Update to 0.2
This commit is contained in:
parent
48a92b9e95
commit
3f38048252
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1,3 @@
|
|||||||
/shim-0.1.tar.bz2
|
/shim-0.1.tar.bz2
|
||||||
|
/shim-0.2.tar.bz2
|
||||||
|
/mokutil-0.1.0.tar.bz2
|
||||||
|
25
0001-Fix-grub-path.patch
Normal file
25
0001-Fix-grub-path.patch
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
From aedb12117d5de52b3b2a49008e5e052f4369bda9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||||
|
Date: Mon, 26 Nov 2012 19:31:05 -0500
|
||||||
|
Subject: [PATCH] Fix grub path
|
||||||
|
|
||||||
|
---
|
||||||
|
shim.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/shim.c b/shim.c
|
||||||
|
index 4d490b9..88c8209 100644
|
||||||
|
--- a/shim.c
|
||||||
|
+++ b/shim.c
|
||||||
|
@@ -42,7 +42,7 @@
|
||||||
|
#include "netboot.h"
|
||||||
|
#include "shim_cert.h"
|
||||||
|
|
||||||
|
-#define SECOND_STAGE L"\\grub.efi"
|
||||||
|
+#define SECOND_STAGE L"\\grubx64.efi"
|
||||||
|
#define MOK_MANAGER L"\\MokManager.efi"
|
||||||
|
|
||||||
|
static EFI_SYSTEM_TABLE *systab;
|
||||||
|
--
|
||||||
|
1.8.0
|
||||||
|
|
39
shim.spec
39
shim.spec
@ -1,6 +1,6 @@
|
|||||||
Name: shim
|
Name: shim
|
||||||
Version: 0.1
|
Version: 0.2
|
||||||
Release: 4%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: First-stage UEFI bootloader
