pool/shim
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
281 Commits 1 Branch 0 Tags 16 MiB
factory
Commit Graph

34 Commits

Author SHA256 Message Date
Joey Lee
05ae7fe0d8 Accepting request 1144843 from home:gary_lin:branches:devel:openSUSE:Factory 
- Update shim-install to set the TPM2 SRK algorithm (bsc#1213945)
  92d0f4305df73 Set the SRK algorithm for the TPM2 protector

OBS-URL: https://build.opensuse.org/request/show/1144843
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=208
 2024-02-15 08:29:23 +00:00
Joey Lee
c5f457c08d Accepting request 1112452 from home:gary_lin:branches:devel:openSUSE:Factory 
- Update shim-install to fix boot failure of ext4 root file system
  on RAID10 (bsc#1205855)
   226c94ca5cfca  Use hint in looking for root if possible
- Adopt the macros from fde-tpm-helper-macros to update the
  signature in the sealed key after a bootloader upgrade

The macros package depends on the latest fde-tools:
https://build.opensuse.org/request/show/1112138

OBS-URL: https://build.opensuse.org/request/show/1112452
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=203
 2023-09-22 08:46:59 +00:00
Gary Ching-Pang Lin
b90dab54cc Accepting request 1087321 from home:gary_lin:branches:devel:openSUSE:Factory 
- Update shim-install to amend full disk encryption support
    b540061e041b  Adopt TPM 2.0 Key File for grub2 TPM 2.0 protector
    f2e8143ce831  Use the long name to specify the grub2 key protector
    72830120e5ea  cryptodisk: support TPM authorized policies
    49e7a0d307f3  Do not use tpm_record_pcrs unless the command is in command.lst

OBS-URL: https://build.opensuse.org/request/show/1087321
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=202
 2023-05-25 12:41:58 +00:00
Joey Lee
171b8de0fc Accepting request 1041831 from home:joeyli:branches:devel:openSUSE:Factory 
Modified shim-install, add patches to support full disk encryption: (jsc#PED-922)

OBS-URL: https://build.opensuse.org/request/show/1041831
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=199
 2022-12-09 09:53:50 +00:00
Joey Lee
63e4498fc9 Accepting request 1006812 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install: ensure grub.cfg created is not overwritten after
  installing grub related files

OBS-URL: https://build.opensuse.org/request/show/1006812
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=193
 2022-09-30 06:58:17 +00:00
Gary Ching-Pang Lin
b088ad9ddf Accepting request 897356 from home:gary_lin:branches:devel:openSUSE:Factory 
- shim-install: reset def_shim_efi to "shim.efi" if the given
  file doesn't exist

OBS-URL: https://build.opensuse.org/request/show/897356
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=182
 2021-06-04 08:21:06 +00:00
Gary Ching-Pang Lin
7f83b4b531 Accepting request 894182 from home:gary_lin:branches:devel:openSUSE:Factory 
- shim-install: instead of assuming "removable" for Azure, remove
  fallback.efi from \EFI\Boot and copy grub.efi/cfg to \EFI\Boot
  to make \EFI\Boot bootable and keep the boot option created by
  efibootmgr (bsc#1185464, bsc#1185961)

- Add shim-bsc1185261-relax-import_mok_state-check.patch to relax
  the check for import_mok_state() when Secure Boot is off.
  (bsc#1185261)

OBS-URL: https://build.opensuse.org/request/show/894182
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=181
 2021-05-19 01:26:58 +00:00
Gary Ching-Pang Lin
d24e6a73df Accepting request 891229 from home:gary_lin:branches:devel:openSUSE:Factory 
shim-install: always assume "removable" for Azure to avoid the endless reset loop (bsc#1185464)

OBS-URL: https://build.opensuse.org/request/show/891229
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=180
 2021-05-07 08:38:12 +00:00
Gary Ching-Pang Lin
ad2aeff5ac Accepting request 845367 from home:gary_lin:branches:devel:openSUSE:Factory 
- Add shim-bsc1177315-verify-eku-codesign.patch to check CodeSign
  in the signer's EKU (bsc#1177315)
- Add shim-bsc1177789-fix-null-pointer-deref-AuthenticodeVerify.patch
  to fix NULL pointer dereference in AuthenticodeVerify()
  (bsc#1177789, CVE-2019-14584)
- shim-install: Support changing default shim efi binary in
  /usr/etc/default/shim and /etc/default/shim (bsc#1177315)
- Add shim-bsc1177315-fix-buffer-use-after-free.patch to fix buffer
  use-after-free at the end of the EKU verification (bsc#1177315)

