1# $FreeBSD$ 2 3BRSSL_CFLAGS+= -DNO_STDIO 4 5.include "Makefile.inc" 6 7# for "measured boot" 8# loader puts the equivalent of TPM's PCR register into kenv 9# this is not as good but *way* simpler than talking to TPM 10CFLAGS+= -DVE_PCR_SUPPORT 11 12# sources that only apply to libsa 13SRCS+= \ 14 vectx.c \ 15 veopen.c \ 16 vepcr.c \ 17 verify_file.c \ 18 19# this is the list of paths (relative to a file 20# that we need to verify) used to find a signed manifest. 21# the signature extensions in VE_SIGNATURE_EXT_LIST 22# will be applied to each. 23VE_MANIFEST_LIST?= manifest ../manifest 24 25verify_file.o: manifests.h 26manifests.h: 27 @( echo '/* Autogenerated - DO NOT EDIT!!! */'; echo; \ 28 echo "static const char *manifest_names[] = {"; \ 29 echo '${VE_MANIFEST_LIST:@m@"$m",${.newline}@}'; \ 30 echo 'NULL };' ) > ${.TARGET} 31 32XCFLAGS.verify_file+= \ 33 -DVE_DEBUG_LEVEL=${VE_DEBUG_LEVEL:U0} \ 34 -DVE_VERBOSE_DEFAULT=${VE_VERBOSE_DEFAULT:U0} \ 35 36.if !empty(MANIFEST_SKIP_ALWAYS) 37XCFLAGS.verify_file+= -DMANIFEST_SKIP_ALWAYS=\"${MANIFEST_SKIP_ALWAYS}\" 38.elif !empty(MANIFEST_SKIP) 39XCFLAGS.verify_file+= -DMANIFEST_SKIP=\"${MANIFEST_SKIP}\" 40.endif 41