]>
Commit | Line | Data |
---|---|---|
f892ac66 MTL |
1 | default : all |
2 | ||
3 | NAME = shim | |
8119f718 | 4 | VERSION = 15.4 |
b6f94dbe MTL |
5 | ifneq ($(origin RELEASE),undefined) |
6 | DASHRELEASE ?= -$(RELEASE) | |
7 | else | |
8 | DASHRELEASE ?= | |
d3819813 MTL |
9 | endif |
10 | ||
f4173af1 MTL |
11 | ifeq ($(MAKELEVEL),0) |
12 | TOPDIR ?= $(shell pwd) | |
13 | endif | |
f892ac66 MTL |
14 | ifeq ($(TOPDIR),) |
15 | override TOPDIR := $(shell pwd) | |
16 | endif | |
f4173af1 MTL |
17 | override TOPDIR := $(abspath $(TOPDIR)) |
18 | VPATH = $(TOPDIR) | |
031e5cce | 19 | export TOPDIR |
f4173af1 | 20 | |
f892ac66 | 21 | include $(TOPDIR)/Make.rules |
031e5cce SM |
22 | include $(TOPDIR)/Make.defaults |
23 | include $(TOPDIR)/include/coverity.mk | |
24 | include $(TOPDIR)/include/scan-build.mk | |
25 | include $(TOPDIR)/include/fanalyzer.mk | |
43eeb538 | 26 | |
b6f94dbe MTL |
27 | TARGETS = $(SHIMNAME) |
28 | TARGETS += $(SHIMNAME).debug $(MMNAME).debug $(FBNAME).debug | |
29 | ifneq ($(origin ENABLE_SHIM_HASH),undefined) | |
30 | TARGETS += $(SHIMHASHNAME) | |
31 | endif | |
031e5cce SM |
32 | ifneq ($(origin ENABLE_SHIM_DEVEL),undefined) |
33 | CFLAGS += -DENABLE_SHIM_DEVEL | |
34 | endif | |
b6f94dbe MTL |
35 | ifneq ($(origin ENABLE_SHIM_CERT),undefined) |
36 | TARGETS += $(MMNAME).signed $(FBNAME).signed | |
37 | CFLAGS += -DENABLE_SHIM_CERT | |
38 | else | |
39 | TARGETS += $(MMNAME) $(FBNAME) | |
40 | endif | |
031e5cce | 41 | OBJS = shim.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o pe.o httpboot.o csv.o |
2892db7f | 42 | KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer |
031e5cce SM |
43 | ORIG_SOURCES = shim.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c httpboot.c shim.h version.h $(wildcard include/*.h) |
44 | MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o errlog.o sbat_data.o | |
f892ac66 | 45 | ORIG_MOK_SOURCES = MokManager.c PasswordCrypt.c crypt_blowfish.c shim.h $(wildcard include/*.h) |
031e5cce | 46 | FALLBACK_OBJS = fallback.o tpm.o errlog.o sbat_data.o |
f4173af1 | 47 | ORIG_FALLBACK_SRCS = fallback.c |
8119f718 | 48 | SBATPATH = $(TOPDIR)/data/sbat.csv |
b2fe1780 | 49 | |
031e5cce SM |
50 | ifeq ($(SOURCE_DATE_EPOCH),) |
51 | UNAME=$(shell uname -s -m -p -i -o) | |
52 | else | |
53 | UNAME=buildhost | |
62f0afa2 MTL |
54 | endif |
55 | ||
f4173af1 MTL |
56 | SOURCES = $(foreach source,$(ORIG_SOURCES),$(TOPDIR)/$(source)) version.c |
57 | MOK_SOURCES = $(foreach source,$(ORIG_MOK_SOURCES),$(TOPDIR)/$(source)) | |
58 | FALLBACK_SRCS = $(foreach source,$(ORIG_FALLBACK_SRCS),$(TOPDIR)/$(source)) | |
59 | ||
031e5cce SM |
60 | ifneq ($(origin FALLBACK_VERBOSE), undefined) |
