2024-04-02 08:22:40 +00:00
|
|
|
ExclusiveArch: x86_64 aarch64
|
2023-09-05 10:53:16 +00:00
|
|
|
|
2024-06-28 06:36:11 +00:00
|
|
|
# edk2-stable202405
|
|
|
|
%define GITDATE 20240524
|
|
|
|
%define GITCOMMIT 3e722403cd
|
2024-04-02 08:22:40 +00:00
|
|
|
%define TOOLCHAIN GCC
|
2023-11-17 11:19:49 +00:00
|
|
|
|
2023-09-05 10:53:16 +00:00
|
|
|
%define OPENSSL_VER 3.0.7
|
2024-09-27 04:22:34 +00:00
|
|
|
%define OPENSSL_HASH 0205b589887203b065154ddc8e8107c4ac8625a1
|
2023-09-05 10:53:16 +00:00
|
|
|
|
2023-05-12 12:04:56 +00:00
|
|
|
%define DBXDATE 20230509
|
2023-03-15 11:11:22 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
%define build_ovmf 0
|
|
|
|
%define build_aarch64 0
|
2017-11-13 17:44:20 +00:00
|
|
|
%ifarch x86_64
|
2021-07-15 20:02:04 +00:00
|
|
|
%define build_ovmf 1
|
2017-11-13 17:44:20 +00:00
|
|
|
%endif
|
|
|
|
%ifarch aarch64
|
2021-07-15 20:02:04 +00:00
|
|
|
%define build_aarch64 1
|
2017-11-13 17:44:20 +00:00
|
|
|
%endif
|
2021-07-15 20:02:04 +00:00
|
|
|
|
2021-07-15 17:34:57 +00:00
|
|
|
Name: edk2
|
2023-05-24 07:28:07 +00:00
|
|
|
Version: %{GITDATE}
|
2024-11-11 11:13:33 +00:00
|
|
|
Release: 11%{?dist}
|
2021-07-15 17:34:57 +00:00
|
|
|
Summary: UEFI firmware for 64-bit virtual machines
|
2024-04-02 08:22:40 +00:00
|
|
|
License: BSD-2-Clause-Patent and Apache-2.0 and MIT
|
2021-07-15 17:34:57 +00:00
|
|
|
URL: http://www.tianocore.org
|
|
|
|
|
|
|
|
# The source tarball is created using following commands:
|
2024-04-02 08:22:40 +00:00
|
|
|
# COMMIT=ba91d0292e
|
2021-07-15 17:34:57 +00:00
|
|
|
# git archive --format=tar --prefix=edk2-$COMMIT/ $COMMIT \
|
|
|
|
# | xz -9ev >/tmp/edk2-$COMMIT.tar.xz
|
|
|
|
Source0: edk2-%{GITCOMMIT}.tar.xz
|
|
|
|
Source1: ovmf-whitepaper-c770f8c.txt
|
2024-04-02 08:22:40 +00:00
|
|
|
Source2: openssl-rhel-%{OPENSSL_HASH}.tar.xz
|
2021-07-15 17:49:13 +00:00
|
|
|
|
2022-11-16 15:25:57 +00:00
|
|
|
# json description files
|
2023-04-05 10:51:55 +00:00
|
|
|
Source10: 50-edk2-aarch64-qcow2.json
|
|
|
|
Source11: 51-edk2-aarch64-raw.json
|
|
|
|
Source12: 52-edk2-aarch64-verbose-qcow2.json
|
|
|
|
Source13: 53-edk2-aarch64-verbose-raw.json
|
2022-11-16 15:25:57 +00:00
|
|
|
|
2024-04-02 08:22:40 +00:00
|
|
|
Source40: 30-edk2-ovmf-x64-sb-enrolled.json
|
|
|
|
Source41: 40-edk2-ovmf-x64-sb.json
|
|
|
|
Source43: 50-edk2-ovmf-x64-nosb.json
|
|
|
|
Source44: 60-edk2-ovmf-x64-amdsev.json
|
|
|
|
Source45: 60-edk2-ovmf-x64-inteltdx.json
|
2023-09-05 16:27:23 +00:00
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
# https://gitlab.com/kraxel/edk2-build-config
|
|
|
|
Source80: edk2-build.py
|
2024-04-02 08:22:40 +00:00
|
|
|
Source82: edk2-build.rhel-9
|
2022-11-16 10:59:20 +00:00
|
|
|
|
2023-03-15 11:11:22 +00:00
|
|
|
Source90: DBXUpdate-%{DBXDATE}.x64.bin
|
2024-04-02 08:22:40 +00:00
|
|
|
Patch1: 0003-Remove-paths-leading-to-submodules.patch
|
|
|
|
Patch2: 0004-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch
|
|
|
|
Patch3: 0005-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch
|
|
|
|
Patch4: 0006-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch
|
|
|
|
Patch5: 0007-OvmfPkg-enable-DEBUG_VERBOSE-RHEL-only.patch
|
|
|
|
Patch6: 0008-OvmfPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuVide.patch
|
|
|
|
Patch7: 0009-ArmVirtPkg-silence-DEBUG_VERBOSE-0x00400000-in-QemuR.patch
|
|
|
|
Patch8: 0010-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch
|
|
|
|
Patch9: 0011-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
|
|
|
|
Patch10: 0012-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch
|
|
|
|
Patch11: 0013-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch
|
|
|
|
Patch12: 0014-OvmfPkg-Remove-EbcDxe-RHEL-only.patch
|
|
|
|
Patch13: 0015-OvmfPkg-Remove-VirtioGpu-device-driver-RHEL-only.patch
|
|
|
|
Patch14: 0016-OvmfPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL-on.patch
