Currently on secureboot platform sys_kexec() will only trust executables which were vailidly signed, memory locked and which were statically built.
So build kexec with static linking instead of dynamic one if one needs to make it work with secureboot. Provide a config option --enable-static to enable static linking. Signed-off-by: Vivek Goyal <[email protected]> --- configure.ac | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/configure.ac b/configure.ac index 7b61dbf..90b4c75 100644 --- a/configure.ac +++ b/configure.ac @@ -68,6 +68,8 @@ if test "x$TARGET_CFLAGS" = "x" ; then TARGET_CFLAGS='-O2 -Wall' fi +AC_ARG_ENABLE([static], AC_HELP_STRING([--enable-static],[Produce statically linked executables]), [ enable_static="$enableval"], [ enable_static=no]) + AC_ARG_WITH([objdir], AC_HELP_STRING([--with-objdir=<dir>],[select directory for object files]), [ OBJDIR="$withval" ], [ OBJDIR="$OBJDIR" ]) @@ -144,6 +146,10 @@ AC_CHECK_PROG([FIND], find, find, "no", [$PATH]) AC_CHECK_PROG([XARGS], xargs, xargs, "no", [$PATH]) AC_CHECK_PROG([DIRNAME], dirname, dirname, "no", [$PATH]) +if test "$enable_static" = yes ; then + CFLAGS="$CFLAGS -static" +fi + dnl See if I have a usable copy of zlib available if test "$with_zlib" = yes ; then AC_CHECK_HEADER(zlib.h, -- 1.8.3.1 _______________________________________________ kernel mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/kernel
