packages/shim
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Interface for replacing the EFI signature

Browse Source 
(cherry picked from commit 4f336add1a901d239d7e16bae7a6de767b1eb020)
This commit is contained in:
jinlun 2024-03-22 16:58:10 +08:00 committed by openeuler-sync-bot
parent 858d1a3525
commit 3b02bb76eb
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
shim.spec
View File

@ -25,7 +25,7 @@
Name: shim
Version: 15.7
Release: 8
Release: 9
Summary: First-stage UEFI bootloader
ExclusiveArch: x86_64 aarch64
License: BSD
@ -63,10 +63,6 @@ Patch9005:Feature-add-tpcm-support-with-ipmi-channel.patch
BuildRequires: elfutils-libelf-devel openssl-devel openssl git pesign gnu-efi gnu-efi-devel gcc vim-common efivar-devel
%if 0%{?openEuler_sign_rsa}
BuildRequires: sign-openEuler
%endif
%ifarch aarch64
BuildRequires: binutils >= 2.37-7
%endif
@ -124,10 +120,12 @@ cd ..
%if 0%{?openEuler_sign_rsa}
echo "start sign"
/opt/sign-openEuler/client --config /opt/sign-openEuler/config.toml add --key-name default-x509ee --file-type efi-image --key-type x509ee --sign-type authenticode %{_builddir}/shim-%{version}/build-%{efi_arch}/shim%{efi_arch}.efi
/opt/sign-openEuler/client --config /opt/sign-openEuler/config.toml add --key-name default-x509ee --file-type efi-image --key-type x509ee --sign-type authenticode %{_builddir}/shim-%{version}/build-%{efi_arch}/fb%{efi_arch}.efi
/opt/sign-openEuler/client --config /opt/sign-openEuler/config.toml add --key-name default-x509ee --file-type efi-image --key-type x509ee --sign-type authenticode %{_builddir}/shim-%{version}/build-%{efi_arch}/mm%{efi_arch}.efi
sh /usr/lib/rpm/brp-ebs-sign --efi %{_builddir}/shim-%{version}/build-%{efi_arch}/shim%{efi_arch}.efi
sh /usr/lib/rpm/brp-ebs-sign --efi %{_builddir}/shim-%{version}/build-%{efi_arch}/fb%{efi_arch}.efi
sh /usr/lib/rpm/brp-ebs-sign --efi %{_builddir}/shim-%{version}/build-%{efi_arch}/mm%{efi_arch}.efi
mv %{_builddir}/shim-%{version}/build-%{efi_arch}/shim%{efi_arch}.efi.sig %{_builddir}/shim-%{version}/build-%{efi_arch}/shim%{efi_arch}.efi
mv %{_builddir}/shim-%{version}/build-%{efi_arch}/fb%{efi_arch}.efi.sig %{_builddir}/shim-%{version}/build-%{efi_arch}/fb%{efi_arch}.efi
mv %{_builddir}/shim-%{version}/build-%{efi_arch}/mm%{efi_arch}.efi.sig %{_builddir}/shim-%{version}/build-%{efi_arch}/mm%{efi_arch}.efi
%endif
%install
@ -187,6 +185,9 @@ make test
/usr/src/debug/%{name}-%{version}-%{release}/*
%changelog
* Mon Apr 1 2024 jinlun <jinlun@huawei.com> - 15.7-9
- Interface for replacing the EFI signature
* Mon Mar 25 2024 yixiangzhike <yixiangzhike007@163.com> - 15.7-8
- backport patch from upstream