[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1342131474.3577.47.camel@lyra>
Date: Thu, 12 Jul 2012 16:17:54 -0600
From: Khalid Aziz <khalid.aziz@...com>
To: joeyli <jlee@...e.com>
Cc: linux-kernel@...r.kernel.org, JBottomley@...allels.com,
linux-efi@...r.kernel.org
Subject: Re: Fwd: UEFI Secure boot using qemu-kvm
I Tried to follow the steps Joey had written down (Thanks for doing
that!) on Ubuntu 12.04 and ran into some problems. Here is what I had to
do differently to get it to work:
- Install libssl-dev
- Use "sudo alien --to-deb sbsigntools-0.3-1.1.x86_64.rpm" to convert
sbsigntools package and "dpkg -i" the resulting deb package
- Before building efitools, edit Make.rules and replace "/usr/lib64"
with "/usr/lib"
- Run "make PK.h DB.h KEK.h" followed by "make". Make will fail to build
Loader.so with error being __stack_chk_fail is undefined. Ubuntu's
version of gcc enables stack check by default and adding
-fno-stack-protector to CFLAGS did not help. I haven't figured this one
out yet but Helloworld.efi builds correctly.
- Run "make HelloWorld-kek-signed.efi" to build signed version of hello
world.
- At this point I could fire up qemu and run the signed and unsigned
versions of hello world (HelloWorld-kek-signed.efi and HelloWorld.efi)
with secure boot disabled and enabled after importing PK and KEK as Joey
showed in his instructions.
Hope this helps someone who is trying this on Ubuntu. Now on to figuring
out how to build Loader.efi.
--
Khalid Aziz <khalid.aziz@...com>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists