| Message ID | 20211215071632.11038-1-yongxin.liu@windriver.com |
|---|---|
| State | New |
| Headers | show |
| Series | meta/recipes-bsp: Add recipe for Slim Bootloader | expand |
On 15.12.21 08:16, Yongxin Liu wrote: > Slim Bootloader is an open-source boot firmware running on Intel x86 > architecture. > > Currently it supports qemu, apl(Apollo Lake), cfl(Coffee Lake), > cml(Comet Lake), tgl(Tiger Lake), and ehl(Elkhart Lake). You can set > "SLIMBOOT_TARGET" in .bb file or .bbappend file to specify or add the > target firmware you want, for example: SLIMBOOT_TARGET = "qemu apl". > The default target is qemu. > > Generated firmware and security keys are installed in build directory: > image > `-- usr > `-- libexec > `-- slimboot > |-- Outputs > | |-- qemu > | |-- apl > | `-- cfl > `-- keys > > Boot firmware for qemu can be used by command: > "qemu-system-x86_64 -machine q35 -nographic -serial mon:stdio -pflash SlimBootloader.bin" > > Other boot firmware for real hardware cannot be programmed directly to > flash, please refer to https://slimbootloader.github.io/index.html for > more instructions. > > Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> > --- > ...d-private-key-check-for-PKCS8-format.patch | 28 ++++++++ > .../build-EDK2-BaseTools-with-bitbake.patch | 70 +++++++++++++++++++ > ...limbootloader-BaseTools-with-bitbake.patch | 42 +++++++++++ > meta/recipes-bsp/slimboot/slimboot_git.bb | 57 +++++++++++++++ > 4 files changed, 197 insertions(+) > create mode 100644 meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-format.patch > create mode 100644 meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.patch > create mode 100644 meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with-bitbake.patch > create mode 100644 meta/recipes-bsp/slimboot/slimboot_git.bb > > diff --git a/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-format.patch b/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-format.patch > new file mode 100644 > index 0000000000..a7e9d96dfb > --- /dev/null > +++ b/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-format.patch > @@ -0,0 +1,28 @@ > +From e31e9b34f5ffccaab3788da781e05a0622cf7d45 Mon Sep 17 00:00:00 2001 > +From: Yongxin Liu <yongxin.liu@windriver.com> > +Date: Tue, 7 Dec 2021 16:18:43 +0000 > +Subject: [PATCH] add private key check for PKCS8 format > + > +Upstream-Status: Pending Pending patches are discouraged, please send them upstream > + > +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> > +--- > + BootloaderCorePkg/Tools/SingleSign.py | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/BootloaderCorePkg/Tools/SingleSign.py b/BootloaderCorePkg/Tools/SingleSign.py > +index 2a550bf8..5baacbde 100644 > +--- a/BootloaderCorePkg/Tools/SingleSign.py > ++++ b/BootloaderCorePkg/Tools/SingleSign.py > +@@ -259,7 +259,7 @@ def single_sign_gen_pub_key (in_key, pub_key_file = None): > + cmdline = [get_openssl_path(), 'rsa', '-pubout', '-text', '-noout', '-in', '%s' % in_key] > + # Check if it is public key or private key > + text = open(in_key, 'r').read() > +- if '-BEGIN RSA PRIVATE KEY-' in text: > ++ if '-BEGIN RSA PRIVATE KEY-' in text or '-BEGIN PRIVATE KEY-' in text: > + is_prv_key = True > + elif '-BEGIN PUBLIC KEY-' in text: > + cmdline.extend (['-pubin']) > +-- > +2.33.0 > + > diff --git a/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.patch b/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.patch > new file mode 100644 > index 0000000000..3b9db74491 > --- /dev/null > +++ b/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.patch > @@ -0,0 +1,70 @@ > +From ce5ed81d9dd9c37e494560edb8f0fbae83713416 Mon Sep 17 00:00:00 2001 > +From: Yongxin Liu <yongxin.liu@windriver.com> > +Date: Wed, 15 Dec 2021 02:19:42 +0000 > +Subject: [PATCH] build EDK2/BaseTools with bitbake > + > +EDK2 basetools are needed by QEMU FSP. Due to CRLF line terminators > +in target file, the patch has to be set to binary format. > + > +Upstream-Status: Inappropriate [oe-core specific] Why is this oe-specific, I'm missing a proper explanation in the commit message > + > +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> > +--- > + .gitattributes | 1 + > + .../Tools/PrepareBuildComponentBin.py | 6 ++++++ > + .../build-edk2-BaseTools-with-bitbake.patch | Bin 0 -> 1375 bytes > + 3 files changed, 7 insertions(+) > + create mode 100644 Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.patch > + > +diff --git a/.gitattributes b/.gitattributes > +index e372c4d9..d31d5dbb 100644 > +--- a/.gitattributes > ++++ b/.gitattributes > +@@ -17,3 +17,4 @@ > + # since the files