summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>2013-06-19 20:28:33 -0300
committerGerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>2013-06-19 20:36:37 -0300
commit3e4740484edd23d6c1db42ab24c3555e8ab6b03a (patch)
tree4bd41a7bbbbdf269a9bdb7c66597dae77ba992ae
parent0696e888012f89da0b67d6999f14dfe422497914 (diff)
[configs/releng] Add SecureBoot support via prebootloader
Tested only under QEMU using OVMF SecureBoot enabled firmware plus lockdown-ms. Both loader.efi (gummiboot) and vmlinuz.efi should be hashed before boot in secure mode. Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
-rwxr-xr-xconfigs/releng/build.sh10
-rw-r--r--configs/releng/packages.x86_641
2 files changed, 9 insertions, 2 deletions
diff --git a/configs/releng/build.sh b/configs/releng/build.sh
index 6e9e2f8..bec9a42 100755
--- a/configs/releng/build.sh
+++ b/configs/releng/build.sh
@@ -128,7 +128,10 @@ make_isolinux() {
# Prepare /EFI
make_efi() {
mkdir -p ${work_dir}/iso/EFI/boot
- cp ${work_dir}/x86_64/root-image/usr/lib/gummiboot/gummibootx64.efi ${work_dir}/iso/EFI/boot/bootx64.efi
+ cp ${work_dir}/x86_64/root-image/usr/lib/prebootloader/PreLoader.efi ${work_dir}/iso/EFI/boot/bootx64.efi
+ cp ${work_dir}/x86_64/root-image/usr/lib/prebootloader/HashTool.efi ${work_dir}/iso/EFI/boot/
+
+ cp ${work_dir}/x86_64/root-image/usr/lib/gummiboot/gummibootx64.efi ${work_dir}/iso/EFI/boot/loader.efi
mkdir -p ${work_dir}/iso/loader/entries
cp ${script_path}/efiboot/loader/loader.conf ${work_dir}/iso/loader/
@@ -159,7 +162,10 @@ make_efiboot() {
cp ${work_dir}/iso/${install_dir}/boot/x86_64/archiso.img ${work_dir}/efiboot/EFI/archiso/archiso.img
mkdir -p ${work_dir}/efiboot/EFI/boot
- cp ${work_dir}/x86_64/root-image/usr/lib/gummiboot/gummibootx64.efi ${work_dir}/efiboot/EFI/boot/bootx64.efi
+ cp ${work_dir}/x86_64/root-image/usr/lib/prebootloader/PreLoader.efi ${work_dir}/efiboot/EFI/boot/bootx64.efi
+ cp ${work_dir}/x86_64/root-image/usr/lib/prebootloader/HashTool.efi ${work_dir}/efiboot/EFI/boot/
+
+ cp ${work_dir}/x86_64/root-image/usr/lib/gummiboot/gummibootx64.efi ${work_dir}/efiboot/EFI/boot/loader.efi
mkdir -p ${work_dir}/efiboot/loader/entries
cp ${script_path}/efiboot/loader/loader.conf ${work_dir}/efiboot/loader/
diff --git a/configs/releng/packages.x86_64 b/configs/releng/packages.x86_64
index aceb6cf..3b75077 100644
--- a/configs/releng/packages.x86_64
+++ b/configs/releng/packages.x86_64
@@ -1,3 +1,4 @@
grub-efi-x86_64
gummiboot
+prebootloader
refind-efi