Commit Graph

273 Commits

Author SHA1 Message Date
Gerd Hoffmann
bc6d394be4 set PcdSetNxForStack = TRUE for strict nx builds 2023-12-22 13:33:44 +01:00
Gerd Hoffmann
d8f2fa208c set PcdImageProtectionPolicy = 0x03 for strict nx builds 2023-12-22 11:32:14 +01:00
Gerd Hoffmann
b1b2afe957 switch the strictnx build to qcow2 (like all other 4M builds) 2023-12-13 13:42:35 +01:00
Gerd Hoffmann
c17e4f232c add PcdUninstallMemAttrProtocol configuration 2023-12-12 13:23:09 +01:00
Gerd Hoffmann
5a72362f6c swap MemoryAttributeProtocol patch, again 2023-12-12 12:19:37 +01:00
Gerd Hoffmann
645f17ba67 make hashlength configurable in make-tarball.sh
[skip changelog]
2023-12-12 12:10:30 +01:00
Gerd Hoffmann
afdeae3484 update bundled openssl 2023-12-06 13:30:25 +01:00
Gerd Hoffmann
fc6960f38b swap MemoryAttributeProtocol patch 2023-12-06 13:14:20 +01:00
Gerd Hoffmann
f11bca702b fix intel tdx firmware descriptor
Change the device type to memory,
i.e. '-bios $file' to load it into RAM/ROM.
2023-12-06 11:34:05 +01:00
Gerd Hoffmann
e23d2f953b update build config: 64bit pei, tdx sb
Stop using mixed mode builds, switch to 64-bit PEI phase.
Enable secure boot for the intel tdx builds.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2023-12-05 16:17:19 +01:00
Gerd Hoffmann
766cf0772e update build script 2023-12-05 16:16:38 +01:00
Gerd Hoffmann
994feb5796 silence '... has a LOAD segment with RWX permissions' warning 2023-11-27 19:00:10 +01:00
Gerd Hoffmann
3cc1097f10 enroll sb keys for tdx image 2023-11-27 18:56:14 +01:00
Gerd Hoffmann
78febee518 rebase to edk2-stable202311 2023-11-27 10:50:04 +01:00
Gerd Hoffmann
e038ec9e8d add unversioned virt machine type for riscv64 2023-11-17 14:01:11 +01:00
Gerd Hoffmann
0441730028 update debug patch, add proper fix for bz2241388 2023-10-11 10:34:03 +02:00
Gerd Hoffmann
cfa1bfa2a7 test patch for bz2241388 2023-10-10 13:07:41 +02:00
Gerd Hoffmann
0e2f6f6608 add dbxupdate to rpms
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2023-09-27 12:04:21 +02:00
Daniel P. Berrangé
37554dee28 Add BSD-3-Clause for arm firmware
This is used by the berkley-softfloat code built on arm 32-bit

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:12:20 +01:00
Daniel P. Berrangé
fbd6ccde44 Add BSD-2-Clause OR GPL-2.0-or-later license
This is used by FdtLib code which is linked into most of the
arm/riscv/x86 firmware targets.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:11:48 +01:00
Daniel P. Berrangé
c722a2a62d Add BSD-4-Clause and ISC licenses for arm/x86
The arm/x86 platform variants all include inet_pton.c which is
under the BSD-4-Clause and ISC licenses.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:10:25 +01:00
Daniel P. Berrangé
cf1130a5b8 Add public domain license for Lzma code
The Lzma decompressor code is builtin to all the
firmware binaries and the tools

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:08:38 +01:00
Daniel P. Berrangé
cb1564bbee Alphabetize the SPDX license terms
This will make it easier to keep track of licenses as we add records
of more of them.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 18:06:51 +01:00
Daniel P. Berrangé
3e96cc229d make it simpler to disable silent builds
Sometimes it is important to be able to see the actual set of
files built. Rather than requiring editting the edk2-build.py
arg for each flavour, lets have a macro to turn this off in
one place.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-25 12:07:36 +01:00
Gerd Hoffmann
0e461a6aaf fix 2M secure boot build 2023-09-25 09:52:27 +02:00
Miroslav Suchý
7cda606175 Correct SPDX license formula
The operators in the SPDX formula have to be upper case.
2023-09-24 06:32:39 +00:00
Gerd Hoffmann
04a4f0020f upgrade libvirt requirement to 9.7.0 or newer, add more subpackages 2023-09-21 17:18:11 +02:00
Gerd Hoffmann
ff60520676 add riscv64 to ExclusiveArch 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
7bb73aa336 cherry-pick edk2 bugfixes 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
b50b012c4b add README.experimental 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
6180cbc916 rename subpackage ovmf-experimental to experimental 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
1f7c76c7ed stateless: add --set-fallback-no-reboot 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
08c69a778e add experimental + testonly secure boot build for armvirt
It isn't actually secure, but exposes the secure boot APIs
and might be useful for development + CI purposes.
2023-09-19 08:58:15 +02:00
Gerd Hoffmann
58f180d4ee update edk2 build script 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
59db9c4455 add buildrequires: perl modules for openssl configure 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
5072963c7f openssl licence update (3.0.x uses apache 2.0). 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
580b0e9300 add riscv firmware json file 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
05b86525bb split code/vars builds for riscv 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
1f9774d792 disable TLS for 2M builds b/c of running out of space. 2023-09-19 08:58:15 +02:00
Gerd Hoffmann
4bec430adf rebase to edk2-stable202308, update patches and openssl tarball 2023-09-19 08:58:15 +02:00
Fedora Release Engineering
b358cf220d Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-07-19 18:15:15 +00:00
Gerd Hoffmann
57d8f2d211 disable EFI_MEMORY_ATTRIBUTE_PROTO (workaround shim bug) 2023-06-22 09:49:28 +02:00
Gerd Hoffmann
0ccbe4782d cherry-pick some fixes 2023-06-19 09:28:02 +02:00
Gerd Hoffmann
ec5ec9658f drop commit hash from version 2023-05-31 07:50:32 +02:00
Gerd Hoffmann
0b335792d9 update to edk2-stable202305 2023-05-31 07:50:32 +02:00
Gerd Hoffmann
79081dd581 drop /ovmf-4m/, move 4M builds to /ovmf/ instead 2023-05-17 12:01:54 +02:00
Gerd Hoffmann
d88cf988d3 update build script 2023-05-17 11:21:40 +02:00
Gerd Hoffmann
268b866449 json descriptors: explicitly set mode = split 2023-05-16 14:48:40 +02:00
Gerd Hoffmann
70f4e444d5 switch DBXDATE to 20230509 2023-05-12 14:24:13 +02:00
Gerd Hoffmann
a50f4e26fd add 20230509 dbx update files 2023-05-12 14:24:13 +02:00