that are being patched have a mixture of line > + # endings. This means it must be treated as binary. > + Silicon/QemuSocPkg/FspBin/Patches/0001-Build-QEMU-FSP-2.0-binaries.patch binary > ++Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.patch binary > +diff --git a/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py b/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py > +index 50f24736..2cd2f5d5 100644 > +--- a/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py > ++++ b/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py > +@@ -188,6 +188,12 @@ def BuildFspBins (fsp_dir, sbl_dir, fsp_inf, silicon_pkg_name, flag): > + ret = subprocess.call(cmd.split(' '), cwd=fsp_dir) > + if ret: > + Fatal ('Failed to apply QEMU FSP patch !') > ++ > ++ cmd = 'git am --keep-cr --whitespace=nowarn %s/build-edk2-BaseTools-with-bitbake.patch' % patch_dir > ++ ret = subprocess.call(cmd.split(' '), cwd=fsp_dir) > ++ if ret: > ++ Fatal ('Failed to apply QEMU FSP patch for EDK2 BaseTools !') > ++ > + print ('Done\n') > + > + print ('Compiling QEMU FSP source ...') > +diff --git a/Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.patch b/Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.patch > +new file mode 100644 > +index 0000000000000000000000000000000000000000..3dbdb14bf5332af1c15e4bf146abf67d4db3768a > +GIT binary patch > +literal 1375 > +zcmb7EYj4^>5d3};|6!%%1IU~on8bjZD%2zmDk&%sHC0t1n_H7>j4wUgNs#*EyS8~K > +zsFf0A8SUKO+{|dtms+i$9dvEy#1oMd2y{F|+wGoqI_NsViQNfZ&km!mYYVtm2~6=3 > +z91m=}S3c0PZHHYFO%J}SWceZ!7|9$ytgFI|Wq$rF6QSi3YIC7hAK4(tuvd^Z!Es@L > +z3nFPb;5fau-6O=X>Bpvd_zM?V4}MJgGym!*gt?3bpm=D(ry#|dQgI5;GP{RRW?}Gv > +zjQRILvcyei6bH)`G6i{xAd^L$3xpsM5X(>pdJRHqIzVZODI?ib$VcSqI@L;LJP9(A > +zY%(^L%LD~iQN+Xb+g)<b*<PqMRk>cE<y+UJG?Fo<);&_*+FWe__yeb47)H6#fuaW% > +zr6JJ-mmH+1GpUlaZZrx&V2oAG8;l7VMZoz|W)N7reBN?w_^x(JO5h9FBJx_D$ZdJ1 > +zxe!q|bX?I9;Mn$QyUobLJ5?|;4)0WQeh%C_X?kFkZz_-LsI}4*yMU|lbT;qb_*V@E > +zm{2@52J{TS`lH*y1)NdyY&;&#H$VgUkf7`Smy4V6cy?G?!)kymU#(Vj4PH0zR{w_& > +z6OpHxUQaU`z(9+`zKYc<VACw$q@@tQlUHN>)9r9HnER8-<*5I8S~}Q@uQB6b)hG<^ > +zmkaAh@PKrCFYabH{rPw@t7zgN&1kXOzC+J|k6Xm>y17wfMd*(0G&^8ae+0+~e?$Ga > +z?%&<fWXAE+iZZVVM;ooX6R2k^pMOgf7x+jQkG=?kYh21SLk;CZp3uE5z%-8wff%Q_ > +z3t>;YP33_0VD~1S?KUzt8k91~(Kfj)110xw0h=M(y4??06NY`aMO1J^3OTTr>AI%P > +F*k8r-nZ5u3 > + > +literal 0 > +HcmV?d00001 > + > +-- > +2.33.0 > + > diff --git a/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with-bitbake.patch b/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with-bitbake.patch > new file mode 100644 > index 0000000000..5a3a249de0 > --- /dev/null > +++ b/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with-bitbake.patch > @@ -0,0 +1,42 @@ > +From 080d952b27cc6450bca340c37c9bc1cc4ec6787c Mon Sep 17 00:00:00 2001 > +From: Yongxin Liu <yongxin.liu@windriver.com> > +Date: Wed, 15 Dec 2021 01:24:11 +0000 > +Subject: [PATCH] build slimbootloader/BaseTools with bitbake > + > +Change build flags to use include and library directories > +in recipe-sysroot-native. > + > +Upstream-Status: Inappropriate [oe-core specific] Same here - I don't see a reason why this can't be proposed to upstream > + > +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> > +--- > + BaseTools/Source/C/Makefiles/header.makefile | 6 +++--- > + 1 file changed, 3 insertions(+), 3 deletions(-) > + > +diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile > +index 45c93595..449e5bd1 100755 > +--- a/BaseTools/Source/C/Makefiles/header.makefile > ++++ b/BaseTools/Source/C/Makefiles/header.makefile > +@@ -75,7 +75,7 @@ $(error Bad HOST_ARCH) > + endif > + > + INCLUDE = $(TOOL_INCLUDE) -I $(MAKEROOT) -I $(MAKEROOT)/Include/Common -I $(MAKEROOT)/Include/ -I $(MAKEROOT)/Include/IndustryStandard -I $(MAKEROOT)/Common/ -I .. -I . $(ARCH_INCLUDE) > +-BUILD_CPPFLAGS = $(INCLUDE) > ++BUILD_CPPFLAGS += $(INCLUDE) > + > + # keep EXTRA_OPTFLAGS last > + BUILD_OPTFLAGS = -O2 $(EXTRA_OPTFLAGS) > +@@ -101,8 +101,8 @@ ifeq ($(CXX), llvm) > + BUILD_LFLAGS = > + BUILD_CXXFLAGS = -Wno-deprecated-register -Wno-unused-result > + else > +-BUILD_LFLAGS = > +-BUILD_CXXFLAGS = -Wno-unused-result > ++BUILD_LFLAGS = $(LDFLAGS) > ++BUILD_CXXFLAGS += -Wno-unused-result > + endif > + ifeq ($(HOST_ARCH), IA32) > + # > +-- > +2.33.0 > + > diff --git a/meta/recipes-bsp/slimboot/slimboot_git.bb b/meta/recipes-bsp/slimboot/slimboot_git.bb > new file mode 100644 > index 0000000000..2bfdef6a5f > --- /dev/null > +++ b/meta/recipes-bsp/slimboot/slimboot_git.bb > @@ -0,0 +1,57 @@ > +SUMMARY = "Slim Bootloader" > +DESCRIPTION = "Slim Bootloader is an open-source boot firmware, built from the \ > +ground