rpms/edk2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Fri Jul 30 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20210527gite1999b264f1f-4

Browse Source 
- edk2-spec-remove-Group-and-defattr.patch [bz#1983789]
- edk2-spec-Add-BuildRequires-make.patch [bz#1983789]
- edk2-spec-don-t-conditionalize-package-definitions.patch [bz#1983789]
- edk2-spec-Use-autosetup-with-our-required-git-config-opti.patch [bz#1983789]
- edk2-spec-Replace-ifarch-else-conditionals-with-build_XXX.patch [bz#1983789]
- edk2-spec-Move-D-TPM_ENABLE-to-common-CC_FLAGS.patch [bz#1983789]
- edk2-spec-Add-qemu_package-and-qemu_binary.patch [bz#1983789]
- edk2-spec-Remove-extra-true-at-end-of-check.patch [bz#1983789]
- edk2-spec-Move-check-to-between-install-and-files.patch [bz#1983789]
- edk2-spec-Add-qosb_testing-macro.patch [bz#1983789]
- edk2-spec-Split-out-build_iso-function.patch [bz#1983789]
- edk2-spec-Replace-RPM_BUILD_ROOT-with-buildroot.patch [bz#1983789]
- edk2-spec-Use-make_build-macro.patch [bz#1983789]
- edk2-spec-Factor-out-OVMF_FLAGS-and-OVMF_SB_FLAGS.patch [bz#1983789]
- edk2-spec-Don-t-put-build-output-in-the-top-directory.patch [bz#1983789]
- edk2-spec-Centralize-non-firmware-install-files-at-the-to.patch [bz#1983789]
- Resolves: bz#1983789
  (Make spec easier to share with Fedora)
This commit is contained in:
Miroslav Rezanina 2021-07-30 09:30:30 -04:00
parent 1b2aff2825
commit 448ede0a1a
1 changed files with 216 additions and 187 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

403
edk2.spec
View File

@ -5,11 +5,27 @@ ExclusiveArch: x86_64 aarch64
%define TOOLCHAIN GCC5 %define TOOLCHAIN GCC5
%define OPENSSL_VER 1.1.1k %define OPENSSL_VER 1.1.1k
%define qosb_testing 0
%ifarch x86_64
%define qosb_testing 1
%endif
%define qemu_package qemu-kvm-core >= 2.12.0-89
%define qemu_binary /usr/libexec/qemu-kvm
%define build_ovmf 0
%define build_aarch64 0
%ifarch x86_64
%define build_ovmf 1
%endif
%ifarch aarch64
%define build_aarch64 1
%endif
Name: edk2 Name: edk2
Version: %{GITDATE}git%{GITCOMMIT} Version: %{GITDATE}git%{GITCOMMIT}
Release: 3%{?dist} Release: 4%{?dist}
Summary: UEFI firmware for 64-bit virtual machines Summary: UEFI firmware for 64-bit virtual machines
Group: Applications/Emulators
License: BSD-2-Clause-Patent and OpenSSL and MIT License: BSD-2-Clause-Patent and OpenSSL and MIT
URL: http://www.tianocore.org URL: http://www.tianocore.org
@ -116,9 +132,9 @@ Patch56: edk2-OvmfPkg-Remove-Xen-Drivers-RHEL-only.patch
BuildRequires: python3-devel BuildRequires: python3-devel
BuildRequires: libuuid-devel BuildRequires: libuuid-devel
BuildRequires: /usr/bin/iasl BuildRequires: /usr/bin/iasl
BuildRequires: binutils gcc git gcc-c++ BuildRequires: binutils gcc git gcc-c++ make
%ifarch x86_64 %if %{build_ovmf}
# Only OVMF includes 80x86 assembly files (*.nasm*). # Only OVMF includes 80x86 assembly files (*.nasm*).
BuildRequires: nasm BuildRequires: nasm
@ -130,12 +146,18 @@ BuildRequires: xorriso
# For generating the variable store template with the default certificates # For generating the variable store template with the default certificates
