48a2e836ff
This is done for moving packages that are related to secure boot
out of LAT and into integ.
Use grub version: 2.06-1 .
Port grub-efi from LAT and make its build independent from grub2.
The patches for code and changes for debian build are ported from
layers ( meta-lat and meta-secure-core ) of yocto upstream.
Make grub-efi independent from grub2 because some code changes
for secure boot can make grub-pc's build fail.
This porting of grub-efi customizes grub images and grub.cfg for
efi boot. Install those files customized to grub-efi-amd64 package.
Test Plan:
The tests are done with all the changes for this porting,
which involves efitools/shim/grub2/grub-efi/lat-sdk.sh, because
they are in a chain for secure boot verification.
- PASS: secure boot OK on qemu.
- PASS: secure boot OK on PowerEdge R430 lab.
- PASS: secure boot NG on qemu/hardware when shim/grub-efi images
are without the right signatures.
Story: 2009221
Task: 46402
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Change-Id: Ia3b482c1959b5e6462fe54f0b0e59a69db1b1ca7
83 lines
2.5 KiB
Diff
83 lines
2.5 KiB
Diff
From 3d9946f69f5ec17da747aa683ff7b5ccf9c31252 Mon Sep 17 00:00:00 2001
|
|
From: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
|
|
Date: Fri, 27 Mar 2015 08:01:41 -0700
|
|
Subject: [PATCH] pe32.h: add header structures for TE and DOS executables
|
|
|
|
Upstream-Status: Inappropriate [embedded specific]
|
|
|
|
Add header structures to describe the Terse Executable format and
|
|
the DOS header format for executable images.
|
|
|
|
These definitions are needed in subsequent commits to parse and
|
|
verify the identity of the executable image when utilizing a shim
|
|
to boot LUV.
|
|
|
|
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
|
|
|
|
Add definitions of macros IMAGE_FILE_MACHINE_* which is involved by
|
|
0004-efi-chainloader-port-shim-to-grub.patch.
|
|
|
|
Signed-off-by: Kai Kang <kai.kang@windriver.com>
|
|
---
|
|
include/grub/efi/pe32.h | 46 +++++++++++++++++++++++++++++++++++++++++
|
|
1 file changed, 46 insertions(+)
|
|
|
|
diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h
|
|
index 0ed8781..de3a720 100644
|
|
--- a/include/grub/efi/pe32.h
|
|
+++ b/include/grub/efi/pe32.h
|
|
@@ -331,4 +331,50 @@ struct grub_pe32_reloc
|
|
#define GRUB_PE32_REL_I386_DIR32 0x6
|
|
#define GRUB_PE32_REL_I386_REL32 0x14
|
|
|
|
+//
|
|
+// PE32+ Machine type for EFI images
|
|
+//
|
|
+#define IMAGE_FILE_MACHINE_I386 0x014c
|
|
+#define IMAGE_FILE_MACHINE_IA64 0x0200
|
|
+#define IMAGE_FILE_MACHINE_EBC 0x0EBC
|
|
+#define IMAGE_FILE_MACHINE_X64 0x8664
|
|
+#define IMAGE_FILE_MACHINE_ARMTHUMB_MIXED 0x01c2
|
|
+#define IMAGE_FILE_MACHINE_ARM64 0xaa64
|
|
+
|
|
+struct grub_te_header
|
|
+{
|
|
+ grub_uint16_t signature;
|
|
+ grub_uint16_t machine;
|
|
+ grub_uint8_t num_sections;
|
|
+ grub_uint8_t subsystem;
|
|
+ grub_uint16_t stripped_size;
|
|
+ grub_uint32_t entry_point;
|
|
+ grub_uint32_t code_base;
|
|
+ grub_uint64_t image_base;
|
|
+ struct grub_pe32_data_directory data_directory[2];
|
|
+};
|
|
+
|
|
+struct grub_dos_header
|
|
+{
|
|
+ grub_uint16_t magic;
|
|
+ grub_uint16_t cblp;
|
|
+ grub_uint16_t cp;
|
|
+ grub_uint16_t crlc;
|
|
+ grub_uint16_t cparhdr;
|
|
+ grub_uint16_t minalloc;
|
|
+ grub_uint16_t maxalloc;
|
|
+ grub_uint16_t ss;
|
|
+ grub_uint16_t sp;
|
|
+ grub_uint16_t csum;
|
|
+ grub_uint16_t ip;
|
|
+ grub_uint16_t cs;
|
|
+ grub_uint16_t lfarlc;
|
|
+ grub_uint16_t ovno;
|
|
+ grub_uint16_t res[4];
|
|
+ grub_uint16_t oemid;
|
|
+ grub_uint16_t oeminfo;
|
|
+ grub_uint16_t res2[10];
|
|
+ grub_uint32_t lfanew;
|
|
+};
|
|
+
|
|
#endif /* ! GRUB_EFI_PE32_HEADER */
|
|
--
|
|
2.17.1
|
|
|