up to be small, secure and optimized running on Intel x86 architecture." > +HOMEPAGE = "https://slimbootloader.github.io/" > + > +LICENSE = "BSD-2-Clause-Patent" > + > +SRC_URI = "git://github.com/slimbootloader/slimbootloader;protocol=https;branch=master\ before the trailing \ a whitespace seems to be missing > + file://build-slimbootloader-BaseTools-with-bitbake.patch \ > + file://add-private-key-check-for-PKCS8-format.patch \ > + file://build-EDK2-BaseTools-with-bitbake.patch;apply=0 \ > + " > +SRCREV = "d0fac9b4423431babff4e790293aad430715187c" > +LIC_FILES_CHKSUM = "file://LICENSE;md5=ef7fba7be2819ac13aaf5d0f842ce5d9" https://github.com/slimbootloader/slimbootloader/tree/master/Licenses lists a lot more licenses, please also add them here if they are appropriate - which also may influence the overall LICENSE setting > +PV = "0.0.0+git${SRCPV}" > + > +inherit python3native > +BBCLASSEXTEND = "native" > +DEPENDS = "openssl-native nasm-native acpica-native util-linux-native" > +S = "${WORKDIR}/git" > + > +do_configure[noexec] = "1" > + > +SLIMBOOT_TARGET ?= "qemu" > +SLIMBOOT_KEY_DIR ?= "keys" > + > +do_binary_patch() { > + cd "${S}" > + git am ${WORKDIR}/build-EDK2-BaseTools-with-bitbake.patch > +} > + > +addtask do_binary_patch after do_patch before do_compile > + > +do_compile() { > + ln -sf ${STAGING_BINDIR_NATIVE}/python3-native/python3 ${STAGING_BINDIR_NATIVE}/python > + > + cd ${S} > + rm -rf ${SLIMBOOT_KEY_DIR}; mkdir -p ${SLIMBOOT_KEY_DIR} > + export SBL_KEY_DIR=${S}/${SLIMBOOT_KEY_DIR} > + python BootloaderCorePkg/Tools/GenerateKeys.py -k ${SBL_KEY_DIR} > + > + export EXTRA_LDFLAGS="-L${STAGING_LIBDIR_NATIVE}" > + > + for target in ${SLIMBOOT_TARGET}; do > + python BuildLoader.py build ${target} > + done > +} > + > +do_install() { > + for target in ${SLIMBOOT_TARGET}; do > + install -m 755 -d ${D}${libexecdir}/slimboot/Outputs/${target} > + install -m 755 ${S}/Outputs/${target}/* ${D}${libexecdir}/slimboot/Outputs/${target} > + done > + > + install -m 755 -d ${D}${libexecdir}/slimboot/${SLIMBOOT_KEY_DIR} > + install -m 755 ${S}/${SLIMBOOT_KEY_DIR}/* ${D}${libexecdir}/slimboot/${SLIMBOOT_KEY_DIR} 755 for keys sounds a bit too permissive for me > +} > > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#159713): https://lists.openembedded.org/g/openembedded-core/message/159713 > Mute This Topic: https://lists.openembedded.org/mt/87739826/3647476 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [kweihmann@outlook.com] > -=-=-=-=-=-=-=-=-=-=-=- >
> -----Original Message----- > From: Konrad Weihmann <kweihmann@outlook.com> > Sent: Wednesday, December 15, 2021 15:35 > To: Liu, Yongxin <Yongxin.Liu@windriver.com>; openembedded- > core@lists.openembedded.org; richard.purdie@linuxfoundation.org > Subject: Re: [OE-core][PATCH] meta/recipes-bsp: Add recipe for Slim > Bootloader > > On 15.12.21 08:16, Yongxin Liu wrote: > > Slim Bootloader is an open-source boot firmware running on Intel x86 > > architecture. > > > > Currently it supports qemu, apl(Apollo Lake), cfl(Coffee Lake), > > cml(Comet Lake), tgl(Tiger Lake), and ehl(Elkhart Lake). You can set > > "SLIMBOOT_TARGET" in .bb file or .bbappend file to specify or add the > > target firmware you want, for example: SLIMBOOT_TARGET = "qemu apl". > > The default target is qemu. > > > > Generated firmware and security keys are installed in build directory: > > image > > `-- usr > > `-- libexec > > `-- slimboot > > |-- Outputs > > | |-- qemu > > | |-- apl > > | `-- cfl > > `-- keys > > > > Boot firmware for qemu can be used by command: > > "qemu-system-x86_64 -machine q35 -nographic -serial mon:stdio -pflash > SlimBootloader.bin" > > > > Other boot firmware for real hardware cannot be programmed directly to > > flash, please refer to https://slimbootloader.github.io/index.html for > > more instructions. > > > > Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> > > --- > > ...d-private-key-check-for-PKCS8-format.patch | 28 ++++++++ > > .../build-EDK2-BaseTools-with-bitbake.patch | 70 +++++++++++++++++++ > > ...limbootloader-BaseTools-with-bitbake.patch | 42 +++++++++++ > > meta/recipes-bsp/slimboot/slimboot_git.bb | 57 +++++++++++++++ > > 4 files changed, 197 insertions(+) > > create mode 100644 meta/recipes-bsp/slimboot/files/add-private-key- > check-for-PKCS8-format.patch > > create mode 100644 meta/recipes-bsp/slimboot/files/build-EDK2- > BaseTools-with-bitbake.patch > > create mode 100644 meta/recipes-bsp/slimboot/files/build- > slimbootloader-BaseTools-with-bitbake.patch > > create mode 100644 meta/recipes-bsp/slimboot/slimboot_git.bb > > > > diff --git > > a/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-form > > at.patch > > b/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-form > > at.patch > > new file mode 100644 > > index 0000000000..a7e9d96dfb > > --- /dev/null > > +++ b/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8- > > +++ format.patch > > @@ -0,0 +1,28 @@ > > +From e31e9b34f5ffccaab3788da781e05a0622cf7d45 Mon Sep 17 00:00:00 > > +2001 > > +From: Yongxin Liu <yongxin.liu@windriver.com> > > +Date: Tue, 7 Dec 2021 16:18:43 +0000 > > +Subject: [PATCH] add private key check for PKCS8 format > > + > > +Upstream-Status: Pending > > Pending patches are discouraged, please send them upstream Will do. > > > + > > +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> > > +--- > > + BootloaderCorePkg/Tools/SingleSign.py | 2 +- > > + 1 file changed, 1 insertion(+), 1 deletion(-) > > + > > +diff --git a/BootloaderCorePkg/Tools/SingleSign.py > > +b/BootloaderCorePkg/Tools/SingleSign.py > > +index 2a550bf8..5baacbde 100644 > > +--- a/BootloaderCorePkg/Tools/SingleSign.py > > ++++ b/BootloaderCorePkg/Tools/SingleSign.py > > +@@ -259,7 +259,7 @@ def single_sign_gen_pub_key (in_key, pub_key_file = > None): > > + cmdline = [get_openssl_path(), 'rsa', '-pubout', '-text', '-noout', > '-in', '%s' % in_key] > > + # Check if it is public key or private key > > + text = open(in_key, 'r').read() > > +- if '-BEGIN RSA PRIVATE KEY-' in text: > > ++ if '-BEGIN RSA PRIVATE KEY-' in text or '-BEGIN PRIVATE KEY-' in > text: > > + is_prv_key = True > > + elif '-BEGIN PUBLIC KEY-' in text: > > + cmdline.extend (['-pubin']) > > +-- > > +2.33.0 > > + > > diff --git > > a/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.pa > > tch > > b/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.pa > > tch > > new file mode 100644 > > index 0000000000..3b9db74491 > > --- /dev/null > > +++ b/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbak > > +++ e.patch > > @@ -0,0 +1,70 @@ > > +From ce5ed81d9dd9c37e494560edb8f0fbae83713416 Mon Sep 17 00:00:00 > > +2001 > > +From: Yongxin Liu <yongxin.liu@windriver.com> > > +Date: Wed, 15 Dec 2021 02:19:42 +0000 > > +Subject: [PATCH] build EDK2/BaseTools with bitbake > > + > > +EDK2 basetools are needed by QEMU FSP. Due to CRLF line terminators > > +in target file, the patch has to be set to binary format. > > + > > +Upstream-Status: Inappropriate [oe-core specific] > > Why is this oe-specific, I'm missing a proper explanation in the commit > message This patch is used for using bitbake only to use proper include and library directories in recipe-sysroot-native. It is not needed if building on host directly. > > + > > +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> > > +--- > > + .gitattributes | 1 + > > + .../Tools/PrepareBuildComponentBin.py | 6 ++++++ > > + .../build-edk2-BaseTools-with-bitbake.patch | Bin 0 -> 1375 bytes > > + 3 files changed, 7 insertions(+) > > + create mode 100644 > > +Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.p > > +atch > > + > > +diff --git a/.gitattributes b/.gitattributes index e372c4d9..d31d5dbb > > +100644 > > +--- a/.gitattributes > > ++++ b/.gitattributes > > +@@ -17,3 +17,4 @@ > > + # since the files that are being patched have a mixture of line # > > +endings. This means it must be treated as binary. > > + > > +Silicon/QemuSocPkg/FspBin/Patches/0001-Build-QEMU-FSP-2.0-binaries.pa > > +tch binary > > ++Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake. > > ++patch binary > > +diff --git a/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py > > +b/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py > > +index 50f24736..2cd2f5d5 100644 > > +--- a/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py > > ++++ b/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py > > +@@ -188,6 +188,12 @@ def BuildFspBins (fsp_dir, sbl_dir, fsp_inf, > silicon_pkg_name, flag): > > + ret = subprocess.call(cmd.split(' '), cwd=fsp_dir) > > + if ret: > > + Fatal ('Failed to apply QEMU FSP patch !') > > ++ > > ++ cmd = 'git am --keep-cr --whitespace=nowarn %s/build-edk2- > BaseTools-with-bitbake.patch' % patch_dir > > ++ ret = subprocess.call(cmd.split(' '), cwd=fsp_dir) > > ++ if ret: > > ++ Fatal ('Failed to apply QEMU FSP patch for EDK2 BaseTools > > ++ !') > > ++ > > + print ('Done\n') > > + > > + print ('Compiling QEMU FSP source ...') diff --git > > +a/Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake > > +.patch > > +b/Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake > > +.patch > > +new file mode 100644 > > +index > > +0000000000000000000000000000000000000000..3dbdb14bf5332af1c15e4bf146a > > +bf67d4db3768a > > +GIT binary patch > > +literal 1375 > > +zcmb7EYj4^>5d3};|6!