OBS-URL: https://build.opensuse.org/request/show/845367
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=168
 2020-11-03 06:49:18 +00:00
Gary Ching-Pang Lin
d1e5e5e18a Accepting request 828865 from home:gary_lin:branches:devel:openSUSE:Factory 
install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656)

OBS-URL: https://build.opensuse.org/request/show/828865
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=164
 2020-08-24 08:28:08 +00:00
Gary Ching-Pang Lin
ccb8d59de9 Accepting request 822324 from home:gary_lin:branches:devel:openSUSE:Factory 
Update the path to grub-tpm.efi in shim-install (bsc#1174320)

OBS-URL: https://build.opensuse.org/request/show/822324
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=159
 2020-07-23 08:39:45 +00:00
Gary Ching-Pang Lin
f673bb4d2e Accepting request 790062 from home:gary_lin:branches:devel:openSUSE:Factory 
Use the full path of efibootmgr to avoid errors when invoking shim-install from packagekitd (bsc#1168104)

OBS-URL: https://build.opensuse.org/request/show/790062
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=157
 2020-03-31 09:46:57 +00:00
Gary Ching-Pang Lin
7ef93b059a Accepting request 751177 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install: add check for btrfs is used as root file system to enable
  relative path lookup for file. (bsc#1153953)

OBS-URL: https://build.opensuse.org/request/show/751177
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=154
 2019-11-27 07:50:22 +00:00
Gary Ching-Pang Lin
441cbe7c4c Accepting request 723852 from home:gary_lin:branches:devel:openSUSE:Factory 
Fix a typo in shim-install (bsc#1145802)

OBS-URL: https://build.opensuse.org/request/show/723852
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=153
 2019-08-16 04:12:38 +00:00
Gary Ching-Pang Lin
f402a003c4 Accepting request 668546 from home:gary_lin:branches:devel:openSUSE:Factory 
- Move 'efi'-executables to '/usr/share/efi'  (FATE#326960)
  (preparing the move to 'noarch' for this package)

OBS-URL: https://build.opensuse.org/request/show/668546
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=146
 2019-01-25 09:28:34 +00:00
Gary Ching-Pang Lin
426b9f297b Accepting request 665689 from home:gary_lin:branches:devel:openSUSE:Factory 
Update shim-install to handle the partitioned MD devices (bsc#1119762, bsc#1119763)

OBS-URL: https://build.opensuse.org/request/show/665689
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=145
 2019-01-14 10:23:56 +00:00
Gary Ching-Pang Lin
a0cfc31263 Accepting request 655465 from home:gary_lin:branches:devel:openSUSE:Factory 
- Update shim-install to specify the target for grub2-install and
  change the boot efi file name according to the architecture
  (bsc#1118363, FATE#325971)

OBS-URL: https://build.opensuse.org/request/show/655465
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=143
 2018-12-06 03:11:43 +00:00
Gary Ching-Pang Lin
a9fcc4ee9a Accepting request 482059 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install: add option --suse-enable-tpm (fate#315831)

OBS-URL: https://build.opensuse.org/request/show/482059
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=126
 2017-03-23 06:44:52 +00:00
Gary Ching-Pang Lin
da918f60a8 Accepting request 429445 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install :
  * add option --no-nvram (bsc#999818)
  * improve removable media and fallback mode handling

OBS-URL: https://build.opensuse.org/request/show/429445
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=121
 2016-09-23 04:31:17 +00:00
Gary Ching-Pang Lin
1c133127ad Accepting request 423923 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install : fix regression of password prompt (bsc#993764)

OBS-URL: https://build.opensuse.org/request/show/423923
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=119
 2016-08-31 06:30:53 +00:00
Gary Ching-Pang Lin
8fa2e58431 Accepting request 416362 from home:gary_lin:branches:devel:openSUSE:Factory 
- Add shim-httpboot-support.patch to support HTTPBoot
- Add shim-update-openssl-1.0.2g.patch to update openssl to 1.0.2g
  and Cryptlib to 5e2318dd37a51948aaf845c7d920b11f47cdcfe6
- Drop patches since they are merged into
  shim-update-openssl-1.0.2g.patch
  + shim-update-openssl-1.0.2d.patch
  + shim-gcc5.patch
  + shim-bsc950569-fix-cryptlib-va-functions.patch
  + shim-fix-aarch64.patch
- Refresh shim-change-debug-file-path.patch
- Add shim-bsc973496-mokmanager-no-append-write.patch to work
  around the firmware that doesn't support APPEND_WRITE (bsc973496)
- shim-install : remove '\n' from the help message (bsc#991188)
- shim-install : print a message if there is no valid EFI partition
  (bsc#991187)

