add stateless secure boot build
This commit is contained in:
Gerd Hoffmann
parent
0d524109ab
commit
92cf2a314c
|
|
@ -24,6 +24,11 @@ EXCLUDE_SHELL_FROM_FD = TRUE
|
|||
# new upstream
|
||||
BUILD_SHELL = FALSE
|
||||
|
||||
# requires edk2 2022-11 or newer
|
||||
[opts.ovmf.sb.stateless]
|
||||
SECURE_BOOT_ENABLE = TRUE
|
||||
SMM_REQUIRE = FALSE
|
||||
|
||||
[opts.armvirt.verbose]
|
||||
DEBUG_PRINT_ERROR_LEVEL = 0x8040004F
|
||||
|
||||
|
|
@ -172,3 +177,16 @@ cpy3 = FV/QEMU_EFI.fd QEMU_EFI-pflash.raw
|
|||
cpy4 = FV/QEMU_VARS.fd vars-template-pflash.raw
|
||||
pad3 = QEMU_EFI-pflash.raw 64m
|
||||
pad4 = vars-template-pflash.raw 64m
|
||||
|
||||
|
||||
#####################################################################
|
||||
# experimental builds
|
||||
|
||||
[build.ovmf.sb.stateless]
|
||||
desc = ovmf build (64-bit, stateless secure boot)
|
||||
conf = OvmfPkg/OvmfPkgX64.dsc
|
||||
arch = X64
|
||||
opts = ovmf.common ovmf.4m ovmf.sb.stateless
|
||||
plat = OvmfX64
|
||||
dest = Fedora/experimental
|
||||
cpy1 = FV/OVMF.fd OVMF.stateless.fd
|
||||
|
|
|
|||
19
edk2.spec
19
edk2.spec
|
|
@ -194,6 +194,15 @@ BuildArch: noarch
|
|||
EFI Development Kit II
|
||||
Open Virtual Machine Firmware (ia32)
|
||||
|
||||
%package ovmf-experimental
|
||||
Summary: Open Virtual Machine Firmware, experimental builds
|
||||
License: BSD-2-Clause-Patent and OpenSSL
|
||||
Provides: bundled(openssl)
|
||||
BuildArch: noarch
|
||||
%description ovmf-experimental
|
||||
EFI Development Kit II
|
||||
Open Virtual Machine Firmware (experimental builds)
|
||||
|
||||
%package arm
|
||||
Summary: ARM Virtual Machine Firmware
|
||||
BuildArch: noarch
|
||||
|
|
@ -305,6 +314,11 @@ virt-fw-vars --input Fedora/ovmf-ia32/OVMF_VARS.fd \
|
|||
build_iso Fedora/ovmf
|
||||
build_iso Fedora/ovmf-ia32
|
||||
|
||||
# experimental stateless builds
|
||||
virt-fw-vars --input Fedora/experimental/OVMF.stateless.fd \
|
||||
--output Fedora/experimental/OVMF.stateless.secboot.fd \
|
||||
--enroll-redhat --secure-boot
|
||||
|
||||
%endif
|
||||
%endif
|
||||
|
||||
|
|
@ -535,6 +549,11 @@ done
|
|||
%{_datadir}/qemu/firmware/30-edk2-ovmf-ia32-sb-enrolled.json
|
||||
%{_datadir}/qemu/firmware/40-edk2-ovmf-ia32-sb.json
|
||||
%{_datadir}/qemu/firmware/50-edk2-ovmf-ia32.json
|
||||
|
||||
%files ovmf-experimental
|
||||
%common_files
|
||||
%dir %{_datadir}/%{name}/experimental
|
||||
%{_datadir}/%{name}/experimental/*.fd
|
||||
%endif
|
||||
|
||||
%files arm
|
||||
|
|
|
|||
Loading…
Reference in New Issue