|
 |
b846ca0 |
# This package depends on automagic byte compilation
|
|
|
b846ca0 |
# https://fedoraproject.org/wiki/Changes/No_more_automagic_Python_bytecompilation_phase_2
|
|
|
b846ca0 |
%global _python_bytecompile_extra 1
|
|
|
b846ca0 |
|
|
|
b846ca0 |
# RPM doesn't detect that code in /usr/share is python3, this forces it
|
|
|
b846ca0 |
# https://fedoraproject.org/wiki/Changes/Avoid_usr_bin_python_in_RPM_Build#Python_bytecompilation
|
|
|
b846ca0 |
%global __python %{__python3}
|
|
|
b846ca0 |
|
|
|
7407978 |
|
|
|
7407978 |
# global edk2_date 20180815
|
|
|
7407978 |
# global edk2_githash cb5f4f45ce
|
|
|
7407978 |
|
|
|
0a0d662 |
%global edk2_stable_date 202002
|
|
|
7407978 |
%global edk2_stable_str edk2-stable%{edk2_stable_date}
|
|
|
0a0d662 |
%global openssl_version 1.1.1d
|
|
|
b9bff0b |
%global qosb_version 20190521-gitf158f12
|
|
|
7407978 |
%global softfloat_version 20180726-gitb64af41
|
|
 |
9f191dd |
|
|
|
b9bff0b |
# Enable this to skip secureboot enrollment, if problems pop up
|
|
|
b9bff0b |
%global skip_enroll 0
|
|
|
43c2e03 |
|
|
|
43c2e03 |
|
|
 |
0792202 |
%define qosb_testing 0
|
|
|
0792202 |
|
|
|
0792202 |
%ifarch x86_64
|
|
|
0792202 |
%define qosb_testing 1
|
|
|
0792202 |
%endif
|
|
|
2e34e08 |
%if 0%{?fedora:1}
|
|
|
568a37b |
%define cross 1
|
|
|
2e34e08 |
%endif
|
|
|
568a37b |
|
|
|
568a37b |
%ifarch %{ix86} x86_64
|
|
|
2e34e08 |
%if 0%{?fedora:1}
|
|
|
568a37b |
%define build_ovmf_ia32 1
|
|
|
2e34e08 |
%endif
|
|
|
568a37b |
%ifarch x86_64
|
|
|
568a37b |
%define build_ovmf_x64 1
|
|
|
568a37b |
%endif
|
|
|
568a37b |
%endif
|
|
|
568a37b |
%ifarch aarch64
|
|
|
568a37b |
%define build_aavmf_aarch64 1
|
|
|
568a37b |
%endif
|
|
|
568a37b |
%ifarch %{arm}
|
|
|
568a37b |
%define build_aavmf_arm 1
|
|
|
568a37b |
%endif
|
|
|
568a37b |
%if 0%{?cross:1}
|
|
|
568a37b |
%define build_ovmf_x64 1
|
|
|
568a37b |
%define build_ovmf_ia32 1
|
|
|
568a37b |
%define build_aavmf_aarch64 1
|
|
|
568a37b |
%define build_aavmf_arm 1
|
|
|
568a37b |
%endif
|
|
|
568a37b |
|
|
|
49ef316 |
Name: edk2
|
|
|
b846ca0 |
#Version: {edk2_date}git{edk2_githash}
|
|
|
7407978 |
# Even though edk2 stable releases are YYYYMM, we need
|
|
|
7407978 |
# to use YYYMMDD to avoid needing to bump package epoch
|
|
|
7407978 |
# due to previous 'git' Version:
|
|
|
7407978 |
Version: %{edk2_stable_date}01stable
|
|
|
0a0d662 |
Release: 1%{dist}
|
|
|
49ef316 |
Summary: EFI Development Kit II
|
|
|
9f191dd |
|
|
|
eb71155 |
License: BSD-2-Clause-Patent
|
|
 |
b0c3aff |
URL: http://www.tianocore.org/edk2/
|
|
|
9fc821a |
|
|
|
9fc821a |