|
|
|
|
Patch15: 0017-ArmVirtPkg-Remove-VirtioFsDxe-filesystem-driver-RHEL.patch
|
|
|
|
Patch16: 0018-OvmfPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch
|
|
|
|
Patch17: 0019-ArmVirtPkg-Remove-UdfDxe-filesystem-driver-RHEL-only.patch
|
|
|
|
Patch18: 0020-OvmfPkg-Remove-TftpDynamicCommand-from-shell-RHEL-on.patch
|
|
|
|
Patch19: 0021-ArmVirtPkg-Remove-TftpDynamicCommand-from-shell-RHEL.patch
|
|
|
|
Patch20: 0022-OvmfPkg-Remove-HttpDynamicCommand-from-shell-RHEL-on.patch
|
|
|
|
Patch21: 0023-ArmVirtPkg-Remove-HttpDynamicCommand-from-shell-RHEL.patch
|
|
|
|
Patch22: 0024-OvmfPkg-Remove-LinuxInitrdDynamicShellCommand-RHEL-o.patch
|
|
|
|
Patch23: 0025-ArmVirtPkg-Remove-LinuxInitrdDynamicShellCommand-RHE.patch
|
|
|
|
Patch24: 0026-UefiCpuPkg-MpInitLib-fix-apic-mode-for-cpu-hotplug.patch
|
|
|
|
Patch25: 0027-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch
|
|
|
|
Patch26: 0028-CryptoPkg-CrtLib-add-stat.h-include-file.patch
|
|
|
|
Patch27: 0029-CryptoPkg-CrtLib-add-access-open-read-write-close-sy.patch
|
|
|
|
Patch28: 0030-OvmfPkg-Sec-Setup-MTRR-early-in-the-boot-process.patch
|
|
|
|
Patch29: 0031-MdePkg-ArchitecturalMsr.h-add-defines-for-MTRR-cache.patch
|
|
|
|
Patch30: 0032-UefiCpuPkg-MtrrLib.h-use-cache-type-defines-from-Arc.patch
|
|
|
|
Patch31: 0033-OvmfPkg-Sec-use-cache-type-defines-from-Architectura.patch
|
2024-06-28 06:36:11 +00:00
|
|
|
Patch32: 0034-NetworkPkg-TcpDxe-Fixed-system-stuck-on-PXE-boot-flo.patch
|
|
|
|
Patch33: 0035-OvmfPkg-add-morlock-support.patch
|
|
|
|
Patch34: 0036-MdePkg-BaseRngLib-Add-a-smoketest-for-RDRAND-and-che.patch
|
|
|
|
Patch35: 0037-SecurityPkg-RngDxe-add-rng-test.patch
|
|
|
|
Patch36: 0038-OvmfPkg-wire-up-RngDxe.patch
|
|
|
|
Patch37: 0039-CryptoPkg-Test-call-ProcessLibraryConstructorList.patch
|
|
|
|
Patch38: 0040-MdePkg-X86UnitTestHost-set-rdrand-cpuid-bit.patch
|
2024-07-24 12:04:29 +00:00
|
|
|
# For RHEL-45261 - [RHEL10] edk2 disconnects abnormally before loading the kernel
|
|
|
|
Patch39: edk2-MdeModulePkg-Warn-if-out-of-flash-space-when-writing.patch
|
2024-08-20 06:19:08 +00:00
|
|
|
# For RHEL-45829 - [RHEL-10.0] edk2 hit Failed to generate random data
|
|
|
|
Patch40: edk2-NetworkPkg-DxeNetLib-adjust-PseudoRandom-error-loggi.patch
|
|
|
|
# For RHEL-45829 - [RHEL-10.0] edk2 hit Failed to generate random data
|
|
|
|
Patch41: edk2-NetworkPkg-DxeNetLib-Reword-PseudoRandom-error-loggi.patch
|
2024-09-02 09:28:39 +00:00
|
|
|
# For RHEL-56082 - [EDK2] Shim fallback reboot workaround might not work on SNP [rhel-10]
|
|
|
|
Patch42: edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch
|
2024-09-09 07:34:52 +00:00
|
|
|
# For RHEL-50185 - [RHEL10] Hit soft lockup when hotplug vcpu
|
|
|
|
Patch43: edk2-UefiCpuPkg-PiSmmCpuDxeSmm-skip-PatchInstructionX86-c.patch
|
2024-09-13 04:55:20 +00:00
|
|
|
# For RHEL-56154 - qemu-kvm: warning: Blocked re-entrant IO on MemoryRegion: acpi-cpu-hotplug at addr: 0x0 [rhel-10]
|
|
|
|
Patch44: edk2-OvmfPkg-CpuHotplugSmm-delay-SMM-exit.patch
|
2024-10-08 07:12:04 +00:00
|
|
|
# For RHEL-56249 - 507x510 display resolution should not crash the firmware [edk2,rhel-10]
|
|
|
|
Patch45: edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch
|
|
|
|
# For RHEL-56249 - 507x510 display resolution should not crash the firmware [edk2,rhel-10]
|
|
|
|
Patch46: edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch
|
|
|
|
# For RHEL-60829 - CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-10.0]
|
|
|
|
Patch47: edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch
|
2024-11-11 11:13:33 +00:00
|
|