%%1IU~on8bjZD%2zmDk&%sHC0t1n_H7>j4wUgNs#*EyS8~K > > +zsFf0A8SUKO+{|dtms+i$9dvEy#1oMd2y{F|+wGoqI_NsViQNfZ&km!mYYVtm2~6=3 > > +z91m=}S3c0PZHHYFO%J}SWceZ!7|9$ytgFI|Wq$rF6QSi3YIC7hAK4(tuvd^Z!Es@L > > +z3nFPb;5fau-6O=X>Bpvd_zM?V4}MJgGym!*gt?3bpm=D(ry#|dQgI5;GP{RRW?}Gv > > +zjQRILvcyei6bH)`G6i{xAd^L$3xpsM5X(>pdJRHqIzVZODI?ib$VcSqI@L;LJP9(A > > +zY%(^L%LD~iQN+Xb+g)<b*<PqMRk>cE<y+UJG?Fo<);&_*+FWe__yeb47)H6#fuaW% > > +zr6JJ-mmH+1GpUlaZZrx&V2oAG8;l7VMZoz|W)N7reBN?w_^x(JO5h9FBJx_D$ZdJ1 > > +zxe!q|bX?I9;Mn$QyUobLJ5?|;4)0WQeh%C_X?kFkZz_-LsI}4*yMU|lbT;qb_*V@E > > +zm{2@52J{TS`lH*y1)NdyY&;&#H$VgUkf7`Smy4V6cy?G?!)kymU#(Vj4PH0zR{w_& > > +z6OpHxUQaU`z(9+`zKYc<VACw$q@@tQlUHN>)9r9HnER8-<*5I8S~}Q@uQB6b)hG<^ > > +zmkaAh@PKrCFYabH{rPw@t7zgN&1kXOzC+J|k6Xm>y17wfMd*(0G&^8ae+0+~e?$Ga > > +z?%&<fWXAE+iZZVVM;ooX6R2k^pMOgf7x+jQkG=?kYh21SLk;CZp3uE5z%-8wff%Q_ > > +z3t>;YP33_0VD~1S?KUzt8k91~(Kfj)110xw0h=M(y4??06NY`aMO1J^3OTTr>AI%P > > +F*k8r-nZ5u3 > > + > > +literal 0 > > +HcmV?d00001 > > + > > +-- > > +2.33.0 > > + > > diff --git > > a/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with- > > bitbake.patch > > b/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with- > > bitbake.patch > > new file mode 100644 > > index 0000000000..5a3a249de0 > > --- /dev/null > > +++ b/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-w > > +++ ith-bitbake.patch > > @@ -0,0 +1,42 @@ > > +From 080d952b27cc6450bca340c37c9bc1cc4ec6787c Mon Sep 17 00:00:00 > > +2001 > > +From: Yongxin Liu <yongxin.liu@windriver.com> > > +Date: Wed, 15 Dec 2021 01:24:11 +0000 > > +Subject: [PATCH] build slimbootloader/BaseTools with bitbake > > + > > +Change build flags to use include and library directories in > > +recipe-sysroot-native. > > + > > +Upstream-Status: Inappropriate [oe-core specific] > > Same here - I don't see a reason why this can't be proposed to upstream The same reason as above. > > > + > > +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> > > +--- > > + BaseTools/Source/C/Makefiles/header.makefile | 6 +++--- > > + 1 file changed, 3 insertions(+), 3 deletions(-) > > + > > +diff --git a/BaseTools/Source/C/Makefiles/header.makefile > > +b/BaseTools/Source/C/Makefiles/header.makefile > > +index 45c93595..449e5bd1 100755 > > +--- a/BaseTools/Source/C/Makefiles/header.makefile > > ++++ b/BaseTools/Source/C/Makefiles/header.makefile > > +@@ -75,7 +75,7 @@ $(error Bad HOST_ARCH) endif > > + > > + INCLUDE = $(TOOL_INCLUDE) -I $(MAKEROOT) -I > > +$(MAKEROOT)/Include/Common -I $(MAKEROOT)/Include/ -I > > +$(MAKEROOT)/Include/IndustryStandard -I $(MAKEROOT)/Common/ -I .. -I > > +. $(ARCH_INCLUDE) -BUILD_CPPFLAGS = $(INCLUDE) > > ++BUILD_CPPFLAGS += $(INCLUDE) > > + > > + # keep EXTRA_OPTFLAGS last > > + BUILD_OPTFLAGS = -O2 $(EXTRA_OPTFLAGS) @@ -101,8 +101,8 @@ ifeq > > +($(CXX), llvm) BUILD_LFLAGS = BUILD_CXXFLAGS = > > +-Wno-deprecated-register -Wno-unused-result else -BUILD_LFLAGS = > > +-BUILD_CXXFLAGS = -Wno-unused-result > > ++BUILD_LFLAGS = $(LDFLAGS) > > ++BUILD_CXXFLAGS += -Wno-unused-result > > + endif > > + ifeq ($(HOST_ARCH), IA32) > > + # > > +-- > > +2.33.0 > > + > > diff --git a/meta/recipes-bsp/slimboot/slimboot_git.bb > > b/meta/recipes-bsp/slimboot/slimboot_git.bb > > new file mode 100644 > > index 0000000000..2bfdef6a5f > > --- /dev/null > > +++ b/meta/recipes-bsp/slimboot/slimboot_git.bb > > @@ -0,0 +1,57 @@ > > +SUMMARY = "Slim Bootloader" > > +DESCRIPTION = "Slim Bootloader is an open-source boot firmware, built > > +from the \ ground up to be small, secure and optimized running on Intel > x86 architecture." > > +HOMEPAGE = "https://slimbootloader.github.io/" > > + > > +LICENSE = "BSD-2-Clause-Patent" > > + > > +SRC_URI = > > +"git://github.com/slimbootloader/slimbootloader;protocol=https;branch > > +=master\ > before the trailing \ a whitespace seems to be missing > > + file://build-slimbootloader-BaseTools-with-bitbake.patch \ > > + file://add-private-key-check-for-PKCS8-format.patch \ > > + file://build-EDK2-BaseTools-with-bitbake.patch;apply=0 \ > > + " > > +SRCREV = "d0fac9b4423431babff4e790293aad430715187c" > > +LIC_FILES_CHKSUM = > "file://LICENSE;md5=ef7fba7be2819ac13aaf5d0f842ce5d9" > > https://github.com/slimbootloader/slimbootloader/tree/master/Licenses > lists a lot more licenses, please also add them here if they are > appropriate - which also may influence the overall LICENSE setting Will double check. > > > +PV = "0.0.0+git${SRCPV}" > > + > > +inherit python3native > > +BBCLASSEXTEND = "native" > > +DEPENDS = "openssl-native nasm-native acpica-native util-linux-native" > > +S = "${WORKDIR}/git" > > + > > +do_configure[noexec] = "1" > > + > > +SLIMBOOT_TARGET ?