summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-03-11Correct maintainer address in signing templateAnsgar Burchardt
2019-03-09Prepare Debian release 15+1533136590.3beb971-4debian/15+1533136590.3beb971-4Steve McIntyre
Force a no-change rebuild on all arches with a source-only upload
2019-03-09Prepare Debian release 15+1533136590.3beb971-3debian/15+1533136590.3beb971-3Steve McIntyre
2019-03-08Update the signing-template JSON metadataSteve McIntyre
Move all the data under a new top-level "packages" key Add an empty "trusted_certs" key - the helper binaries do not do any further verification with an embedded key.
2019-03-07Merge branch 'rename-helpers' into 'master'Steve McIntyre
Rename all the packages containg the helper binaries See merge request efi-team/shim!2
2019-03-06Rename all the packages containg the helper binariesSteve McIntyre
Remove potential confusion with shim-signed. We will now end up with shim-helpers-$arch-signed to make it clear that they just contain the helper binaries (fb.efi and mm.efi)
2019-03-06Change maintenance address to be the EFI teamSteve McIntyre
Add me and vorlon to the Uploaders list
2019-03-06Typo fix: s,singing,signing,gSteve McIntyre
2019-02-15Add uname.patch to avoid architecture variabilityLuca Boccassi
Signed-off-by: Luca Boccassi <bluca@debian.org>
2019-02-15Include /usr/share/dpkg/architecture.mk instead of shelling out.Luca Boccassi
2019-02-15Override lintian error about template rules fileLuca Boccassi
Lintian parses the shebang in the rules files of the templates packages and complains that there is no dependency on make. But they are special packages, so override it.
2019-02-15Add shim-$arch-signed-template supportPhilipp Hahn
for getting the MOK-manager and fall-back binary to be signed by Debians singing service instead of using an ephemeral key. Closes: #922228
2019-02-15Rename to shim-unsignedPhilipp Hahn
as all EFI binaries are now unsigned. They are useless to any normal user as - shim is useless without being signed by an external UEFI CA. - mm and fb won't be loaded by shim as they are now no longer linked to corresponding shim by the ephemeral key any longer.
2019-02-15Disable ephemeral key on DebianPhilipp Hahn
shim creates an ephemeral key, which gets embedded into shim and is used to sign the corresponding mok-manager (mm*.efi) and fall-back-manager (fb*.efi). This makes the build unreproducible. For Debian we will get those two binaries signed by our Debian-UEFI-CA, which is the primary (and only) key embedded in shim.
2019-02-15debian/rules: fixing permissions no longer requiredPhilipp Hahn
as Makefiles used "install -m 0644" by now.
2019-02-11releasing package shim version 15+1533136590.3beb971-2debian/15+1533136590.3beb971-2Steve Langasek
2019-02-10Update debian/copyright (drop reference to file no longer in source)Steve Langasek
2019-02-10Update Standards-Version.Steve Langasek
2019-02-10Ensure DEB_HOST_ARCH is set even if not present in the environment.Steve Langasek
2019-02-10Enable build for i386.Steve Langasek
2019-02-10Fix debian/rules syntax for arm64 build.Steve Langasek
2019-02-10Update VCS to point to salsa.Steve Langasek
2019-02-10Update debian/watch.Steve Langasek
2019-02-09* New upstream release.debian/15+1533136590.3beb971-1Steve Langasek
- debian/patches/second-stage-path: dropped; the default loader path now includes an arch suffix. - debian/patches/sbsigntool-no-pesign: dropped; no longer needed. * Drop remaining patches that were not being applied. * Sync packaging from Ubuntu: - debian/copyright: Update upstream source location. - debian/control: add a Build-Depends on libelf-dev. - Enable arm64 build. - debian/patches/fixup_git.patch: don't run git in clean; we're not really in a git tree. - debian/rules, debian/shim.install: use the upstream install target as intended, and move files to the target directory using dh_install. - define RELEASE and COMMIT_ID for the snapshot. - Set ENABLE_HTTPBOOT to enable the HTTP Boot feature. - Update dh_auto_build/dh_auto_clean/dh_auto_install for new upstream options: set MAKELEVEL. - Define an EFI_ARCH variable, and use that for paths to shim. This makes it possible to build a shim for other architectures than amd64. - Set EFIDIR=$distro for dh_auto_install; that will let files be installed in the "right" final directories, and makes boot.csv for us. - Set ENABLE_SHIM_CERT, to keep using ephemeral self-signed certs built at compile-time for MokManager and fallback. - Set ENABLE_SBSIGN, to use sbsign instead of pesign for signing fallback and MokManager.
2019-02-09null merge of the Ubuntu git historySteve Langasek
2018-08-22releasing package shim version 15+1533136590.3beb971-0ubuntu1debian/15+1533136590.3beb971-0ubuntu1Mathieu Trudel-Lapierre
2018-08-22Make sure we pass the right COMMIT_ID to buildMathieu Trudel-Lapierre
2018-08-21Update to new snapshotMathieu Trudel-Lapierre
2018-08-21New upstream version 15+1533136590.3beb971upstream/15+1533136590.3beb971Mathieu Trudel-Lapierre
2018-08-21Update upstream source from tag 'upstream/15+1533136590.3beb971'Mathieu Trudel-Lapierre
Update to upstream version '15+1533136590.3beb971' with Debian dir 26714b7953c3d4b1f6aa8b95e9e1e026d455a008
2018-08-14releasing package shim version 15+1531942534.dd3230d-0ubuntu1debian/15+1531942534.dd3230d-0ubuntu1Mathieu Trudel-Lapierre
2018-07-24debian/patches/fixup_git.patch: don't run git in clean; we're not really in ↵Mathieu Trudel-Lapierre
a git tree.
2018-07-24* debian/rules:Mathieu Trudel-Lapierre
- define RELEASE and COMMIT_ID for the snapshot. - Set ENABLE_HTTPBOOT to enable the HTTP Boot feature.
2018-07-24debian/patches/abort_abort_abort.patch: dropped patch, included upstream.Mathieu Trudel-Lapierre
2018-07-24New upstream snapshot.Mathieu Trudel-Lapierre
2018-07-24New upstream version 15+1531942534.dd3230dupstream/15+1531942534.dd3230dMathieu Trudel-Lapierre
2018-07-24Update upstream source from tag 'upstream/15+1531942534.dd3230d'Mathieu Trudel-Lapierre
Update to upstream version '15+1531942534.dd3230d' with Debian dir 8b167be00338c76b0ddc9164059ce6090c274641
2018-04-24Enable arm64 build.dann frazier
2018-04-23Fix Vcs link.Steve Langasek
2018-04-05Bump version to 15Version_1515Peter Jones
2018-04-05Audit get_variable() calls for correct FreePool() use.Peter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-05Fix get_variable() usage in setup_verbosity()Peter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-05Make setup_console(-1) do GetMode() and call it from setup_verbosity()Peter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-05Make handle_image() use console_print() not console_notify() on successPeter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-05Fix lib/ rebuild-on-change dependencies in the MakefilePeter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-05Get rid of dprinta(), it's uselessPeter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-04tpm_log_event_raw(): be more careful about EFI_NOT_FOUNDPeter Jones
Don't return EFI_NOT_FOUND from tpm_log_event*() unless we're in REQUIRE_TPM mode. Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-04Make the 'something has gone seriously wrong' message less ambiguousPeter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-04read_header(): fix the case where signatures have been removed.Peter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-04Add another TODO for shim-16Peter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-26 13:19:07 +0000