rpms
/
edk2
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:edk2-stable202308-devel-riscv64
rpms:f39
rpms:main
rpms:f37
rpms:f38
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f30
rpms:f31
rpms:f29
rpms:f28
rpms:f27
rpms:f24
rpms:f25
rpms:f26
rpms:f23
rpms:f22
rpms:f21
rpms:el6
rpms:epel7
rpms:f19
rpms:f20
rpms:private-pbonzini-arm
rpms:f18
..
compare: rpms:f38
Branches Tags
rpms:edk2-stable202308-devel-riscv64
rpms:f39
rpms:main
rpms:rawhide
rpms:f37
rpms:f38
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f30
rpms:f31
rpms:f29
rpms:f28
rpms:f27
rpms:f24
rpms:f25
rpms:f26
rpms:f23
rpms:f22
rpms:f21
rpms:el6
rpms:epel7
rpms:f19
rpms:f20
rpms:private-pbonzini-arm
rpms:f18

13 Commits
rawhide ... f38

Author SHA1 Message Date
Gerd Hoffmann 49053fcdb1 disable EFI_MEMORY_ATTRIBUTE_PROTO (workaround shim bug) 2023-06-26 18:11:26 +02:00
Gerd Hoffmann b06cf77bdc cherry-pick some fixes 2023-06-19 12:58:36 +02:00
Gerd Hoffmann 52631c9a8b drop commit hash from version 2023-06-19 12:58:36 +02:00
Gerd Hoffmann 69175a2b51 update to edk2-stable202305 2023-06-19 12:58:36 +02:00
Gerd Hoffmann cee197448c Convert to %autorelease and %autochangelog 
[skip changelog]
 2023-05-15 07:07:27 +02:00
Gerd Hoffmann aca8eaff4f switch DBXDATE to 20230509 2023-05-15 07:06:23 +02:00
Gerd Hoffmann 338a37d973 add 20230509 dbx update files 2023-05-15 07:06:11 +02:00
Gerd Hoffmann d5fa3e76ca update NestedInterruptTplLib patches 2023-05-15 07:05:51 +02:00
Gerd Hoffmann b430fdb93a update release and and changelog 2023-05-05 11:12:35 +02:00
Gerd Hoffmann 2b41cea349 drop ASSERT from NestedInterruptTplLib (rhbz#2183336). 2023-05-05 11:08:59 +02:00
Gerd Hoffmann f76a1de93f add tpm probe fixes 2023-05-05 11:08:49 +02:00
Gerd Hoffmann 33bb605a12 revert: add json files for qcow2 images 2023-04-17 13:14:54 +02:00
Gerd Hoffmann 878c463f99 Revert "add json files for aarch64 qcow2 images" 
This reverts commit 06a1ed32c8.
 2023-04-17 13:13:05 +02:00
18 changed files with 85 additions and 323 deletions
Show Stats Expand all files Collapse all files

36
30-edk2-ovmf-4m-qcow2-x64-sb-enrolled.json
View File

@ -1,36 +0,0 @@
{
"description": "OVMF with SB+SMM, SB enabled, MS certs enrolled",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE_4M.secboot.qcow2",
"format": "qcow2"
},
"nvram-template": {
"filename": "/usr/share/edk2/ovmf/OVMF_VARS_4M.secboot.qcow2",
"format": "qcow2"
}
},
"targets": [
{
"architecture": "x86_64",
"machines": [
"pc-q35-*"
]
}
],
"features": [
"acpi-s3",
"enrolled-keys",
"requires-smm",
"secure-boot",
"verbose-dynamic"
],
"tags": [
]
}

1
30-edk2-ovmf-ia32-sb-enrolled.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf-ia32/OVMF_CODE.secboot.fd",
"format": "raw"

1
31-edk2-ovmf-2m-raw-x64-sb-enrolled.json → 30-edk2-ovmf-x64-sb-enrolled.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd",
"format": "raw"

35
40-edk2-ovmf-4m-qcow2-x64-sb.json
View File

@ -1,35 +0,0 @@
{
"description": "OVMF with SB+SMM, empty varstore",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE_4M.secboot.qcow2",
"format": "qcow2"
},
"nvram-template": {
"filename": "/usr/share/edk2/ovmf/OVMF_VARS_4M.qcow2",
"format": "qcow2"
}
},
"targets": [
{
"architecture": "x86_64",
"machines": [
"pc-q35-*"
]
}
],
"features": [
"acpi-s3",
"requires-smm",
"secure-boot",
"verbose-dynamic"
],
"tags": [
]
}

