48a2e836ff
This is done for moving packages that are related to secure boot out of LAT and into integ. Use grub version: 2.06-1 . Port grub-efi from LAT and make its build independent from grub2. The patches for code and changes for debian build are ported from layers ( meta-lat and meta-secure-core ) of yocto upstream. Make grub-efi independent from grub2 because some code changes for secure boot can make grub-pc's build fail. This porting of grub-efi customizes grub images and grub.cfg for efi boot. Install those files customized to grub-efi-amd64 package. Test Plan: The tests are done with all the changes for this porting, which involves efitools/shim/grub2/grub-efi/lat-sdk.sh, because they are in a chain for secure boot verification. - PASS: secure boot OK on qemu. - PASS: secure boot OK on PowerEdge R430 lab. - PASS: secure boot NG on qemu/hardware when shim/grub-efi images are without the right signatures. Story: 2009221 Task: 46402 Signed-off-by: Li Zhou <li.zhou@windriver.com> Change-Id: Ia3b482c1959b5e6462fe54f0b0e59a69db1b1ca7
82 lines
2.4 KiB
Diff
82 lines
2.4 KiB
Diff
From 8f26fc39497decab3f9a087d18803447a9b9295f Mon Sep 17 00:00:00 2001
|
|
From: Li Zhou <li.zhou@windriver.com>
|
|
Date: Wed, 31 Aug 2022 13:53:19 +0800
|
|
Subject: [PATCH 1/2] Make series null
|
|
|
|
Clean the patches from debian release to get a clean grub source.
|
|
|
|
Signed-off-by: Li Zhou <li.zhou@windriver.com>
|
|
---
|
|
debian/patches/series | 61 -------------------------------------------
|
|
1 file changed, 61 deletions(-)
|
|
|
|
diff --git a/debian/patches/series b/debian/patches/series
|
|
index 748318a..e69de29 100644
|
|
--- a/debian/patches/series
|
|
+++ b/debian/patches/series
|
|
@@ -1,61 +0,0 @@
|
|
-olpc-prefix-hack.patch
|
|
-core-in-fs.patch
|
|
-dpkg-version-comparison.patch
|
|
-grub-legacy-0-based-partitions.patch
|
|
-disable-floppies.patch
|
|
-grub.cfg-400.patch
|
|
-gfxpayload-keep-default.patch
|
|
-install-stage2-confusion.patch
|
|
-mkrescue-efi-modules.patch
|
|
-mkconfig-loopback.patch
|
|
-restore-mkdevicemap.patch
|
|
-gettext-quiet.patch
|
|
-install-efi-fallback.patch
|
|
-mkconfig-ubuntu-recovery.patch
|
|
-install-locale-langpack.patch
|
|
-mkconfig-nonexistent-loopback.patch
|
|
-default-grub-d.patch
|
|
-blacklist-1440x900x32.patch
|
|
-mkconfig-ubuntu-distributor.patch
|
|
-linuxefi.patch
|
|
-mkconfig-signed-kernel.patch
|
|
-install-signed.patch
|
|
-wubi-no-windows.patch
|
|
-maybe-quiet.patch
|
|
-install-efi-adjust-distributor.patch
|
|
-quick-boot.patch
|
|
-quick-boot-lvm.patch
|
|
-gfxpayload-dynamic.patch
|
|
-vt-handoff.patch
|
|
-probe-fusionio.patch
|
|
-ignore-grub_func_test-failures.patch
|
|
-mkconfig-recovery-title.patch
|
|
-install-powerpc-machtypes.patch
|
|
-ieee1275-clear-reset.patch
|
|
-ppc64el-disable-vsx.patch
|
|
-grub-install-pvxen-paths.patch
|
|
-insmod-xzio-and-lzopio-on-xen.patch
|
|
-grub-install-extra-removable.patch
|
|
-mkconfig-other-inits.patch
|
|
-zpool-full-device-name.patch
|
|
-net-read-bracketed-ipv6-addr.patch
|
|
-bootp-new-net_bootp6-command.patch
|
|
-efinet-uefi-ipv6-pxe-support.patch
|
|
-bootp-process-dhcpack-http-boot.patch
|
|
-efinet-set-network-from-uefi-devpath.patch
|
|
-efinet-set-dns-from-uefi-proto.patch
|
|
-fix-lockdown.patch
|
|
-skip-grub_cmd_set_date.patch
|
|
-bash-completion-drop-have-checks.patch
|
|
-at_keyboard-module-init.patch
|
|
-uefi-secure-boot-cryptomount.patch
|
|
-efi-variable-storage-minimise-writes.patch
|
|
-grub-install-removable-shim.patch
|
|
-dejavu-font-path.patch
|
|
-xen-no-xsm-policy-in-non-xsm-options.patch
|
|
-pc-verifiers-module.patch
|
|
-debug_verifiers.patch
|
|
-mkimage-fix-section-sizes.patch
|
|
-tpm-unknown-error-non-fatal.patch
|
|
-xfs-fix-v4-superblock.patch
|
|
-tests-ahci-update-qemu-device-name.patch
|
|
--
|
|
2.17.1
|
|
|