# Tarball generated from git object update-tarball.sh script
|
|
|
b846ca0 |
#Source0: edk2-{edk2_date}-{edk2_githash}.tar.xz
|
|
|
b846ca0 |
Source0: https://github.com/tianocore/edk2/archive/%{edk2_stable_str}.tar.gz#/edk2-%{edk2_stable_str}.tar.gz
|
|
|
b178193 |
Source1: openssl-%{openssl_version}-hobbled.tar.xz
|
|
|
3485002 |
Source2: ovmf-whitepaper-c770f8c.txt
|
|
|
b9bff0b |
#Source3: https://github.com/puiterwijk/qemu-ovmf-secureboot/archive/v{qosb_version}/qemu-ovmf-secureboot-{qosb_version}.tar.gz
|
|
|
b9bff0b |
Source3: qemu-ovmf-secureboot-%{qosb_version}.tar.xz
|
|
|
7407978 |
Source4: softfloat-%{softfloat_version}.tar.xz
|
|
|
b9bff0b |
Source5: RedHatSecureBootPkKek1.pem
|
|
|
3485002 |
Source10: hobble-openssl
|
|
|
3485002 |
Source11: build-iso.sh
|
|
|
3485002 |
Source12: update-tarball.sh
|
|
|
3485002 |
Source13: openssl-patch-to-tarball.sh
|
|
|
b178193 |
|
|
 |
674b3c8 |
# Fedora-specific JSON "descriptor files"
|
|
|
167eadb |
Source14: 40-edk2-ovmf-x64-sb-enrolled.json
|
|
|
167eadb |
Source15: 50-edk2-ovmf-x64-sb.json
|
|
|
167eadb |
Source16: 60-edk2-ovmf-x64.json
|
|
|
167eadb |
Source17: 40-edk2-ovmf-ia32-sb-enrolled.json
|
|
|
167eadb |
Source18: 50-edk2-ovmf-ia32-sb.json
|
|
|
167eadb |
Source19: 60-edk2-ovmf-ia32.json
|
|
|
167eadb |
Source20: 70-edk2-aarch64-verbose.json
|
|
|
167eadb |
Source21: 70-edk2-arm-verbose.json
|
|
|
674b3c8 |
|
|
|
2e34e08 |
# non-upstream patches
|
|
|
6ac749e |
Patch0001: 0001-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-NvmExpre.patch
|
|
|
6ac749e |
Patch0002: 0002-OvmfPkg-silence-EFI_D_VERBOSE-0x00400000-in-the-DXE-.patch
|
|
|
6ac749e |
Patch0003: 0003-OvmfPkg-enable-DEBUG_VERBOSE.patch
|
|
|
6ac749e |
Patch0004: 0004-OvmfPkg-increase-max-debug-message-length-to-512.patch
|
|
|
7ae6f15 |
Patch0005: 0005-advertise-OpenSSL-on-TianoCore-splash-screen-boot-lo.patch
|
|
|
7ae6f15 |
Patch0006: 0006-OvmfPkg-QemuVideoDxe-enable-debug-messages-in-VbeShi.patch
|
|
|
7ae6f15 |
Patch0007: 0007-MdeModulePkg-TerminalDxe-add-other-text-resolutions.patch
|
|
|
7ae6f15 |
Patch0008: 0008-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch
|
|
|
7ae6f15 |
Patch0009: 0009-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch
|
|
|
7ae6f15 |
Patch0010: 0010-ArmVirtPkg-QemuFwCfgLib-allow-UEFI_DRIVER-client-mod.patch
|
|
|
7ae6f15 |
Patch0011: 0011-ArmVirtPkg-take-PcdResizeXterm-from-the-QEMU-command.patch
|
|
|
7ae6f15 |
Patch0012: 0012-OvmfPkg-allow-exclusion-of-the-shell-from-the-firmwa.patch
|
|
|
7407978 |
Patch0013: 0013-ArmPlatformPkg-introduce-fixed-PCD-for-early-hello-m.patch
|
|
|
7407978 |