1
40-edk2-ovmf-ia32-sb.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf-ia32/OVMF_CODE.secboot.fd",
"format": "raw"

1
41-edk2-ovmf-2m-raw-x64-sb.json → 40-edk2-ovmf-x64-sb.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd",
"format": "raw"

32
50-edk2-aarch64-qcow2.json
View File

@ -1,32 +0,0 @@
{
"description": "UEFI firmware for ARM64 virtual machines",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.qcow2",
"format": "qcow2"
},
"nvram-template": {
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.qcow2",
"format": "qcow2"
}
},
"targets": [
{
"architecture": "aarch64",
"machines": [
"virt-*"
]
}
],
"features": [
],
"tags": [
]
}

1
51-edk2-aarch64-raw.json → 50-edk2-aarch64.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.raw",
"format": "raw"

1
50-edk2-arm-verbose.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/arm/QEMU_EFI-pflash.raw",
"format": "raw"

36
50-edk2-ovmf-4m-qcow2-x64-nosb.json
View File

@ -1,36 +0,0 @@
{
"description": "OVMF without SB+SMM, empty varstore",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE_4M.qcow2",
"format": "qcow2"
},
"nvram-template": {
"filename": "/usr/share/edk2/ovmf/OVMF_VARS_4M.qcow2",
"format": "qcow2"
}
},
"targets": [
{
"architecture": "x86_64",
"machines": [
"pc-i440fx-*",
"pc-q35-*"
]
}
],
"features": [
"acpi-s3",
"amd-sev",
"amd-sev-es",
"verbose-dynamic"
],
"tags": [
]
}

1
50-edk2-ovmf-ia32-nosb.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf-ia32/OVMF_CODE.fd",
"format": "raw"

1
51-edk2-ovmf-2m-raw-x64-nosb.json → 50-edk2-ovmf-x64-nosb.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/ovmf/OVMF_CODE.fd",
"format": "raw"

1
53-edk2-aarch64-verbose-raw.json → 51-edk2-aarch64-verbose.json
View File

@ -5,7 +5,6 @@
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw",
"format": "raw"

32
52-edk2-aarch64-verbose-qcow2.json
View File

@ -1,32 +0,0 @@
{
"description": "UEFI firmware for ARM64 virtual machines, verbose logs",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"mode" : "split",
"executable": {
"filename": "/usr/share/edk2/aarch64/QEMU_EFI-pflash.qcow2",
"format": "qcow2"
},
"nvram-template": {
"filename": "/usr/share/edk2/aarch64/vars-template-pflash.qcow2",
"format": "qcow2"
}
},
"targets": [
{
"architecture": "aarch64",
"machines": [
"virt-*"
]
}
],
"features": [
"verbose-static"
],
"tags": [
]
}

8
changelog
View File

@ -1,5 +1,9 @@
* Thu Apr 27 2023 Gerd Hoffmann <kraxel@redhat.com> - 20230301gitf80f052277c8-4
- fix tpm detection.
* Fri May 05 2023 Gerd Hoffmann <kraxel@redhat.com> - 20230301gitf80f052277c8-4
- drop ASSERT from NestedInterruptTplLib (rhbz#2183336).
- add tpm probe fixes.
* Mon Apr 17 2023 Gerd Hoffmann <kraxel@redhat.com> - 20230301gitf80f052277c8-3
- revert: add json files for qcow2 images.
* Thu Apr 13 2023 Gerd Hoffmann <kraxel@redhat.com> - 20230301gitf80f052277c8-2
- add StandaloneMM and ArmVirtQemuKernel builds.

10
edk2-build.fedora
View File

@ -71,9 +71,9 @@ arch = X64
opts = ovmf.common
ovmf.4m
plat = OvmfX64
dest = Fedora/ovmf
cpy1 = FV/OVMF_CODE.fd OVMF_CODE_4M.fd
cpy2 = FV/OVMF_VARS.fd OVMF_VARS_4M.fd
dest = Fedora/ovmf-4m
cpy1 = FV/OVMF_CODE.fd
cpy2 = FV/OVMF_VARS.fd
[build.ovmf.2m.sb.smm]
desc = ovmf build (32/64-bit, 2MB, q35 only, needs smm, secure boot)
@ -95,8 +95,8 @@ opts = ovmf.common
ovmf.4m
ovmf.sb.smm
plat = Ovmf3264
dest = Fedora/ovmf
cpy1 = FV/OVMF_CODE.fd OVMF_CODE_4M.secboot.fd
dest = Fedora/ovmf-4m
cpy1 = FV/OVMF_CODE.fd OVMF_CODE.secboot.fd
#####################################################################