|
# For RHEL-66234 - [Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-10]
|
|
|
|
Patch48: edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch
|
|
|
|
# For RHEL-66234 - [Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-10]
|
|
|
|
Patch49: edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch
|
2022-03-24 12:01:23 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
# python3-devel and libuuid-devel are required for building tools.
|
|
|
|
# python3-devel is also needed for varstore template generation and
|
|
|
|
# verification with "ovmf-vars-generator".
|
|
|
|
BuildRequires: python3-devel
|
2015-12-29 17:03:01 +00:00
|
|
|
BuildRequires: libuuid-devel
|
2021-07-15 20:02:04 +00:00
|
|
|
BuildRequires: /usr/bin/iasl
|
|
|
|
BuildRequires: binutils gcc git gcc-c++ make
|
2024-04-02 08:22:40 +00:00
|
|
|
BuildRequires: perl perl(JSON)
|
2023-01-12 14:21:49 +00:00
|
|
|
BuildRequires: qemu-img
|
2021-07-15 20:02:04 +00:00
|
|
|
|
|
|
|
%if %{build_ovmf}
|
|
|
|
# Only OVMF includes 80x86 assembly files (*.nasm*).
|
2016-04-18 12:16:51 +00:00
|
|
|
BuildRequires: nasm
|
2021-07-15 20:02:04 +00:00
|
|
|
|
|
|
|
# Only OVMF includes the Secure Boot feature, for which we need to separate out
|
|
|
|
# the UEFI shell.
|
2021-07-15 18:49:10 +00:00
|
|
|
BuildRequires: dosfstools
|
|
|
|
BuildRequires: mtools
|
2021-07-15 20:02:04 +00:00
|
|
|
BuildRequires: xorriso
|
2013-05-02 12:46:06 +00:00
|
|
|
|
2024-04-02 08:22:40 +00:00
|
|
|
# secure boot enrollment
|
|
|
|
BuildRequires: python3dist(virt-firmware) >= 23.4
|
2016-05-21 14:39:41 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
# endif build_ovmf
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
%package ovmf
|
|
|
|
Summary: UEFI firmware for x86_64 virtual machines
|
|
|
|
BuildArch: noarch
|
|
|
|
Provides: OVMF = %{version}-%{release}
|
|
|
|
Obsoletes: OVMF < 20180508-100.gitee3198e672e2.el7
|
|
|
|
|
|
|
|
# OVMF includes the Secure Boot and IPv6 features; it has a builtin OpenSSL
|
|
|
|
# library.
|
|
|
|
Provides: bundled(openssl) = %{OPENSSL_VER}
|
2024-04-02 08:22:40 +00:00
|
|
|
License: BSD-2-Clause-Patent and Apache-2.0
|
2021-07-15 20:02:04 +00:00
|
|
|
|
|
|
|
# URL taken from the Maintainers.txt file.
|
|
|
|
URL: http://www.tianocore.org/ovmf/
|
|
|
|
|
|
|
|
%description ovmf
|
|
|
|
OVMF (Open Virtual Machine Firmware) is a project to enable UEFI support for
|
|
|
|
Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU
|
|
|
|
and KVM.
|
|
|
|
|
|
|
|
|
|
|
|
%package aarch64
|
|
|
|
Summary: UEFI firmware for aarch64 virtual machines
|
|
|
|
BuildArch: noarch
|
|
|
|
Provides: AAVMF = %{version}-%{release}
|
|
|
|
Obsoletes: AAVMF < 20180508-100.gitee3198e672e2.el7
|
|
|
|
|
2023-04-05 10:51:55 +00:00
|
|
|
# need libvirt version with qcow2 support
|
2024-04-02 08:22:40 +00:00
|
|
|
Conflicts: libvirt-daemon-driver-qemu < 9.2.0
|
2023-04-05 10:51:55 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
# No Secure Boot for AAVMF yet, but we include OpenSSL for the IPv6 stack.
|
|
|
|
Provides: bundled(openssl) = %{OPENSSL_VER}
|
2024-04-02 08:22:40 +00:00
|
|
|
License: BSD-2-Clause-Patent and Apache-2.0
|
2021-07-15 20:02:04 +00:00
|
|
|
|
|
|
|
# URL taken from the Maintainers.txt file.
|
|
|
|
URL: https://github.com/tianocore/tianocore.github.io/wiki/ArmVirtPkg
|
|
|
|
|
|
|
|
%description aarch64
|
|
|
|
AAVMF (ARM Architecture Virtual Machine Firmware) is an EFI Development Kit II
|
|
|
|
platform that enables UEFI support for QEMU/KVM ARM Virtual Machines. This
|
|
|
|
package contains a 64-bit build.