Patch0014: 0014-ArmPlatformPkg-PrePeiCore-write-early-hello-message-.patch
|
|
|
7407978 |
Patch0015: 0015-ArmVirtPkg-set-early-hello-message-RH-only.patch
|
|
|
7407978 |
Patch0016: 0016-Tweak-the-tools_def-to-support-cross-compiling.patch
|
|
|
0a0d662 |
# openssl compiation fix
|
|
|
0a0d662 |
Patch0017: 0017-fix-openssl-compilation.patch
|
|
|
7ae6f15 |
|
|
|
568a37b |
%if 0%{?cross:1}
|
|
|
568a37b |
%endif
|
|
|
b0c3aff |
|
|
|
2e34e08 |
%if 0%{?fedora:1}
|
|
|
b0c3aff |
#
|
|
|
4980150 |
# actual firmware builds support cross-compiling. edk2-tools
|
|
|
4980150 |
# in theory should build everywhere without much trouble, but
|
|
|
b0c3aff |
# in practice the edk2 build system barfs on archs it doesn't know
|
|
|
b0c3aff |
# (such as ppc), so lets limit things to the known-good ones.
|
|
|
b0c3aff |
#
|
|
|
b0c3aff |
ExclusiveArch: %{ix86} x86_64 %{arm} aarch64
|
|
|
2e34e08 |
%else
|
|
|
2e34e08 |
ExclusiveArch: x86_64 aarch64
|
|
|
2e34e08 |
%endif
|
|
|
b0c3aff |
|
|
 |
d173a3b |
BuildRequires: gcc gcc-c++
|
|
|
b846ca0 |
BuildRequires: python3 python3-devel
|
|
|
49ef316 |
BuildRequires: libuuid-devel
|
|
|
568a37b |
%if 0%{?cross:1}
|
|
|
1db20ef |
BuildRequires: gcc-aarch64-linux-gnu
|
|
|
d31a567 |
BuildRequires: gcc-arm-linux-gnu
|
|
|
4980150 |
BuildRequires: gcc-x86_64-linux-gnu
|
|
|
568a37b |
%endif
|
|
|
b0c3aff |
BuildRequires: iasl
|
|
|
b0c3aff |
BuildRequires: nasm
|
|
|
6ea72cd |
BuildRequires: qemu-img
|
|
|
b0c3aff |
BuildRequires: genisoimage
|
|
|
b846ca0 |
BuildRequires: bc
|
|
|
b9bff0b |
BuildRequires: sed
|
|
|
9f191dd |
|
|
|
0792202 |
# These are for QOSB
|
|
|
0792202 |
BuildRequires: python3-requests
|
|
|
48f745a |
BuildRequires: qemu-system-x86
|
|
|
0792202 |
%if %{?qosb_testing}
|
|
|
0792202 |
# This is used for testing the enrollment: builds are run in a chroot, lacking
|
|
|
0792202 |
# a kernel. The testing is only performed on x86_64 for now, but we can't make
|
|
|
0792202 |
# the BuildRequires only on a specific arch, as that'd come through in the SRPM
|
|
|
0792202 |
# NOTE: The actual enrollment needs to happen in all builds for all architectures,
|
|
|
0792202 |
# because OVMF is built as noarch, which means that koji enforces that the build
|
|
|
0792202 |
# results don't actually differ per arch, and then it picks a random arches' build
|
|
|
0792202 |
# for the actual RPM.
|
|
|
0792202 |
BuildRequires: kernel-core
|
|
|
0792202 |
%endif
|
|
|
1db20ef |
|
|
|
9f191dd |
%description
|
|
 |
bf879e2 |
EDK II is a development code base for creating UEFI drivers, applications
|
|
|
bf879e2 |
and firmware images.
