FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F13.5 2023-08-23T17:43:26Z 2023-08-23T17:43:26Z Warner Losh imp@FreeBSD.org 2023-08-22T01:31:41Z urn:sha1:3d497e17ebd33fe0f58d773e35ab994d750258d6 Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/ Similar commit in main: (cherry picked from commit 1d386b48a555) 2023-08-23T17:43:21Z Warner Losh imp@FreeBSD.org 2023-08-22T01:31:07Z urn:sha1:17da660ad5b3b9cd90e164dd4dbb9beaa7203054 Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/ Similar commit in main: (cherry picked from commit b3e7694832e8) 2019-03-06T06:39:42Z Marcin Wojtas mw@FreeBSD.org 2019-03-06T06:39:42Z urn:sha1:13ea0450a9c8742119d36f3bf8f47accdce46e54 UEFI related headers were copied from edk2. A new build option "MK_LOADER_EFI_SECUREBOOT" was added to allow loading of trusted anchors from UEFI. Certificate revocation support is also introduced. The forbidden certificates are loaded from dbx variable. Verification fails in two cases: There is a direct match between cert in dbx and the one in the chain. The CA used to sign the chain is found in dbx. One can also insert a hash of TBS section of a certificate into dbx. In this case verifications fails only if a direct match with a certificate in chain is found. Submitted by: Kornel Duleba <mindal@semihalf.com> Reviewed by: sjg Obtained from: Semihalf Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D19093