|
2021-07-15 17:49:13 +00:00
|
|
|
|
2013-05-02 12:46:06 +00:00
|
|
|
|
|
|
|
%package tools
|
2015-12-29 17:03:01 +00:00
|
|
|
Summary: EFI Development Kit II Tools
|
2024-04-02 08:22:40 +00:00
|
|
|
License: BSD-2-Clause-Patent
|
2021-07-15 20:02:04 +00:00
|
|
|
URL: https://github.com/tianocore/tianocore.github.io/wiki/BaseTools
|
2013-05-02 12:46:06 +00:00
|
|
|
%description tools
|
|
|
|
This package provides tools that are needed to
|
|
|
|
build EFI executables and ROMs using the GNU tools.
|
|
|
|
|
|
|
|
%package tools-doc
|
2015-12-29 17:03:01 +00:00
|
|
|
Summary: Documentation for EFI Development Kit II Tools
|
2016-04-18 12:16:51 +00:00
|
|
|
BuildArch: noarch
|
2021-07-15 20:02:04 +00:00
|
|
|
License: BSD-2-Clause-Patent
|
|
|
|
URL: https://github.com/tianocore/tianocore.github.io/wiki/BaseTools
|
2013-05-02 12:46:06 +00:00
|
|
|
%description tools-doc
|
|
|
|
This package documents the tools that are needed to
|
|
|
|
build EFI executables and ROMs using the GNU tools.
|
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
%description
|
|
|
|
EDK II is a modern, feature-rich, cross-platform firmware development
|
|
|
|
environment for the UEFI and PI specifications. This package contains sample
|
|
|
|
64-bit UEFI firmware builds for QEMU and KVM.
|
2018-04-30 11:57:51 +00:00
|
|
|
|
2013-05-02 12:46:06 +00:00
|
|
|
%prep
|
2021-07-15 17:34:57 +00:00
|
|
|
# We needs some special git config options that %%autosetup won't give us.
|
|
|
|
# We init the git dir ourselves, then tell %%autosetup not to blow it away.
|
|
|
|
%setup -q -n edk2-%{GITCOMMIT}
|
|
|
|
git init -q
|
|
|
|
git config core.whitespace cr-at-eol
|
|
|
|
git config am.keepcr true
|
|
|
|
# -T is passed to %%setup to not re-extract the archive
|
|
|
|
# -D is passed to %%setup to not delete the existing archive dir
|
|
|
|
%autosetup -T -D -n edk2-%{GITCOMMIT} -S git_am
|
2017-11-14 15:05:26 +00:00
|
|
|
|
2022-05-25 11:37:49 +00:00
|
|
|
cp -a -- %{SOURCE1} .
|
2024-04-02 08:22:40 +00:00
|
|
|
cp -a -- %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} .
|
|
|
|
cp -a -- %{SOURCE40} %{SOURCE41} %{SOURCE43} %{SOURCE44} %{SOURCE45} .
|
|
|
|
cp -a -- %{SOURCE80} %{SOURCE82} .
|
|
|
|
cp -a -- %{SOURCE90} .
|
2021-07-15 17:34:57 +00:00
|
|
|
tar -C CryptoPkg/Library/OpensslLib -a -f %{SOURCE2} -x
|
2021-07-15 17:49:13 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
# Done by %setup, but we do not use it for the auxiliary tarballs
|
|
|
|
chmod -Rf a+rX,u+w,g-w,o-w .
|
|
|
|
|
2016-04-18 12:16:51 +00:00
|
|
|
%build
|
2017-11-13 17:44:20 +00:00
|
|
|
|
2021-07-15 18:49:10 +00:00
|
|
|
build_iso() {
|
|
|
|
dir="$1"
|
|
|
|
UEFI_SHELL_BINARY=${dir}/Shell.efi
|
|
|
|
ENROLLER_BINARY=${dir}/EnrollDefaultKeys.efi
|
|
|
|
UEFI_SHELL_IMAGE=uefi_shell.img
|
2021-07-15 22:05:43 +00:00
|
|
|
ISO_IMAGE=${dir}/UefiShell.iso
|
2021-07-15 18:49:10 +00:00
|
|
|
|
|
|
|
UEFI_SHELL_BINARY_BNAME=$(basename -- "$UEFI_SHELL_BINARY")
|
|
|
|
UEFI_SHELL_SIZE=$(stat --format=%s -- "$UEFI_SHELL_BINARY")
|
|
|
|
ENROLLER_SIZE=$(stat --format=%s -- "$ENROLLER_BINARY")
|
|
|
|
|
|
|
|
# add 1MB then 10% for metadata
|
|
|
|
UEFI_SHELL_IMAGE_KB=$((
|
|
|
|
(UEFI_SHELL_SIZE + ENROLLER_SIZE + 1 * 1024 * 1024) * 11 / 10 / 1024
|
|
|
|
))
|
|
|
|
|
|
|
|
# create non-partitioned FAT image
|
|
|
|
rm -f -- "$UEFI_SHELL_IMAGE"
|
|
|
|
mkdosfs -C "$UEFI_SHELL_IMAGE" -n UEFI_SHELL -- "$UEFI_SHELL_IMAGE_KB"
|
|
|
|
|
|
|
|
# copy the shell binary into the FAT image
|
|
|
|
