tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-04-08 17:05:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
audk/OvmfPkg/OvmfPkg.ci.yaml
Dov Murik 385b9d80a0 OvmfPkg/AmdSev: add BlobVerifierLibSevHashes 
Add an implementation for BlobVerifierLib that locates the SEV hashes
table and verifies that the calculated hashes of the kernel, initrd, and
cmdline blobs indeed match the expected hashes stated in the hashes
table.

If there's a missing hash or a hash mismatch then EFI_ACCESS_DENIED is
returned which will cause a failure to load a kernel image.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ashish Kalra <ashish.kalra@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3457
Co-developed-by: James Bottomley <jejb@linux.ibm.com>
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
[ardb: add CryptoPkg to accepted dependencies list for CI]
2021-07-29 09:49:50 +00:00

102 lines
3.3 KiB
YAML
Raw Permalink Blame History

## @file
# Core CI configuration for OvmfPkg
#
# OvmfPkg is part of Platform Ci for builds so this is only
# used for code analysis.
#
# Copyright (c) Microsoft Corporation
# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
##
{
## options defined .pytool/Plugin/LicenseCheck
"LicenseCheck": {
"IgnoreFiles": []
},
"EccCheck": {
## Exception sample looks like below:
## "ExceptionList": [
## "<ErrorID>", "<KeyWord>"
## ]
"ExceptionList": [
],
## Both file path and directory path are accepted.
"IgnoreFiles": [
],
"skip": True
},
## options defined .pytool/Plugin/CompilerPlugin
"CompilerPlugin": {
"DscPath": "" # Don't support this test
},
## options defined .pytool/Plugin/HostUnitTestCompilerPlugin
"HostUnitTestCompilerPlugin": {
"DscPath": "" # Don't support this test
},
## options defined .pytool/Plugin/CharEncodingCheck
"CharEncodingCheck": {
"IgnoreFiles": []
},
## options defined .pytool/Plugin/DependencyCheck
"DependencyCheck": {
"AcceptableDependencies": [
"CryptoPkg/CryptoPkg.dec",
"MdePkg/MdePkg.dec",
"MdeModulePkg/MdeModulePkg.dec",
"OvmfPkg/OvmfPkg.dec",
"NetworkPkg/NetworkPkg.dec",
"SecurityPkg/SecurityPkg.dec",
"UefiCpuPkg/UefiCpuPkg.dec",
"ShellPkg/ShellPkg.dec",
"EmbeddedPkg/EmbeddedPkg.dec",
"SourceLevelDebugPkg/SourceLevelDebugPkg.dec"
],
# For host based unit tests
"AcceptableDependencies-HOST_APPLICATION":[
"UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec"
],
# For UEFI shell based apps
"AcceptableDependencies-UEFI_APPLICATION":[],
"IgnoreInf": []
},
## options defined .pytool/Plugin/DscCompleteCheck
"DscCompleteCheck": {
"IgnoreInf": [""],
"DscPath": "" # Don't support this test
},
## options defined .pytool/Plugin/HostUnitTestDscCompleteCheck
"HostUnitTestDscCompleteCheck": {
"IgnoreInf": [""],
"DscPath": "" # Don't support this test
},
## options defined .pytool/Plugin/GuidCheck
"GuidCheck": {
"IgnoreGuidName": ["ResetVector", "XenResetVector"], # Expected duplication for gEfiFirmwareVolumeTopFileGuid
"IgnoreGuidValue": [],
"IgnoreFoldersAndFiles": [],
"IgnoreDuplicates": ["gGrubFileGuid=Grub"],
},
## options defined .pytool/Plugin/LibraryClassCheck
"LibraryClassCheck": {
"IgnoreHeaderFile": []
},
## options defined .pytool/Plugin/SpellCheck
"SpellCheck": {
"AuditOnly": True, # Fails right now with over 270 errors
"IgnoreFiles": [], # use gitignore syntax to ignore errors in matching files
"ExtendWords": [
], # words to extend to the dictionary for this package
"IgnoreStandardPaths": [], # Standard Plugin defined paths that should be ignore
"AdditionalIncludePaths": [] # Additional paths to spell check (wildcards supported)
}
}
Reference in New Issue View Git Blame Copy Permalink