# enrolled, we need the qemu-kvm executable. # enrolled, we need the qemu-kvm executable.
BuildRequires: qemu-kvm-core >= 2.12.0-89 BuildRequires: %{qemu_package}
%if %{qosb_testing}
# For verifying SB enablement in the above variable store template, we need a # For verifying SB enablement in the above variable store template, we need a
# guest kernel that prints "Secure boot enabled". # guest kernel that prints "Secure boot enabled".
BuildRequires: kernel-core >= 4.18.0-161 BuildRequires: kernel-core >= 4.18.0-161
BuildRequires: rpmdevtools BuildRequires: rpmdevtools
%endif
# endif build_ovmf
%endif
%package ovmf %package ovmf
Summary: UEFI firmware for x86_64 virtual machines Summary: UEFI firmware for x86_64 virtual machines
@ -156,7 +178,7 @@ OVMF (Open Virtual Machine Firmware) is a project to enable UEFI support for
Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU
and KVM. and KVM.
%else
%package aarch64 %package aarch64
Summary: UEFI firmware for aarch64 virtual machines Summary: UEFI firmware for aarch64 virtual machines
BuildArch: noarch BuildArch: noarch
@ -174,11 +196,10 @@ URL: https://github.com/tianocore/tianocore.github.io/wiki/ArmVirtPkg
AAVMF (ARM Architecture Virtual Machine Firmware) is an EFI Development Kit II AAVMF (ARM Architecture Virtual Machine Firmware) is an EFI Development Kit II
platform that enables UEFI support for QEMU/KVM ARM Virtual Machines. This platform that enables UEFI support for QEMU/KVM ARM Virtual Machines. This
package contains a 64-bit build. package contains a 64-bit build.
%endif
%package tools %package tools
Summary: EFI Development Kit II Tools Summary: EFI Development Kit II Tools
Group: Development/Tools
License: BSD-2-Clause-Patent License: BSD-2-Clause-Patent
URL: https://github.com/tianocore/tianocore.github.io/wiki/BaseTools URL: https://github.com/tianocore/tianocore.github.io/wiki/BaseTools
%description tools %description tools
@ -187,7 +208,6 @@ build EFI executables and ROMs using the GNU tools.
%package tools-doc %package tools-doc
Summary: Documentation for EFI Development Kit II Tools Summary: Documentation for EFI Development Kit II Tools
Group: Development/Tools
BuildArch: noarch BuildArch: noarch
License: BSD-2-Clause-Patent License: BSD-2-Clause-Patent
URL: https://github.com/tianocore/tianocore.github.io/wiki/BaseTools URL: https://github.com/tianocore/tianocore.github.io/wiki/BaseTools
@ -201,42 +221,15 @@ environment for the UEFI and PI specifications. This package contains sample
64-bit UEFI firmware builds for QEMU and KVM. 64-bit UEFI firmware builds for QEMU and KVM.
%prep %prep
# We needs some special git config options that %%autosetup won't give us.
# We init the git dir ourselves, then tell %%autosetup not to blow it away.
%setup -q -n edk2-%{GITCOMMIT} %setup -q -n edk2-%{GITCOMMIT}
%{lua:
tmp = os.tmpname();
f = io.open(tmp, "w+");
count = 0;
for i, p in ipairs(patches) do
f:write(p.."\n");
count = count + 1;
end;
f:close();
print("PATCHCOUNT="..count.."\n")
print("PATCHLIST="..tmp.."\n")
}
git init -q git init -q
git config user.name rpm-build
git config user.email rpm-build
git config core.whitespace cr-at-eol git config core.whitespace cr-at-eol
git config am.keepcr true git config am.keepcr true
git add -A . # -T is passed to %%setup to not re-extract the archive
git commit -q -a --author 'rpm-build <rpm-build>' \ # -D is passed to %%setup to not delete the existing archive dir
-m '%{name}-%{GITCOMMIT} base' %autosetup -T -D -n edk2-%{GITCOMMIT} -S git_am
COUNT=$(grep '\.patch$' $PATCHLIST | wc -l)
if [ $COUNT -ne $PATCHCOUNT ]; then
echo "Found $COUNT patches in $PATCHLIST, expected $PATCHCOUNT"
exit 1
fi
if [ $COUNT -gt 0 ]; then
for pf in `cat $PATCHLIST`; do
git am $pf
done
fi
echo "Applied $COUNT patches"
rm -f $PATCHLIST
cp -a -- %{SOURCE1} %{SOURCE3} . cp -a -- %{SOURCE1} %{SOURCE3} .
cp -a -- %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} . cp -a -- %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} .
