summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKristian Klausen <kristian@klausen.dk>2021-09-28 17:06:11 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-10-01 14:51:45 +0100
commit3ac9722e0fb0276f9083cc5ee561eb2518fa060c (patch)
treee54ee188c0f5b39bd0a055756f382a26100e3233
parent327ea9d446d62c3d36a79e400074c9565f8d7bd3 (diff)
downloadpoky-3ac9722e0fb0276f9083cc5ee561eb2518fa060c.tar.gz
ovmf: add TPM PACKAGECONFIG and enable if tpm is in MACHINE_FEATURES
By enabling TPM support the boot will be measured into the TPM's Platform Configuration Registers (PCRs). (From OE-Core rev: e71280883c217d86b4636da6e549334183f1aff7) Signed-off-by: Kristian Klausen <kristian@klausen.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat
-rw-r--r--meta/recipes-core/ovmf/ovmf_git.bb7
1 files changed, 5 insertions, 2 deletions
diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb
index 4caf258e39..5d54bad473 100644
--- a/meta/recipes-core/ovmf/ovmf_git.bb
+++ b/meta/recipes-core/ovmf/ovmf_git.bb
@@ -10,7 +10,10 @@ LIC_FILES_CHKSUM = "file://OvmfPkg/License.txt;md5=06357ddc23f46577c2aeaeaf7b776
10# compiling OVMF twice, so it is disabled by default. Distros 10# compiling OVMF twice, so it is disabled by default. Distros
11# may change that default. 11# may change that default.
12PACKAGECONFIG ??= "" 12PACKAGECONFIG ??= ""
13PACKAGECONFIG += "${@bb.utils.contains('MACHINE_FEATURES', 'tpm', 'tpm', '', d)}"
14PACKAGECONFIG += "${@bb.utils.contains('MACHINE_FEATURES', 'tpm2', 'tpm', '', d)}"
13PACKAGECONFIG[secureboot] = ",,," 15PACKAGECONFIG[secureboot] = ",,,"
16PACKAGECONFIG[tpm] = "-D TPM_ENABLE=TRUE,-D TPM_ENABLE=FALSE,,"
14 17
15SRC_URI = "gitsm://github.com/tianocore/edk2.git;branch=master;protocol=https \ 18SRC_URI = "gitsm://github.com/tianocore/edk2.git;branch=master;protocol=https \
16 file://0001-ovmf-update-path-to-native-BaseTools.patch \ 19 file://0001-ovmf-update-path-to-native-BaseTools.patch \
@@ -186,7 +189,7 @@ do_compile:class-target() {
186 189
187 bbnote "Building without Secure Boot." 190 bbnote "Building without Secure Boot."
188 rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX 191 rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX
189 ${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER} 192 ${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER} ${PACKAGECONFIG_CONFARGS}
190 ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.fd 193 ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.fd
191 ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.code.fd 194 ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.code.fd
192 ln ${build_dir}/FV/OVMF_VARS.fd ${WORKDIR}/ovmf/ovmf.vars.fd 195 ln ${build_dir}/FV/OVMF_VARS.fd ${WORKDIR}/ovmf/ovmf.vars.fd
@@ -196,7 +199,7 @@ do_compile:class-target() {
196 # Repeat build with the Secure Boot flags. 199 # Repeat build with the Secure Boot flags.
197 bbnote "Building with Secure Boot." 200 bbnote "Building with Secure Boot."
198 rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX 201 rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX
199 ${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER} ${OVMF_SECURE_BOOT_FLAGS} 202 ${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER} ${PACKAGECONFIG_CONFARGS} ${OVMF_SECURE_BOOT_FLAGS}
200 ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.secboot.fd 203 ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.secboot.fd
201 ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.secboot.code.fd 204 ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.secboot.code.fd
202 ln ${build_dir}/${OVMF_ARCH}/EnrollDefaultKeys.efi ${WORKDIR}/ovmf/ 205 ln ${build_dir}/${OVMF_ARCH}/EnrollDefaultKeys.efi ${WORKDIR}/ovmf/
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-11 17:00:15 +0000