export MTOOLS_SKIP_CHECK=1
|
|
|
|
mmd -i "$UEFI_SHELL_IMAGE" ::efi
|
|
|
|
mmd -i "$UEFI_SHELL_IMAGE" ::efi/boot
|
|
|
|
mcopy -i "$UEFI_SHELL_IMAGE" "$UEFI_SHELL_BINARY" ::efi/boot/bootx64.efi
|
|
|
|
mcopy -i "$UEFI_SHELL_IMAGE" "$ENROLLER_BINARY" ::
|
|
|
|
mdir -i "$UEFI_SHELL_IMAGE" -/ ::
|
|
|
|
|
|
|
|
# build ISO with FAT image file as El Torito EFI boot image
|
|
|
|
mkisofs -input-charset ASCII -J -rational-rock \
|
|
|
|
-e "$UEFI_SHELL_IMAGE" -no-emul-boot \
|
|
|
|
-o "$ISO_IMAGE" "$UEFI_SHELL_IMAGE"
|
|
|
|
}
|
|
|
|
|
2022-12-22 13:10:04 +00:00
|
|
|
export EXTRA_OPTFLAGS="%{optflags}"
|
|
|
|
export EXTRA_LDFLAGS="%{__global_ldflags}"
|
2023-01-13 05:23:00 +00:00
|
|
|
export RELEASE_DATE="$(echo %{GITDATE} | sed -e 's|\(....\)\(..\)\(..\)|\2/\3/\1|')"
|
2022-12-22 13:10:04 +00:00
|
|
|
|
2022-05-31 06:57:40 +00:00
|
|
|
touch OvmfPkg/AmdSev/Grub/grub.efi # dummy
|
2023-09-05 10:53:16 +00:00
|
|
|
python3 CryptoPkg/Library/OpensslLib/configure.py
|
2022-05-31 06:57:40 +00:00
|
|
|
|
2024-04-02 08:22:40 +00:00
|
|
|
# include dirs of unused submodules
|
|
|
|
mkdir -p CryptoPkg/Library/MbedTlsLib/mbedtls/include
|
|
|
|
mkdir -p CryptoPkg/Library/MbedTlsLib/mbedtls/include/mbedtls
|
|
|
|
mkdir -p CryptoPkg/Library/MbedTlsLib/mbedtls/library
|
2024-06-28 06:36:11 +00:00
|
|
|
mkdir -p SecurityPkg/DeviceSecurity/SpdmLib/libspdm/include
|
2021-07-15 22:05:43 +00:00
|
|
|
|
2024-04-02 08:22:40 +00:00
|
|
|
%if %{build_ovmf}
|
|
|
|
./edk2-build.py --config edk2-build.rhel-9 -m ovmf --release-date "$RELEASE_DATE"
|
|
|
|
build_iso RHEL-9/ovmf
|
|
|
|
cp DBXUpdate-%{DBXDATE}.x64.bin RHEL-9/ovmf
|
2022-12-02 11:39:42 +00:00
|
|
|
virt-fw-vars --input RHEL-9/ovmf/OVMF_VARS.fd \
|
|
|
|
--output RHEL-9/ovmf/OVMF_VARS.secboot.fd \
|
2023-03-15 11:11:22 +00:00
|
|
|
--set-dbx DBXUpdate-%{DBXDATE}.x64.bin \
|
2022-11-16 10:59:20 +00:00
|
|
|
--enroll-redhat --secure-boot
|
2023-11-27 10:05:52 +00:00
|
|
|
virt-fw-vars --input RHEL-9/ovmf/OVMF.inteltdx.fd \
|
|
|
|
--output RHEL-9/ovmf/OVMF.inteltdx.secboot.fd \
|
|
|
|
--set-dbx DBXUpdate-%{DBXDATE}.x64.bin \
|
2023-09-05 15:42:22 +00:00
|
|
|
--enroll-redhat --secure-boot \
|
|
|
|
--set-fallback-no-reboot
|
2021-07-15 20:02:04 +00:00
|
|
|
%endif
|
2017-03-15 21:56:49 +00:00
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
%if %{build_aarch64}
|
2024-04-02 08:22:40 +00:00
|
|
|
./edk2-build.py --config edk2-build.rhel-9 -m armvirt --release-date "$RELEASE_DATE"
|
2023-01-12 14:21:49 +00:00
|
|
|
for raw in */aarch64/*.raw; do
|
|
|
|
qcow2="${raw%.raw}.qcow2"
|
|
|
|
qemu-img convert -f raw -O qcow2 -o cluster_size=4096 -S 4096 "$raw" "$qcow2"
|
|
|
|
done
|
2021-07-15 17:49:13 +00:00
|
|
|
%endif
|
2019-07-11 23:42:10 +00:00
|
|
|
|
2013-05-02 12:46:06 +00:00
|
|
|
%install
|
2021-07-15 22:05:43 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
cp -a OvmfPkg/License.txt License.OvmfPkg.txt
|
2023-09-05 12:38:20 +00:00
|
|
|
cp -a CryptoPkg/Library/OpensslLib/openssl/LICENSE.txt LICENSE.openssl
|
2021-07-15 22:05:43 +00:00
|
|
|
mkdir -p %{buildroot}%{_datadir}/qemu/firmware
|
2021-07-15 20:02:04 +00:00
|
|
|
|
2021-07-15 22:05:43 +00:00
|
|
|
# install the tools
|
2016-04-18 12:16:51 +00:00
|
|
|
mkdir -p %{buildroot}%{_bindir} \
|
|
|
|
%{buildroot}%{_datadir}/%{name}/Conf \
|
|
|
|
%{buildroot}%{_datadir}/%{name}/Scripts
|
|
|
|
install BaseTools/Source/C/bin/* \
|
2015-12-29 17:03:01 +00:00
|
|
|
%{buildroot}%{_bindir}
|
2016-04-18 12:16:51 +00:00
|
|
|