61 | CFLAGS += -DFALLBACK_VERBOSE | |
62 | endif | |
63 | ||
64 | ifneq ($(origin FALLBACK_VERBOSE_WAIT), undefined) | |
65 | CFLAGS += -DFALLBACK_VERBOSE_WAIT=$(FALLBACK_VERBOSE_WAIT) | |
66 | endif | |
67 | ||
68 | all: confcheck $(TARGETS) | |
69 | ||
70 | confcheck: | |
71 | ifneq ($(origin EFI_PATH),undefined) | |
72 | $(error EFI_PATH is no longer supported, you must build using the supplied copy of gnu-efi) | |
73 | endif | |
74 | ||
75 | update : | |
76 | git submodule update --init --recursive | |
b2fe1780 | 77 | |
ef8c9962 | 78 | shim.crt: |
f4173af1 | 79 | $(TOPDIR)/make-certs shim shim@xn--u4h.net all codesign 1.3.6.1.4.1.311.10.3.1 </dev/null |
ef8c9962 MG |
80 | |
81 | shim.cer: shim.crt | |
f4173af1 | 82 | $(OPENSSL) x509 -outform der -in $< -out $@ |
ef8c9962 | 83 | |
51d5bbcb | 84 | .NOTPARALLEL: shim_cert.h |
ef8c9962 | 85 | shim_cert.h: shim.cer |
6215e920 | 86 | echo "static UINT8 shim_cert[] __attribute__((__unused__)) = {" > $@ |
f4173af1 | 87 | $(HEXDUMP) -v -e '1/1 "0x%02x, "' $< >> $@ |
ef8c9962 MG |
88 | echo "};" >> $@ |
89 | ||
f4173af1 | 90 | version.c : $(TOPDIR)/version.c.in |
0fb089ee | 91 | sed -e "s,@@VERSION@@,$(VERSION)," \ |
031e5cce | 92 | -e "s,@@UNAME@@,$(UNAME)," \ |
f892ac66 | 93 | -e "s,@@COMMIT@@,$(COMMIT_ID)," \ |
f4173af1 | 94 | < $< > $@ |
0fb089ee | 95 | |
ef8c9962 MG |
96 | certdb/secmod.db: shim.crt |
97 | -mkdir certdb | |
f4173af1 MTL |
98 | $(PK12UTIL) -d certdb/ -i shim.p12 -W "" -K "" |
99 | $(CERTUTIL) -d certdb/ -A -i shim.crt -n shim -t u | |
ef8c9962 | 100 | |
b6f94dbe MTL |
101 | shim.o: $(SOURCES) |
102 | ifneq ($(origin ENABLE_SHIM_CERT),undefined) | |
103 | shim.o: shim_cert.h | |
104 | endif | |
105 | shim.o: $(wildcard $(TOPDIR)/*.h) | |
b2fe1780 | 106 | |
f4173af1 | 107 | cert.o : $(TOPDIR)/cert.S |
8518b8cc PJ |
108 | $(CC) $(CFLAGS) -c -o $@ $< |
109 | ||
031e5cce SM |
110 | sbat.%.csv : data/sbat.%.csv |
111 | $(DOS2UNIX) $(D2UFLAGS) $< $@ | |
112 | tail -c1 $@ | read -r _ || echo >> $@ # ensure a trailing newline | |
113 | ||
8119f718 | 114 | VENDOR_SBATS := $(sort $(foreach x,$(wildcard $(TOPDIR)/data/sbat.*.csv data/sbat.*.csv),$(notdir $(x)))) |
031e5cce SM |
115 | |
116 | sbat_data.o : | $(SBATPATH) $(VENDOR_SBATS) | |
117 | sbat_data.o : /dev/null | |
118 | $(CC) $(CFLAGS) -x c -c -o $@ $< | |
119 | $(OBJCOPY) --add-section .sbat=$(SBATPATH) \ | |
120 | --set-section-flags .sbat=contents,alloc,load,readonly,data \ | |
121 | $@ | |
122 | $(foreach vs,$(VENDOR_SBATS),$(call add-vendor-sbat,$(vs),$@)) | |
123 | ||
b6f94dbe MTL |
124 | $(SHIMNAME) : $(SHIMSONAME) |
125 | $(MMNAME) : $(MMSONAME) | |
126 | $(FBNAME) : $(FBSONAME) | |
127 | ||
031e5cce SM |
