From 448ede0a1a2cc0388ca22acb9bbb2274cd713f92 Mon Sep 17 00:00:00 2001 From: Miroslav Rezanina Date: Fri, 30 Jul 2021 09:30:30 -0400 Subject: [PATCH] * Fri Jul 30 2021 Miroslav Rezanina - 20210527gite1999b264f1f-4 - edk2-spec-remove-Group-and-defattr.patch [bz#1983789] - edk2-spec-Add-BuildRequires-make.patch [bz#1983789] - edk2-spec-don-t-conditionalize-package-definitions.patch [bz#1983789] - edk2-spec-Use-autosetup-with-our-required-git-config-opti.patch [bz#1983789] - edk2-spec-Replace-ifarch-else-conditionals-with-build_XXX.patch [bz#1983789] - edk2-spec-Move-D-TPM_ENABLE-to-common-CC_FLAGS.patch [bz#1983789] - edk2-spec-Add-qemu_package-and-qemu_binary.patch [bz#1983789] - edk2-spec-Remove-extra-true-at-end-of-check.patch [bz#1983789] - edk2-spec-Move-check-to-between-install-and-files.patch [bz#1983789] - edk2-spec-Add-qosb_testing-macro.patch [bz#1983789] - edk2-spec-Split-out-build_iso-function.patch [bz#1983789] - edk2-spec-Replace-RPM_BUILD_ROOT-with-buildroot.patch [bz#1983789] - edk2-spec-Use-make_build-macro.patch [bz#1983789] - edk2-spec-Factor-out-OVMF_FLAGS-and-OVMF_SB_FLAGS.patch [bz#1983789] - edk2-spec-Don-t-put-build-output-in-the-top-directory.patch [bz#1983789] - edk2-spec-Centralize-non-firmware-install-files-at-the-to.patch [bz#1983789] - Resolves: bz#1983789 (Make spec easier to share with Fedora) --- edk2.spec | 403 +++++++++++++++++++++++++++++------------------------- 1 file changed, 216 insertions(+), 187 deletions(-) diff --git a/edk2.spec b/edk2.spec index 9fb62ee..993e61a 100644 --- a/edk2.spec +++ b/edk2.spec @@ -5,11 +5,27 @@ ExclusiveArch: x86_64 aarch64 %define TOOLCHAIN GCC5 %define OPENSSL_VER 1.1.1k +%define qosb_testing 0 +%ifarch x86_64 +%define qosb_testing 1 +%endif + +%define qemu_package qemu-kvm-core >= 2.12.0-89 +%define qemu_binary /usr/libexec/qemu-kvm + +%define build_ovmf 0 +%define build_aarch64 0 +%ifarch x86_64 + %define build_ovmf 1 +%endif +%ifarch aarch64 + %define build_aarch64 1 +%endif + Name: edk2 Version: %{GITDATE}git%{GITCOMMIT} -Release: 3%{?dist} +Release: 4%{?dist} Summary: UEFI firmware for 64-bit virtual machines -Group: Applications/Emulators License: BSD-2-Clause-Patent and OpenSSL and MIT URL: http://www.tianocore.org @@ -116,9 +132,9 @@ Patch56: edk2-OvmfPkg-Remove-Xen-Drivers-RHEL-only.patch BuildRequires: python3-devel BuildRequires: libuuid-devel BuildRequires: /usr/bin/iasl -BuildRequires: binutils gcc git gcc-c++ +BuildRequires: binutils gcc git gcc-c++ make -%ifarch x86_64 +%if %{build_ovmf} # Only OVMF includes 80x86 assembly files (*.nasm*). BuildRequires: nasm @@ -130,12 +146,18 @@ BuildRequires: xorriso # For generating the variable store template with the default certificates # enrolled, we need the qemu-kvm executable. -BuildRequires: qemu-kvm-core >= 2.12.0-89 +BuildRequires: %{qemu_package} +%if %{qosb_testing} # For verifying SB enablement in the above variable store template, we need a # guest kernel that prints "Secure boot enabled". BuildRequires: kernel-core >= 4.18.0-161 BuildRequires: rpmdevtools +%endif + +# endif build_ovmf +%endif + %package ovmf Summary: UEFI firmware for x86_64 virtual machines @@ -156,7 +178,7 @@ OVMF (Open Virtual Machine Firmware) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. -%else + %package aarch64 Summary: UEFI firmware for aarch64 virtual machines BuildArch: noarch @@ -174,11 +196,10 @@ URL: https://github.com/tianocore/tianocore.github.io/wiki/ArmVirtPkg AAVMF (ARM Architecture Virtual Machine Firmware) is an EFI Development Kit II platform that enables UEFI support for QEMU/KVM ARM Virtual Machines. This package contains a 64-bit build. -%endif + %package tools Summary: EFI Development Kit II Tools -Group: Development/Tools License: BSD-2-Clause-Patent URL: https://github.com/tianocore/tianocore.github.io/wiki/BaseTools %description tools @@ -187,7 +208,6 @@ build EFI executables and ROMs using the GNU tools. %package tools-doc Summary: Documentation for EFI Development Kit II Tools -Group: Development/Tools BuildArch: noarch License: BSD-2-Clause-Patent URL: https://github.com/tianocore/tianocore.github.io/wiki/BaseTools @@ -201,42 +221,15 @@ environment for the UEFI and PI specifications. This package contains sample 64-bit UEFI firmware builds for QEMU and KVM. %prep +# We needs some special git config options that %%autosetup won't give us. +# We init the git dir ourselves, then tell %%autosetup not to blow it away. %setup -q -n edk2-%{GITCOMMIT} - -%{lua: - tmp = os.tmpname(); - f = io.open(tmp, "w+"); - count = 0; - for i, p in ipairs(patches) do - f:write(p.."\n"); - count = count + 1; - end; - f:close(); - print("PATCHCOUNT="..count.."\n") - print("PATCHLIST="..tmp.."\n") -} - git init -q -git config user.name rpm-build -git config user.email rpm-build git config core.whitespace cr-at-eol git config am.keepcr true -git add -A . -git commit -q -a --author 'rpm-build ' \ - -m '%{name}-%{GITCOMMIT} base' - -COUNT=$(grep '\.patch$' $PATCHLIST | wc -l) -if [ $COUNT -ne $PATCHCOUNT ]; then - echo "Found $COUNT patches in $PATCHLIST, expected $PATCHCOUNT" - exit 1 -fi -if [ $COUNT -gt 0 ]; then - for pf in `cat $PATCHLIST`; do - git am $pf - done -fi -echo "Applied $COUNT patches" -rm -f $PATCHLIST +# -T is passed to %%setup to not re-extract the archive +# -D is passed to %%setup to not delete the existing archive dir +%autosetup -T -D -n edk2-%{GITCOMMIT} -S git_am cp -a -- %{SOURCE1} %{SOURCE3} . cp -a -- %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} . @@ -260,8 +253,7 @@ chmod -Rf a+rX,u+w,g-w,o-w . %build export PYTHON_COMMAND=%{__python3} source ./edksetup.sh -make -C "$EDK_TOOLS_PATH" \ - %{?_smp_mflags} \ +%make_build -C "$EDK_TOOLS_PATH" \ EXTRA_OPTFLAGS="%{optflags}" \ EXTRA_LDFLAGS="%{__global_ldflags}" @@ -275,29 +267,24 @@ fi CC_FLAGS="$CC_FLAGS --cmd-len=65536 -t %{TOOLCHAIN} -b DEBUG --hash" CC_FLAGS="$CC_FLAGS -D NETWORK_IP6_ENABLE" CC_FLAGS="$CC_FLAGS -D NETWORK_HTTP_BOOT_ENABLE -D NETWORK_TLS_ENABLE" +CC_FLAGS="$CC_FLAGS -D TPM_ENABLE" -%ifarch x86_64 -# Build with neither SB nor SMM; include UEFI shell. -build ${CC_FLAGS} -D TPM_ENABLE -D FD_SIZE_4MB -a X64 \ - -D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE \ - -p OvmfPkg/OvmfPkgX64.dsc +OVMF_FLAGS="${CC_FLAGS}" +OVMF_FLAGS="${OVMF_FLAGS} -D FD_SIZE_4MB" +OVMF_FLAGS="${OVMF_FLAGS} -D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE" -# Build with SB and SMM; exclude UEFI shell. -build -D SECURE_BOOT_ENABLE -D EXCLUDE_SHELL_FROM_FD ${CC_FLAGS} \ - -a IA32 -a X64 -p OvmfPkg/OvmfPkgIa32X64.dsc -D SMM_REQUIRE \ - -D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE \ - -D TPM_ENABLE -D FD_SIZE_4MB +OVMF_SB_FLAGS="${OVMF_FLAGS}" +OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D SECURE_BOOT_ENABLE" +OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D SMM_REQUIRE" +OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D EXCLUDE_SHELL_FROM_FD" -# Sanity check: the varstore templates must be identical. -cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ - Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd -# Prepare an ISO image that boots the UEFI shell. -( - UEFI_SHELL_BINARY=Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/Shell.efi - ENROLLER_BINARY=Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/EnrollDefaultKeys.efi +build_iso() { + dir="$1" + UEFI_SHELL_BINARY=${dir}/Shell.efi + ENROLLER_BINARY=${dir}/EnrollDefaultKeys.efi UEFI_SHELL_IMAGE=uefi_shell.img - ISO_IMAGE=UefiShell.iso + ISO_IMAGE=${dir}/UefiShell.iso UEFI_SHELL_BINARY_BNAME=$(basename -- "$UEFI_SHELL_BINARY") UEFI_SHELL_SIZE=$(stat --format=%s -- "$UEFI_SHELL_BINARY") @@ -324,120 +311,59 @@ cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ mkisofs -input-charset ASCII -J -rational-rock \ -e "$UEFI_SHELL_IMAGE" -no-emul-boot \ -o "$ISO_IMAGE" "$UEFI_SHELL_IMAGE" -) +} + + +%if %{build_ovmf} +# Build with neither SB nor SMM; include UEFI shell. +build ${OVMF_FLAGS} -a X64 \ + -p OvmfPkg/OvmfPkgX64.dsc + +# Build with SB and SMM; exclude UEFI shell. +build ${OVMF_SB_FLAGS} -a IA32 -a X64 \ + -p OvmfPkg/OvmfPkgIa32X64.dsc + +# Sanity check: the varstore templates must be identical. +cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ + Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd + +# Prepare an ISO image that boots the UEFI shell. +build_iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64 # Enroll the default certificates in a separate variable store template. %{__python3} ovmf-vars-generator --verbose --verbose \ - --qemu-binary /usr/libexec/qemu-kvm \ + --qemu-binary %{qemu_binary} \ --ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ --ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ - --uefi-shell-iso UefiShell.iso \ + --uefi-shell-iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \ --oem-string "$(< PkKek1.oemstr)" \ --skip-testing \ - OVMF_VARS.secboot.fd + Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd -%else +# endif build_ovmf +%endif + +%if %{build_aarch64} # Build with a verbose debug mask first, and stash the binary. build ${CC_FLAGS} -a AARCH64 \ -p ArmVirtPkg/ArmVirtQemu.dsc \ - -D TPM2_ENABLE \ -D DEBUG_PRINT_ERROR_LEVEL=0x8040004F cp -a Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ - QEMU_EFI.verbose.fd + Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd # Rebuild with a silent (errors only) debug mask. build ${CC_FLAGS} -a AARCH64 \ -p ArmVirtPkg/ArmVirtQemu.dsc \ - -D TPM2_ENABLE \ -D DEBUG_PRINT_ERROR_LEVEL=0x80000000 +# endif build_aarch64 %endif + %install cp -a OvmfPkg/License.txt License.OvmfPkg.txt -mkdir -p $RPM_BUILD_ROOT%{_datadir}/qemu/firmware - -%ifarch x86_64 -mkdir -p \ - $RPM_BUILD_ROOT%{_datadir}/OVMF \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf - -install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd -install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd - -install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_VARS.fd -install -m 0644 OVMF_VARS.secboot.fd \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd -install -m 0644 UefiShell.iso \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/UefiShell.iso - -ln -s ../%{name}/ovmf/OVMF_CODE.secboot.fd $RPM_BUILD_ROOT%{_datadir}/OVMF/ -ln -s ../%{name}/ovmf/OVMF_VARS.fd $RPM_BUILD_ROOT%{_datadir}/OVMF/ -ln -s ../%{name}/ovmf/OVMF_VARS.secboot.fd $RPM_BUILD_ROOT%{_datadir}/OVMF/ -ln -s ../%{name}/ovmf/UefiShell.iso $RPM_BUILD_ROOT%{_datadir}/OVMF/ - -install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/Shell.efi \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/Shell.efi -install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/EnrollDefaultKeys.efi \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi - -install -m 0644 edk2-ovmf-sb.json \ - $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json -install -m 0644 edk2-ovmf.json \ - $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/50-edk2-ovmf.json -install -m 0644 edk2-ovmf-cc.json \ - $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json - -%else -mkdir -p \ - $RPM_BUILD_ROOT%{_datadir}/AAVMF \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64 - -# Pad and install the verbose binary. -cat QEMU_EFI.verbose.fd \ - /dev/zero \ -| head -c 64m \ - > $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.raw - -# Pad and install the silent (default) binary. -cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ - /dev/zero \ -| head -c 64m \ - > $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_EFI-silent-pflash.raw - -# Create varstore template. -cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \ - /dev/zero \ -| head -c 64m \ - > $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/vars-template-pflash.raw - -ln -s ../%{name}/aarch64/QEMU_EFI-pflash.raw \ - $RPM_BUILD_ROOT%{_datadir}/AAVMF/AAVMF_CODE.verbose.fd -ln -s ../%{name}/aarch64/QEMU_EFI-silent-pflash.raw \ - $RPM_BUILD_ROOT%{_datadir}/AAVMF/AAVMF_CODE.fd -ln -s ../%{name}/aarch64/vars-template-pflash.raw \ - $RPM_BUILD_ROOT%{_datadir}/AAVMF/AAVMF_VARS.fd - -chmod 0644 -- $RPM_BUILD_ROOT%{_datadir}/AAVMF/AAVMF_*.fd - -install -m 0644 QEMU_EFI.verbose.fd \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_EFI.fd -install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_EFI.silent.fd -install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_VARS.fd - -install -m 0644 edk2-aarch64.json \ - $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/60-edk2-aarch64.json -install -m 0644 edk2-aarch64-verbose.json \ - $RPM_BUILD_ROOT%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json - -%endif - cp -a CryptoPkg/Library/OpensslLib/openssl/LICENSE LICENSE.openssl +mkdir -p %{buildroot}%{_datadir}/qemu/firmware # install the tools mkdir -p %{buildroot}%{_bindir} \ @@ -454,22 +380,122 @@ install BaseTools/Conf/*.template \ install BaseTools/Scripts/GccBase.lds \ %{buildroot}%{_datadir}/%{name}/Scripts -%ifarch x86_64 -%files ovmf -%else -%files aarch64 + +%if %{build_ovmf} +mkdir -p \ + %{buildroot}%{_datadir}/OVMF \ + %{buildroot}%{_datadir}/%{name}/ovmf + +install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ + %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd +install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ + %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd + +install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ + %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_VARS.fd +install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd \ + %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd +install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \ + %{buildroot}%{_datadir}/%{name}/ovmf/UefiShell.iso + +ln -s ../%{name}/ovmf/OVMF_CODE.secboot.fd %{buildroot}%{_datadir}/OVMF/ +ln -s ../%{name}/ovmf/OVMF_VARS.fd %{buildroot}%{_datadir}/OVMF/ +ln -s ../%{name}/ovmf/OVMF_VARS.secboot.fd %{buildroot}%{_datadir}/OVMF/ +ln -s ../%{name}/ovmf/UefiShell.iso %{buildroot}%{_datadir}/OVMF/ + +install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/Shell.efi \ + %{buildroot}%{_datadir}/%{name}/ovmf/Shell.efi +install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/EnrollDefaultKeys.efi \ + %{buildroot}%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi + +install -m 0644 edk2-ovmf-sb.json \ + %{buildroot}%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json +install -m 0644 edk2-ovmf.json \ + %{buildroot}%{_datadir}/qemu/firmware/50-edk2-ovmf.json +install -m 0644 edk2-ovmf-cc.json \ + %{buildroot}%{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json + +# endif build_ovmf %endif -%defattr(-,root,root,-) -%license License.txt -%license License.OvmfPkg.txt -%license License-History.txt -%license LICENSE.openssl -%dir %{_datadir}/%{name}/ -%dir %{_datadir}/qemu -%dir %{_datadir}/qemu/firmware +%if %{build_aarch64} +mkdir -p \ + %{buildroot}%{_datadir}/AAVMF \ + %{buildroot}%{_datadir}/%{name}/aarch64 -%ifarch x86_64 +# Pad and install the verbose binary. +cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd \ + /dev/zero \ +| head -c 64m \ + > %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.raw + +# Pad and install the silent (default) binary. +cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ + /dev/zero \ +| head -c 64m \ + > %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI-silent-pflash.raw + +# Create varstore template. +cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \ + /dev/zero \ +| head -c 64m \ + > %{buildroot}%{_datadir}/%{name}/aarch64/vars-template-pflash.raw + +ln -s ../%{name}/aarch64/QEMU_EFI-pflash.raw \ + %{buildroot}%{_datadir}/AAVMF/AAVMF_CODE.verbose.fd +ln -s ../%{name}/aarch64/QEMU_EFI-silent-pflash.raw \ + %{buildroot}%{_datadir}/AAVMF/AAVMF_CODE.fd +ln -s ../%{name}/aarch64/vars-template-pflash.raw \ + %{buildroot}%{_datadir}/AAVMF/AAVMF_VARS.fd + +chmod 0644 -- %{buildroot}%{_datadir}/AAVMF/AAVMF_*.fd + +install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd \ + %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI.fd +install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ + %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI.silent.fd +install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \ + %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_VARS.fd + +install -m 0644 edk2-aarch64.json \ + %{buildroot}%{_datadir}/qemu/firmware/60-edk2-aarch64.json +install -m 0644 edk2-aarch64-verbose.json \ + %{buildroot}%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json +# endif build_aarch64 +%endif + + +%check + +%if %{qosb_testing} +# Of the installed host kernels, boot the one with the highest Version-Release +# under OVMF, and check if it prints "Secure boot enabled". +KERNEL_PKG=$(rpm -q kernel-core | rpmdev-sort | tail -n 1) +KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$') + +%{__python3} ovmf-vars-generator --verbose --verbose \ + --qemu-binary %{qemu_binary} \ + --ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ + --ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ + --uefi-shell-iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \ + --kernel-path $KERNEL_IMG \ + --skip-enrollment \ + --no-download \ + Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd + +# endif qosb_testing +%endif + + +%global common_files \ + %%license License.txt License.OvmfPkg.txt License-History.txt LICENSE.openssl \ + %%dir %%{_datadir}/%%{name}/ \ + %%dir %%{_datadir}/qemu \ + %%dir %%{_datadir}/qemu/firmware + +%if %{build_ovmf} +%files ovmf +%common_files %doc OvmfPkg/README %doc ovmf-whitepaper-c770f8c.txt %dir %{_datadir}/OVMF/ @@ -488,8 +514,12 @@ install BaseTools/Scripts/GccBase.lds \ %{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json %{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json %{_datadir}/qemu/firmware/50-edk2-ovmf.json +# endif build_ovmf +%endif -%else +%if %{build_aarch64} +%files aarch64 +%common_files %dir %{_datadir}/AAVMF/ %dir %{_datadir}/%{name}/aarch64/ %{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.raw @@ -503,6 +533,7 @@ install BaseTools/Scripts/GccBase.lds \ %{_datadir}/%{name}/aarch64/QEMU_VARS.fd %{_datadir}/qemu/firmware/60-edk2-aarch64.json %{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json +# endif build_aarch64 %endif %files tools @@ -528,30 +559,28 @@ install BaseTools/Scripts/GccBase.lds \ %files tools-doc %doc BaseTools/UserManuals/*.rtf -%check - -%ifarch x86_64 -# Of the installed host kernels, boot the one with the highest Version-Release -# under OVMF, and check if it prints "Secure boot enabled". -KERNEL_PKG=$(rpm -q kernel-core | rpmdev-sort | tail -n 1) -KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$') - -%{__python3} ovmf-vars-generator --verbose --verbose \ - --qemu-binary /usr/libexec/qemu-kvm \ - --ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ - --ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ - --uefi-shell-iso UefiShell.iso \ - --kernel-path $KERNEL_IMG \ - --skip-enrollment \ - --no-download \ - OVMF_VARS.secboot.fd - -%else -true - -%endif %changelog +* Fri Jul 30 2021 Miroslav Rezanina - 20210527gite1999b264f1f-4 +- edk2-spec-remove-Group-and-defattr.patch [bz#1983789] +- edk2-spec-Add-BuildRequires-make.patch [bz#1983789] +- edk2-spec-don-t-conditionalize-package-definitions.patch [bz#1983789] +- edk2-spec-Use-autosetup-with-our-required-git-config-opti.patch [bz#1983789] +- edk2-spec-Replace-ifarch-else-conditionals-with-build_XXX.patch [bz#1983789] +- edk2-spec-Move-D-TPM_ENABLE-to-common-CC_FLAGS.patch [bz#1983789] +- edk2-spec-Add-qemu_package-and-qemu_binary.patch [bz#1983789] +- edk2-spec-Remove-extra-true-at-end-of-check.patch [bz#1983789] +- edk2-spec-Move-check-to-between-install-and-files.patch [bz#1983789] +- edk2-spec-Add-qosb_testing-macro.patch [bz#1983789] +- edk2-spec-Split-out-build_iso-function.patch [bz#1983789] +- edk2-spec-Replace-RPM_BUILD_ROOT-with-buildroot.patch [bz#1983789] +- edk2-spec-Use-make_build-macro.patch [bz#1983789] +- edk2-spec-Factor-out-OVMF_FLAGS-and-OVMF_SB_FLAGS.patch [bz#1983789] +- edk2-spec-Don-t-put-build-output-in-the-top-directory.patch [bz#1983789] +- edk2-spec-Centralize-non-firmware-install-files-at-the-to.patch [bz#1983789] +- Resolves: bz#1983789 + (Make spec easier to share with Fedora) + * Mon Jul 12 2021 Miroslav Rezanina - 20210527gite1999b264f1f-3 - edk2-OvmfPkg-Remove-PrintDxe-RHEL-only.patch [bz#1967747] - edk2-OvmfPkg-Remove-EbcDxe-RHEL-only.patch [bz#1967747]