From nobody Fri Sep 15 14:59:46 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RnHR70DDkz4sjrW; Fri, 15 Sep 2023 14:59:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RnHR66tDDz4MsY; Fri, 15 Sep 2023 14:59:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694789987; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zkEuTPihnUBWZaBTQxsyQX5mGfE2DlHdlQIJobInJA4=; b=dvGAPHlg4IW/D5asYjHEDkpxghjhPEYrHh6rtOV1xc5kzR4lmQ0x1DgGdZaT7k9oGkQrPa Po8FgnJ6e8Lr8K5bENb1DBe/gupXaExiMwqxG1AaJvknVj7sgCc/wDdw4CoO0tu87BGjAR AwdUPCYCv0XBczoTgraI9/ZDe5MM0uon8NRXFrRoTrGYXuOz2ahFN4r/Stqw1C36f5ZVGb si1Kq8el5DQtFThupDQeZqJY6YvsEwPuaix8jhN2Evh9cNSWPJu4WHgNgQKwAXj6BoUx8e hJHzh578X0frSbP5/JoxTy2i9uW9mv4f7v5YA/JDh9PFRlP4V9GfqWnsT1Z6ag== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694789987; a=rsa-sha256; cv=none; b=DPeqJ81GoUEsUunLRPH9WpEhCQqfc2O3gsviKNvhk5ifOdkEAm6XJIYCWhV/dxZBuhG2Po WHJWO2oysvQDJASyZX7gt21LF8j6ZRbcgxYU7drSh3YhSRHEsUS05ax2+lPS5uQjbj35jJ v+50ion0F9kVhFadX0vytrBxo6P8JwQA6WN5/qusm6vYOavnFykBcyO/swP4p0VUb0Q45n tmmggu49pHzkrKLGWkQMsWATZimJrFXqeiLGxIcdzzaTXYRnnuXd+/rTAabVpF0Bl1KYZD f4tx4i3GoWFakzgh4nWW8ltGuhU1QPpDZqy/qruDjaNxee3lIbxnKc3rwEe2hg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694789987; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zkEuTPihnUBWZaBTQxsyQX5mGfE2DlHdlQIJobInJA4=; b=Y4MDJ8welyvunCrAG5KVUMp9iQWR0NdA8Msuqw6W8VTA7fFBtWrbZV82KVDz9zrxzsEyB2 drOFiMrVoPeC+XVpN/vpRzQRH5em4Qg9oGL8xNyDjBOHYRXXM6ZhRWvJEmADmiV2uLzOG0 /43OFVLyLCUDaVc+XqXk8zoq2ULyW6mp9whFxBXddJRlYzkSHANzCMz7MCF6ZOlRRewWfe OhV6bTB0p57Ngio1Xgbk9QK/BnxU7xILH0nNPjWYKF4uMHFfBhbNWWxaPGOIY7o36b+bQy kuU4I4ReeQ9vQXpp5Eoq9C8risTVjdftksTkQYm/AiWcvmuuXHKafyFgojAlSA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RnHR65qWVzCXd; Fri, 15 Sep 2023 14:59:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38FExkoT074037; Fri, 15 Sep 2023 14:59:46 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38FExkFT074034; Fri, 15 Sep 2023 14:59:46 GMT (envelope-from git) Date: Fri, 15 Sep 2023 14:59:46 GMT Message-Id: <202309151459.38FExkFT074034@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Corvin =?utf-8?Q?K=C3=B6hne?= Subject: git: 46375fd00293 - main - sysutils/edk2: enable secure boot on bhyve List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: corvink X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 46375fd002931ec59e73f02f78a0c228c3a85e36 Auto-Submitted: auto-generated The branch main has been updated by corvink: URL: https://cgit.FreeBSD.org/ports/commit/?id=46375fd002931ec59e73f02f78a0c228c3a85e36 commit 46375fd002931ec59e73f02f78a0c228c3a85e36 Author: Corvin Köhne AuthorDate: 2023-09-15 09:55:18 +0000 Commit: Corvin Köhne CommitDate: 2023-09-15 14:59:37 +0000 sysutils/edk2: enable secure boot on bhyve Everything is ready in edk2 for secure boot. To make use of secure boot you have to boot into an EFI shell and install your keys. Booting an EFI shell can be done by starting bhyve without any image attached to it. More information on how to generate and install keys can be found in the ACRN documentation [1]. Note that that secure boot capable UEFI implementation is required to meet the Windows 11 requirements. [1] https://projectacrn.github.io/3.2/tutorials/waag-secure-boot.html Reviewed by: manu Approved by: manu Sponsored by: Beckhoff Automation GmbH & Co. KG Differential Revision: https://reviews.freebsd.org/D41869 --- sysutils/edk2/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sysutils/edk2/Makefile b/sysutils/edk2/Makefile index a6131c3127c8..d68e296d2242 100644 --- a/sysutils/edk2/Makefile +++ b/sysutils/edk2/Makefile @@ -1,6 +1,6 @@ PORTNAME= edk2 PORTVERSION= g202308 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= sysutils PATCH_SITES= https://github.com/${GH_ACCOUNT}/${GH_PROJECT}/commit/ @@ -115,6 +115,7 @@ ONLY_FOR_ARCHS= amd64 ONLY_FOR_ARCHS_REASON= Bhyve only runs on x64 PLAT= bhyve PLAT_ARCH= X64 +PLAT_ARGS+= -D SECURE_BOOT_ENABLE=TRUE PLAT_TARGET= RELEASE PLATFILE= OvmfPkg/Bhyve/BhyveX64.dsc PLAT_RESULT= BhyveX64/${PLAT_TARGET}_GCC5/FV/BHYVE.fd