]>
git.proxmox.com Git - pve-edk2-firmware.git/blob - debian/edk2-vars-generator.py
3 # Copyright 2021 Canonical Ltd.
5 # - dann frazier <dann.frazier@canonical.com>
7 # This program is free software: you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License version 3, as published
9 # by the Free Software Foundation.
11 # This program is distributed in the hope that it will be useful, but WITHOUT
12 # ANY WARRANTY; without even the implied warranties of MERCHANTABILITY,
13 # SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
16 # You should have received a copy of the GNU General Public License along with
17 # this program. If not, see <http://www.gnu.org/licenses/>.
25 from UEFI
.Filesystems
import FatFsImage
, EfiBootableIsoImage
26 from UEFI
.Qemu
import QemuEfiMachine
, QemuEfiVariant
, QemuEfiFlashSize
29 if __name__
== '__main__':
30 parser
= argparse
.ArgumentParser()
32 "-f", "--flavor", help="UEFI Flavor",
33 choices
=['AAVMF', 'OVMF', 'OVMF_4M'],
37 "-e", "--enrolldefaultkeys",
38 help='Path to "EnrollDefaultKeys" EFI binary',
43 help='Path to "Shell" EFI binary',
47 "-C", "--certificate",
48 help='base64-encoded PK/KEK1 certificate',
53 help='UEFI code image',
59 help='Do not enroll the default keys, just the PK/KEK1 certificate',
62 "-V", "--vars-template",
63 help='UEFI vars template',
68 help="Output file for generated vars template",
71 parser
.add_argument("-d", "--debug", action
="store_true",
72 help="Emit debug messages")
73 args
= parser
.parse_args()
78 'QemuCommand': Qemu
.QemuCommand(
81 vars_template_path
=args
.vars_template
,
86 'QemuCommand': Qemu
.QemuCommand(
87 QemuEfiMachine
.OVMF_Q35
,
88 variant
=QemuEfiVariant
.SECBOOT
,
89 flash_size
=QemuEfiFlashSize
.SIZE_2MB
,
91 vars_template_path
=args
.vars_template
,
96 'QemuCommand': Qemu
.QemuCommand(
97 QemuEfiMachine
.OVMF_Q35
,
98 variant
=QemuEfiVariant
.SECBOOT
,
99 flash_size
=QemuEfiFlashSize
.SIZE_2MB
,
101 vars_template_path
=args
.vars_template
,
106 eltorito
= FatFsImage(64)
107 eltorito
.makedirs(os
.path
.join('EFI', 'BOOT'))
108 removable_media_path
= os
.path
.join(
109 'EFI', 'BOOT', f
"BOOT{FlavorConfig[args.flavor]['EfiArch']}.EFI"
111 eltorito
.insert_file(args
.shell
, removable_media_path
)
112 eltorito
.insert_file(
113 args
.enrolldefaultkeys
,
114 args
.enrolldefaultkeys
.split(os
.path
.sep
)[-1]
116 iso
= EfiBootableIsoImage(eltorito
)
118 q
= FlavorConfig
[args
.flavor
]['QemuCommand']
120 q
.add_oem_string(11, args
.certificate
)
122 child
= pexpect
.spawn(' '.join(q
.command
))
124 child
.logfile
= sys
.stdout
.buffer
125 child
.expect(['Press .* or any other key to continue'], timeout
=None)
126 child
.sendline('\x1b')
127 child
.expect(['Shell> '], timeout
=None)
128 child
.sendline('FS0:\r')
129 child
.expect(['FS0:\\\\> '], timeout
=None)
130 enrollcmd
= ['EnrollDefaultKeys.efi']
132 enrollcmd
.append("--no-default")
133 child
.sendline(f
'{" ".join(enrollcmd)}\r')
134 child
.expect(['FS0:\\\\> '], timeout
=None)
135 # Clear the BootOrder. See #1015759
136 child
.sendline('setvar BootOrder =\r')
137 child
.expect(['FS0:\\\\> '], timeout
=None)
138 child
.sendline('reset -s\r')
140 shutil
.copy(q
.pflash
.varfile_path
, args
.out_file
)