rpm/ovmf
SHA256
1
0
Fork 0
forked from pool/ovmf
Code Pull Requests Activity
2613e0ecfe
ovmf/ovmf.spec
Gary Ching-Pang Lin 2613e0ecfe Accepting request 493267 from home:msmeissn:branches:Virtualization 
- ovmf-pie.patch: add -fPIE to the Common build Makefile to 
  allow a global PIE build.

OBS-URL: https://build.opensuse.org/request/show/493267
OBS-URL: https://build.opensuse.org/package/show/Virtualization/ovmf?expand=0&rev=84
2017-05-08 08:20:33 +00:00

423 lines
13 KiB
RPMSpec
Raw Blame History

#
# spec file for package ovmf
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%undefine _build_create_debug
%global openssl_version 1.1.0e
Name: ovmf
Url: http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=EDK2
Summary: Open Virtual Machine Firmware
License: BSD-2-Clause
Group: System/Emulators/PC
Version: 2017+git1492060560.b6d11d7c46
Release: 0
Source0: %{name}-%{version}.tar.xz
Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz
Source111: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz.asc
Source112: openssl.keyring
Source2: README
Source3: SLES-UEFI-CA-Certificate-2048.crt
Source4: SLES-UEFI-SIGN-Certificate-2048.crt
Source5: MicCorKEKCA2011_2011-06-24.crt
Source6: MicCorUEFCA2011_2011-06-27.crt
Source7: openSUSE-UEFI-CA-Certificate-2048.crt
Source8: openSUSE-UEFI-SIGN-Certificate-2048.crt
Source9: openSUSE-UEFI-CA-Certificate-4096.crt
Source10: openSUSE-UEFI-SIGN-Certificate-4096.crt
Source11: http://www.uefi.org/sites/default/files/resources/dbxupdate.zip
Source12: strip_authinfo.pl
Source13: MicWinProPCA2011_2011-10-19.crt
Source100: %{name}-rpmlintrc
Source101: gdb_uefi.py.in
Patch2: %{name}-embed-default-keys.patch
Patch3: %{name}-gdb-symbols.patch
Patch4: %{name}-pie.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: fdupes
BuildRequires: gcc
BuildRequires: gcc-c++
BuildRequires: iasl
BuildRequires: libuuid-devel
BuildRequires: python
%ifnarch %arm
BuildRequires: nasm
%endif
%ifarch x86_64
BuildRequires: openssl
BuildRequires: unzip
%if 0%{?suse_version}
BuildRequires: vim-base
%else
BuildRequires: vim-common
%endif
%endif
ExclusiveArch: %ix86 x86_64 aarch64 %arm
%description
The Open Virtual Machine Firmware (OVMF) project aims to support
firmware for Virtual Machines using the edk2 code base.
%package tools
Summary: The BaseTools from edk2
Group: System/Emulators/PC
%description tools
The Open Virtual Machine Firmware (OVMF) project aims to support
firmware for Virtual Machines using the edk2 code base.
This package contains the tools from edk2.
%ifarch %ix86
%package -n qemu-ovmf-ia32
Summary: Open Virtual Machine Firmware - QEMU rom images (IA32)
Group: System/Emulators/PC
BuildArch: noarch
Requires: qemu
%description -n qemu-ovmf-ia32
The Open Virtual Machine Firmware (OVMF) project aims to support
firmware for Virtual Machines using the edk2 code base.
This package contains UEFI rom images for exercising UEFI secure
boot in a qemu environment (IA32)
%endif
%ifarch x86_64
%package -n qemu-ovmf-x86_64
Summary: Open Virtual Machine Firmware - QEMU rom images (x86_64)
Group: System/Emulators/PC
BuildArch: noarch
Requires: qemu
%description -n qemu-ovmf-x86_64
The Open Virtual Machine Firmware (OVMF) project aims to support
firmware for Virtual Machines using the edk2 code base.
This package contains UEFI rom images for exercising UEFI secure
boot in a qemu environment (x86_64)
%package -n qemu-ovmf-x86_64-debug
Summary: Open Virtual Machine Firmware - debug symbols (x86_64)
Group: Development/Debug
Requires: qemu
%description -n qemu-ovmf-x86_64-debug
The Open Virtual Machine Firmware (OVMF) project aims to support
firmware for Virtual Machines using the edk2 code base.
This package contains the debug symbols for UEFI rom images (x86_64)
%endif
%ifarch aarch64
%package -n qemu-uefi-aarch64
Summary: UEFI QEMU rom image (AArch64)
Group: System/Emulators/PC
BuildArch: noarch
%description -n qemu-uefi-aarch64
This package contains the UEFI rom image (AArch64) for QEMU cortex-a57
virt board.