@ -260,8 +253,7 @@ chmod -Rf a+rX,u+w,g-w,o-w .
%build %build
export PYTHON_COMMAND=%{__python3} export PYTHON_COMMAND=%{__python3}
source ./edksetup.sh source ./edksetup.sh
make -C "$EDK_TOOLS_PATH" \ %make_build -C "$EDK_TOOLS_PATH" \
%{?_smp_mflags} \
EXTRA_OPTFLAGS="%{optflags}" \ EXTRA_OPTFLAGS="%{optflags}" \
EXTRA_LDFLAGS="%{__global_ldflags}" EXTRA_LDFLAGS="%{__global_ldflags}"
@ -275,29 +267,24 @@ fi
CC_FLAGS="$CC_FLAGS --cmd-len=65536 -t %{TOOLCHAIN} -b DEBUG --hash" CC_FLAGS="$CC_FLAGS --cmd-len=65536 -t %{TOOLCHAIN} -b DEBUG --hash"
CC_FLAGS="$CC_FLAGS -D NETWORK_IP6_ENABLE" CC_FLAGS="$CC_FLAGS -D NETWORK_IP6_ENABLE"
CC_FLAGS="$CC_FLAGS -D NETWORK_HTTP_BOOT_ENABLE -D NETWORK_TLS_ENABLE" CC_FLAGS="$CC_FLAGS -D NETWORK_HTTP_BOOT_ENABLE -D NETWORK_TLS_ENABLE"
CC_FLAGS="$CC_FLAGS -D TPM_ENABLE"
%ifarch x86_64 OVMF_FLAGS="${CC_FLAGS}"
# Build with neither SB nor SMM; include UEFI shell. OVMF_FLAGS="${OVMF_FLAGS} -D FD_SIZE_4MB"
build ${CC_FLAGS} -D TPM_ENABLE -D FD_SIZE_4MB -a X64 \ OVMF_FLAGS="${OVMF_FLAGS} -D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE"
-D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE \
-p OvmfPkg/OvmfPkgX64.dsc
# Build with SB and SMM; exclude UEFI shell. OVMF_SB_FLAGS="${OVMF_FLAGS}"
build -D SECURE_BOOT_ENABLE -D EXCLUDE_SHELL_FROM_FD ${CC_FLAGS} \ OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D SECURE_BOOT_ENABLE"
-a IA32 -a X64 -p OvmfPkg/OvmfPkgIa32X64.dsc -D SMM_REQUIRE \ OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D SMM_REQUIRE"
-D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE \ OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D EXCLUDE_SHELL_FROM_FD"
-D TPM_ENABLE -D FD_SIZE_4MB
# Sanity check: the varstore templates must be identical.
cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd
# Prepare an ISO image that boots the UEFI shell. build_iso() {
( dir="$1"
UEFI_SHELL_BINARY=Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/Shell.efi UEFI_SHELL_BINARY=${dir}/Shell.efi
ENROLLER_BINARY=Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/EnrollDefaultKeys.efi ENROLLER_BINARY=${dir}/EnrollDefaultKeys.efi
UEFI_SHELL_IMAGE=uefi_shell.img UEFI_SHELL_IMAGE=uefi_shell.img
ISO_IMAGE=UefiShell.iso ISO_IMAGE=${dir}/UefiShell.iso
UEFI_SHELL_BINARY_BNAME=$(basename -- "$UEFI_SHELL_BINARY") UEFI_SHELL_BINARY_BNAME=$(basename -- "$UEFI_SHELL_BINARY")
UEFI_SHELL_SIZE=$(stat --format=%s -- "$UEFI_SHELL_BINARY") UEFI_SHELL_SIZE=$(stat --format=%s -- "$UEFI_SHELL_BINARY")
@ -324,120 +311,59 @@ cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
mkisofs -input-charset ASCII -J -rational-rock \ mkisofs -input-charset ASCII -J -rational-rock \
-e "$UEFI_SHELL_IMAGE" -no-emul-boot \ -e "$UEFI_SHELL_IMAGE" -no-emul-boot \
-o "$ISO_IMAGE" "$UEFI_SHELL_IMAGE" -o "$ISO_IMAGE" "$UEFI_SHELL_IMAGE"