122
edk2-build.py
View File

@ -6,7 +6,6 @@ https://gitlab.com/kraxel/edk2-build-config
"""
import os
import sys
import time
import shutil
import argparse
import subprocess
@ -53,21 +52,19 @@ def get_toolchain(cfg, build):
return cfg['global']['tool']
return 'GCC5'
def get_version(cfg, silent = False):
def get_version(cfg):
coredir = get_coredir(cfg)
if version_override:
version = version_override
if not silent:
print('')
print(f'### version [override]: {version}')
print('')
print(f'### version [override]: {version}')
return version
if os.environ.get('RPM_PACKAGE_NAME'):
version = os.environ.get('RPM_PACKAGE_NAME')
version += '-' + os.environ.get('RPM_PACKAGE_VERSION')
version += '-' + os.environ.get('RPM_PACKAGE_RELEASE')
if not silent:
print('')
print(f'### version [rpmbuild]: {version}')
print('')
print(f'### version [rpmbuild]: {version}')
return version
if os.path.exists(coredir + '/.git'):
cmdline = [ 'git', 'describe', '--tags', '--abbrev=8',
@ -76,17 +73,16 @@ def get_version(cfg, silent = False):
stdout = subprocess.PIPE,
check = True)
version = result.stdout.decode().strip()
if not silent:
print('')
print(f'### version [git]: {version}')
print('')
print(f'### version [git]: {version}')
return version
return None
def pcd_string(name, value):
return f'{name}=L{value}\\0'
def pcd_version(cfg, silent = False):
version = get_version(cfg, silent)
def pcd_version(cfg):
version = get_version(cfg)
if version is None:
return []
return [ '--pcd', pcd_string('PcdFirmwareVersionString', version) ]
@ -96,50 +92,41 @@ def pcd_release_date():
return []
return [ '--pcd', pcd_string('PcdFirmwareReleaseDateString', release_date) ]
def build_message(line, line2 = None, silent = False):
def build_message(line, line2 = None):
if os.environ.get('TERM') in [ 'xterm', 'xterm-256color' ]:
# setxterm title
start = '\x1b]2;'
end = '\x07'
print(f'{start}{rebase_prefix}{line}{end}', end = '')
if silent:
print(f'### {rebase_prefix}{line}', flush = True)
else:
print('')
print('###')
print(f'### {rebase_prefix}{line}')
if line2:
print(f'### {line2}')
print('###', flush = True)
print('')
print('###')
print(f'### {rebase_prefix}{line}')
if line2:
print(f'### {line2}')
print('###', flush = True)
def build_run(cmdline, name, section, silent = False, nologs = False):
def build_run(cmdline, name, section, silent = False):
print(cmdline, flush = True)
if silent:
logfile = f'{section}.log'
if nologs:
print(f'### building in silent mode [no log] ...', flush = True)
else:
print(f'### building in silent mode [{logfile}] ...', flush = True)
start = time.time()
print('### building in silent mode ...', flush = True)
result = subprocess.run(cmdline, check = False,
stdout = subprocess.PIPE,
stderr = subprocess.STDOUT)
if not nologs:
with open(logfile, 'wb') as f:
f.write(result.stdout)
logfile = f'{section}.log'
print(f'### writing log to {logfile} ...')
with open(logfile, 'wb') as f:
f.write(result.stdout)
if result.returncode:
print('### BUILD FAILURE')
