summaryrefslogtreecommitdiff
path: root/Makefile
AgeCommit message (Collapse)Author
2013-06-10Remove FALLBACK_OBJS during clean as well.Peter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2013-06-10Make sure all the Makefiles use the same arguments for mmx/sse/ms_abi.Peter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2013-05-31Don't use MMX and SSE registers, they aren't initialized.Peter Jones
GCC 4.8.0 will try to use these by default, and you'll wind up looping across the (uninitialized!) trap handler for uninitialized instructions. Signed-off-by: Peter Jones <pjones@redhat.com>
2013-05-16Bump version to 0.3Peter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2013-05-16Use MS ABI instead of terrible wrappers.Peter Jones
This means that we now require gnu-efi 3.0s Signed-off-by: Peter Jones <pjones@redhat.com>
2013-04-30Add a fallback loader for when shim is invoked as BOOTX64.EFIPeter Jones
If shim is invoked as \EFI\BOOT\BOOT*.EFI and a file exists named \EFI\BOOT\FALLBACK.EFI, try it instead of our second stage. So don't put fallback.efi on your install media in \EFI\BOOT, because that won't do whatever it is you're hoping for, unless you're hoping not to start the installer. So here's the process for using this: in /EFI/fedora/ (or whichever directory you happen to own), you put: shim.efi grub.efi boot.csv - format is: shim.efi,Nice Label,cmdline arguments,comments - filenames refer only to files in this directory, with no leading characters such as L"./" or L"/EFI/fedora/" - note that while this is CSV, the character encoding is UCS-2 and if /EFI/BOOT/BOOTX64.EFI doesn't already exist, then in /EFI/BOOT: shim.efi as BOOTX64.EFI fallback.efi Signed-off-by: Peter Jones <pjones@redhat.com>
2012-11-26Sign MokManager with a locally-generated keyMatthew Garrett
shim needs to verify that MokManager hasn't been modified, but we want to be able to support configurations where shim is shipped without a vendor certificate. This patch adds support for generating a certificate at build time, incorporating the public half into shim and signing MokManager with the private half. It uses pesign and nss, but still requires openssl for key generation. Anyone using sbsign will need to figure this out for themselves.
2012-11-01Bump versionMatthew Garrett
This seems pretty much functionally complete, so let's call it 0.2.
2012-11-01Merge branch 'mok' into netbootMatthew Garrett
Conflicts: Makefile shim.c
2012-10-23Support a vendor-specific DBX list.Peter Jones
In some rare corner cases, it's useful to add a blacklist of things that were allowed by a copy of shim that was never signed by the UEFI signing service. In these cases it's okay for them to go into a local dbx, rather than taking up precious flash. Signed-off-by: Peter Jones <pjones@redhat.com>
2012-10-12Add draft version of Neil's netboot codeMatthew Garrett
2012-09-26Build debug image for all efi filesGary Ching-Pang Lin
2012-09-11Add a separate efi application to manage MOKsGary Ching-Pang Lin
2012-09-06Add some convenience make targets.Peter Jones
Adds targets for "test-archive" and "archive"
2012-09-06Allow specification of vendor_cert through a build command line option.Peter Jones
This allows you to specify the vendor_cert as a file on the command line during build.
2012-07-09Improve makefileMatthew Garrett
2012-07-02Build a debug imageMatthew Garrett
2012-06-19Fix build somewhatMatthew Garrett
2012-06-18Add crypto librariesMatthew Garrett
2012-05-30Add image verificationMatthew Garrett
2012-04-11Initial commitMatthew Garrett
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-02 19:08:16 +0000