[ANNOUNCE] EFI Boot Guard 0.17 released
20 views
Skip to first unread message
Jan Kiszka
May 3, 2024, 1:38:57 PM5/3/24
to efibootguard-dev
Hi,
here comes a release 0.17 of EFI Boot Guard. It's primarily consists of
internal improvements, specifically to support latest gnuefi release
3.0.18. There are also several new compile-time features such as a boot
delay to help debugging errors, silent boot and adjustable env filename.
And the test pipeline received valgrind support.
Thanks to all contributors!
Jan
Christian Storm (6):
configure: make libcheck dependency check unconditional
Don't exploit constructors for probing functions
Fix CopyMem() Wdiscarded-qualifiers
ci: Make CI build verbose
Fix arm + riscv support for gnu-efi > 3.0.15
Use --no-warn-rwx-segments only when needed
Earl Chew (4):
Use CK_NOFORK for tests to simplify use of gdb
Support check-valgrind
Support additional boot delay before starting image
Support --with-env-file-name
Jan Kiszka (3):
Revert "ci: Filter out broken ubuntu-toolchain ppa from i386 builds"
ci: Update checkout actions
Bump version number
Michael Adler (2):
fix: set default verbosity to false in fat parser
refactor(scripts): use /usr/bin/env bash for portability
Storm, Christian' via EFI Boot Guard (1):
Add silent boot feature
--
Siemens AG, Technology
Linux Expert Center
here comes a release 0.17 of EFI Boot Guard. It's primarily consists of
internal improvements, specifically to support latest gnuefi release
3.0.18. There are also several new compile-time features such as a boot
delay to help debugging errors, silent boot and adjustable env filename.
And the test pipeline received valgrind support.
Thanks to all contributors!
Jan
Christian Storm (6):
configure: make libcheck dependency check unconditional
Don't exploit constructors for probing functions
Fix CopyMem() Wdiscarded-qualifiers
ci: Make CI build verbose
Fix arm + riscv support for gnu-efi > 3.0.15
Use --no-warn-rwx-segments only when needed
Earl Chew (4):
Use CK_NOFORK for tests to simplify use of gdb
Support check-valgrind
Support additional boot delay before starting image
Support --with-env-file-name
Jan Kiszka (3):
Revert "ci: Filter out broken ubuntu-toolchain ppa from i386 builds"
ci: Update checkout actions
Bump version number
Michael Adler (2):
fix: set default verbosity to false in fat parser
refactor(scripts): use /usr/bin/env bash for portability
Storm, Christian' via EFI Boot Guard (1):
Add silent boot feature
--
Siemens AG, Technology
Linux Expert Center
Gylstorff Quirin
May 8, 2024, 1:53:20 AM5/8/24
to efibootg...@googlegroups.com
On 5/3/24 7:38 PM, 'Jan Kiszka' via EFI Boot Guard wrote:
> Hi,
>
> here comes a release 0.17 of EFI Boot Guard. It's primarily consists of
> internal improvements, specifically to support latest gnuefi release
> 3.0.18. There are also several new compile-time features such as a boot
> delay to help debugging errors, silent boot and adjustable env filename.
> And the test pipeline received valgrind support.
>
> Thanks to all contributors!
There is a build bug with the native build on armhf due to
gnu-efi-3.0.18. it leads to the following error message:
```
checking pkg-config is at least version 0.9.0... yes
configure: error: objcopy doesn't support --target=efi-app but gnu-efi
>= 3.0.16
```
Found during Debian build of the efibootguard armhf package.
Best regards
Quirin
Storm, Christian
May 8, 2024, 4:33:34 AM5/8/24
to EFI Boot Guard
Hi,
>> here comes a release 0.17 of EFI Boot Guard. It's primarily consists of
>> internal improvements, specifically to support latest gnuefi release
>> 3.0.18. There are also several new compile-time features such as a boot
>> delay to help debugging errors, silent boot and adjustable env filename.
>> And the test pipeline received valgrind support.
>> Thanks to all contributors!
> Hi,
>
> There is a build bug with the native build on armhf due to gnu-efi-3.0.18. it leads to the following error message:
> ```
> checking pkg-config is at least version 0.9.0... yes
> configure: error: objcopy doesn't support --target=efi-app but gnu-efi >= 3.0.16
> ```
> Found during Debian build of the efibootguard armhf package.
We need an exception for armhf to unconditionally use objcopy's binary copy mode as there's apparently no EFI target for binutils on armhf. Instead, the crt0 composes the PE/COFF header directly, see https://github.com/ncroxon/gnu-efi/blob/master/gnuefi/crt0-efi-arm.S#L25-L149. The same is true for riscv64 (https://github.com/ncroxon/gnu-efi/blob/master/gnuefi/crt0-efi-riscv64.S). So for both, we need to unconditionally use objcopy in binary copy mode.
>> here comes a release 0.17 of EFI Boot Guard. It's primarily consists of
>> internal improvements, specifically to support latest gnuefi release
>> 3.0.18. There are also several new compile-time features such as a boot
>> delay to help debugging errors, silent boot and adjustable env filename.
>> And the test pipeline received valgrind support.
>> Thanks to all contributors!
> Hi,
>
> There is a build bug with the native build on armhf due to gnu-efi-3.0.18. it leads to the following error message:
> ```
> checking pkg-config is at least version 0.9.0... yes
> configure: error: objcopy doesn't support --target=efi-app but gnu-efi >= 3.0.16
> ```
> Found during Debian build of the efibootguard armhf package.
This has and still works on Debian bookworm/stable with gnu-efi 3.0.15. For Debian trixie/testing and sid/unstable which are now on gnu-efi 3.0.18, we need to adapt and explicitly handle these cases. I'll post a patch soon.
Kind regards,
Christian
P.S.: Note that gnu-efi has a new home on GitHub since 2024-03-22 according to https://sourceforge.net/projects/gnu-efi/ which is why I linked to the new one above as it supports line ranges to be linked to.
--
Dr. Christian Storm
Siemens AG, Technology, T CED OES-DE
Otto-Hahn-Ring 6, 81739 Munich, Germany
Reply all
Reply to author
Forward
0 new messages