= "qemu" > > +SLIMBOOT_KEY_DIR ?= "keys" > > + > > +do_binary_patch() { > > + cd "${S}" > > + git am ${WORKDIR}/build-EDK2-BaseTools-with-bitbake.patch > > +} > > + > > +addtask do_binary_patch after do_patch before do_compile > > + > > +do_compile() { > > + ln -sf ${STAGING_BINDIR_NATIVE}/python3-native/python3 > > +${STAGING_BINDIR_NATIVE}/python > > + > > + cd ${S} > > + rm -rf ${SLIMBOOT_KEY_DIR}; mkdir -p ${SLIMBOOT_KEY_DIR} > > + export SBL_KEY_DIR=${S}/${SLIMBOOT_KEY_DIR} > > + python BootloaderCorePkg/Tools/GenerateKeys.py -k ${SBL_KEY_DIR} > > + > > + export EXTRA_LDFLAGS="-L${STAGING_LIBDIR_NATIVE}" > > + > > + for target in ${SLIMBOOT_TARGET}; do > > + python BuildLoader.py build ${target} > > + done > > +} > > + > > +do_install() { > > + for target in ${SLIMBOOT_TARGET}; do > > + install -m 755 -d ${D}${libexecdir}/slimboot/Outputs/${target} > > + install -m 755 ${S}/Outputs/${target}/* > ${D}${libexecdir}/slimboot/Outputs/${target} > > + done > > + > > + install -m 755 -d ${D}${libexecdir}/slimboot/${SLIMBOOT_KEY_DIR} > > + install -m 755 ${S}/${SLIMBOOT_KEY_DIR}/* > > + ${D}${libexecdir}/slimboot/${SLIMBOOT_KEY_DIR} > > 755 for keys sounds a bit too permissive for me I will change it. Thanks, Yongxin > > > +} > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#159713): > > https://lists.openembedded.org/g/openembedded-core/message/159713 > > Mute This Topic: https://lists.openembedded.org/mt/87739826/3647476 > > Group Owner: openembedded-core+owner@lists.openembedded.org > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub > > [kweihmann@outlook.com] > > -=-=-=-=-=-=-=-=-=-=-=- > >
On Wed, 15 Dec 2021 at 08:53, Yongxin Liu <yongxin.liu@windriver.com> wrote: > > Why is this oe-specific, I'm missing a proper explanation in the commit > > message > > This patch is used for using bitbake only to use proper include and library > directories in recipe-sysroot-native. It is not needed if building on host > directly. > This in itself does not make the patch unsuitable for merging upstream. Components should not be overriding settings passed externally, and the patch is fixing that. At the very least this should be discussed with upstream, so that we have a link to the reason why they wouldn't want it. Same for the other patch. Also, as this item is x86-specific, shouldn't it go to meta-intel to begin with? Alex
On Wed, 15 Dec 2021 at 08:15, Alexander Kanavin <alex.kanavin@gmail.com> wrote:
> Also, as this item is x86-specific, shouldn't it go to meta-intel to begin with?
My immediate thought was that meta-intel would be a better place for
yet another boot loader, especially one that only targets modern
chips.
Ross
> -----Original Message----- > From: Ross Burton <ross@burtonini.com> > Sent: Wednesday, December 15, 2021 18:47 > To: Alexander Kanavin <alex.kanavin@gmail.com> > Cc: Liu, Yongxin <Yongxin.Liu@windriver.com>; Konrad Weihmann > <kweihmann@outlook.com>; openembedded-core@lists.openembedded.org; > richard.purdie@linuxfoundation.org > Subject: Re: [OE-core][PATCH] meta/recipes-bsp: Add recipe for Slim > Bootloader > > [Please note: This e-mail is from an EXTERNAL e-mail address] > > On Wed, 15 Dec 2021 at 08:15, Alexander Kanavin <alex.kanavin@gmail.com> > wrote: > > Also, as this item is x86-specific, shouldn't it go to meta-intel to begin > with? > > My immediate thought was that meta-intel would be a better place for yet > another boot loader, especially one that only targets modern chips. Agree. I will submit it to meta-intel. Thanks for the comments. Thanks, Yongxin > > Ross
diff --git a/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-format.patch b/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-format.patch new file mode 100644 index 0000000000..a7e9d96dfb --- /dev/null +++ b/meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-format.patch @@ -0,0 +1,28 @@ +From e31e9b34f5ffccaab3788da781e05a0622cf7d45 Mon Sep 17 00:00:00 2001 +From: Yongxin Liu <yongxin.liu@windriver.com> +Date: Tue, 7 Dec 2021 16:18:43 +0000 +Subject: [PATCH] add private key check for PKCS8 format + +Upstream-Status: Pending + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + BootloaderCorePkg/Tools/SingleSign.