The QEMU ARM device-tree contains a random kaslr-seed. This results in random measurements of the device-tree in the implementation of the EFI_TCG2_PROTOCOL.
Add an upstream patch which allows to disable the kaslr-seed via a command line parameter that we can use in the U-Boot test hooks. Signed-off-by: Heinrich Schuchardt <[email protected]> --- tools/docker/Dockerfile | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile index fb422e7588..d906f91863 100644 --- a/tools/docker/Dockerfile +++ b/tools/docker/Dockerfile @@ -115,6 +115,10 @@ RUN apt-get update && apt-get install -y \ # Make kernels readable for libguestfs tools to work correctly RUN chmod +r /boot/vmlinu* +# 'git am' requires setting up name and email address beforehand +RUN git config --global user.email "[email protected]" && \ + git config --global user.name "Your Name" + # Manually install a new enough version of sbsigntools (must be v0.9.4 or later) RUN git clone https://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git /tmp/sbsigntools && \ cd /tmp/sbsigntools && \ @@ -178,6 +182,9 @@ RUN git clone git://git.qemu.org/qemu.git /tmp/qemu && \ cd /tmp/qemu && \ git submodule update --init dtc && \ git checkout v6.1.0 && \ + wget https://lore.kernel.org/qemu-devel/[email protected]/raw \ + -O 0001-hw-arm-add-control-knob-to-disable-kaslr_seed-via-DT.patch && \ + git am 0001-hw-arm-add-control-knob-to-disable-kaslr_seed-via-DT.patch && \ # config user.name and user.email to make 'git am' happy git config user.name u-boot && \ git config user.email [email protected] && \ -- 2.32.0