install BaseTools/BinWrappers/PosixLike/LzmaF86Compress \
|
|
|
|
%{buildroot}%{_bindir}
|
|
|
|
install BaseTools/BuildEnv \
|
2014-06-24 07:50:13 +00:00
|
|
|
%{buildroot}%{_datadir}/%{name}
|
2016-04-18 12:16:51 +00:00
|
|
|
install BaseTools/Conf/*.template \
|
2014-06-23 15:25:24 +00:00
|
|
|
%{buildroot}%{_datadir}/%{name}/Conf
|
2016-04-18 12:16:51 +00:00
|
|
|
install BaseTools/Scripts/GccBase.lds \
|
2014-06-23 15:25:24 +00:00
|
|
|
%{buildroot}%{_datadir}/%{name}/Scripts
|
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
mkdir -p %{buildroot}%{_datadir}/%{name}
|
|
|
|
cp -av RHEL-9/* %{buildroot}%{_datadir}/%{name}
|
2021-07-15 22:05:43 +00:00
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
%if %{build_ovmf}
|
|
|
|
mkdir -p %{buildroot}%{_datadir}/OVMF
|
2024-04-02 08:22:40 +00:00
|
|
|
|
2021-07-15 22:05:43 +00:00
|
|
|
ln -s ../%{name}/ovmf/OVMF_CODE.secboot.fd %{buildroot}%{_datadir}/OVMF/
|
|
|
|
ln -s ../%{name}/ovmf/OVMF_VARS.fd %{buildroot}%{_datadir}/OVMF/
|
|
|
|
ln -s ../%{name}/ovmf/OVMF_VARS.secboot.fd %{buildroot}%{_datadir}/OVMF/
|
|
|
|
ln -s ../%{name}/ovmf/UefiShell.iso %{buildroot}%{_datadir}/OVMF/
|
2022-11-16 10:59:20 +00:00
|
|
|
ln -s OVMF_CODE.fd %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd
|
2021-07-15 22:05:43 +00:00
|
|
|
|
2022-11-16 15:25:57 +00:00
|
|
|
install -m 0644 \
|
2024-04-02 08:22:40 +00:00
|
|
|
30-edk2-ovmf-x64-sb-enrolled.json \
|
|
|
|
40-edk2-ovmf-x64-sb.json \
|
|
|
|
50-edk2-ovmf-x64-nosb.json \
|
2022-11-16 15:25:57 +00:00
|
|
|
60-edk2-ovmf-x64-amdsev.json \
|
|
|
|
60-edk2-ovmf-x64-inteltdx.json \
|
|
|
|
%{buildroot}%{_datadir}/qemu/firmware
|
2022-11-16 10:59:20 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
# endif build_ovmf
|
2017-11-13 17:44:20 +00:00
|
|
|
%endif
|
2019-07-12 18:11:22 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
%if %{build_aarch64}
|
2022-11-16 10:59:20 +00:00
|
|
|
mkdir -p %{buildroot}%{_datadir}/AAVMF
|
2024-04-02 08:22:40 +00:00
|
|
|
|
2021-07-15 22:05:43 +00:00
|
|
|
ln -s ../%{name}/aarch64/QEMU_EFI-pflash.raw \
|
|
|
|
%{buildroot}%{_datadir}/AAVMF/AAVMF_CODE.verbose.fd
|
|
|
|
ln -s ../%{name}/aarch64/QEMU_EFI-silent-pflash.raw \
|
|
|
|
%{buildroot}%{_datadir}/AAVMF/AAVMF_CODE.fd
|
|
|
|
ln -s ../%{name}/aarch64/vars-template-pflash.raw \
|
|
|
|
%{buildroot}%{_datadir}/AAVMF/AAVMF_VARS.fd
|
|
|
|
|
2022-11-16 15:25:57 +00:00
|
|
|
install -m 0644 \
|
2023-04-05 10:51:55 +00:00
|
|
|
50-edk2-aarch64-qcow2.json \
|
|
|
|
51-edk2-aarch64-raw.json \
|
|
|
|
52-edk2-aarch64-verbose-qcow2.json \
|
|
|
|
53-edk2-aarch64-verbose-raw.json \
|
2022-11-16 15:25:57 +00:00
|
|
|
%{buildroot}%{_datadir}/qemu/firmware
|
2019-07-12 18:11:22 +00:00
|
|
|
|
2022-11-16 10:59:20 +00:00
|
|
|
# endif build_aarch64
|
|
|
|
%endif
|
2021-07-15 20:02:04 +00:00
|
|
|
|
|
|
|
%check
|
|
|
|
|
|
|
|
%global common_files \
|
|
|
|
%%license License.txt License.OvmfPkg.txt License-History.txt LICENSE.openssl \
|
|
|
|
%%dir %%{_datadir}/%%{name}/ \
|
|
|
|
%%dir %%{_datadir}/qemu \
|
|
|
|
%%dir %%{_datadir}/qemu/firmware
|
|
|
|
|
|
|
|
%if %{build_ovmf}
|
|
|
|
%files ovmf
|
|
|
|
%common_files
|
|
|
|
%doc OvmfPkg/README
|
|
|
|
%doc ovmf-whitepaper-c770f8c.txt
|
|
|
|
%dir %{_datadir}/OVMF/
|
|
|
|
%dir %{_datadir}/%{name}/ovmf/
|
|
|
|
%{_datadir}/%{name}/ovmf/OVMF_CODE.fd
|
2021-07-15 22:05:43 +00:00
|
|
|
%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd
|
2021-07-15 20:02:04 +00:00
|
|
|
%{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd
|
|
|
|
%{_datadir}/%{name}/ovmf/OVMF_VARS.fd
|
|
|
|
%{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd
|
2022-05-31 06:57:40 +00:00
|
|
|
%{_datadir}/%{name}/ovmf/OVMF.amdsev.fd
|
|
|
|
%{_datadir}/%{name}/ovmf/OVMF.inteltdx.fd
|
2023-11-27 10:05:52 +00:00
|
|
|
%{_datadir}/%{name}/ovmf/OVMF.inteltdx.secboot.fd
|
2024-04-02 08:22:40 +00:00
|
|
|
%{_datadir}/%{name}/ovmf/DBXUpdate*.bin
|
2021-07-15 20:02:04 +00:00
|
|
|
%{_datadir}/%{name}/ovmf/UefiShell.iso
|
2024-04-02 08:22:40 +00:00
|
|
|
%{_datadir}/OVMF/OVMF_CODE.secboot.fd
|
|
|
|
%{_datadir}/OVMF/OVMF_VARS.fd
|
|
|
|
%{_datadir}/OVMF/OVMF_VARS.secboot.fd
|
|
|
|
%{_datadir}/OVMF/UefiShell.iso
|
2021-07-15 20:02:04 +00:00
|
|
|
%{_datadir}/%{name}/ovmf/Shell.efi
|
|
|
|
%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi
|
2024-04-02 08:22:40 +00:00
|
|
|
%{_datadir}/qemu/firmware/30-edk2-ovmf-x64-sb-enrolled.json
|
|
|
|
%{_datadir}/qemu/firmware/40-edk2-ovmf-x64-sb.json
|
|
|
|
%{_datadir}/qemu/firmware/50-edk2-ovmf-x64-nosb.json
|
2022-11-16 15:25:57 +00:00
|
|
|
%{_datadir}/qemu/firmware/60-edk2-ovmf-x64-amdsev.json
|
|
|
|
%{_datadir}/qemu/firmware/60-edk2-ovmf-x64-inteltdx.json
|
2021-07-15 20:02:04 +00:00
|
|
|
# endif build_ovmf
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{build_aarch64}
|
|
|
|
%files aarch64
|
|
|
|
%common_files
|
|
|
|
%dir %{_datadir}/AAVMF/
|
|
|
|
%dir %{_datadir}/%{name}/aarch64/
|
2023-01-12 14:21:49 +00:00
|
|
|
%{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.*
|
|
|
|
%{_datadir}/%{name}/aarch64/QEMU_EFI-silent-pflash.*
|
|
|
|
%{_datadir}/%{name}/aarch64/vars-template-pflash.*
|
2024-04-02 08:22:40 +00:00
|
|
|
%{_datadir}/AAVMF/AAVMF_CODE.verbose.fd
|
|
|
|
%{_datadir}/AAVMF/AAVMF_CODE.fd
|
|
|
|
%{_datadir}/AAVMF/AAVMF_VARS.fd
|
2021-07-15 20:02:04 +00:00
|
|
|
%{_datadir}/%{name}/aarch64/QEMU_EFI.fd
|
2021-07-15 22:05:43 +00:00
|
|
|
%{_datadir}/%{name}/aarch64/QEMU_EFI.silent.fd
|
2021-07-15 20:02:04 +00:00
|
|
|
%{_datadir}/%{name}/aarch64/QEMU_VARS.fd
|
2023-04-05 10:51:55 +00:00
|
|
|
%{_datadir}/qemu/firmware/50-edk2-aarch64-qcow2.json
|
|
|
|
%{_datadir}/qemu/firmware/51-edk2-aarch64-raw.json
|
|
|
|
%{_datadir}/qemu/firmware/52-edk2-aarch64-verbose-qcow2.json
|
|
|
|
%{_datadir}/qemu/firmware/53-edk2-aarch64-verbose-raw.json
|
2021-07-15 20:02:04 +00:00
|
|
|
# endif build_aarch64
|
|
|
|
%endif
|
2016-04-18 12:16:51 +00:00
|
|
|
|
2013-05-02 12:46:06 +00:00
|
|
|
%files tools
|
2017-11-14 15:05:26 +00:00
|
|
|
%license License.txt
|
2021-07-15 20:02:04 +00:00
|
|
|
%license License-History.txt
|
2018-05-29 21:06:35 +00:00
|
|
|
%{_bindir}/DevicePath
|
2013-05-02 12:46:06 +00:00
|
|
|
%{_bindir}/EfiRom
|
|
|
|
%{_bindir}/GenCrc32
|
|
|
|
%{_bindir}/GenFfs
|
|
|
|
%{_bindir}/GenFv
|
|
|
|
%{_bindir}/GenFw
|
|
|
|
%{_bindir}/GenSec
|
|
|
|
%{_bindir}/LzmaCompress
|
2014-06-23 15:25:24 +00:00
|
|
|
%{_bindir}/LzmaF86Compress
|
|
|
|
%{_bindir}/TianoCompress
|
2013-05-02 12:46:06 +00:00
|
|
|
%{_bindir}/VfrCompile
|
|
|
|
%{_bindir}/VolInfo
|
2016-04-18 12:16:51 +00:00
|
|
|
%dir %{_datadir}/%{name}
|
2014-06-24 07:50:13 +00:00
|
|
|
%{_datadir}/%{name}/BuildEnv
|
2016-04-18 12:16:51 +00:00
|
|
|
%{_datadir}/%{name}/Conf
|
|
|
|
%{_datadir}/%{name}/Scripts
|
2013-05-02 12:46:06 +00:00
|
|
|
|
2021-07-15 20:02:04 +00:00
|
|
|
%files tools-doc
|
|
|
|
%doc BaseTools/UserManuals/*.rtf
|
|
|
|
|
|
|
|
|
2013-05-02 12:46:06 +00:00
|
|
|
%changelog
|
2024-11-11 11:13:33 +00:00
|
|
|