print('### cmdline')
print(cmdline)
print('### output')
print(result.stdout.decode())
print(f'### exit code: {result.returncode}')
else:
secs = int(time.time() - start)
print(f'### OK ({int(secs/60)}:{secs%60:02d})')
print('### OK')
else:
print(cmdline, flush = True)
result = subprocess.run(cmdline, check = False)
if result.returncode:
print(f'ERROR: {cmdline[0]} exited with {result.returncode}'
@ -176,7 +163,7 @@ def pad_file(dstdir, pad):
subprocess.run(cmdline, check = True)
# pylint: disable=too-many-branches
def build_one(cfg, build, jobs = None, silent = False, nologs = False):
def build_one(cfg, build, jobs = None, silent = False):
b = cfg[build]
cmdline = [ 'build' ]
@ -185,7 +172,7 @@ def build_one(cfg, build, jobs = None, silent = False, nologs = False):
if (b['conf'].startswith('OvmfPkg/') or
b['conf'].startswith('ArmVirtPkg/')):
cmdline += pcd_version(cfg, silent)
cmdline += pcd_version(cfg)
cmdline += pcd_release_date()
if jobs:
@ -211,13 +198,11 @@ def build_one(cfg, build, jobs = None, silent = False, nologs = False):
if 'desc' in b:
desc = b['desc']
build_message(f'building: {b["conf"]} ({b["arch"]}, {tgt})',
f'description: {desc}',
silent = silent)
f'description: {desc}')
build_run(cmdline + [ '-b', tgt ],
b['conf'],
build + '.' + tgt,
silent,
nologs)
silent)
if 'plat' in b:
# copy files
@ -233,11 +218,11 @@ def build_one(cfg, build, jobs = None, silent = False, nologs = False):
continue
pad_file(b['dest'], b[pad])
def build_basetools(silent = False, nologs = False):
build_message('building: BaseTools', silent = silent)
def build_basetools(silent = False):
build_message('building: BaseTools')
basedir = os.environ['EDK_TOOLS_PATH']
cmdline = [ 'make', '-C', basedir ]
build_run(cmdline, 'BaseTools', 'build.basetools', silent, nologs)
build_run(cmdline, 'BaseTools', 'build.basetools', silent)
def binary_exists(name):
for pdir in os.environ['PATH'].split(':'):
@ -245,7 +230,7 @@ def binary_exists(name):
return True
return False
def prepare_env(cfg, silent = False):
def prepare_env(cfg):
""" mimic Conf/BuildEnv.sh """
workspace = os.getcwd()
packages = [ workspace, ]
@ -275,7 +260,7 @@ def prepare_env(cfg, silent = False):
toolsdef = coredir + '/Conf/tools_def.txt'
if not os.path.exists(toolsdef):
os.makedirs(os.path.dirname(toolsdef), exist_ok = True)
build_message('running BaseTools/BuildEnv', silent = silent)
build_message('running BaseTools/BuildEnv')
cmdline = [ 'bash', 'BaseTools/BuildEnv' ]
subprocess.run(cmdline, cwd = coredir, check = True)
@ -289,32 +274,20 @@ def prepare_env(cfg, silent = False):
os.environ['PYTHONHASHSEED'] = '1'
# for cross builds
if binary_exists('arm-linux-gnueabi-gcc'):
# ubuntu
os.environ['GCC5_ARM_PREFIX'] = 'arm-linux-gnueabi-'
os.environ['GCC_ARM_PREFIX'] = 'arm-linux-gnueabi-'
elif binary_exists('arm-linux-gnu-gcc'):
# fedora
if binary_exists('arm-linux-gnu-gcc'):
os.environ['GCC5_ARM_PREFIX'] = 'arm-linux-gnu-'
os.environ['GCC_ARM_PREFIX'] = 'arm-linux-gnu-'