%endif
%ifarch %arm
%package -n qemu-uefi-aarch32
Summary: UEFI QEMU rom image (AArch32)
Group: System/Emulators/PC
BuildArch: noarch
%description -n qemu-uefi-aarch32
This package contains the UEFI rom image (AArch32) for QEMU cortex-a15
virt board.
%endif
%prep
%setup -q -n %{name}-%{version}
# bsc#973038 Remove the packages we don't need to avoid any potential
# license issue.
PKG_TO_REMOVE="AppPkg DuetPkg CorebootModulePkg CorebootPayloadPkg \
EmulatorPkg Nt32Pkg Omap35xxPkg QuarkPlatformPkg QuarkSocPkg StdLib \
StdLibPrivateInternalFiles UnixPkg Vlv2DeviceRefCodePkg Vlv2TbltDevicePkg"
rm -rf $PKG_TO_REMOVE
%ifarch x86_64
%patch2 -p1
%endif
%patch3 -p1
%patch4 -p1
# add openssl
pushd CryptoPkg/Library/OpensslLib
tar -xf %{SOURCE1}
mv openssl-%{openssl_version} openssl
popd
%build
OVMF_FLAGS="-D SECURE_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D HTTP_BOOT_ENABLE -D ENABLE_TLS"
%if 0%{?suse_version} > 1320
TOOL_CHAIN_TAG=GCC5
%else
echo `gcc -dumpversion`
TOOL_CHAIN_TAG=GCC$(gcc -dumpversion|sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/')
%endif
%ifarch %ix86
BUILD_OPTIONS="$OVMF_FLAGS -a IA32 -p OvmfPkg/OvmfPkgIa32.dsc -b DEBUG -t $TOOL_CHAIN_TAG"
make -C BaseTools
%else
%ifarch x86_64
BUILD_OPTIONS="$OVMF_FLAGS -a X64 -p OvmfPkg/OvmfPkgX64.dsc -b DEBUG -t $TOOL_CHAIN_TAG"
make -C BaseTools
%else
%ifarch aarch64
BUILD_OPTIONS="$OVMF_FLAGS -a AARCH64 -p ArmVirtPkg/ArmVirtQemu.dsc -b DEBUG -t $TOOL_CHAIN_TAG"
ARCH=AARCH64 make -C BaseTools
%else
%ifarch %arm
BUILD_OPTIONS="-a ARM -p ArmVirtPkg/ArmVirtQemu.dsc -b RELEASE -t $TOOL_CHAIN_TAG"
ARCH=ARM make -C BaseTools
%else
echo "ERROR: unsupported architecture"
false
%endif #arm
%endif #aarch64
%endif #x86_64
%endif #ix86
. ./edksetup.sh
# Build the UEFI image
build $BUILD_OPTIONS
%ifarch %ix86
cp Build/OvmfIa32/DEBUG_*/FV/OVMF.fd ovmf-ia32.bin
cp Build/OvmfIa32/DEBUG_*/FV/OVMF_CODE.fd ovmf-ia32-code.bin
cp Build/OvmfIa32/DEBUG_*/FV/OVMF_VARS.fd ovmf-ia32-vars.bin
%else
%ifarch x86_64
collect_debug_files()
{
target="$1"
out_dir="debug/$target"
abs_path="`pwd`/$out_dir/"
source_path="`pwd`"
gdb_src_path="/usr/src/debug/ovmf-x86_64"
# copy the debug symbols
mkdir -p $out_dir
pushd Build/OvmfX64/DEBUG_GCC*/X64/
find . -mindepth 2 -type f -name "*.debug" -exec cp --parents -a {} $abs_path \;
cp --parents -a DebugPkg/GdbSyms/GdbSyms/DEBUG/GdbSyms.dll $abs_path
build_path=`pwd`
popd
# Change the path in the python gdb script
sed "s:__BUILD_PATH__:$build_path:;s:__SOURCE_PATH__:$source_path:;s:__GDB_SRC_PATH__:$gdb_src_path:;s/__FLAVOR__/$target/" \
%{SOURCE101} > gdb_uefi-$target.py
}
cp Build/OvmfX64/DEBUG_*/FV/OVMF.fd ovmf-x86_64.bin
cp Build/OvmfX64/DEBUG_*/FV/OVMF_CODE.fd ovmf-x86_64-code.bin
cp Build/OvmfX64/DEBUG_*/FV/OVMF_VARS.fd ovmf-x86_64-vars.bin
# Collect the debug files
collect_debug_files ovmf-x86_64
# Collect the source
mkdir -p source/ovmf-x86_64