128 | LIBS = Cryptlib/libcryptlib.a \ |
129 | Cryptlib/OpenSSL/libopenssl.a \ | |
130 | lib/lib.a \ | |
131 | gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a \ | |
132 | gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a | |
133 | ||
134 | $(SHIMSONAME): $(OBJS) $(LIBS) | |
135 | $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a | |
7f055335 | 136 | |
eb9f7f1c PJ |
137 | fallback.o: $(FALLBACK_SRCS) |
138 | ||
031e5cce SM |
139 | $(FBSONAME): $(FALLBACK_OBJS) $(LIBS) |
140 | $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a | |
eb9f7f1c | 141 | |
3a838b14 | 142 | MokManager.o: $(MOK_SOURCES) |
333bd977 | 143 | |
031e5cce | 144 | $(MMSONAME): $(MOK_OBJS) $(LIBS) |
17857eb8 | 145 | $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a |
333bd977 | 146 | |
031e5cce SM |
147 | gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a: CFLAGS+=-DGNU_EFI_USE_EXTERNAL_STDARG |
148 | gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a: | |
8119f718 | 149 | mkdir -p gnu-efi/lib gnu-efi/gnuefi |
031e5cce SM |
150 | $(MAKE) -C gnu-efi \ |
151 | ARCH=$(ARCH_GNUEFI) TOPDIR=$(TOPDIR)/gnu-efi \ | |
8119f718 | 152 | -f $(TOPDIR)/gnu-efi/Makefile \ |
031e5cce SM |
153 | lib gnuefi inc |
154 | ||
b2d0e06f | 155 | Cryptlib/libcryptlib.a: |
031e5cce | 156 | for i in Hash Hmac Cipher Rand Pk Pem SysCall; do mkdir -p Cryptlib/$$i; done |
8119f718 | 157 | $(MAKE) TOPDIR=$(TOPDIR) VPATH=$(TOPDIR)/Cryptlib -C Cryptlib -f $(TOPDIR)/Cryptlib/Makefile |
b2d0e06f MG |
158 | |
159 | Cryptlib/OpenSSL/libopenssl.a: | |
031e5cce | 160 | for i in x509v3 x509 txt_db stack sha rsa rc4 rand pkcs7 pkcs12 pem ocsp objects modes md5 lhash kdf hmac evp err dso dh conf comp cmac buffer bn bio async/arch asn1 aes; do mkdir -p Cryptlib/OpenSSL/crypto/$$i; done |
8119f718 | 161 | $(MAKE) TOPDIR=$(TOPDIR) VPATH=$(TOPDIR)/Cryptlib/OpenSSL -C Cryptlib/OpenSSL -f $(TOPDIR)/Cryptlib/OpenSSL/Makefile |
b2d0e06f | 162 | |
f892ac66 | 163 | lib/lib.a: | $(TOPDIR)/lib/Makefile $(wildcard $(TOPDIR)/include/*.[ch]) |
8119f718 SM |
164 | mkdir -p lib |
165 | $(MAKE) VPATH=$(TOPDIR)/lib TOPDIR=$(TOPDIR) -C lib -f $(TOPDIR)/lib/Makefile | |
f7a18215 | 166 | |
b6f94dbe | 167 | buildid : $(TOPDIR)/buildid.c |
031e5cce | 168 | $(HOSTCC) -I/usr/include -Og -g3 -Wall -Werror -Wextra -o $@ $< -lelf |
b6f94dbe MTL |
169 | |
170 | $(BOOTCSVNAME) : | |
171 | @echo Making $@ | |
ecc29226 | 172 | @echo "$(SHIMNAME),$(OSLABEL),,This is the boot entry for $(OSLABEL)" | iconv -t UCS-2LE > $@ |
b6f94dbe MTL |
173 | |
174 | install-check : | |
175 | ifeq ($(origin LIBDIR),undefined) | |
176 | $(error Architecture $(ARCH) is not a supported build target.) | |
177 | endif | |
178 | ifeq ($(origin EFIDIR),undefined) | |
179 | $(error EFIDIR must be set to your reserved EFI System Partition subdirectory name) | |
9196c7cf AB |
180 | endif |
181 | ||
b6f94dbe MTL |
182 | install-deps : $(TARGETS) |
183 | install-deps : $(SHIMNAME).debug $(MMNAME).debug $(FBNAME).debug buildid | |
184 | install-deps : $(BOOTCSVNAME) | |
185 | ||
186 | install-debugsource : install-deps | |
187 | $(INSTALL) -d -m 0755 $(DESTDIR)/$(DEBUGSOURCE)/$(PKGNAME)-$(VERSION)$(DASHRELEASE) | |
188 | find $(TOPDIR) -type f -a '(' -iname '*.c' -o -iname '*.h' -o -iname '*.S' ')' | while read file ; do \ | |
189 | outfile=$$(echo $${file} | sed -e "s,^$(TOPDIR),,") ; \ | |
190 | $(INSTALL) -d -m 0755 $(DESTDIR)/$(DEBUGSOURCE)/$(PKGNAME)-$(VERSION)$(DASHRELEASE)/$$(dirname $${outfile}) ; \ | |
191 | $(INSTALL) -m 0644 $${file} $(DESTDIR)/$(DEBUGSOURCE)/$(PKGNAME)-$(VERSION)$(DASHRELEASE)/$${outfile} ; \ | |
192 | done | |
193 | ||
194 | install-debuginfo : install-deps | |
195 | $(INSTALL) -d -m 0755 $(DESTDIR)/ | |
196 | $(INSTALL) -d -m 0755 $(DESTDIR)/$(DEBUGINFO)$(TARGETDIR)/ | |
197 | @./buildid $(wildcard *.efi.debug) | while read file buildid ; do \ | |
198 | first=$$(echo $${buildid} | cut -b -2) ; \ | |
199 | rest=$$(echo $${buildid} | cut -b 3-) ; \ | |
200 | $(INSTALL) -d -m 0755 $(DESTDIR)/$(DEBUGINFO).build-id/$${first}/ ;\ | |
201 | $(INSTALL) -m 0644 $${file} $(DESTDIR)/$(DEBUGINFO)$(TARGETDIR) ; \ | |
202 | ln -s ../../../../..$(DEBUGINFO)$(TARGETDIR)$${file} $(DESTDIR)/$(DEBUGINFO).build-id/$${first}/$${rest}.debug ;\ | |
203 | ln -s ../../../.build-id/$${first}/$${rest} $(DESTDIR)/$(DEBUGINFO).build-id/$${first}/$${rest} ;\ | |
204 | done | |
205 | ||
206 | install : | install-check | |
207 | install : install-deps install-debuginfo install-debugsource | |
208 | $(INSTALL) -d -m 0755 $(DESTDIR)/ | |
209 | $(INSTALL) -d -m 0700 $(DESTDIR)/$(ESPROOTDIR) | |
210 | $(INSTALL) -d -m 0755 $(DESTDIR)/$(EFIBOOTDIR) | |
211 | $(INSTALL) -d -m 0755 $(DESTDIR)/$(TARGETDIR) | |
212 | $(INSTALL) -m 0644 $(SHIMNAME) $(DESTDIR)/$(EFIBOOTDIR)/$(BOOTEFINAME) | |
213 | $(INSTALL) -m 0644 $(SHIMNAME) $(DESTDIR)/$(TARGETDIR)/ | |
214 | $(INSTALL) -m 0644 $(BOOTCSVNAME) $(DESTDIR)/$(TARGETDIR)/ | |
215 | ifneq ($(origin ENABLE_SHIM_CERT),undefined) | |
216 | $(INSTALL) -m 0644 $(FBNAME).signed $(DESTDIR)/$(EFIBOOTDIR)/$(FBNAME) | |
217 | $(INSTALL) -m 0644 $(MMNAME).signed $(DESTDIR)/$(EFIBOOTDIR)/$(MMNAME) | |
218 | $(INSTALL) -m 0644 $(MMNAME).signed $(DESTDIR)/$(TARGETDIR)/$(MMNAME) | |
219 | else | |
220 | $(INSTALL) -m 0644 $(FBNAME) $(DESTDIR)/$(EFIBOOTDIR)/ | |
221 | $(INSTALL) -m 0644 $(MMNAME) $(DESTDIR)/$(EFIBOOTDIR)/ | |