|
|
|
9f191dd |
|
|
|
9f191dd |
%package tools
|
|
|
49ef316 |
Summary: EFI Development Kit II Tools
|
|
|
9f191dd |
%description tools
|
|
|
9f191dd |
This package provides tools that are needed to
|
|
|
9f191dd |
build EFI executables and ROMs using the GNU tools.
|
|
|
9f191dd |
|
|
|
9f191dd |
%package tools-python
|
|
|
49ef316 |
Summary: EFI Development Kit II Tools
|
|
|
b846ca0 |
Requires: python3
|
|
|
9f191dd |
BuildArch: noarch
|
|
|
9f191dd |
|
|
|
9f191dd |
%description tools-python
|
|
|
9f191dd |
This package provides tools that are needed to build EFI executables
|
|
|
9f191dd |
and ROMs using the GNU tools. You do not need to install this package;
|
|
|
9f191dd |
you probably want to install edk2-tools only.
|
|
|
9f191dd |
|
|
|
9f191dd |
%package tools-doc
|
|
|
49ef316 |
Summary: Documentation for EFI Development Kit II Tools
|
|
|
b0c3aff |
BuildArch: noarch
|
|
|
9f191dd |
%description tools-doc
|
|
|
9f191dd |
This package documents the tools that are needed to
|
|
|
9f191dd |
build EFI executables and ROMs using the GNU tools.
|
|
|
9f191dd |
|
|
|
0792202 |
%package qosb
|
|
|
0792202 |
Summary: Tool to enroll secureboot
|
|
Patrick Uiterwijk |
a2a5397 |
Requires: python3
|
|
|
0792202 |
Buildarch: noarch
|
|
|
0792202 |
%description qosb
|
|
|
0792202 |
This package contains QOSB (QEMU OVMF Secure Boot), which can enroll OVMF
|
|
|
0792202 |
variable files to enforce Secure Boot.
|
|
|
0792202 |
|
|
|
0792202 |
|
|
|
568a37b |
%if 0%{?build_ovmf_x64:1}
|
|
|
b0c3aff |
%package ovmf
|
|
|
b0c3aff |
Summary: Open Virtual Machine Firmware
|
|
|
720bc3e |
# OVMF includes the Secure Boot and IPv6 features; it has a builtin OpenSSL
|
|
|
720bc3e |
# library.
|
|
|
eb71155 |
License: BSD-2-Clause-Patent and OpenSSL
|
|
|
83f3ca8 |
Provides: bundled(openssl)
|
|
|
568a37b |
Provides: OVMF = %{version}-%{release}
|
|
|
568a37b |
Obsoletes: OVMF < %{version}-%{release}
|
|
|
b0c3aff |
BuildArch: noarch
|
|
|
b0c3aff |
%description ovmf
|
|
|
b0c3aff |
EFI Development Kit II
|
|
|
b0c3aff |
Open Virtual Machine Firmware (x64)
|
|
|
568a37b |
%endif
|
|
|
b0c3aff |
|
|
|
568a37b |
%if 0%{?build_ovmf_ia32:1}
|
|
|
ad70d15 |
%package ovmf-ia32
|
|
|
ad70d15 |
Summary: Open Virtual Machine Firmware
|
|
|
720bc3e |
# OVMF includes the Secure Boot and IPv6 features; it has a builtin OpenSSL
|
|
|
720bc3e |
# library.
|
|
|
eb71155 |
License: BSD-2-Clause-Patent and OpenSSL
|
|
|
83f3ca8 |
Provides: bundled(openssl)
|
|
|
ad70d15 |
BuildArch: noarch
|
|
|
ad70d15 |
%description ovmf-ia32
|
|
|
ad70d15 |
EFI Development Kit II
|
|
|
ad70d15 |
Open Virtual Machine Firmware (ia32)
