mirrors/meta-secure-core
1
0
Fork 0
mirror of https://github.com/jiazhang0/meta-secure-core.git synced 2026-04-20 18:08:17 +00:00
Code Issues Projects Releases Wiki Activity
Files
382ffa19cf3d22a6cdcff1c2a1bc78e0ecc5858c
meta-secure-core/meta-efi-secure-boot/recipes-bsp/efitools/efitools_git.bb
Jason Wessel 382ffa19cf efitools: Fix compilation problem with latest /usr/include/efi 
| gcc  -I/opt/tmp/work/x86_64-linux/efitools-native/1.9.2+gitAUTOINC+392836a46c-r0/git/include/ -I/opt/tmp/work/x86_64-linux/efitools-native/1.9.2+gitAUTOINC+392836a46c-r0/recipe-sysroot-native/usr/include -I/opt/tmp/work/x86_64-linux/efitools-native/1.9.2+gitAUTOINC+392836a46c-r0/recipe-sysroot-native/usr/include/efi -I/opt/tmp/work/x86_64-linux/efitools-native/1.9.2+gitAUTOINC+392836a46c-r0/recipe-sysroot-native/usr/include/efi/x86_64 -I/opt/tmp/work/x86_64-linux/efitools-native/1.9.2+gitAUTOINC+392836a46c-r0/recipe-sysroot-native/usr/include/efi/protocol -O2 -g  -fpic -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants -fno-stack-protector -ffreestanding -fno-stack-check -DGNU_EFI_USE_MS_ABI -DEFI_FUNCTION_WRAPPER -mno-red-zone -DCONFIG_x86_64 -fno-toplevel-reorder -DBUILD_EFI -c console.c -o console.efi.o
| console.c:360:5: error: ‘EFI_WARN_UNKOWN_GLYPH’ undeclared here (not in a function); did you mean ‘EFI_WARN_UNKNOWN_GLYPH’?
|   {  EFI_WARN_UNKOWN_GLYPH,      L"Warning Unknown Glyph"},
|      ^~~~~~~~~~~~~~~~~~~~~
|      EFI_WARN_UNKNOWN_GLYPH
| ../Make.rules:113: recipe for target 'console.efi.o' failed

Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2019-11-08 13:27:23 +08:00

86 lines
3.0 KiB
BlitzBasic
Raw Blame History

require efitools.inc
# The generated native binaries are used during native and target build
DEPENDS += "${BPN}-native gnu-efi openssl"
SRC_URI_append += "\
file://LockDown-enable-the-enrollment-for-DBX.patch \
file://LockDown-show-the-error-message-with-3-sec-timeout.patch \
file://Makefile-do-not-build-signed-efi-image.patch \
file://Build-DBX-by-default.patch \
file://LockDown-disable-the-entrance-into-BIOS-setup-to-re-.patch \
file://Fix-help2man-error.patch \
file://0001-console.c-Fix-compilation-against-latest-usr-include.patch \
"
COMPATIBLE_HOST = '(i.86|x86_64).*-linux'
inherit user-key-store deploy
EXTRA_OEMAKE_append += "\
INCDIR_PREFIX='${STAGING_DIR_TARGET}' \
CRTPATH_PREFIX='${STAGING_DIR_TARGET}' \
SIGN_EFI_SIG_LIST='${STAGING_BINDIR_NATIVE}/sign-efi-sig-list' \
CERT_TO_EFI_SIG_LIST='${STAGING_BINDIR_NATIVE}/cert-to-efi-sig-list' \
CERT_TO_EFI_HASH_LIST='${STAGING_BINDIR_NATIVE}/cert-to-efi-hash-list' \
HASH_TO_EFI_SIG_LIST='${STAGING_BINDIR_NATIVE}/hash-to-efi-sig-list' \
MYGUID='${UEFI_SIG_OWNER_GUID}' \
HELP2MAN_PROG_PREFIX='${STAGING_BINDIR_NATIVE}' \
"
python do_prepare_signing_keys() {
if d.expand('${UEFI_SB}') != '1':
return
# Prepare PK, KEK and DB for LockDown.efi.
if uks_signing_model(d) in ('sample', 'user'):
dir = uefi_sb_keys_dir(d)
else:
dir = d.expand('${SAMPLE_UEFI_SB_KEYS_DIR}/')
import shutil
for _ in ('PK', 'KEK', 'DB'):
shutil.copyfile(dir + _ + '.crt', d.expand('${S}/') + _ + '.crt')
shutil.copyfile(dir + _ + '.key', d.expand('${S}/') + _ + '.key')
# Make sure LockDown.efi contains the DB and KEK from Microsoft.
if "${@bb.utils.contains('DISTRO_FEATURES', 'msft', '1', '0', d)}" == '1':
shutil.copyfile(d.expand('${MSFT_DB_CERT}'), d.expand('${S}/DB.crt'))
shutil.copyfile(d.expand('${MSFT_KEK_CERT}'), d.expand('${S}/KEK.crt'))
path = create_uefi_dbx(d)
if path:
with open(d.expand('${S}/DBX.crt'), 'w') as f:
pass
shutil.copyfile(path, d.expand('${S}/DBX.esl'))
# Cheat the Makefile to avoid running this rule:
# %.esl: %.crt cert-to-efi-sig-list
# $(CERT_TO_EFI_SIG_LIST) -g $(MYGUID) $< $@
import time, os
tm = time.strptime('2038-01-01 00:00:00', \
'%Y-%m-%d %H:%M:%S')
time_stamp = time.mktime(tm)
os.utime(d.expand('${S}/DBX.esl'), (time_stamp, time_stamp))
}
addtask prepare_signing_keys after do_configure before do_compile
do_prepare_signing_keys[prefuncs] += "check_deploy_keys"
do_install_append() {
install -d ${D}${EFI_BOOT_PATH}
install -m 0755 ${D}${datadir}/efitools/efi/LockDown.efi ${D}${EFI_BOOT_PATH}
}
do_deploy() {
install -d ${DEPLOYDIR}
install -m 0600 ${D}${EFI_BOOT_PATH}/LockDown.efi "${DEPLOYDIR}"
}
addtask deploy after do_install before do_build
RDEPENDS_${PN}_append += "\
parted mtools coreutils util-linux openssl libcrypto \
"
Reference in New Issue View Git Blame Copy Permalink