# TODO get the source list from debug files
src_list=`find Build/OvmfX64/DEBUG_GCC*/X64/ -mindepth 1 -maxdepth 1 -type d -exec basename {} \;`
find $src_list \( -name "*.c" -o -name "*.h" \) -type f -exec cp --parents -a {} source/ovmf-x86_64 \;
find source/ovmf-x86_64 -name *.c -type f -exec chmod 0644 {} \;
build_with_keys()
{
suffix="$1"
xxd -i Default_PK > SecurityPkg/Library/AuthVariableLib/Default_PK.h
xxd -i Default_KEK > SecurityPkg/Library/AuthVariableLib/Default_KEK.h
xxd -i Default_DB > SecurityPkg/Library/AuthVariableLib/Default_DB.h
if [ -e Default_DB_EX ]; then
xxd -i Default_DB_EX > SecurityPkg/Library/AuthVariableLib/Default_DB_EX.h
fi
if [ -e Default_DBX ]; then
xxd -i Default_DBX > SecurityPkg/Library/AuthVariableLib/Default_DBX.h
fi
build $BUILD_OPTIONS
cp Build/OvmfX64/DEBUG_*/FV/OVMF.fd ovmf-x86_64-$suffix.bin
cp Build/OvmfX64/DEBUG_*/FV/OVMF_CODE.fd ovmf-x86_64-$suffix-code.bin
cp Build/OvmfX64/DEBUG_*/FV/OVMF_VARS.fd ovmf-x86_64-$suffix-vars.bin
collect_debug_files ovmf-x86_64-$suffix
}
# OVMF with SUSE keys
openssl x509 -in %{SOURCE3} -outform DER > Default_PK
openssl x509 -in %{SOURCE3} -outform DER > Default_KEK
openssl x509 -in %{SOURCE4} -outform DER > Default_DB
build_with_keys suse
#unpack the UEFI revocation list
unzip %{SOURCE11}
# OVMF with MS keys
cat %{SOURCE5} > Default_PK
cat %{SOURCE5} > Default_KEK
cat %{SOURCE6} > Default_DB
cat %{SOURCE13} > Default_DB_EX
chmod 755 %{SOURCE12}
%{SOURCE12} dbxupdate.bin Default_DBX
build_with_keys ms
rm -f Default_DBX
# OVMF with openSUSE keys
openssl x509 -in %{SOURCE7} -outform DER > Default_PK
openssl x509 -in %{SOURCE7} -outform DER > Default_KEK
openssl x509 -in %{SOURCE8} -outform DER > Default_DB
build_with_keys opensuse
# OVMF with openSUSE keys (4096 bit CA)
openssl x509 -in %{SOURCE9} -outform DER > Default_PK
openssl x509 -in %{SOURCE9} -outform DER > Default_KEK
openssl x509 -in %{SOURCE10} -outform DER > Default_DB
build_with_keys opensuse-4096
if [ -e %{_sourcedir}/_projectcert.crt ]; then
prjissuer=$(openssl x509 -in %{_sourcedir}/_projectcert.crt -noout -issuer_hash)
opensusesubject=$(openssl x509 -in %{SOURCE7} -noout -subject_hash)
slessubject=$(openssl x509 -in %{SOURCE3} -noout -subject_hash)
if [ "$prjissuer" != "$opensusesubject" -a "$prjissuer" != "$slessubject" ]; then
openssl x509 -in %{_sourcedir}/_projectcert.crt -outform DER > Default_PK
openssl x509 -in %{_sourcedir}/_projectcert.crt -outform DER > Default_KEK
openssl x509 -in %{_sourcedir}/_projectcert.crt -outform DER > Default_DB
build_with_keys devel
fi
fi
%else
%ifarch aarch64
cp Build/ArmVirtQemu-AARCH64/DEBUG_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch64.bin
dd of="aavmf-aarch64-code.bin" if="/dev/zero" bs=1M count=64
dd of="aavmf-aarch64-code.bin" if="qemu-uefi-aarch64.bin" conv=notrunc
dd of="aavmf-aarch64-vars.bin" if="/dev/zero" bs=1M count=64
%else
%ifarch %arm
cp Build/ArmVirtQemu-ARM/RELEASE_GCC*/FV/QEMU_EFI.fd qemu-uefi-aarch32.bin
%endif #arm
%endif #aarch64
%endif #x86_64
%endif #ix86
