mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-29 01:21:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

sys-boot/shim: Add a use flag to use a DER files for shim builds

Browse Source 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
This commit is contained in:
Sayan Chowdhury 2024-09-05 22:57:55 +05:30 committed by James Le Cuirot
parent d18a373cb7
commit b8f290bae4
No known key found for this signature in database
GPG Key ID: 1226415D00DD3137
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sdk_container/src/third_party/coreos-overlay/sys-boot/shim/shim-15.8-r1.ebuild → sdk_container/src/third_party/coreos-overlay/sys-boot/shim/shim-15.8-r2.ebuild vendored
View File

@ -11,7 +11,7 @@ KEYWORDS="amd64 arm64"
LICENSE="BSD" LICENSE="BSD"
SLOT="0" SLOT="0"
IUSE="" IUSE="official"
RDEPEND="" RDEPEND=""
# TODO: Would be ideal to depend on sys-boot/gnu-efi package, but # TODO: Would be ideal to depend on sys-boot/gnu-efi package, but
@ -42,7 +42,15 @@ src_compile() {
emake_args+=( ARCH=aarch64 ) emake_args+=( ARCH=aarch64 )
fi fi
emake_args+=( ENABLE_SBSIGN=1 ) emake_args+=( ENABLE_SBSIGN=1 )
if use official; then
if [ -z "${SHIM_SIGNING_CERTIFICATE}" ]; then
die "use production flag needs env SHIM_SIGNING_CERTIFICATE"
fi
emake_args+=( VENDOR_CERT_FILE="${SHIM_SIGNING_CERTIFICATE}" )
else
emake_args+=( VENDOR_CERT_FILE="/usr/share/sb_keys/shim.der" ) emake_args+=( VENDOR_CERT_FILE="/usr/share/sb_keys/shim.der" )
fi
emake "${emake_args[@]}" || die emake "${emake_args[@]}" || die
} }