[oe-commits] [openembedded-core] branch master updated: ovmf: fix secureboot PACKAGECONFIG + OpenSSL update
git at git.openembedded.org
git at git.openembedded.org
Fri Jun 16 09:58:47 UTC 2017
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch master
in repository openembedded-core.
The following commit(s) were added to refs/heads/master by this push:
new 1d9a88f ovmf: fix secureboot PACKAGECONFIG + OpenSSL update
1d9a88f is described below
commit 1d9a88f635549e68562de681e297b9270ad02d4e
Author: Patrick Ohly <patrick.ohly at intel.com>
AuthorDate: Fri Jun 16 11:53:48 2017 +0200
ovmf: fix secureboot PACKAGECONFIG + OpenSSL update
The recent ovmf update broke secureboot because upstream changed the
way how openssl gets compiled into ovmf. It's now integrated directly
into the ovmf build process, without having to patch it first.
In addition, more recent OpenSSL releases are supported. 1.1.0e was
explicitly mentioned in the ovmf commits and because the current
1.1.0f only has minor build enhancements, 1.1.0e is used here.
Signed-off-by: Patrick Ohly <patrick.ohly at intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
meta/recipes-core/ovmf/ovmf_git.bb | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb
index 5d7216e..28f0cde 100644
--- a/meta/recipes-core/ovmf/ovmf_git.bb
+++ b/meta/recipes-core/ovmf/ovmf_git.bb
@@ -18,14 +18,16 @@ SRC_URI = "git://github.com/tianocore/edk2.git;branch=master \
file://no-stack-protector-all-archs.patch \
"
+OPENSSL_RELEASE = "openssl-1.1.0e"
+
SRC_URI_append_class-target = " \
- ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'http://www.openssl.org/source/openssl-1.0.2j.tar.gz;name=openssl;subdir=${S}/CryptoPkg/Library/OpensslLib', '', d)} \
+ ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'http://www.openssl.org/source/${OPENSSL_RELEASE}.tar.gz;name=openssl;subdir=${S}/CryptoPkg/Library/OpensslLib', '', d)} \
file://0007-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch \
"
SRCREV="ec4910cd3336565fdb61dafdd9ec4ae7a6160ba3"
-SRC_URI[openssl.md5sum] = "96322138f0b69e61b7212bc53d5e912b"
-SRC_URI[openssl.sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"
+SRC_URI[openssl.md5sum] = "51c42d152122e474754aea96f66928c6"
+SRC_URI[openssl.sha256sum] = "57be8618979d80c910728cfc99369bf97b2a1abd8f366ab6ebdee8975ad3874c"
inherit deploy
@@ -187,10 +189,7 @@ do_compile_class-target() {
# building with Secure Boot enabled.
bbnote "Building with Secure Boot."
rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX
- if ! [ -f ${S}/CryptoPkg/Library/OpensslLib/openssl-*/edk2-patch-applied ]; then
- ( cd ${S}/CryptoPkg/Library/OpensslLib/openssl-* && patch -p1 <$(echo ../EDKII_openssl-*.patch) && touch edk2-patch-applied )
- fi
- ( cd ${S}/CryptoPkg/Library/OpensslLib/ && ./Install.sh )
+ ln -sf ${OPENSSL_RELEASE} ${S}/CryptoPkg/Library/OpensslLib/openssl
${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER} ${OVMF_SECURE_BOOT_FLAGS}
ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.secboot.fd
ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.secboot.code.fd
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list