git: 46375fd00293 - main - sysutils/edk2: enable secure boot on bhyve
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 15 Sep 2023 14:59:46 UTC
The branch main has been updated by corvink:
URL: https://cgit.FreeBSD.org/ports/commit/?id=46375fd002931ec59e73f02f78a0c228c3a85e36
commit 46375fd002931ec59e73f02f78a0c228c3a85e36
Author: Corvin Köhne <corvink@FreeBSD.org>
AuthorDate: 2023-09-15 09:55:18 +0000
Commit: Corvin Köhne <corvink@FreeBSD.org>
CommitDate: 2023-09-15 14:59:37 +0000
sysutils/edk2: enable secure boot on bhyve
Everything is ready in edk2 for secure boot. To make use of secure boot
you have to boot into an EFI shell and install your keys. Booting an EFI
shell can be done by starting bhyve without any image attached to it.
More information on how to generate and install keys can be found in the
ACRN documentation [1].
Note that that secure boot capable UEFI implementation is required to
meet the Windows 11 requirements.
[1] https://projectacrn.github.io/3.2/tutorials/waag-secure-boot.html
Reviewed by: manu
Approved by: manu
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D41869
---
sysutils/edk2/Makefile | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sysutils/edk2/Makefile b/sysutils/edk2/Makefile
index a6131c3127c8..d68e296d2242 100644
--- a/sysutils/edk2/Makefile
+++ b/sysutils/edk2/Makefile
@@ -1,6 +1,6 @@
PORTNAME= edk2
PORTVERSION= g202308
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= sysutils
PATCH_SITES= https://github.com/${GH_ACCOUNT}/${GH_PROJECT}/commit/
@@ -115,6 +115,7 @@ ONLY_FOR_ARCHS= amd64
ONLY_FOR_ARCHS_REASON= Bhyve only runs on x64
PLAT= bhyve
PLAT_ARCH= X64
+PLAT_ARGS+= -D SECURE_BOOT_ENABLE=TRUE
PLAT_TARGET= RELEASE
PLATFILE= OvmfPkg/Bhyve/BhyveX64.dsc
PLAT_RESULT= BhyveX64/${PLAT_TARGET}_GCC5/FV/BHYVE.fd