diff options
| author | Gerd Hoffmann <kraxel@redhat.com> | 2024-09-05 16:12:09 +0200 |
|---|---|---|
| committer | Gerd Hoffmann <kraxel@redhat.com> | 2024-12-16 07:31:28 +0100 |
| commit | f2594d928444fc4d593117db2da8c9ffa26433f7 (patch) | |
| tree | fcf87ae7a03eaa34f089d4db1d09b3cbf48770dd /hw/i386/x86-common.c | |
| parent | 214191f6b57458814d279a53539d64c6e54e764b (diff) | |
| download | focaccia-qemu-f2594d928444fc4d593117db2da8c9ffa26433f7.tar.gz focaccia-qemu-f2594d928444fc4d593117db2da8c9ffa26433f7.zip | |
x86/loader: expose unpatched kernel
Add a new "etc/boot/kernel" fw_cfg file, containing the kernel without the setup header patches. Intended use is booting in UEFI with secure boot enabled, where the setup header patching breaks secure boot verification. Needs OVMF changes too to be actually useful. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-ID: <20240905141211.1253307-5-kraxel@redhat.com>
Diffstat (limited to '')
| -rw-r--r-- | hw/i386/x86-common.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/hw/i386/x86-common.c b/hw/i386/x86-common.c index 28341b42d9..1cef3045ad 100644 --- a/hw/i386/x86-common.c +++ b/hw/i386/x86-common.c @@ -962,6 +962,9 @@ void x86_load_linux(X86MachineState *x86ms, sev_load_ctx.setup_data = (char *)setup; sev_load_ctx.setup_size = setup_size; + /* kernel without setup header patches */ + fw_cfg_add_file(fw_cfg, "etc/boot/kernel", kernel, kernel_size); + if (sev_enabled()) { sev_add_kernel_loader_hashes(&sev_load_ctx, &error_fatal); } |