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/BootloaderCorePkg/Tools/SingleSign.py b/BootloaderCorePkg/Tools/SingleSign.py +index 2a550bf8..5baacbde 100644 +--- a/BootloaderCorePkg/Tools/SingleSign.py ++++ b/BootloaderCorePkg/Tools/SingleSign.py +@@ -259,7 +259,7 @@ def single_sign_gen_pub_key (in_key, pub_key_file = None): + cmdline = [get_openssl_path(), 'rsa', '-pubout', '-text', '-noout', '-in', '%s' % in_key] + # Check if it is public key or private key + text = open(in_key, 'r').read() +- if '-BEGIN RSA PRIVATE KEY-' in text: ++ if '-BEGIN RSA PRIVATE KEY-' in text or '-BEGIN PRIVATE KEY-' in text: + is_prv_key = True + elif '-BEGIN PUBLIC KEY-' in text: + cmdline.extend (['-pubin']) +-- +2.33.0 + diff --git a/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.patch b/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.patch new file mode 100644 index 0000000000..3b9db74491 --- /dev/null +++ b/meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.patch @@ -0,0 +1,70 @@ +From ce5ed81d9dd9c37e494560edb8f0fbae83713416 Mon Sep 17 00:00:00 2001 +From: Yongxin Liu <yongxin.liu@windriver.com> +Date: Wed, 15 Dec 2021 02:19:42 +0000 +Subject: [PATCH] build EDK2/BaseTools with bitbake + +EDK2 basetools are needed by QEMU FSP. Due to CRLF line terminators +in target file, the patch has to be set to binary format. + +Upstream-Status: Inappropriate [oe-core specific] + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + .gitattributes | 1 + + .../Tools/PrepareBuildComponentBin.py | 6 ++++++ + .../build-edk2-BaseTools-with-bitbake.patch | Bin 0 -> 1375 bytes + 3 files changed, 7 insertions(+) + create mode 100644 Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.patch + +diff --git a/.gitattributes b/.gitattributes +index e372c4d9..d31d5dbb 100644 +--- a/.gitattributes ++++ b/.gitattributes +@@ -17,3 +17,4 @@ + # since the files that are being patched have a mixture of line + # endings. This means it must be treated as binary. + Silicon/QemuSocPkg/FspBin/Patches/0001-Build-QEMU-FSP-2.0-binaries.patch binary ++Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.patch binary +diff --git a/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py b/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py +index 50f24736..2cd2f5d5 100644 +--- a/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py ++++ b/BootloaderCorePkg/Tools/PrepareBuildComponentBin.py +@@ -188,6 +188,12 @@ def BuildFspBins (fsp_dir, sbl_dir, fsp_inf, silicon_pkg_name, flag): + ret = subprocess.call(cmd.split(' '), cwd=fsp_dir) + if ret: + Fatal ('Failed to apply QEMU FSP patch !') ++ ++ cmd = 'git am --keep-cr --whitespace=nowarn %s/build-edk2-BaseTools-with-bitbake.patch' % patch_dir ++ ret = subprocess.call(cmd.split(' '), cwd=fsp_dir) ++ if ret: ++ Fatal ('Failed to apply QEMU FSP patch for EDK2 BaseTools !') ++ + print ('Done\n') + + print ('Compiling QEMU FSP source ...') +diff --git a/Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.patch b/Silicon/QemuSocPkg/FspBin/Patches/build-edk2-BaseTools-with-bitbake.patch +new file mode 100644 +index 0000000000000000000000000000000000000000..3dbdb14bf5332af1c15e4bf146abf67d4db3768a +GIT binary patch +literal 1375 +zcmb7EYj4^>5d3};|6!%%1IU~on8bjZD%2zmDk&%sHC0t1n_H7>j4wUgNs#*EyS8~K +zsFf0A8SUKO+{|dtms+i$9dvEy#1oMd2y{F|+wGoqI_NsViQNfZ&km!mYYVtm2~6=3 +z91m=}S3c0PZHHYFO%J}SWceZ!7|9$ytgFI|Wq$rF6QSi3YIC7hAK4(tuvd^Z!Es@L +z3nFPb;5fau-6O=X>Bpvd_zM?V4}MJgGym!*gt?3bpm=D(ry#|dQgI5;GP{RRW?}Gv +zjQRILvcyei6bH)`G6i{xAd^L$3xpsM5X(>pdJRHqIzVZODI?ib$VcSqI@L;LJP9(A +zY%(^L%LD~iQN+Xb+g)<b*<PqMRk>cE<y+UJG?Fo<);&_*+FWe__yeb47)H6#fuaW% +zr6JJ-mmH+1GpUlaZZrx&V2oAG8;l7VMZoz|W)N7reBN?w_^x(JO5h9FBJx_D$ZdJ1 +zxe!q|bX?I9;Mn$QyUobLJ5?|;4)0WQeh%C_X?kFkZz_-LsI}4*yMU|lbT;qb_*V@E +zm{2@52J{TS`lH*y1)NdyY&;&#H$VgUkf7`Smy4V6cy?G?!)kymU#(Vj4PH0zR{w_& +z6OpHxUQaU`z(9+`zKYc<VACw$q@@tQlUHN>)9r9HnER8-<*5I8S~}Q@uQB6b)hG<^ +zmkaAh@PKrCFYabH{rPw@t7zgN&1kXOzC+J|k6Xm>y17wfMd*(0G&^8ae+0+~e?$Ga +z?%&<fWXAE+iZZVVM;ooX6R2k^pMOgf7x+jQkG=?kYh21SLk;CZp3uE5z%-8wff%Q_ +z3t>;YP33_0VD~1S?KUzt8k91~(Kfj)110xw0h=M(y4??06NY`aMO1J^3OTTr>AI%P +F*k8r-nZ5u3 + +literal 0 +HcmV?d00001 + +-- +2.33.0 + diff --git a/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with-bitbake.patch b/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with-bitbake.patch new file mode 100644 index 0000000000..5a3a249de0 --- /dev/null +++ b/meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with-bitbake.patch @@ -0,0 +1,42 @@ +From 080d952b27cc6450bca340c37c9bc1cc4ec6787c Mon Sep 17 00:00:00 2001 +From: Yongxin Liu <yongxin.liu@windriver.com> +Date: Wed, 15 Dec 2021 01:24:11 +0000 +Subject: [PATCH] build slimbootloader/BaseTools with bitbake + +Change build flags to use include and library directories +in recipe-sysroot-native. + +Upstream-Status: Inappropriate [oe-core specific] + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + BaseTools/Source/C/Makefiles/header.makefile | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile +index 45c93595..449e5bd1 100755 +--- a/BaseTools/Source/C/Makefiles/header.makefile ++++ b/BaseTools/Source/C/Makefiles/header.makefile +@@ -75,7 +75,7 @@ $(error Bad HOST_ARCH) + endif + + INCLUDE = $(TOOL_INCLUDE) -I $(MAKEROOT) -I $(MAKEROOT)/Include/Common -I $(MAKEROOT)/Include/ -I $(MAKEROOT)/Include/IndustryStandard -I $(MAKEROOT)/Common/ -I .. -I . $(ARCH_INCLUDE) +-BUILD_CPPFLAGS = $(INCLUDE) ++BUILD_CPPFLAGS += $(INCLUDE) + + # keep EXTRA_OPTFLAGS last + BUILD_OPTFLAGS = -O2 $(EXTRA_OPTFLAGS) +@@ -101,8 +101,8 @@ ifeq ($(CXX), llvm) + BUILD_LFLAGS = + BUILD_CXXFLAGS = -Wno-deprecated-register -Wno-unused-result + else +-BUILD_LFLAGS = +-BUILD_CXXFLAGS = -Wno-unused-result ++BUILD_LFLAGS = $(LDFLAGS) ++BUILD_CXXFLAGS += -Wno-unused-result + endif + ifeq ($(HOST_ARCH), IA32) + # +-- +2.33.0 + diff --git a/meta/recipes-bsp/slimboot/slimboot_git.bb b/meta/recipes-bsp/slimboot/slimboot_git.bb new file mode 100644 index 0000000000..2bfdef6a5f --- /dev/null +++ b/meta/recipes-bsp/slimboot/slimboot_git.bb @@ -0,0 +1,57 @@ +SUMMARY = "Slim Bootloader" +DESCRIPTION = "Slim Bootloader is an open-source boot firmware, built from the \ +ground up to be small, secure and optimized running on Intel x86 architecture." +HOMEPAGE = "https://slimbootloader.github.io/" + +LICENSE = "BSD-2-Clause-Patent" + +SRC_URI = "git://github.com/slimbootloader/slimbootloader;protocol=https;branch=master\ + file://build-slimbootloader-BaseTools-with-bitbake.patch \ + file://add-private-key-check-for-PKCS8-format.patch \ + file://build-EDK2-BaseTools-with-bitbake.patch;apply=0 \ + " +SRCREV = "d0fac9b4423431babff4e790293aad430715187c" +LIC_FILES_CHKSUM = "file://LICENSE;md5=ef7fba7be2819ac13aaf5d0f842ce5d9" +PV = "0.0.0+git${SRCPV}" + +inherit python3native +BBCLASSEXTEND = "native" +DEPENDS = "openssl-native nasm-native acpica-native util-linux-native" +S = "${WORKDIR}/git" + +do_configure[noexec] = "1" + +SLIMBOOT_TARGET ?= "qemu" +SLIMBOOT_KEY_DIR ?= "keys" + +do_binary_patch() { + cd "${S}" + git am ${WORKDIR}/build-EDK2-BaseTools-with-bitbake.patch +} + +addtask do_binary_patch after do_patch before do_compile + +do_compile() { + ln -sf ${STAGING_BINDIR_NATIVE}/python3-native/python3 ${STAGING_BINDIR_NATIVE}/python + + cd ${S} + rm -rf ${SLIMBOOT_KEY_DIR}; mkdir -p ${SLIMBOOT_KEY_DIR} + export SBL_KEY_DIR=${S}/${SLIMBOOT_KEY_DIR} + python BootloaderCorePkg/Tools/GenerateKeys.py -k ${SBL_KEY_DIR} + + export EXTRA_LDFLAGS="-L${STAGING_LIBDIR_NATIVE}" + + for target in ${SLIMBOOT_TARGET}; do + python BuildLoader.py build ${target} + done +} + +do_install() { + for target in ${SLIMBOOT_TARGET}; do + install -m 755 -d ${D}${libexecdir}/slimboot/Outputs/${target} + install -m 755 ${S}/Outputs/${target}/* ${D}${libexecdir}/slimboot/Outputs/${target} + done + + install -m 755 -d ${D}${libexecdir}/slimboot/${SLIMBOOT_KEY_DIR} + install -m 755 ${S}/${SLIMBOOT_KEY_DIR}/* ${D}${libexecdir}/slimboot/${SLIMBOOT_KEY_DIR} +}
Slim Bootloader is an open-source boot firmware running on Intel x86 architecture. Currently it supports qemu, apl(Apollo Lake), cfl(Coffee Lake), cml(Comet Lake), tgl(Tiger Lake), and ehl(Elkhart Lake). You can set "SLIMBOOT_TARGET" in .bb file or .bbappend file to specify or add the target firmware you want, for example: SLIMBOOT_TARGET = "qemu apl". The default target is qemu. Generated firmware and security keys are installed in build directory: image `-- usr `-- libexec `-- slimboot |-- Outputs | |-- qemu | |-- apl | `-- cfl `-- keys Boot firmware for qemu can be used by command: "qemu-system-x86_64 -machine q35 -nographic -serial mon:stdio -pflash SlimBootloader.bin" Other boot firmware for real hardware cannot be programmed directly to flash, please refer to https://slimbootloader.github.io/index.html for more instructions. Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> --- ...d-private-key-check-for-PKCS8-format.patch | 28 ++++++++ .../build-EDK2-BaseTools-with-bitbake.patch | 70 +++++++++++++++++++ ...limbootloader-BaseTools-with-bitbake.patch | 42 +++++++++++ meta/recipes-bsp/slimboot/slimboot_git.bb | 57 +++++++++++++++ 4 files changed, 197 insertions(+) create mode 100644 meta/recipes-bsp/slimboot/files/add-private-key-check-for-PKCS8-format.patch create mode 100644 meta/recipes-bsp/slimboot/files/build-EDK2-BaseTools-with-bitbake.patch create mode 100644 meta/recipes-bsp/slimboot/files/build-slimbootloader-BaseTools-with-bitbake.patch create mode 100644 meta/recipes-bsp/slimboot/slimboot_git.bb