[PATCH 1/1] Dockerfile: flag to disable kaslr-seed in QEMU
Heinrich Schuchardt
heinrich.schuchardt at canonical.com
Thu Dec 16 15:05:47 CET 2021
The QEMU ARM device-tree contains a random kaslr-seed. This results in
random measurements of the device-tree in the implementation of the
EFI_TCG2_PROTOCOL.
Add an upstream patch which allows to disable the kaslr-seed via a command
line parameter that we can use in the U-Boot test hooks.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
---
tools/docker/Dockerfile | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile
index fb422e7588..d906f91863 100644
--- a/tools/docker/Dockerfile
+++ b/tools/docker/Dockerfile
@@ -115,6 +115,10 @@ RUN apt-get update && apt-get install -y \
# Make kernels readable for libguestfs tools to work correctly
RUN chmod +r /boot/vmlinu*
+# 'git am' requires setting up name and email address beforehand
+RUN git config --global user.email "you at example.com" && \
+ git config --global user.name "Your Name"
+
# Manually install a new enough version of sbsigntools (must be v0.9.4 or later)
RUN git clone https://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git /tmp/sbsigntools && \
cd /tmp/sbsigntools && \
@@ -178,6 +182,9 @@ RUN git clone git://git.qemu.org/qemu.git /tmp/qemu && \
cd /tmp/qemu && \
git submodule update --init dtc && \
git checkout v6.1.0 && \
+ wget https://lore.kernel.org/qemu-devel/20211215120926.1696302-1-alex.bennee@linaro.org/raw \
+ -O 0001-hw-arm-add-control-knob-to-disable-kaslr_seed-via-DT.patch && \
+ git am 0001-hw-arm-add-control-knob-to-disable-kaslr_seed-via-DT.patch && \
# config user.name and user.email to make 'git am' happy
git config user.name u-boot && \
git config user.email u-boot at denx.de && \
--
2.32.0
More information about the U-Boot
mailing list