%install
rm -rf %{buildroot}
cp %{SOURCE2} README
tr -d '\r' < FatPkg/License.txt > License-fat-driver.txt
# Install BaseTools
install -d %{buildroot}/%{_bindir}
install -m 0755 --strip BaseTools/Source/C/bin/EfiRom %{buildroot}/%{_bindir}
%ifarch %ix86
tr -d '\r' < OvmfPkg/License.txt > License.txt
install -m 0644 -D ovmf-ia32.bin %{buildroot}/%{_datadir}/qemu/ovmf-ia32.bin
install -m 0644 -D ovmf-ia32-code.bin %{buildroot}/%{_datadir}/qemu/ovmf-ia32-code.bin
install -m 0644 -D ovmf-ia32-vars.bin %{buildroot}/%{_datadir}/qemu/ovmf-ia32-vars.bin
%else
%ifarch x86_64
tr -d '\r' < OvmfPkg/License.txt > License.txt
install -m 0644 -D ovmf-x86_64.bin %{buildroot}/%{_datadir}/qemu/ovmf-x86_64.bin
install -m 0644 ovmf-x86_64-*.bin %{buildroot}/%{_datadir}/qemu/
%fdupes %{buildroot}/%{_datadir}/qemu/
# Install debug symbols, gdb-uefi.py
install -d %{buildroot}/%{_datadir}/ovmf-x86_64/
install -m 0644 gdb_uefi-*.py %{buildroot}/%{_datadir}/ovmf-x86_64/
mkdir -p %{buildroot}/usr/lib/debug
mv debug/ovmf-x86_64* %{buildroot}/usr/lib/debug
%fdupes %{buildroot}/usr/lib/debug/ovmf-x86_64*
mkdir -p %{buildroot}/usr/src/debug
mv source/ovmf-x86_64* %{buildroot}/usr/src/debug
%fdupes -s %{buildroot}/usr/src/debug/ovmf-x86_64
%else
%ifarch aarch64
tr -d '\r' < ArmPlatformPkg/License.txt > License.txt
install -m 0644 -D qemu-uefi-aarch64.bin %{buildroot}/%{_datadir}/qemu/qemu-uefi-aarch64.bin
install -m 0644 -D aavmf-aarch64-code.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch64-code.bin
install -m 0644 -D aavmf-aarch64-vars.bin %{buildroot}/%{_datadir}/qemu/aavmf-aarch64-vars.bin
%else
%ifarch %arm
tr -d '\r' < ArmPlatformPkg/License.txt > License.txt
install -m 0644 -D qemu-uefi-aarch32.bin %{buildroot}/%{_datadir}/qemu/qemu-uefi-aarch32.bin
%endif #arm
%endif #aarch64
%endif #x86_64
%endif #ix86
%files
%defattr(-,root,root)
%doc README
%files tools
%defattr(-,root,root)
%doc BaseTools/UserManuals/EfiRom_Utility_Man_Page.rtf
%{_bindir}/EfiRom
%ifarch %ix86
%files -n qemu-ovmf-ia32
%defattr(-,root,root)
%doc License.txt License-fat-driver.txt
%dir %{_datadir}/qemu/
%{_datadir}/qemu/ovmf-ia32*.bin
%endif
%ifarch x86_64
%files -n qemu-ovmf-x86_64
%defattr(-,root,root)
%doc License.txt License-fat-driver.txt
%dir %{_datadir}/qemu/
%{_datadir}/qemu/ovmf-x86_64*.bin
%files -n qemu-ovmf-x86_64-debug
%defattr(-,root,root)
%{_datadir}/ovmf-x86_64/
%dir /usr/lib/debug/
/usr/lib/debug/ovmf-x86_64*
%dir /usr/src/debug/
/usr/src/debug/ovmf-x86_64*
%endif
%ifarch aarch64
%files -n qemu-uefi-aarch64
%defattr(-,root,root)
%doc License.txt License-fat-driver.txt
%dir %{_datadir}/qemu/
%{_datadir}/qemu/qemu-uefi-aarch64.bin
%{_datadir}/qemu/aavmf-aarch64-code.bin
%{_datadir}/qemu/aavmf-aarch64-vars.bin
%endif
%ifarch %arm
%files -n qemu-uefi-aarch32
%defattr(-,root,root)
%doc License.txt License-fat-driver.txt
%dir %{_datadir}/qemu/
%{_datadir}/qemu/qemu-uefi-aarch32.bin
%endif
%changelog
View Git Blame Copy Permalink