if binary_exists('loongarch64-linux-gnu-gcc'):
os.environ['GCC5_LOONGARCH64_PREFIX'] = 'loongarch64-linux-gnu-'
os.environ['GCC_LOONGARCH64_PREFIX'] = 'loongarch64-linux-gnu-'
hostarch = os.uname().machine
if binary_exists('aarch64-linux-gnu-gcc') and hostarch != 'aarch64':
os.environ['GCC5_AARCH64_PREFIX'] = 'aarch64-linux-gnu-'
os.environ['GCC_AARCH64_PREFIX'] = 'aarch64-linux-gnu-'
if binary_exists('riscv64-linux-gnu-gcc') and hostarch != 'riscv64':
os.environ['GCC5_RISCV64_PREFIX'] = 'riscv64-linux-gnu-'
os.environ['GCC_RISCV64_PREFIX'] = 'riscv64-linux-gnu-'
if binary_exists('x86_64-linux-gnu-gcc') and hostarch != 'x86_64':
os.environ['GCC5_IA32_PREFIX'] = 'x86_64-linux-gnu-'
os.environ['GCC5_X64_PREFIX'] = 'x86_64-linux-gnu-'
os.environ['GCC5_BIN'] = 'x86_64-linux-gnu-'
os.environ['GCC_IA32_PREFIX'] = 'x86_64-linux-gnu-'
os.environ['GCC_X64_PREFIX'] = 'x86_64-linux-gnu-'
os.environ['GCC_BIN'] = 'x86_64-linux-gnu-'
def build_list(cfg):
for build in cfg.sections():
@ -340,8 +313,7 @@ def main():
parser.add_argument('-m', '--match', dest = 'match', type = str,
help = 'only run builds matching INCLUDE (substring)',
metavar = 'INCLUDE')
parser.add_argument('-x', '--exclude', dest = 'exclude',
type = str, action = 'append',
parser.add_argument('-x', '--exclude', dest = 'exclude', type = str,
help = 'skip builds matching EXCLUDE (substring)',
metavar = 'EXCLUDE')
parser.add_argument('-l', '--list', dest = 'list',
@ -351,9 +323,6 @@ def main():
action = 'store_true', default = False,
help = 'write build output to logfiles, '
'write to console only on errors')
parser.add_argument('--no-logs', dest = 'nologs',
action = 'store_true', default = False,
help = 'do not write build log files (with --silent)')
parser.add_argument('--core', dest = 'core', type = str, metavar = 'DIR',
help = 'location of the core edk2 repository '
'(i.e. where BuildTools are located)')
@ -375,7 +344,7 @@ def main():
os.chdir(options.directory)
if not os.path.exists(options.configfile):
print(f'config file "{options.configfile}" not found')
print('config file "{options.configfile}" not found')
return 1
cfg = configparser.ConfigParser()
@ -403,23 +372,18 @@ def main():
if options.release_date:
release_date = options.release_date
prepare_env(cfg, options.silent)
build_basetools(options.silent, options.nologs)
prepare_env(cfg)
build_basetools(options.silent)
for build in cfg.sections():
if not build.startswith('build.'):
continue
if options.match and options.match not in build:
print(f'# skipping "{build}" (not matching "{options.match}")')
continue
if options.exclude:
exclude = False
for item in options.exclude:
if item in build:
print(f'# skipping "{build}" (matching "{item}")')
exclude = True
if exclude:
continue
build_one(cfg, build, options.jobs, options.silent, options.nologs)
if options.exclude and options.exclude in build:
print(f'# skipping "{build}" (matching "{options.exclude}")')
continue
build_one(cfg, build, options.jobs, options.silent)
return 0