222 | $(INSTALL) -m 0644 $(MMNAME) $(DESTDIR)/$(TARGETDIR)/ | |
221faac5 AB |
223 | endif |
224 | ||
b6f94dbe MTL |
225 | install-as-data : install-deps |
226 | $(INSTALL) -d -m 0755 $(DESTDIR)/$(DATATARGETDIR) | |
227 | $(INSTALL) -m 0644 $(SHIMNAME) $(DESTDIR)/$(DATATARGETDIR)/ | |
8119f718 | 228 | $(INSTALL) -m 0644 $(BOOTCSVNAME) $(DESTDIR)/$(DATATARGETDIR)/ |
b6f94dbe MTL |
229 | ifneq ($(origin ENABLE_SHIM_HASH),undefined) |
230 | $(INSTALL) -m 0644 $(SHIMHASHNAME) $(DESTDIR)/$(DATATARGETDIR)/ | |
231 | endif | |
232 | ifneq ($(origin ENABLE_SHIM_CERT),undefined) | |
233 | $(INSTALL) -m 0644 $(MMNAME).signed $(DESTDIR)/$(DATATARGETDIR)/$(MMNAME) | |
234 | $(INSTALL) -m 0644 $(FBNAME).signed $(DESTDIR)/$(DATATARGETDIR)/$(FBNAME) | |
235 | else | |
236 | $(INSTALL) -m 0644 $(MMNAME) $(DESTDIR)/$(DATATARGETDIR)/$(MMNAME) | |
237 | $(INSTALL) -m 0644 $(FBNAME) $(DESTDIR)/$(DATATARGETDIR)/$(FBNAME) | |
238 | endif | |
17857eb8 | 239 | |
b2d0e06f | 240 | %.efi: %.so |
d3819813 MTL |
241 | ifneq ($(OBJCOPY_GTE224),1) |
242 | $(error objcopy >= 2.24 is required) | |
243 | endif | |
031e5cce | 244 | $(OBJCOPY) -D -j .text -j .sdata -j .data -j .data.ident \ |
8119f718 | 245 | -j .dynamic -j .rodata -j .rel* \ |
f7a18215 | 246 | -j .rela* -j .reloc -j .eh_frame \ |
031e5cce SM |
247 | -j .vendor_cert -j .sbat \ |
248 | $(FORMAT) $< $@ | |
249 | # I am tired of wasting my time fighting binutils timestamp code. | |
250 | dd conv=notrunc bs=1 count=4 seek=$(TIMESTAMP_LOCATION) if=/dev/zero of=$@ | |
b6f94dbe MTL |
251 | |
252 | ifneq ($(origin ENABLE_SHIM_HASH),undefined) | |
253 | %.hash : %.efi | |
254 | $(PESIGN) -i $< -P -h > $@ | |
255 | endif | |
256 | ||
257 | %.efi.debug : %.so | |
258 | ifneq ($(OBJCOPY_GTE224),1) | |
259 | $(error objcopy >= 2.24 is required) | |
260 | endif | |
031e5cce | 261 | $(OBJCOPY) -D -j .text -j .sdata -j .data \ |
8119f718 | 262 | -j .dynamic -j .rodata -j .rel* \ |
031e5cce | 263 | -j .rela* -j .reloc -j .eh_frame -j .sbat \ |
5b1bf558 MG |
264 | -j .debug_info -j .debug_abbrev -j .debug_aranges \ |
265 | -j .debug_line -j .debug_str -j .debug_ranges \ | |
d3819813 | 266 | -j .note.gnu.build-id \ |
031e5cce | 267 | $< $@ |
b2fe1780 | 268 | |
b6f94dbe MTL |
269 | ifneq ($(origin ENABLE_SBSIGN),undefined) |
270 | %.efi.signed: %.efi shim.key shim.crt | |
031e5cce SM |
271 | @$(SBSIGN) \ |
272 | --key shim.key \ | |
273 | --cert shim.crt \ | |
274 | --output $@ $< | |
b6f94dbe | 275 | else |
ef8c9962 | 276 | %.efi.signed: %.efi certdb/secmod.db |
f4173af1 | 277 | $(PESIGN) -n certdb -i $< -c "shim" -s -o $@ -f |
b6f94dbe | 278 | endif |
ef8c9962 | 279 | |
031e5cce | 280 | test : |
