narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Clone of ipxe replica repo
6,306 Commits
13 Branches
11 Tags
107 MiB
C 97.4%
Assembly 1.3%
Perl 0.6%
Makefile 0.4%
Python 0.2%
 
 
 
 
 
Go to file
Michael Brown f4f9adf618 [efi] Include Secure Boot Advanced Targeting (SBAT) metadata 
SBAT defines an encoding for security generation numbers stored as a
CSV file within a special ".sbat" section in the signed binary.  If a
Secure Boot exploit is discovered then the generation number will be
incremented alongside the corresponding fix.

Platforms may then record the minimum generation number required for
any given product.  This allows for an efficient revocation mechanism
that consumes minimal flash storage space (in contrast to the DBX
mechanism, which allows for only a single-digit number of revocation
events to ever take place across all possible signed binaries).

Add SBAT metadata to iPXE EFI binaries to support this mechanism.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
 		2022-01-13 14:12:44 +00:00
.github/workflows [linux] Use host glibc system call wrappers 2021-02-28 23:28:23 +00:00
contrib [cloud] Allow multiple images to be imported simultaneously 2021-05-02 12:38:03 +01:00
src [efi] Include Secure Boot Advanced Targeting (SBAT) metadata 2022-01-13 14:12:44 +00:00
COPYING [legal] Update GPLv2 licence text 2015-02-26 17:59:53 +00:00
COPYING.GPLv2 [legal] Update GPLv2 licence text 2015-02-26 17:59:53 +00:00
COPYING.UBDL [legal] Add support for the Unmodified Binary Distribution Licence 2015-03-02 12:07:14 +00:00
README [doc] Re-add README file 2010-05-28 00:03:47 +01:00

README 

iPXE README File

Quick start guide:

   cd src
   make

For any more detailed instructions, see http://ipxe.org