OBS-URL: https://build.opensuse.org/request/show/416362
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=115
 2016-08-01 10:00:26 +00:00
Gary Ching-Pang Lin
b08dc48a8d Accepting request 394342 from home:rwill:branches:devel:openSUSE:Factory 
- shim-install : support simple MD RAID1 target devices (FATE#314829)

OBS-URL: https://build.opensuse.org/request/show/394342
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=113
 2016-05-10 02:05:30 +00:00
Gary Ching-Pang Lin
ff93d13920 Accepting request 368964 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install : fix typing ESC can escape to parent config which is
  in command mode and cannot return back (bsc#966701) 
- shim-install : fix no which command for JeOS (bsc#968264)

OBS-URL: https://build.opensuse.org/request/show/368964
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=110
 2016-03-09 09:57:29 +00:00
Gary Ching-Pang Lin
a181a27e27 Accepting request 330987 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install : set default GRUB_DISTRIBUTOR from /etc/os-release
  if it is empty or not set by user (bsc#942519)

OBS-URL: https://build.opensuse.org/request/show/330987
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=102
 2015-09-15 14:00:13 +00:00
Gary Ching-Pang Lin
7744cfd81f Accepting request 287615 from home:michael-chang:boo917427 
- shim-install : fix cryptodisk installation (boo#917427)

OBS-URL: https://build.opensuse.org/request/show/287615
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=93
 2015-02-25 07:41:52 +00:00
Gary Ching-Pang Lin
12d0642c1a Accepting request 243573 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install: fix GRUB shows broken letters at boot by calling
  grub2-install to initialize /boot/grub2 directory with files 
  needed by grub.cfg (bnc#889765)

OBS-URL: https://build.opensuse.org/request/show/243573
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=77
 2014-08-04 09:46:50 +00:00
Gary Ching-Pang Lin
2562b2ffce Accepting request 231974 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install: fix boot partition and rollback support kluge
  (bnc#875385)

OBS-URL: https://build.opensuse.org/request/show/231974
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=74
 2014-04-29 07:55:23 +00:00
Stephan Kulow
fa8f2b475d osc copypac from project:devel:openSUSE:Factory package:shim revision:71 
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=73
 2014-04-29 07:15:01 +00:00
OBS User buildservice-autocommit
b518987796 Updating link to change in openSUSE:Factory/shim revision 31.0 
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=7a81e86df566f93dbe199635b458d416
 2014-04-21 09:05:08 +00:00
Gary Ching-Pang Lin
062d82ccf6 Accepting request 228324 from home:michael-chang:branches:devel:openSUSE:Factory 
- snapper rollback support (fate#317062)
  - refresh shim-install

OBS-URL: https://build.opensuse.org/request/show/228324
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=69
 2014-03-31 13:30:21 +00:00
Gary Ching-Pang Lin
466149ebe7 Accepting request 224828 from home:michael-chang:branches:devel:openSUSE:Factory 
- shim-install: fix the $prefix to use grub2-mkrelpath for paths
  on btrfs subvolume (bnc#866690).

OBS-URL: https://build.opensuse.org/request/show/224828
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=64
 2014-03-06 04:08:12 +00:00
Gary Ching-Pang Lin
ac40989026 Accepting request 224563 from home:gary_lin:branches:devel:openSUSE:Factory 
FATE#315002: Update shim-install to install shim.efi as the EFI default bootloader when none exists in \EFI\boot.

OBS-URL: https://build.opensuse.org/request/show/224563
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=62
 2014-03-04 04:32:46 +00:00
Gary Ching-Pang Lin
abecbcfee6 Accepting request 200505 from home:gary_lin:branches:devel:openSUSE:Factory 
Create boot.csv in ESP for fallback.efi to restore the boot entry

OBS-URL: https://build.opensuse.org/request/show/200505
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=46
 2013-09-25 08:08:02 +00:00
Stephan Kulow
0f6fe46307 Accepting request 151556 from devel:openSUSE:Factory 
- Sign shim-opensuse.efi and MokManager.efi with the openSUSE cert
- Add shim-keep-unsigned-mokmanager.patch to keep the unsigned
  MokManager and sign it later. (forwarded request 151555 from gary_lin)

OBS-URL: https://build.opensuse.org/request/show/151556
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/shim?expand=0&rev=6
 2013-02-07 13:54:45 +00:00