation.patch \ file://Kill-all-the-build-warning-caused-by-implicit-declar.patch \ @@ -37,7 +37,7 @@ DEPENDS_append += "\ S = "${WORKDIR}/git" -EXTRA_OEMAKE = " \ +EXTRA_OEMAKE = "\ HELP2MAN='${STAGING_BINDIR_NATIVE}/help2man' \ OPENSSL='${STAGING_BINDIR_NATIVE}/openssl' \ SBSIGN='${STAGING_BINDIR_NATIVE}/sbsign' \ diff --git a/meta-efi-secure-boot/recipes-bsp/efitools/efitools_git.bb b/meta-efi-secure-boot/recipes-bsp/efitools/efitools_git.bb index 79b86a6..8d287a5 100644 --- a/meta-efi-secure-boot/recipes-bsp/efitools/efitools_git.bb +++ b/meta-efi-secure-boot/recipes-bsp/efitools/efitools_git.bb @@ -1,6 +1,6 @@ require efitools.inc -SRC_URI_append += " \ +SRC_URI_append += "\ file://LockDown-enable-the-enrollment-for-DBX.patch \ file://LockDown-show-the-error-message-with-3-sec-timeout.patch \ file://Makefile-do-not-build-signed-efi-image.patch \ @@ -16,11 +16,11 @@ inherit user-key-store deploy # The generated native binaries are used during native and target build DEPENDS += "${BPN}-native gnu-efi openssl" -RDEPENDS_${PN}_append += " \ +RDEPENDS_${PN}_append += "\ parted mtools coreutils util-linux openssl libcrypto \ " -EXTRA_OEMAKE_append += " \ +EXTRA_OEMAKE_append += "\ INCDIR_PREFIX='${STAGING_DIR_TARGET}' \ CRTPATH_PREFIX='${STAGING_DIR_TARGET}' \ SIGN_EFI_SIG_LIST='${STAGING_BINDIR_NATIVE}/sign-efi-sig-list' \ diff --git a/meta-efi-secure-boot/recipes-bsp/grub/grub-efi_2.02.bbappend b/meta-efi-secure-boot/recipes-bsp/grub/grub-efi_2.02.bbappend index dd98968..70ed828 100644 --- a/meta-efi-secure-boot/recipes-bsp/grub/grub-efi_2.02.bbappend +++ b/meta-efi-secure-boot/recipes-bsp/grub/grub-efi_2.02.bbappend @@ -1,10 +1,10 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/grub-efi:" -EXTRA_SRC_URI = " \ +EXTRA_SRC_URI = "\ ${@'file://efi-secure-boot.inc file://password.inc' if d.getVar('UEFI_SB', True) == '1' else ''} \ " -SRC_URI += " \ +SRC_URI += "\ file://0001-pe32.h-add-header-structures-for-TE-and-DOS-executab.patch \ file://0002-shim-add-needed-data-structures.patch \ file://0003-efi-chainloader-implement-an-UEFI-Exit-service-for-s.patch \ @@ -27,7 +27,7 @@ SRC_URI += " \ EFI_BOOT_PATH = "/boot/efi/EFI/BOOT" -#GRUB_BUILDIN_append = " chain ${@'efivar mok2verify password_pbkdf2' if d.getVar('UEFI_SB', True) == '1' else ''}" +# TODO: re-add mok2verify when refreshed GRUB_BUILDIN_append += " chain ${@'efivar password_pbkdf2' if d.getVar('UEFI_SB', True) == '1' else ''}" # For efi_call_foo and efi_shim_exit diff --git a/meta-efi-secure-boot/recipes-bsp/seloader/seloader_git.bb b/meta-efi-secure-boot/recipes-bsp/seloader/seloader_git.bb index 76f2669..0469d42 100644 --- a/meta-efi-secure-boot/recipes-bsp/seloader/seloader_git.bb +++ b/meta-efi-secure-boot/recipes-bsp/seloader/seloader_git.bb @@ -19,7 +19,7 @@ SECTION = "bootloaders" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=d9bf404642f21afb4ad89f95d7bc91ee" PR = "r0" -SRC_URI = " \ +SRC_URI = "\ git://github.com/jiazhang0/SELoader.git \ " SRCREV = "32e3292c33603f319354aac273938fe63897a8da" @@ -30,14 +30,14 @@ COMPATIBLE_HOST = '(i.86|x86_64).