|
Summary: First-stage UEFI bootloader
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
@ -8,6 +8,10 @@ URL: http://www.codon.org.uk/~mjg59/shim/
|
|||||||
Source0: http://www.codon.org.uk/~mjg59/shim/shim-%{version}.tar.bz2
|
Source0: http://www.codon.org.uk/~mjg59/shim/shim-%{version}.tar.bz2
|
||||||
Source1: fedora-ca.cer
|
Source1: fedora-ca.cer
|
||||||
|
|
||||||
|
# incorporate mokutil for packaging simplicity
|
||||||
|
%global mokutilver 0.1.0
|
||||||
|
Source2: http://www.codon.org.uk/~mjg59/mokutil/mokutil-%{mokutilver}.tar.bz2
|
||||||
|
|
||||||
# currently here's what's in our dbx:
|
# currently here's what's in our dbx:
|
||||||
# grub2-efi-2.00-11.fc18.x86_64:
|
# grub2-efi-2.00-11.fc18.x86_64:
|
||||||
# grubx64.efi 6ac839881e73504047c06a1aac0c4763408ecb3642783c8acf77a2d393ea5cd7
|
# grubx64.efi 6ac839881e73504047c06a1aac0c4763408ecb3642783c8acf77a2d393ea5cd7
|
||||||
@ -16,25 +20,24 @@ Source1: fedora-ca.cer
|
|||||||
# grubx64.efi 49ece9a10a9403b32c8e0c892fd9afe24a974323c96f2cc3dd63608754bf9b45
|
# grubx64.efi 49ece9a10a9403b32c8e0c892fd9afe24a974323c96f2cc3dd63608754bf9b45
|
||||||
# gcdx64.efi 99fcaa957786c155a92b40be9c981c4e4685b8c62b408cb0f6cb2df9c30b9978
|
# gcdx64.efi 99fcaa957786c155a92b40be9c981c4e4685b8c62b408cb0f6cb2df9c30b9978
|
||||||
# woops.
|
# woops.
|
||||||
Source2: dbx.esl
|
Source3: dbx.esl
|
||||||
|
|
||||||
BuildRequires: gnu-efi git
|
Patch0: 0001-Fix-grub-path.patch
|
||||||
BuildRequires: pesign >= 0.99-8
|
|
||||||
|
BuildRequires: gnu-efi git openssl-devel
|
||||||
|
BuildRequires: pesign >= 0.99-9
|
||||||
|
|
||||||
# Shim uses OpenSSL, but cannot use the system copy as the UEFI ABI is not
|
# Shim uses OpenSSL, but cannot use the system copy as the UEFI ABI is not
|
||||||
# compatible with SysV (there's no red zone under UEFI) and there isn't a
|
# compatible with SysV (there's no red zone under UEFI) and there isn't a
|
||||||
# POSIX-style C library.
|
# POSIX-style C library.
|
||||||
# BuildRequires: OpenSSL
|
# BuildRequires: OpenSSL
|
||||||
|
Provides: bundled(openssl) = 0.9.8w
|
||||||
|
|
||||||
# Shim is only required on platforms implementing the UEFI secure boot
|
# Shim is only required on platforms implementing the UEFI secure boot
|
||||||
# protocol. The only one of those we currently wish to support is 64-bit x86.
|
# protocol. The only one of those we currently wish to support is 64-bit x86.
|
||||||
# Adding further platforms will require adding appropriate relocation code.
|
# Adding further platforms will require adding appropriate relocation code.
|
||||||
ExclusiveArch: x86_64
|
ExclusiveArch: x86_64
|
||||||
|
|
||||||
# Shim generates no binaries that run under the installed OS, so debuginfo
|
|
||||||
# is useless
|
|
||||||
%global debug_package %{nil}
|
|
||||||
|
|
||||||
# Figure out the right file path to use
|
# Figure out the right file path to use
|
||||||
%if 0%{?rhel}
|
%if 0%{?rhel}
|
||||||
%global efidir redhat
|
%global efidir redhat
|
||||||
@ -62,6 +65,7 @@ git config user.name "Fedora Ninjas"
|
|||||||
git add .
|
git add .
|
||||||
git commit -a -q -m "%{version} baseline."
|
git commit -a -q -m "%{version} baseline."
|
||||||
git am %{patches} </dev/null
|
git am %{patches} </dev/null
|
||||||
|
%setup -q -a 2 -D -T
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%define vendor_token_str %{expand:%%{nil}%%{?vendor_token_name:-t "%{vendor_token_name}"}}
|
%define vendor_token_str %{expand:%%{nil}%%{?vendor_token_name:-t "%{vendor_token_name}"}}
|
||||||
@ -73,7 +77,10 @@ if [ -f "%{SOURCE1}" ]; then
|
|||||||
MAKEFLAGS="VENDOR_CERT_FILE=%{SOURCE1}"
|
MAKEFLAGS="VENDOR_CERT_FILE=%{SOURCE1}"
|
||||||
fi
|
fi
|
||||||
make %{?_smp_mflags} ${MAKEFLAGS}
|
make %{?_smp_mflags} ${MAKEFLAGS}
|
||||||
|
cd mokutil-%{mokutilver}
|
||||||
|
%configure
|
||||||
|
make %{?_smp_mflags}
|
||||||
|
cd ..
|
||||||
|
|
||||||
%install
|
%install
|
||||||
rm -rf $RPM_BUILD_ROOT
|
rm -rf $RPM_BUILD_ROOT
|
||||||
@ -83,6 +90,10 @@ install -m 0644 shim.efi $RPM_BUILD_ROOT%{_datadir}/shim/shim.efi
|
|||||||
install -m 0644 shim.sig $RPM_BUILD_ROOT%{_datadir}/shim/shim.sig
|
install -m 0644 shim.sig $RPM_BUILD_ROOT%{_datadir}/shim/shim.sig
|
||||||
install -D -d -m 0755 $RPM_BUILD_ROOT/boot/efi/EFI/%{efidir}/
|
install -D -d -m 0755 $RPM_BUILD_ROOT/boot/efi/EFI/%{efidir}/
|
||||||
%pesign -s -i shim.efi -o $RPM_BUILD_ROOT/boot/efi/EFI/%{efidir}/shim.efi
|
%pesign -s -i shim.efi -o $RPM_BUILD_ROOT/boot/efi/EFI/%{efidir}/shim.efi
|
||||||
|
%pesign -s -i MokManager.efi -o $RPM_BUILD_ROOT/boot/efi/EFI/%{efidir}/MokManager.efi
|
||||||
|
cd mokutil-%{mokutilver}
|
||||||
|
make PREFIX=%{_prefix} LIBDIR=%{_libdir} DESTDIR=%{buildroot} install
|
||||||
|
|
||||||
|
|
||||||
%files -n shim-unsigned
|
%files -n shim-unsigned
|
||||||
%doc
|
%doc
|
||||||
@ -91,8 +102,16 @@ install -D -d -m 0755 $RPM_BUILD_ROOT/boot/efi/EFI/%{efidir}/
|
|||||||
|
|
||||||
%files
|
%files
|
||||||
/boot/efi/EFI/%{efidir}/shim.efi
|
/boot/efi/EFI/%{efidir}/shim.efi
|
||||||
|
/boot/efi/EFI/%{efidir}/MokManager.efi
|
||||||
|
/usr/bin/mokutil
|
||||||
|
/usr/share/man/man1/mokutil.1.gz
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 26 2012 Matthew Garrett <mjg59@srcf.ucam.org> - 0.2-1
|
||||||
|
- Update shim
|
||||||
|
- Include mokutil
|
||||||
|
- Add debuginfo package since mokutil is a userspace executable
|
||||||
|
|
||||||
* Mon Oct 22 2012 Peter Jones <pjones@redhat.com> - 0.1-4
|
* Mon Oct 22 2012 Peter Jones <pjones@redhat.com> - 0.1-4
|
||||||
- Produce an unsigned shim
|
- Produce an unsigned shim
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user