SetupBootkit: use the ovmf-vars.fd that shipped with bootkit

Instead of relying on the host to have a reasonable one. At least on ubuntu jammy, right now those are the same thing. Signed-off-by: Serge Hallyn <[email protected]>
project-machine · Sep 1, 2023 · 56bf07d · 56bf07d
1 parent b03c99a
commit 56bf07d
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/pkg/trust/artifacts.go b/pkg/trust/artifacts.go
@@ -267,10 +267,11 @@ func SetupBootkit(keysetName, bootkitVersion string) error {
 	dbGuid := strings.TrimSpace(string(dbGuidBytes))
 
 	outFile := filepath.Join(destDir, "ovmf-vars.fd")
+	plainvars := filepath.Join(bDir, "ovmf", "ovmf-vars.fd")
 	cmd = []string{
 		"virt-fw-vars",
-		"--input=/usr/share/OVMF/OVMF_VARS.fd",
-		"--output", outFile,
+		"--input=" + plainvars,
+		"--output=" + outFile,
 		"--secure-boot", "--no-microsoft",
 		"--set-pk", pkGuid, filepath.Join(keysetPath, "uefi-pk", "cert.pem"),
 		"--add-kek", kekGuid, filepath.Join(keysetPath, "uefi-kek", "cert.pem"),