) }
%if %{build_ovmf}
# Build with neither SB nor SMM; include UEFI shell.
build ${OVMF_FLAGS} -a X64 \
-p OvmfPkg/OvmfPkgX64.dsc
# Build with SB and SMM; exclude UEFI shell.
build ${OVMF_SB_FLAGS} -a IA32 -a X64 \
-p OvmfPkg/OvmfPkgIa32X64.dsc
# Sanity check: the varstore templates must be identical.
cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd
# Prepare an ISO image that boots the UEFI shell.
build_iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64
# Enroll the default certificates in a separate variable store template. # Enroll the default certificates in a separate variable store template.
%{__python3} ovmf-vars-generator --verbose --verbose \ %{__python3} ovmf-vars-generator --verbose --verbose \
--qemu-binary /usr/libexec/qemu-kvm \ --qemu-binary %{qemu_binary} \
--ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ --ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
--ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ --ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
--uefi-shell-iso UefiShell.iso \ --uefi-shell-iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \
--oem-string "$(< PkKek1.oemstr)" \ --oem-string "$(< PkKek1.oemstr)" \
--skip-testing \ --skip-testing \
OVMF_VARS.secboot.fd Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd
%else # endif build_ovmf
%endif
%if %{build_aarch64}
# Build with a verbose debug mask first, and stash the binary. # Build with a verbose debug mask first, and stash the binary.
build ${CC_FLAGS} -a AARCH64 \ build ${CC_FLAGS} -a AARCH64 \
-p ArmVirtPkg/ArmVirtQemu.dsc \ -p ArmVirtPkg/ArmVirtQemu.dsc \
-D TPM2_ENABLE \
-D DEBUG_PRINT_ERROR_LEVEL=0x8040004F -D DEBUG_PRINT_ERROR_LEVEL=0x8040004F
cp -a Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \ cp -a Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \
QEMU_EFI.verbose.fd Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd
# Rebuild with a silent (errors only) debug mask. # Rebuild with a silent (errors only) debug mask.
build ${CC_FLAGS} -a AARCH64 \ build ${CC_FLAGS} -a AARCH64 \
-p ArmVirtPkg/ArmVirtQemu.dsc \ -p ArmVirtPkg/ArmVirtQemu.dsc \
-D TPM2_ENABLE \
-D DEBUG_PRINT_ERROR_LEVEL=0x80000000 -D DEBUG_PRINT_ERROR_LEVEL=0x80000000
# endif build_aarch64
%endif %endif
%install %install
cp -a OvmfPkg/License.txt License.OvmfPkg.txt cp -a OvmfPkg/License.txt License.OvmfPkg.txt
mkdir -p $RPM_BUILD_ROOT%{_datadir}/qemu/firmware
%ifarch x86_64
mkdir -p \
$RPM_BUILD_ROOT%{_datadir}/OVMF \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf
install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd
install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_VARS.fd
install -m 0644 OVMF_VARS.secboot.fd \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd
install -m 0644 UefiShell.iso \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/UefiShell.iso
ln -s ../%{name}/ovmf/OVMF_CODE.secboot.fd $RPM_BUILD_ROOT%{_datadir}/OVMF/
ln -s ../%{name}/ovmf/OVMF_VARS.fd $RPM_BUILD_ROOT%{_datadir}/OVMF/
ln -s ../%{name}/ovmf/OVMF_VARS.secboot.fd $RPM_BUILD_ROOT%{_datadir}/OVMF/
ln -s ../%{name}/ovmf/UefiShell.iso $RPM_BUILD_ROOT%{_datadir}/OVMF/
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/Shell.efi \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/Shell.efi
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/EnrollDefaultKeys.efi \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi
install -m 0644 edk2-ovmf-sb.json \
$RPM_BUILD_ROOT%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json
install -m 0644 edk2-ovmf.json \
$RPM_BUILD_ROOT%{_datadir}/qemu/firmware/50-edk2-ovmf.json
install -m 0644 edk2-ovmf-cc.json \
$RPM_BUILD_ROOT%{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json
%else
mkdir -p \
$RPM_BUILD_ROOT%{_datadir}/AAVMF \
$RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64
# Pad and install the verbose binary.
cat QEMU_EFI.verbose.fd \
/dev/zero \
| head -c 64m \
> $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.raw
# Pad and install the silent (default) binary.
cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \
/dev/zero \
| head -c 64m \
> $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_EFI-silent-pflash.raw
# Create varstore template.
cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \
/dev/zero \
| head -c 64m \
> $RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/vars-template-pflash.raw
ln -s ../%{name}/aarch64/QEMU_EFI-pflash.raw \
$RPM_BUILD_ROOT%{_datadir}/AAVMF/AAVMF_CODE.verbose.fd
ln -s ../%{name}/aarch64/QEMU_EFI-silent-pflash.raw \
$RPM_BUILD_ROOT%{_datadir}/AAVMF/AAVMF_CODE.fd
ln -s ../%{name}/aarch64/vars-template-pflash.raw \
$RPM_BUILD_ROOT%{_datadir}/AAVMF/AAVMF_VARS.fd
chmod 0644 -- $RPM_BUILD_ROOT%{_datadir}/AAVMF/AAVMF_*.fd
install -m 0644 QEMU_EFI.verbose.fd \
$RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_EFI.fd
install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \
$RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_EFI.silent.fd
install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \
$RPM_BUILD_ROOT%{_datadir}/%{name}/aarch64/QEMU_VARS.fd
install -m 0644 edk2-aarch64.json \
$RPM_BUILD_ROOT%{_datadir}/qemu/firmware/60-edk2-aarch64.json
install -m 0644 edk2-aarch64-verbose.json \
$RPM_BUILD_ROOT%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json
%endif
cp -a CryptoPkg/Library/OpensslLib/openssl/LICENSE LICENSE.openssl cp -a CryptoPkg/Library/OpensslLib/openssl/LICENSE LICENSE.openssl
mkdir -p %{buildroot}%{_datadir}/qemu/firmware
# install the tools # install the tools
mkdir -p %{buildroot}%{_bindir} \ mkdir -p %{buildroot}%{_bindir} \
@ -454,22 +380,122 @@ install BaseTools/Conf/*.template \
install BaseTools/Scripts/GccBase.lds \ install BaseTools/Scripts/GccBase.lds \
%{buildroot}%{_datadir}/%{name}/Scripts %{buildroot}%{_datadir}/%{name}/Scripts
%ifarch x86_64
%files ovmf %if %{build_ovmf}
%else mkdir -p \
%files aarch64 %{buildroot}%{_datadir}/OVMF \
%{buildroot}%{_datadir}/%{name}/ovmf
install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
%{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
%{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd
install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
%{buildroot}%{_datadir}/%{name}/ovmf/OVMF_VARS.fd
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd \
%{buildroot}%{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \
%{buildroot}%{_datadir}/%{name}/ovmf/UefiShell.iso
ln -s ../%{name}/ovmf/OVMF_CODE.secboot.fd %{buildroot}%{_datadir}/OVMF/
ln -s ../%{name}/ovmf/OVMF_VARS.fd %{buildroot}%{_datadir}/OVMF/
ln -s ../%{name}/ovmf/OVMF_VARS.secboot.fd %{buildroot}%{_datadir}/OVMF/
ln -s ../%{name}/ovmf/UefiShell.iso %{buildroot}%{_datadir}/OVMF/
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/Shell.efi \
%{buildroot}%{_datadir}/%{name}/ovmf/Shell.efi
install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/EnrollDefaultKeys.efi \
%{buildroot}%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi
install -m 0644 edk2-ovmf-sb.json \
%{buildroot}%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json
install -m 0644 edk2-ovmf.json \
%{buildroot}%{_datadir}/qemu/firmware/50-edk2-ovmf.json
install -m 0644 edk2-ovmf-cc.json \
%{buildroot}%{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json
# endif build_ovmf
%endif %endif
%defattr(-,root,root,-) %if %{build_aarch64}
%license License.txt mkdir -p \
%license License.OvmfPkg.txt %{buildroot}%{_datadir}/AAVMF \
%license License-History.txt %{buildroot}%{_datadir}/%{name}/aarch64
%license LICENSE.openssl
%dir %{_datadir}/%{name}/
%dir %{_datadir}/qemu
%dir %{_datadir}/qemu/firmware
%ifarch x86_64 # Pad and install the verbose binary.
cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd \
/dev/zero \
| head -c 64m \
> %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.raw
# Pad and install the silent (default) binary.
cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \
/dev/zero \
| head -c 64m \
> %{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI-silent-pflash.raw
# Create varstore template.
cat Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \
/dev/zero \
| head -c 64m \
> %{buildroot}%{_datadir}/%{name}/aarch64/vars-template-pflash.raw
ln -s ../%{name}/aarch64/QEMU_EFI-pflash.raw \
%{buildroot}%{_datadir}/AAVMF/AAVMF_CODE.verbose.fd
ln -s ../%{name}/aarch64/QEMU_EFI-silent-pflash.raw \
%{buildroot}%{_datadir}/AAVMF/AAVMF_CODE.fd
ln -s ../%{name}/aarch64/vars-template-pflash.raw \
%{buildroot}%{_datadir}/AAVMF/AAVMF_VARS.fd
chmod 0644 -- %{buildroot}%{_datadir}/AAVMF/AAVMF_*.fd
install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.verbose.fd \
%{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI.fd
install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_EFI.fd \
%{buildroot}%{_datadir}/%{name}/aarch64/QEMU_EFI.silent.fd
install -m 0644 Build/ArmVirtQemu-AARCH64/DEBUG_%{TOOLCHAIN}/FV/QEMU_VARS.fd \
%{buildroot}%{_datadir}/%{name}/aarch64/QEMU_VARS.fd
install -m 0644 edk2-aarch64.json \
%{buildroot}%{_datadir}/qemu/firmware/60-edk2-aarch64.json
install -m 0644 edk2-aarch64-verbose.json \
%{buildroot}%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json
# endif build_aarch64
%endif
%check
%if %{qosb_testing}
# Of the installed host kernels, boot the one with the highest Version-Release
# under OVMF, and check if it prints "Secure boot enabled".
KERNEL_PKG=$(rpm -q kernel-core | rpmdev-sort | tail -n 1)
KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$')
%{__python3} ovmf-vars-generator --verbose --verbose \
--qemu-binary %{qemu_binary} \
--ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
--ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
--uefi-shell-iso Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/X64/UefiShell.iso \
--kernel-path $KERNEL_IMG \
--skip-enrollment \
--no-download \
Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd
# endif qosb_testing
%endif
%global common_files \
%%license License.txt License.OvmfPkg.txt License-History.txt LICENSE.openssl \
%%dir %%{_datadir}/%%{name}/ \
%%dir %%{_datadir}/qemu \
%%dir %%{_datadir}/qemu/firmware
%if %{build_ovmf}
%files ovmf
%common_files
%doc OvmfPkg/README %doc OvmfPkg/README
%doc ovmf-whitepaper-c770f8c.txt %doc ovmf-whitepaper-c770f8c.txt
%dir %{_datadir}/OVMF/ %dir %{_datadir}/OVMF/
@ -488,8 +514,12 @@ install BaseTools/Scripts/GccBase.lds \
%{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json %{_datadir}/qemu/firmware/40-edk2-ovmf-sb.json
%{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json %{_datadir}/qemu/firmware/50-edk2-ovmf-cc.json
%{_datadir}/qemu/firmware/50-edk2-ovmf.json %{_datadir}/qemu/firmware/50-edk2-ovmf.json
# endif build_ovmf
%endif
%else %if %{build_aarch64}
%files aarch64
%common_files
%dir %{_datadir}/AAVMF/ %dir %{_datadir}/AAVMF/
