diff --git a/.shim.metadata b/.shim.metadata index bd1dd4b..a99a2be 100644 --- a/.shim.metadata +++ b/.shim.metadata @@ -1,4 +1,3 @@ -9ca9cfa834aedfaf3efe2216bfa1cb7c286ee1c0 SOURCES/fbx64.efi -5eb0ac78eee6aeeaf44a3f11d002b4fe00af6916 SOURCES/mmx64.efi -4312f246b6ba692040383f10358ac9a5927207de SOURCES/shimaa64.efi -783fb77783e9d0c4c400b723dfd0f02f006616ae SOURCES/shimx64.efi +a90efeb1562bde896b930fe40a09d22284cad2fc SOURCES/fbx64.efi +03da6effba89aa015501640bf486973b8b74f47f SOURCES/mmx64.efi +888dfe2b9f8c3eaec7db4ecf282dacd81229b5d0 SOURCES/shimx64.efi diff --git a/SOURCES/BOOTAA64.CSV b/SOURCES/BOOTAA64.CSV deleted file mode 100644 index 2dad06e..0000000 Binary files a/SOURCES/BOOTAA64.CSV and /dev/null differ diff --git a/SOURCES/BOOTX64.CSV b/SOURCES/BOOTX64.CSV index 77b070b..a478bdc 100644 Binary files a/SOURCES/BOOTX64.CSV and b/SOURCES/BOOTX64.CSV differ diff --git a/SOURCES/redhatsecureboot501.cer b/SOURCES/redhatsecureboot501.cer deleted file mode 100644 index dfa7afb..0000000 Binary files a/SOURCES/redhatsecureboot501.cer and /dev/null differ diff --git a/SOURCES/redhatsecurebootca5.cer b/SOURCES/redhatsecurebootca5.cer deleted file mode 100644 index dfb0284..0000000 Binary files a/SOURCES/redhatsecurebootca5.cer and /dev/null differ diff --git a/SOURCES/shim.rpmmacros b/SOURCES/shim.rpmmacros index d1379ff..4642e75 100644 --- a/SOURCES/shim.rpmmacros +++ b/SOURCES/shim.rpmmacros @@ -20,7 +20,7 @@ #%%global mmefiarm %%{expand:%%{SOURCE43} %global shimveraa64 15-6.el9 -%global shimverx64 15.6-1.el9 +%global shimverx64 15.6-1.el9.inferit #%%global shimverarm 15-1.el8 %global shimdiraa64 %{_datadir}/shim/%{shimveraa64}/aa64 diff --git a/SOURCES/spheresecureboot001.cer b/SOURCES/spheresecureboot001.cer new file mode 100644 index 0000000..1cdb65a Binary files /dev/null and b/SOURCES/spheresecureboot001.cer differ diff --git a/SOURCES/spheresecurebootca.cer b/SOURCES/spheresecurebootca.cer new file mode 100644 index 0000000..4db57d7 Binary files /dev/null and b/SOURCES/spheresecurebootca.cer differ diff --git a/SPECS/shim.spec b/SPECS/shim.spec index c80796c..56ff556 100644 --- a/SPECS/shim.spec +++ b/SPECS/shim.spec @@ -1,6 +1,6 @@ Name: shim Version: 15.6 -Release: 1.el9 +Release: 1.el9.inferit Summary: First-stage UEFI bootloader License: BSD URL: https://github.com/rhboot/shim/ @@ -12,15 +12,16 @@ ExclusiveArch: %{efi} ExcludeArch: %{arm} %{ix86} Source0: shim.rpmmacros -Source1: redhatsecureboot501.cer -Source2: redhatsecurebootca5.cer +Source1: spheresecureboot001.cer +Source2: spheresecurebootca.cer # keep these two lists of sources synched up arch-wise. That is 0 and 10 # match, 1 and 11 match, ... -Source10: BOOTAA64.CSV -Source20: shimaa64.efi -Source30: mmaa64.efi -Source40: fbaa64.efi +#Source10: BOOTAA64.CSV +#Source20: shimaa64.efi +#Source30: mmaa64.efi +#Source40: fbaa64.efi +# MSVSphere note: currently we support only the x86_64 architecture Source12: BOOTX64.CSV Source22: shimx64.efi Source32: mmx64.efi @@ -40,7 +41,7 @@ BuildRequires: pesign >= 0.112-20.fc27 # we can just BuildRequires that. %ifarch x86_64 ## BuildRequires: %% {unsignedx64} = %% {shimverx64} -BuildRequires: shim-unsigned-x64 = 15.6-1.el9 +BuildRequires: shim-unsigned-x64 = 15.6-1.el9.inferit %endif %ifarch aarch64 BuildRequires: %{unsignedaa64} = %{shimveraa64} @@ -104,8 +105,10 @@ install -m 0700 %{shimefi} $RPM_BUILD_ROOT%{efi_esp_dir}/shim.efi %endif %changelog -* Wed Mar 15 2023 MSVSphere Packaging Team - 15.6-1 -- Rebuilt for MSVSphere 9.1. +* Fri Mar 24 2023 Eugene Zamriy - 15.6-1.inferit +- Modified to use MSVSphere Secure Boot certificates +- Disabled aarch64 architecture until we support it +- Rebuilt for MSVSphere 9.1 * Mon Jun 06 2022 Peter Jones - 15.6-1.el9 - Update to shim-15.6