8119f718 | 281 | @make -f $(TOPDIR)/include/test.mk EFI_INCLUDES="$(EFI_INCLUDES)" ARCH_DEFINES="$(ARCH_DEFINES)" all |
031e5cce SM |
282 | |
283 | $(patsubst %.c,%,$(wildcard test-*.c)) : | |
8119f718 | 284 | @make -f $(TOPDIR)/include/test.mk EFI_INCLUDES="$(EFI_INCLUDES)" ARCH_DEFINES="$(ARCH_DEFINES)" $@ |
031e5cce SM |
285 | |
286 | .PHONY : $(patsubst %.c,%,$(wildcard test-*.c)) test | |
287 | ||
288 | clean-test-objs: | |
8119f718 | 289 | @make -f $(TOPDIR)/include/test.mk EFI_INCLUDES="$(EFI_INCLUDES)" ARCH_DEFINES="$(ARCH_DEFINES)" clean |
031e5cce SM |
290 | |
291 | clean-gnu-efi: | |
8119f718 SM |
292 | @if [ -d gnu-efi ] ; then \ |
293 | $(MAKE) -C gnu-efi \ | |
294 | ARCH=$(ARCH_GNUEFI) TOPDIR=$(TOPDIR)/gnu-efi \ | |
295 | -f $(TOPDIR)/gnu-efi/Makefile \ | |
296 | clean ; \ | |
297 | fi | |
298 | ||
299 | clean-lib-objs: | |
300 | @if [ -d lib ] ; then \ | |
301 | $(MAKE) -C lib TOPDIR=$(TOPDIR) -f $(TOPDIR)/lib/Makefile clean ; \ | |
302 | fi | |
031e5cce | 303 | |
f892ac66 | 304 | clean-shim-objs: |
f892ac66 MTL |
305 | @rm -rvf $(TARGET) *.o $(SHIM_OBJS) $(MOK_OBJS) $(FALLBACK_OBJS) $(KEYS) certdb $(BOOTCSVNAME) |
306 | @rm -vf *.debug *.so *.efi *.efi.* *.tar.* version.c buildid | |
307 | @rm -vf Cryptlib/*.[oa] Cryptlib/*/*.[oa] | |
031e5cce | 308 | @if [ -d .git ] ; then git clean -f -d -e 'Cryptlib/OpenSSL/*'; fi |
f892ac66 | 309 | |
031e5cce | 310 | clean-openssl-objs: |
8119f718 SM |
311 | @if [ -d Cryptlib/OpenSSL ] ; then \ |
312 | $(MAKE) -C Cryptlib/OpenSSL -f $(TOPDIR)/Cryptlib/OpenSSL/Makefile clean ; \ | |
313 | fi | |
43eeb538 | 314 | |
031e5cce | 315 | clean-cryptlib-objs: |
8119f718 SM |
316 | @if [ -d Cryptlib ] ; then \ |
317 | $(MAKE) -C Cryptlib -f $(TOPDIR)/Cryptlib/Makefile clean ; \ | |
318 | fi | |
031e5cce | 319 | |
8119f718 | 320 | clean: clean-shim-objs clean-test-objs clean-gnu-efi clean-openssl-objs clean-cryptlib-objs clean-lib-objs |
031e5cce | 321 | |
43eeb538 PJ |
322 | GITTAG = $(VERSION) |
323 | ||
324 | test-archive: | |
031e5cce | 325 | @./make-archive $(if $(call get-config,shim.origin),--origin "$(call get-config,shim.origin)") --test "$(VERSION)" |
43eeb538 | 326 | |
acac3380 | 327 | tag: |
031e5cce | 328 | git tag --sign $(GITTAG) refs/heads/main |
f4173af1 | 329 | git tag -f latest-release $(GITTAG) |
acac3380 PJ |
330 | |
331 | archive: tag | |
031e5cce | 332 | @./make-archive $(if $(call get-config,shim.origin),--origin "$(call get-config,shim.origin)") --release "$(VERSION)" "$(GITTAG)" "shim-$(GITTAG)" |
f7a18215 | 333 | |
b6f94dbe MTL |
334 | .PHONY : install-deps shim.key |
335 | ||
031e5cce SM |
336 | export ARCH CC CROSS_COMPILE LD OBJCOPY EFI_INCLUDE EFI_INCLUDES OPTIMIZATIONS |
337 | export FEATUREFLAGS WARNFLAGS WERRFLAGS |