- name: Do the build on ${{ matrix.distro }} for ${{ matrix.efiarch }}
id: build
run: |
- make -s ARCH=${{ matrix.makearch }} PREFIX=/usr LIBDIR=${{ matrix.libdir }} DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true clean all
- make -s ARCH=${{ matrix.makearch }} PREFIX=/usr LIBDIR=${{ matrix.libdir }} DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true install
+ make -s ARCH=${{ matrix.makearch }} PREFIX=/usr LIBDIR=${{ matrix.libdir }} DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true clean all
+ make -s ARCH=${{ matrix.makearch }} PREFIX=/usr LIBDIR=${{ matrix.libdir }} DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true install
echo 'results:'
find /destdir -type f
# - name: Archive production artifacts
- name: Checkout
uses: actions/checkout@v2
- name: Do the build
- run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true clean all
+ run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true clean all
id: build
- name: Install in /destdir
- run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true install
+ run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true install
id: install
# - name: Archive production artifacts
# uses: actions/upload-artifact@v2
- name: Checkout
uses: actions/checkout@v2
- name: Do the build
- run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true clean all
+ run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true clean all
id: build
- name: Install in /destdir
- run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true install
+ run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true install
id: install
# - name: Archive production artifacts
# uses: actions/upload-artifact@v2
- name: Checkout
uses: actions/checkout@v2
- name: Do the build
- run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true clean all
+ run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true clean all
id: build
- name: Install in /destdir
- run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true install
+ run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true install
id: install
# - name: Archive production artifacts
# uses: actions/upload-artifact@v2
- name: Checkout
uses: actions/checkout@v2
- name: Do the build
- run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true clean all
+ run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true clean all
id: build
- name: Install in /destdir
- run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_HTTPBOOT=true ENABLE_SHIM_HASH=true install
+ run: make PREFIX=/usr LIBDIR=/usr/lib64 DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true install
id: install
# - name: Archive production artifacts
# uses: actions/upload-artifact@v2
generate keys during the build and sign MokManager and fallback with
them, and the signed version will be what gets installed with the
install targets
-- ENABLE_HTTPBOOT
- build support for http booting
- DISABLE_EBS_PROTECTION
On systems where a second stage bootloader is not used, and the Linux
Kernel is embedded in the same EFI image as shim and booted directly
CFLAGS += -DOVERRIDE_SECURITY_POLICY
endif
-ifneq ($(origin ENABLE_HTTPBOOT), undefined)
- CFLAGS += -DENABLE_HTTPBOOT
-endif
-
ifneq ($(origin REQUIRE_TPM), undefined)
CFLAGS += -DREQUIRE_TPM
endif
else
TARGETS += $(MMNAME) $(FBNAME)
endif
-OBJS = shim.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o pe.o
+OBJS = shim.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o pe.o httpboot.o
KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer
-ORIG_SOURCES = shim.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c shim.h version.h $(wildcard include/*.h)
+ORIG_SOURCES = shim.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c httpboot.c shim.h version.h $(wildcard include/*.h)
MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o errlog.o sbat_data.o
ORIG_MOK_SOURCES = MokManager.c PasswordCrypt.c crypt_blowfish.c shim.h $(wildcard include/*.h)
FALLBACK_OBJS = fallback.o tpm.o errlog.o sbat_data.o
ORIG_FALLBACK_SRCS = fallback.c
SBATPATH = data/sbat.csv
-ifneq ($(origin ENABLE_HTTPBOOT), undefined)
- OBJS += httpboot.o
- SOURCES += httpboot.c include/httpboot.h
-endif
-
ifeq ($(SOURCE_DATE_EPOCH),)
UNAME=$(shell uname -s -m -p -i -o)
else
}
data = sourcebuffer;
datasize = sourcesize;
-#if defined(ENABLE_HTTPBOOT)
} else if (find_httpboot(li->DeviceHandle)) {
efi_status = httpboot_fetch_buffer (image_handle,
&sourcebuffer,
}
data = sourcebuffer;
datasize = sourcesize;
-#endif
} else {
/*
* Read the new executable off disk