88
edk2.spec
View File

@ -56,10 +56,8 @@ Source4: edk2-platforms-7880b92e2a04.tar.xz
Source5: jansson-2.13.1.tar.bz2
# json description files
Source10: 50-edk2-aarch64-qcow2.json
Source11: 51-edk2-aarch64-raw.json
Source12: 52-edk2-aarch64-verbose-qcow2.json
Source13: 53-edk2-aarch64-verbose-raw.json
Source10: 50-edk2-aarch64.json
Source11: 51-edk2-aarch64-verbose.json
Source20: 50-edk2-arm-verbose.json
@ -67,15 +65,12 @@ Source30: 30-edk2-ovmf-ia32-sb-enrolled.json
Source31: 40-edk2-ovmf-ia32-sb.json
Source32: 50-edk2-ovmf-ia32-nosb.json
Source40: 30-edk2-ovmf-4m-qcow2-x64-sb-enrolled.json
Source41: 31-edk2-ovmf-2m-raw-x64-sb-enrolled.json
Source42: 40-edk2-ovmf-4m-qcow2-x64-sb.json
Source43: 41-edk2-ovmf-2m-raw-x64-sb.json
Source44: 50-edk2-ovmf-x64-microvm.json
Source45: 50-edk2-ovmf-4m-qcow2-x64-nosb.json
Source46: 51-edk2-ovmf-2m-raw-x64-nosb.json
Source47: 60-edk2-ovmf-x64-amdsev.json
Source48: 60-edk2-ovmf-x64-inteltdx.json
Source40: 30-edk2-ovmf-x64-sb-enrolled.json
Source41: 40-edk2-ovmf-x64-sb.json
Source42: 50-edk2-ovmf-x64-microvm.json
Source43: 50-edk2-ovmf-x64-nosb.json
Source44: 60-edk2-ovmf-x64-amdsev.json
Source45: 60-edk2-ovmf-x64-inteltdx.json
# https://gitlab.com/kraxel/edk2-build-config
Source80: edk2-build.py
@ -136,7 +131,7 @@ BuildRequires: xorriso
# For generating the variable store template with the default certificates
# enrolled.
BuildRequires: python3-virt-firmware >= 23.5
BuildRequires: python3-virt-firmware >= 1.7
# endif build_ovmf
%endif
@ -176,9 +171,6 @@ BuildArch: noarch
Provides: AAVMF = %{version}-%{release}
Obsoletes: AAVMF < 20180508-100.gitee3198e672e2.el7
# need libvirt version with qcow2 support
Conflicts: libvirt-daemon-driver-qemu < 9.2.0
# No Secure Boot for AAVMF yet, but we include OpenSSL for the IPv6 stack.
Provides: bundled(openssl) = %{OPENSSL_VER}
License: BSD-2-Clause-Patent and OpenSSL
@ -305,11 +297,10 @@ mkdir -p MdePkg/Library/MipiSysTLib/mipisyst/library/include
chmod -Rf a+rX,u+w,g-w,o-w .
cp -a -- \
%{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} \
%{SOURCE10} %{SOURCE11} \
%{SOURCE20} \
%{SOURCE30} %{SOURCE31} %{SOURCE32} \
%{SOURCE40} %{SOURCE41} %{SOURCE42} %{SOURCE43} %{SOURCE44} \
%{SOURCE45} %{SOURCE46} %{SOURCE47} %{SOURCE48} \
%{SOURCE40} %{SOURCE41} %{SOURCE42} %{SOURCE43} %{SOURCE44} %{SOURCE45} \
%{SOURCE80} %{SOURCE81} %{SOURCE82} %{SOURCE83} \
%{SOURCE90} %{SOURCE91} \
.
@ -374,8 +365,8 @@ virt-fw-vars --input Fedora/ovmf/OVMF_VARS.fd \
--output Fedora/ovmf/OVMF_VARS.secboot.fd \
--set-dbx DBXUpdate-%{DBXDATE}.x64.bin \
--enroll-redhat --secure-boot
virt-fw-vars --input Fedora/ovmf/OVMF_VARS_4M.fd \
--output Fedora/ovmf/OVMF_VARS_4M.secboot.fd \
virt-fw-vars --input Fedora/ovmf-4m/OVMF_VARS.fd \
--output Fedora/ovmf-4m/OVMF_VARS.secboot.fd \
--set-dbx DBXUpdate-%{DBXDATE}.x64.bin \
--enroll-redhat --secure-boot
virt-fw-vars --input Fedora/ovmf-ia32/OVMF_VARS.fd \
@ -385,12 +376,6 @@ virt-fw-vars --input Fedora/ovmf-ia32/OVMF_VARS.fd \
build_iso Fedora/ovmf
build_iso Fedora/ovmf-ia32
for raw in */ovmf/*_4M*.fd; do
qcow2="${raw%.fd}.qcow2"
qemu-img convert -f raw -O qcow2 -o cluster_size=4096 -S 4096 "$raw" "$qcow2"
rm -f "$raw"
done
# experimental stateless builds
virt-fw-vars --input Fedora/experimental/OVMF.stateless.fd \
--output Fedora/experimental/OVMF.stateless.secboot.fd \
