Using conf.set() with a boolean argument does the right thing:
either #ifdef or #undef. This means that conf.set can be used unconditionally.
Previously I used '1' as the placeholder value, and that needs to be changed to
'true' for consistency (under meson 1 cannot be used in boolean context). All
checks need to be adjusted.
This fixes ldsdir detection under Debian.
v2:
- define gnu_efi_arch for the arch efi include directory name
In the autotools naming convention, efi_arch and this directory always had
the same name. But meson.cpu_family() uses a slightly different convention,
so those two don't always match.
Shell scripts should be executable so that meson reports their
invocation succinctly (does not print 'sh' '-e').
Python scripts should not be executable so that meson does the
detection of the right python binary itself.
Add -u everywhere to catch potential errors.
The indentation for emacs'es meson-mode is added .dir-locals.
All files are reindented automatically, using the lasest meson-mode from git.
Indentation should now be fairly consistent.
This allow test-efi-disk.img to be created under meson.
The invocation of qemu is not converted yet, in particular because the
command-line used in Makefile.am is outdated.
This doesn't feel as natural, but is more consistent with the boolean options
which require true/false, and allows setting of options without knowing of
which type the option is.
This is a very straightforward conversion of the rules in Makefile.am.
Generated objects (on arm64) are identical.
The only difference in executed commands is that automake uses ld -m
elf_x86_64, without us specifying the -m option anywhere. I suspect that
using the default for the given linker should be OK, so it's fine to just
skip it.
We defined both $(VERSION) and $(PACKAGE_VERSION) with the same contents.
$(PACKAGE_VERSION) is slightly more descriptive, so settle on that, and
drop the other define.
With some UEFI shells LoadOptionsSize is reported being > 0
but the corresponding LoadOptions does not contain any data
(the first element has value 0).
When that happens, the stub feature that allows .cmdline to be
replaced by what's in LoadOptions ends up copying nothing/random
data to the kernel cmdline resulting in different kinds of boot
problems.
To fix this, add a check to see if LoadOptions contains data
before replacing the .cmdline.
Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com>
According to TCG EFI Protocol Specification for TPM 2.0 family,
all events generated after the invocation of EFI_TCG2_GET_EVENT_LOG
shall be stored in an instance of an EFI_CONFIGURATION_TABLE aka
EFI TCG 2.0 final events table. Hence, it is necessary to trigger the
internal switch through calling get_event_log() in order to allow
to retrieve the logs from OS runtime.
msekletar:
> I've looked at EDK2 and indeed log entry is added to FinalEventsTable only after
> EFI_TCG2_PROTOCOL.GetEventLog was called[1][2]. Also, same patch was currently
> merged to shim by Peter Jones [3].
[1] https://github.com/tianocore/edk2/blob/master/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c#L698
[2] https://github.com/tianocore/edk2/blob/master/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c#L824
[3] rhinstaller/shim#64
WaitForKeyEx may never return on some UEFI systems depending
on firmware, hardware configuration and the phase of the moon.
Use ConIn->WaitForKey unconditionally instead.
Fixes#3632
The UEFI BIOS already hashes the contents of the loaded image, so the
initrd and the command line of the binary are recorded.
Because manually added LoadOptions are not taken into account, these
should be recorded also.
This patch logs and extends a TPM PCR register with the LoadOptions.
This feature can be enabled with configure --enable-tpm
The PCR register index can be specified with
configure --with-tpm-pcrindex=<NUM>
If Linux efi stub is used, embedded cmdline in efi stub is
not shown. As a result, it is required to rewrite all the
line, if is only required to modify it. This behavior only
happen using Linux efi stub.
This patch allows boot loader to show embedded cmdline when
'e' key is pressed to edit boot loader options.
According to os-release(5), VERSION_ID is not mandatory and BUILD_ID only
needs to be unique underneath VERSION_ID. Therefore, assuming a missing
VERSION_ID field means 'empty', we can rely on BUILD_ID to be unique.
Use BUILD_ID if VERSION_ID is not present. This way, rolling-release
distros can still provide a proper os-release entry without crafting
random VERSION_ID strings.
This fixes#186.
There is no guarantee that the os-release section contains each key only
once, nor any guarantee that all keys are present. Make sure we properly
free memory in both cases.
Not that it matters much, as we're short-living, anyway. But correct code
is always nicer to read..
What used to be gummiboot, was renamed sd-boot when it was merged into
systemd. Let's try to be a bit more consistent with the rest of systemd
and rename it again as follows:
The EFI bootloader is now called 'systemd-bootx64.efi', and its sources are in
'src/boot/efi/'. The drop-in directory where bootctl will find EFI loaders
is now /usr/lib/systemd/boot/efi/.