%dir %{_datadir}/%{name}/aarch64/ %dir %{_datadir}/%{name}/aarch64/
%{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.raw %{_datadir}/%{name}/aarch64/QEMU_EFI-pflash.raw
@ -503,6 +533,7 @@ install BaseTools/Scripts/GccBase.lds \
%{_datadir}/%{name}/aarch64/QEMU_VARS.fd %{_datadir}/%{name}/aarch64/QEMU_VARS.fd
%{_datadir}/qemu/firmware/60-edk2-aarch64.json %{_datadir}/qemu/firmware/60-edk2-aarch64.json
%{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json %{_datadir}/qemu/firmware/70-edk2-aarch64-verbose.json
# endif build_aarch64
%endif %endif
%files tools %files tools
@ -528,30 +559,28 @@ install BaseTools/Scripts/GccBase.lds \
%files tools-doc %files tools-doc
%doc BaseTools/UserManuals/*.rtf %doc BaseTools/UserManuals/*.rtf
%check
%ifarch x86_64
# Of the installed host kernels, boot the one with the highest Version-Release
# under OVMF, and check if it prints "Secure boot enabled".
KERNEL_PKG=$(rpm -q kernel-core | rpmdev-sort | tail -n 1)
KERNEL_IMG=$(rpm -q -l $KERNEL_PKG | egrep '^/lib/modules/[^/]+/vmlinuz$')
%{__python3} ovmf-vars-generator --verbose --verbose \
--qemu-binary /usr/libexec/qemu-kvm \
--ovmf-binary Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
--ovmf-template-vars Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
--uefi-shell-iso UefiShell.iso \
--kernel-path $KERNEL_IMG \
--skip-enrollment \
--no-download \
OVMF_VARS.secboot.fd
%else
true
%endif
%changelog %changelog
* Fri Jul 30 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20210527gite1999b264f1f-4
- edk2-spec-remove-Group-and-defattr.patch [bz#1983789]
- edk2-spec-Add-BuildRequires-make.patch [bz#1983789]
- edk2-spec-don-t-conditionalize-package-definitions.patch [bz#1983789]
- edk2-spec-Use-autosetup-with-our-required-git-config-opti.patch [bz#1983789]
- edk2-spec-Replace-ifarch-else-conditionals-with-build_XXX.patch [bz#1983789]
- edk2-spec-Move-D-TPM_ENABLE-to-common-CC_FLAGS.patch [bz#1983789]
- edk2-spec-Add-qemu_package-and-qemu_binary.patch [bz#1983789]
- edk2-spec-Remove-extra-true-at-end-of-check.patch [bz#1983789]
- edk2-spec-Move-check-to-between-install-and-files.patch [bz#1983789]
- edk2-spec-Add-qosb_testing-macro.patch [bz#1983789]
- edk2-spec-Split-out-build_iso-function.patch [bz#1983789]
- edk2-spec-Replace-RPM_BUILD_ROOT-with-buildroot.patch [bz#1983789]
- edk2-spec-Use-make_build-macro.patch [bz#1983789]
- edk2-spec-Factor-out-OVMF_FLAGS-and-OVMF_SB_FLAGS.patch [bz#1983789]
- edk2-spec-Don-t-put-build-output-in-the-top-directory.patch [bz#1983789]
- edk2-spec-Centralize-non-firmware-install-files-at-the-to.patch [bz#1983789]
- Resolves: bz#1983789
(Make spec easier to share with Fedora)
* Mon Jul 12 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20210527gite1999b264f1f-3 * Mon Jul 12 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20210527gite1999b264f1f-3
- edk2-OvmfPkg-Remove-PrintDxe-RHEL-only.patch [bz#1967747] - edk2-OvmfPkg-Remove-PrintDxe-RHEL-only.patch [bz#1967747]
- edk2-OvmfPkg-Remove-EbcDxe-RHEL-only.patch [bz#1967747] - edk2-OvmfPkg-Remove-EbcDxe-RHEL-only.patch [bz#1967747]