@ -399,13 +384,10 @@ virt-fw-vars --input Fedora/experimental/OVMF.stateless.fd \
for image in \
Fedora/ovmf/OVMF_CODE.secboot.fd \
Fedora/ovmf/OVMF_CODE_4M.secboot.qcow2 \
Fedora/ovmf-4m/OVMF_CODE.secboot.fd \
Fedora/experimental/OVMF.stateless.secboot.fd \
; do
pcr="${image}"
pcr="${pcr%.fd}"
pcr="${pcr%.qcow2}"
pcr="${pcr}.pcr"
pcr="${image%.fd}.pcr"
python3 /usr/share/doc/python3-virt-firmware/experimental/measure.py \
--image "$image" \
--version "%{name}-%{version}-%{release}" \
@ -478,12 +460,9 @@ ln -s OVMF_CODE.fd %{buildroot}%{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd
# json description files
mkdir -p %{buildroot}%{_datadir}/qemu/firmware
install -m 0644 \
30-edk2-ovmf-4m-qcow2-x64-sb-enrolled.json \
31-edk2-ovmf-2m-raw-x64-sb-enrolled.json \
40-edk2-ovmf-4m-qcow2-x64-sb.json \
41-edk2-ovmf-2m-raw-x64-sb.json \
50-edk2-ovmf-4m-qcow2-x64-nosb.json \
51-edk2-ovmf-2m-raw-x64-nosb.json \
30-edk2-ovmf-x64-sb-enrolled.json \
40-edk2-ovmf-x64-sb.json \
50-edk2-ovmf-x64-nosb.json \
60-edk2-ovmf-x64-amdsev.json \
60-edk2-ovmf-x64-inteltdx.json \
%{buildroot}%{_datadir}/qemu/firmware
@ -516,10 +495,8 @@ ln -s ../%{name}/arm/QEMU_EFI-pflash.raw \
# json description files
install -m 0644 \
50-edk2-aarch64-qcow2.json \
51-edk2-aarch64-raw.json \
52-edk2-aarch64-verbose-qcow2.json \
53-edk2-aarch64-verbose-raw.json \
50-edk2-aarch64.json \
51-edk2-aarch64-verbose.json \
%{buildroot}%{_datadir}/qemu/firmware
%if %{defined fedora}
install -m 0644 \
@ -582,22 +559,21 @@ done
%{_datadir}/%{name}/ovmf/UefiShell.iso
%{_datadir}/%{name}/ovmf/Shell.efi
%{_datadir}/%{name}/ovmf/EnrollDefaultKeys.efi
%{_datadir}/qemu/firmware/30-edk2-ovmf-4m-qcow2-x64-sb-enrolled.json
%{_datadir}/qemu/firmware/31-edk2-ovmf-2m-raw-x64-sb-enrolled.json
%{_datadir}/qemu/firmware/40-edk2-ovmf-4m-qcow2-x64-sb.json
%{_datadir}/qemu/firmware/41-edk2-ovmf-2m-raw-x64-sb.json
%{_datadir}/qemu/firmware/50-edk2-ovmf-4m-qcow2-x64-nosb.json
%{_datadir}/qemu/firmware/51-edk2-ovmf-2m-raw-x64-nosb.json
%{_datadir}/qemu/firmware/30-edk2-ovmf-x64-sb-enrolled.json
%{_datadir}/qemu/firmware/40-edk2-ovmf-x64-sb.json
%{_datadir}/qemu/firmware/50-edk2-ovmf-x64-nosb.json
%{_datadir}/qemu/firmware/60-edk2-ovmf-x64-amdsev.json
%{_datadir}/qemu/firmware/60-edk2-ovmf-x64-inteltdx.json
%if %{defined fedora}
%{_datadir}/%{name}/ovmf/MICROVM.fd
%{_datadir}/qemu/firmware/50-edk2-ovmf-x64-microvm.json
%{_datadir}/%{name}/ovmf/OVMF_CODE_4M.qcow2
%{_datadir}/%{name}/ovmf/OVMF_CODE_4M.secboot.qcow2
%{_datadir}/%{name}/ovmf/OVMF_VARS_4M.qcow2
%{_datadir}/%{name}/ovmf/OVMF_VARS_4M.secboot.qcow2
%dir %{_datadir}/%{name}/ovmf-4m/
%{_datadir}/%{name}/ovmf-4m/OVMF_CODE.fd
%{_datadir}/%{name}/ovmf-4m/OVMF_CODE.secboot.fd
%{_datadir}/%{name}/ovmf-4m/OVMF_VARS.fd
%{_datadir}/%{name}/ovmf-4m/OVMF_VARS.secboot.fd
%{_datadir}/%{name}/ovmf/*.pcr
%{_datadir}/%{name}/ovmf-4m/*.pcr
%endif
# endif build_ovmf
%endif
@ -620,10 +596,8 @@ done
%{_datadir}/%{name}/aarch64/BL32_AP_MM.fd
%{_datadir}/%{name}/aarch64/QEMU_EFI.kernel.fd
%endif
%{_datadir}/qemu/firmware/50-edk2-aarch64-qcow2.json
%{_datadir}/qemu/firmware/51-edk2-aarch64-raw.json
%{_datadir}/qemu/firmware/52-edk2-aarch64-verbose-qcow2.json
%{_datadir}/qemu/firmware/53-edk2-aarch64-verbose-raw.json
%{_datadir}/qemu/firmware/50-edk2-aarch64.json
%{_datadir}/qemu/firmware/51-edk2-aarch64-verbose.json
# endif build_aarch64
%endif