payloads/iPXE: Hook up TRUST_CMD switch
Change-Id: Ia4f5d4140eeb8625c5ee41e38f048658db28a199 Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/79684 Reviewed-by: Felix Singer <service+coreboot-gerrit@felixsinger.de> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
committed by
Felix Singer
parent
fda9d75d90
commit
0306cc2bbd
1
payloads/external/Makefile.mk
vendored
1
payloads/external/Makefile.mk
vendored
@@ -381,6 +381,7 @@ payloads/external/iPXE/ipxe/ipxe.rom ipxe: $(DOTCONFIG) $(IPXE_CONFIG_SCRIPT)
|
||||
CONFIG_HAS_SCRIPT=$(CONFIG_IPXE_ADD_SCRIPT) \
|
||||
CONFIG_IPXE_NO_PROMPT=$(CONFIG_IPXE_NO_PROMPT) \
|
||||
CONFIG_IPXE_HAS_HTTPS=$(CONFIG_IPXE_HAS_HTTPS) \
|
||||
CONFIG_PXE_TRUST_CMD=$(CONFIG_PXE_TRUST_CMD) \
|
||||
MFLAGS= MAKEFLAGS=
|
||||
|
||||
# LinuxBoot
|
||||
|
9
payloads/external/iPXE/Kconfig
vendored
9
payloads/external/iPXE/Kconfig
vendored
@@ -108,7 +108,16 @@ config IPXE_HAS_HTTPS
|
||||
Enable HTTPS protocol, which allows you to encrypt all communication
|
||||
with a web server and to verify the server's identity
|
||||
|
||||
config PXE_TRUST_CMD
|
||||
bool "Enable TRUST commands"
|
||||
default y
|
||||
help
|
||||
Enable imgverify and imgtrust commands, which allow you to verify
|
||||
digital signature of file prior loading it, and restrict to loading
|
||||
trusted files only.
|
||||
|
||||
endif # BUILD_IPXE
|
||||
|
||||
endmenu
|
||||
|
||||
endif # PXE
|
||||
|
3
payloads/external/iPXE/Makefile
vendored
3
payloads/external/iPXE/Makefile
vendored
@@ -52,6 +52,9 @@ endif
|
||||
ifeq ($(CONFIG_IPXE_HAS_HTTPS),y)
|
||||
sed -i'' 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h"
|
||||
endif
|
||||
ifeq ($(CONFIG_PXE_TRUST_CMD),y)
|
||||
sed -i'' 's|.*IMAGE_TRUST_CMD|#define IMAGE_TRUST_CMD|g' "$(project_dir)/src/config/general.h"
|
||||
endif
|
||||
|
||||
build: config $(CONFIG_SCRIPT)
|
||||
ifeq ($(CONFIG_HAS_SCRIPT),y)
|
||||
|
Reference in New Issue
Block a user