*-linux' inherit deploy user-key-store S = "${WORKDIR}/git" -DEPENDS += " \ +DEPENDS += "\ gnu-efi sbsigntool-native \ " EFI_ARCH_x86 = "ia32" EFI_ARCH_x86-64 = "x64" -EXTRA_OEMAKE = " \ +EXTRA_OEMAKE = "\ CROSS_COMPILE="${TARGET_PREFIX}" \ SBSIGN=${STAGING_BINDIR_NATIVE}/sbsign \ gnuefi_libdir=${STAGING_LIBDIR} \ @@ -50,9 +50,12 @@ EFI_TARGET = "/boot/efi/EFI/BOOT" FILES_${PN} += "${EFI_TARGET}" python do_sign() { - sb_sign(d.expand('${B}/Src/Efi/SELoader.efi'), d.expand('${B}/Src/Efi/SELoader.efi.signed'), d) - sb_sign(d.expand('${B}/Bin/Hash2DxeCrypto.efi'), d.expand('${B}/Bin/Hash2DxeCrypto.efi.signed'), d) - sb_sign(d.expand('${B}/Bin/Pkcs7VerifyDxe.efi'), d.expand('${B}/Bin/Pkcs7VerifyDxe.efi.signed'), d) + sb_sign(d.expand('${B}/Src/Efi/SELoader.efi'), \ + d.expand('${B}/Src/Efi/SELoader.efi.signed'), d) + sb_sign(d.expand('${B}/Bin/Hash2DxeCrypto.efi'), \ + d.expand('${B}/Bin/Hash2DxeCrypto.efi.signed'), d) + sb_sign(d.expand('${B}/Bin/Pkcs7VerifyDxe.efi'), \ + d.expand('${B}/Bin/Pkcs7VerifyDxe.efi.signed'), d) } addtask sign after do_compile before do_install @@ -63,20 +66,20 @@ do_install() { if [ x"${UEFI_SB}" = x"1" ]; then if [ x"${MOK_SB}" != x"1" ]; then - mv ${D}${EFI_TARGET}/SELoader${EFI_ARCH}.efi \ - ${D}${EFI_TARGET}/boot${EFI_ARCH}.efi + mv "${D}${EFI_TARGET}/SELoader${EFI_ARCH}.efi" \ + "${D}${EFI_TARGET}/boot${EFI_ARCH}.efi" fi fi } do_deploy() { # Deploy the unsigned images for manual signing - install -d ${DEPLOYDIR}/efi-unsigned + install -d "${DEPLOYDIR}/efi-unsigned" - install -m 0600 ${B}/Src/Efi/SELoader.efi \ - ${DEPLOYDIR}/efi-unsigned/SELoader${EFI_ARCH}.efi - install -m 0600 ${B}/Bin/Hash2DxeCrypto.efi ${DEPLOYDIR}/efi-unsigned/ - install -m 0600 ${B}/Bin/Pkcs7VerifyDxe.efi ${DEPLOYDIR}/efi-unsigned/ + install -m 0600 "${B}/Src/Efi/SELoader.efi" \ + "${DEPLOYDIR}/efi-unsigned/SELoader${EFI_ARCH}.efi" + install -m 0600 "${B}/Bin/Hash2DxeCrypto.efi" "${DEPLOYDIR}/efi-unsigned" + install -m 0600 "${B}/Bin/Pkcs7VerifyDxe.efi" "${DEPLOYDIR}/efi-unsigned" # Deploy the signed images if [ x"${UEFI_SB}" = x"1" -a x"${MOK_SB}" != x"1" ]; then @@ -84,11 +87,11 @@ do_deploy() { else SEL_NAME=SELoader fi - install -m 0600 ${D}${EFI_TARGET}/${SEL_NAME}${EFI_ARCH}.efi \ - ${DEPLOYDIR}/${SEL_NAME}${EFI_ARCH}.efi - install -m 0600 ${D}${EFI_TARGET}/Hash2DxeCrypto.efi \ - ${DEPLOYDIR}/Hash2DxeCrypto.efi - install -m 0600 ${D}${EFI_TARGET}/Pkcs7VerifyDxe.efi \ - ${DEPLOYDIR}/Pkcs7VerifyDxe.efi + install -m 0600 "${D}${EFI_TARGET}/${SEL_NAME}${EFI_ARCH}.efi" \ + "${DEPLOYDIR}/${SEL_NAME}${EFI_ARCH}.efi" + install -m 0600 "${D}${EFI_TARGET}/Hash2DxeCrypto.efi" \ + "${DEPLOYDIR}/Hash2DxeCrypto.efi" + install -m 0600 "${D}${EFI_TARGET}/Pkcs7VerifyDxe.efi" \ + "${DEPLOYDIR}/Pkcs7VerifyDxe.efi" } addtask deploy after do_install before do_build diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb b/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb index 7f96106..5e696fc 100644 --- a/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb +++ b/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb @@ -17,7 +17,7 @@ COMPATIBLE_HOST = '(i.86|x86_64).*-linux' inherit deploy user-key-store -SRC_URI = " \ +SRC_URI = "\ git://github.com/rhinstaller/shim.git \ file://0001-shim-allow-to-verify-sha1-digest-for-Authenticode.patch \ file://0005-Fix-signing-failure-due-to-not-finding-certificate.patch;apply=0 \ @@ -28,7 +28,7 @@ SRC_URI = " \ file://0011-Update-verification_method-if-the-loaded-image-is-si.patch;apply=0 \ file://0012-netboot-replace-the-depreciated-EFI_PXE_BASE_CODE.patch \ " -SRC_URI_append_x86-64 = " \ +SRC_URI_append_x86-64 = "\ ${@bb.utils.contains('DISTRO_FEATURES', 'msft', 'file://shim${EFI_ARCH}.efi.signed file://LICENSE' if uks_signing_model(d) == 'sample' else '', '', d)} \ " @@ -43,7 +43,7 @@ DEPENDS += "\ EFI_ARCH_x86 = "ia32" EFI_ARCH_x86-64 = "x64" -EXTRA_OEMAKE = " \ +EXTRA_OEMAKE = "\ CROSS_COMPILE="${TARGET_PREFIX}" \ LIB_GCC="`${CC} -print-libgcc-file-name`" \ LIB_PATH="${STAGING_LIBDIR}" \ diff --git a/meta-efi-secure-boot/recipes-core/systemd/systemd_%.bbappend b/meta-efi-secure-boot/recipes-core/systemd/systemd_%.bbappend index 7b935b5..665a025 100644 --- a/meta-efi-secure-boot/recipes-core/systemd/systemd_%.bbappend +++ b/meta-efi-secure-boot/recipes-core/systemd/systemd_%.bbappend @@ -1,7 +1,9 @@ -DEPENDS += " \ +DEPENDS += "\ ${@bb.utils.contains('MACHINE_FEATURES', 'efi', 'gnu-efi', '', d)} \ " -EXTRA_OECONF += " \ - ${@bb.utils.contains('MACHINE_FEATURES', 'efi', '--enable-efi --enable-gnuefi --with-efi-libdir=${STAGING_LIBDIR} --with-efi-ldsdir=${STAGING_LIBDIR} --with-efi-includedir=${STAGING_INCDIR}', '', d)} \ +EXTRA_OECONF += "\ + ${@bb.utils.contains('MACHINE_FEATURES', 'efi', \ + '--enable-efi --enable-gnuefi --with-efi-libdir=${STAGING_LIBDIR} --with-efi-ldsdir=${STAGING_LIBDIR} --with-efi-includedir=${STAGING_INCDIR}', \ + '', d)} \ " diff --git a/meta-efi-secure-boot/recipes-kernel/linux/linux-yocto-efi-secure-boot.inc b/meta-efi-secure-boot/recipes-kernel/linux/linux-yocto-efi-secure-boot.inc index 94be38d..2f4b338 100644 --- a/meta-efi-secure-boot/recipes-kernel/linux/linux-yocto-efi-secure-boot.inc +++ b/meta-efi-secure-boot/recipes-kernel/linux/linux-yocto-efi-secure-boot.inc @@ -1,6 +1,6 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/linux-yocto:" -efi_secure_boot_sccs = " \ +efi_secure_boot_sccs = "\ ${@bb.utils.contains('DISTRO_FEATURES', 'efi-secure-boot', \ 'cfg/efi-ext.scc', '', d)} \ " -- cgit v1.2.3-54-g00ecf