* Mon Nov 11 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-11
|
|
|
|
- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66234]
|
|
|
|
- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66234]
|
|
|
|
- Resolves: RHEL-66234
|
|
|
|
([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-10])
|
|
|
|
|
2024-10-29 15:22:22 +00:00
|
|
|
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 20240524-10
|
|
|
|
- Bump release for October 2024 mass rebuild:
|
|
|
|
Resolves: RHEL-64018
|
|
|
|
|
2024-10-08 07:12:04 +00:00
|
|
|
* Tue Oct 08 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-9
|
|
|
|
- edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56249]
|
|
|
|
- edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56249]
|
|
|
|
- edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60829]
|
|
|
|
- Resolves: RHEL-56249
|
|
|
|
(507x510 display resolution should not crash the firmware [edk2,rhel-10])
|
|
|
|
- Resolves: RHEL-60829
|
|
|
|
(CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-10.0])
|
|
|
|
|
2024-09-27 04:22:34 +00:00
|
|
|
* Fri Sep 27 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-8
|
|
|
|
- edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch [RHEL-55302]
|
|
|
|
- Resolves: RHEL-55302
|
|
|
|
(CVE-2024-6119 edk2/openssl: Possible denial of service in X.509 name checks [rhel-10.0 beta])
|
|
|
|
|
2024-09-18 06:51:11 +00:00
|
|
|
* Fri Sep 13 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-7
|
2024-09-13 04:55:20 +00:00
|
|
|
- edk2-OvmfPkg-CpuHotplugSmm-delay-SMM-exit.patch [RHEL-56154]
|
|
|
|
- Resolves: RHEL-56154
|
|
|
|
(qemu-kvm: warning: Blocked re-entrant IO on MemoryRegion: acpi-cpu-hotplug at addr: 0x0 [rhel-10])
|
|
|
|
|
2024-09-09 07:34:52 +00:00
|
|
|
* Mon Sep 09 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-5
|
|
|
|
- edk2-UefiCpuPkg-PiSmmCpuDxeSmm-skip-PatchInstructionX86-c.patch [RHEL-50185]
|
|
|
|
- Resolves: RHEL-50185
|
|
|
|
([RHEL10] Hit soft lockup when hotplug vcpu)
|
|
|
|
|
2024-09-02 09:28:39 +00:00
|
|
|
* Mon Sep 02 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-4
|
|
|
|
- edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch [RHEL-56082]
|
|
|
|
- Resolves: RHEL-56082
|
|
|
|
([EDK2] Shim fallback reboot workaround might not work on SNP [rhel-10])
|
|
|
|
|
2024-08-20 06:19:08 +00:00
|
|
|
* Tue Aug 20 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-3
|
|
|
|
- edk2-NetworkPkg-DxeNetLib-adjust-PseudoRandom-error-loggi.patch [RHEL-45829]
|
|
|
|
- edk2-NetworkPkg-DxeNetLib-Reword-PseudoRandom-error-loggi.patch [RHEL-45829]
|
|
|
|
- Resolves: RHEL-45829
|
|
|
|
([RHEL-10.0] edk2 hit Failed to generate random data )
|
|
|
|
|
2024-07-24 12:04:29 +00:00
|
|
|
* Wed Jul 24 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-2
|
|
|
|
- edk2-MdeModulePkg-Warn-if-out-of-flash-space-when-writing.patch [RHEL-45261]
|
|
|
|
- Resolves: RHEL-45261
|
|
|
|
([RHEL10] edk2 disconnects abnormally before loading the kernel)
|
|
|
|
|
2024-06-28 06:36:11 +00:00
|
|
|
* Fri Jun 28 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-1
|
|
|
|
- Rebase to edk2-stable202405
|
|
|
|
- Resolves: RHEL-32487
|
|
|
|
|
2024-06-24 15:41:10 +00:00
|
|
|
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 20240214-2
|
|
|
|
- Bump release for June 2024 mass rebuild
|
|
|
|
|
2024-04-02 08:22:40 +00:00
|
|
|
* Tue Apr 02 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240214-1
|
|
|
|
- Imported edk2-202402 from RHEL 9
|
|
|
|
- Resolves: RHEL-30180
|
|
|
|
|