Skip to content

Commit

Permalink
SkuSiPolicy payload - at the moment this is only for testing
Browse files Browse the repository at this point in the history 
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
  • Loading branch information
@jsetje
jsetje committed Jun 12, 2023
1 parent e6fe55f commit a8e9f89
Show file tree
Hide file tree
Showing 5 changed files with 25 additions and 6 deletions.
31 changes: 25 additions & 6 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,12 +51,19 @@ endef

define add-vendor-sbat
$(OBJCOPY) --add-section ".$(patsubst %.csv,%,$(1))=$(1)" $(2)
endef

define add-skusi
$(OBJCOPY) --add-section ".$(patsubst %.bin,%,$(1))=$(1)" $(2)
endef

SBATPATH = $(TOPDIR)/data/sbat.csv
SBATLEVELLATESTPATH = $(TOPDIR)/data/sbat_level_latest.csv
SBATLEVELPREVIOUSPATH = $(TOPDIR)/data/sbat_level_previous.csv
SSPVLATESTPATH = $(TOPDIR)/data/SkuSiPolicy_latest.bin
SSPSLATESTPATH = $(TOPDIR)/data/SkuSiPolicy_Version_latest.bin
SSPVPREVIOUSPATH = $(TOPDIR)/data/SkuSiPolicy_previous.bin
SSPSPREVIOUSPATH = $(TOPDIR)/data/SkuSiPolicy_Version_previous.bin
VENDOR_SBATS := $(sort $(foreach x,$(wildcard $(TOPDIR)/data/sbat.*.csv data/sbat.*.csv),$(notdir $(x))))

OBJFLAGS =
Expand Down Expand Up @@ -88,19 +95,19 @@ endif

all : certmule.efi revocations.efi

certmule.so : sbat_data.o certmule.o
certmule.so : revocation_data.o certmule.o
certmule.so : SOLIBS=
certmule.so : SOFLAGS=
certmule.so : BUILDFLAGS+=-DVENDOR_DB
certmule.efi : OBJFLAGS = --strip-unneeded $(call VENDOR_DB, $<)
certmule.efi : SECTIONS=.text .reloc .db .sbat
certmule.efi : VENDOR_DB_FILE?=db.esl

revocations.so : sbat_data.o revocations.o
revocations.so : revocation_data.o revocations.o
revocations.so : SOLIBS=
revocations.so : SOFLAGS=
revocations.efi : OBJFLAGS = --strip-unneeded
revocations.efi : SECTIONS=.text .reloc .sbat .sbatl .sbatp
revocations.efi : OBJFLAGS = --strip-unneeded
revocations.efi : SECTIONS=.text .reloc .sbat .sbatl .sbatp .sspvp .sspsp .sspvl .sspsl

revocations.o : certmule.o
cp certmule.o revocations.o
Expand All @@ -114,8 +121,8 @@ endif
$(OBJFLAGS) \
$(FORMAT) $^ $@

sbat_data.o : | $(SBATPATH) $(VENDOR_SBATS)
sbat_data.o : /dev/null
revocation_data.o : | $(SBATPATH) $(VENDOR_SBATS)
revocation_data.o : /dev/null
$(CC) $(BUILDFLAGS) -x c -c -o $@ $<
$(OBJCOPY) --add-section .sbat=$(SBATPATH) \
--set-section-flags .sbat=contents,alloc,load,readonly,data \
Expand All @@ -126,6 +133,18 @@ sbat_data.o : /dev/null
$(OBJCOPY) --add-section .sbatp=$(SBATLEVELPREVIOUSPATH) \
--set-section-flags .sbatp=contents,alloc,load,readonly,data \
$@
$(OBJCOPY) --add-section .sspvl=$(SSPVLATESTPATH) \
--set-section-flags .sspvl=contents,alloc,load,readonly,data \
$@
$(OBJCOPY) --add-section .sspsl=$(SSPSLATESTPATH) \
--set-section-flags .sspsl=contents,alloc,load,readonly,data \
$@
$(OBJCOPY) --add-section .sspvp=$(SSPVPREVIOUSPATH) \
--set-section-flags .sspvp=contents,alloc,load,readonly,data \
$@
$(OBJCOPY) --add-section .sspsp=$(SSPSPREVIOUSPATH) \
--set-section-flags .sspsp=contents,alloc,load,readonly,data \
$@
$(foreach vs,$(VENDOR_SBATS),$(call add-vendor-sbat,$(vs),$@))

%.so : %.o
Expand Down
Binary file added data/SkuSiPolicy_Version_latest.bin
View file
Binary file not shown.
Binary file added data/SkuSiPolicy_Version_previous.bin
View file
Binary file not shown.
Binary file added data/SkuSiPolicy_latest.bin
View file
Binary file not shown.
Binary file added data/SkuSiPolicy_previous.bin
View file
Binary file not shown.

0 comments on commit a8e9f89

Please sign in to comment.