@@ -1733,6 +1733,7 @@ F: package/gnupg2/
F: package/highway/
F: package/kexec/
F: package/libjxl/
+F: package/mokutil/
F: package/octave/
F: package/ola/
F: package/openblas/
@@ -2763,6 +2763,7 @@ menu "System tools"
source "package/mender-grubenv/Config.in"
source "package/mfoc/Config.in"
source "package/moby-buildkit/Config.in"
+ source "package/mokutil/Config.in"
source "package/monit/Config.in"
source "package/multipath-tools/Config.in"
source "package/ncdu/Config.in"
new file mode 100644
@@ -0,0 +1,31 @@
+config BR2_PACKAGE_MOKUTIL
+ bool "mokutil"
+ depends on BR2_PACKAGE_EFIVAR_ARCH_SUPPORTS
+ depends on BR2_PACKAGE_SHIM_ARCH_SUPPORTS
+ depends on BR2_USE_MMU # keyutils
+ depends on !BR2_STATIC_LIBS # efivar, keyutils
+ depends on !BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS # efivar
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 # efivar
+ depends on BR2_TOOLCHAIN_HAS_THREADS # efivar
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12 # efivar
+ select BR2_PACKAGE_EFIVAR
+ select BR2_PACKAGE_KEYUTILS
+ select BR2_PACKAGE_OPENSSL
+ help
+ mokutil is a tool to import or delete the machines owner
+ keys (MOK) stored in the database of shim.
+
+ "shim" is the first stage bootloader to support UEFI Secure
+ Boot. See also the "shim" package in the bootloaders
+ section.
+
+ https://github.com/lcp/mokutil
+
+comment "mokutil needs a toolchain w/ dynamic library, threads, gcc >= 4.9, headers >= 3.12"
+ depends on BR2_PACKAGE_EFIVAR_ARCH_SUPPORTS
+ depends on BR2_PACKAGE_SHIM_ARCH_SUPPORTS
+ depends on BR2_USE_MMU
+ depends on BR2_STATIC_LIBS || \
+ BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 || \
+ !BR2_TOOLCHAIN_HAS_THREADS || \
+ BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
new file mode 100644
@@ -0,0 +1,3 @@
+# Locally calculated
+sha256 1c0bcba3d2f4ab98235b1edb5eb71b40508f79d93d3e28b1a04b7fbd4a2c1457 mokutil-0.7.1.tar.gz
+sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
new file mode 100644
@@ -0,0 +1,19 @@
+################################################################################
+#
+# mokutil
+#
+################################################################################
+
+MOKUTIL_VERSION = 0.7.1
+MOKUTIL_SITE = $(call github,lcp,mokutil,$(MOKUTIL_VERSION))
+MOKUTIL_LICENSE = GPL-3.0+
+MOKUTIL_LICENSE_FILES = COPYING
+MOKUTIL_AUTORECONF = YES
+
+MOKUTIL_DEPENDENCIES = \
+ efivar \
+ host-pkgconf \
+ keyutils \
+ openssl
+
+$(eval $(autotools-package))
mokutil is a tool to import or delete the machines owner keys (MOK) stored in the database of shim. "shim" is the first stage bootloader to support UEFI Secure Boot. See also the "shim" package in the bootloaders section. https://github.com/lcp/mokutil Signed-off-by: Julien Olivain <ju.o@free.fr> --- Patch tested on branch master at commit 31abe2f with commands: make check-package ... 0 warnings generated utils/test-pkg -a -p mokutil ... br-i386-pentium-mmx-musl [32/45]: FAILED ... 45 builds, 32 skipped, 1 build failed, 0 legal-info failed, 0 show-info failed Note: the br-i386-pentium-mmx-musl build failure is due to an old musl libc not containing the qsort_r() function. Thomas mentioned in [1] that this kind of failure should be addressed by updating the toolchain in test-pkg, instead. [1] https://lists.buildroot.org/pipermail/buildroot/2024-March/686962.html --- DEVELOPERS | 1 + package/Config.in | 1 + package/mokutil/Config.in | 31 +++++++++++++++++++++++++++++++ package/mokutil/mokutil.hash | 3 +++ package/mokutil/mokutil.mk | 19 +++++++++++++++++++ 5 files changed, 55 insertions(+) create mode 100644 package/mokutil/Config.in create mode 100644 package/mokutil/mokutil.hash create mode 100644 package/mokutil/mokutil.mk