|
|
|
568a37b |
%endif
|
|
|
ad70d15 |
|
|
|
568a37b |
%if 0%{?build_aavmf_aarch64:1}
|
|
|
b0c3aff |
%package aarch64
|
|
|
b0c3aff |
Summary: AARCH64 Virtual Machine Firmware
|
|
|
568a37b |
Provides: AAVMF = %{version}-%{release}
|
|
|
568a37b |
Obsoletes: AAVMF < %{version}-%{release}
|
|
|
b0c3aff |
BuildArch: noarch
|
|
|
720bc3e |
# No Secure Boot for AAVMF yet, but we include OpenSSL for the IPv6 stack.
|
|
|
eb71155 |
License: BSD-2-Clause-Patent and OpenSSL
|
|
|
83f3ca8 |
Provides: bundled(openssl)
|
|
|
b0c3aff |
%description aarch64
|
|
|
b0c3aff |
EFI Development Kit II
|
|
|
b0c3aff |
AARCH64 UEFI Firmware
|
|
|
568a37b |
%endif
|
|
|
1db20ef |
|
|
|
568a37b |
%if 0%{?build_aavmf_arm:1}
|
|
|
d31a567 |
%package arm
|
|
|
d31a567 |
Summary: ARM Virtual Machine Firmware
|
|
|
d31a567 |
BuildArch: noarch
|
|
|
d31a567 |
%description arm
|
|
|
d31a567 |
EFI Development Kit II
|
|
|
d31a567 |
armv7 UEFI Firmware
|
|
|
568a37b |
%endif
|
|
|
d31a567 |
|
|
|
b0c3aff |
|
|
|
9f191dd |
%prep
|
|
|
b846ca0 |
%setup -q -n edk2-%{edk2_stable_str}
|
|
|
b0c3aff |
|
|
|
3485002 |
# Ensure old shell and binary packages are not used
|
|
|
3485002 |
rm -rf EdkShellBinPkg
|
|
|
3485002 |
rm -rf EdkShellPkg
|
|
|
3485002 |
rm -rf FatBinPkg
|
|
|
3485002 |
rm -rf ShellBinPkg
|
|
|
3485002 |
|
|
|
9fc821a |
# copy whitepaper into place
|
|
|
3485002 |
cp -a -- %{SOURCE2} .
|
|
|
9fc821a |
# extract openssl into place
|
|
|
b846ca0 |
tar -xvf %{SOURCE1} --strip-components=1 --directory CryptoPkg/Library/OpensslLib/openssl
|
|
|
7407978 |
# extract softfloat into place
|
|
|
7407978 |
tar -xvf %{SOURCE4} --strip-components=1 --directory ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3/
|
|
|
91c79aa |
|
|
|
0792202 |
# Extract QOSB
|
|
|
0792202 |
tar -xvf %{SOURCE3}
|
|
|
0792202 |
mv qemu-ovmf-secureboot-%{qosb_version}/README.md README.qosb
|
|
|
0792202 |
mv qemu-ovmf-secureboot-%{qosb_version}/LICENSE LICENSE.qosb
|
|
|
0792202 |
|
|
|
91c79aa |
%autopatch -p1
|
|
|
3485002 |
base64 --decode < MdeModulePkg/Logo/Logo-OpenSSL.bmp.b64 > MdeModulePkg/Logo/Logo-OpenSSL.bmp
|
|
|
1db20ef |
|
|
|
b9bff0b |
# Extract OEM string from the RH cert, as described here
|
|
|
b9bff0b |
# https://bugzilla.tianocore.org/show_bug.cgi?id=1747#c2
|
|
|
b9bff0b |
sed \
|
|
|
b9bff0b |
-e 's/^-----BEGIN CERTIFICATE-----$/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' \
|
|
|
b9bff0b |
-e '/^-----END CERTIFICATE-----$/d' \
|
|
|
b9bff0b |
%{_sourcedir}/RedHatSecureBootPkKek1.pem \
|
|
|
b9bff0b |
| tr -d '\n' \
|
|
|
b9bff0b |
> PkKek1.oemstr
|
|
|
7407978 |
|
|
|
7407978 |
|
|
|
b0c3aff |
%build
|
|
|
0a0d662 |
export PYTHON_COMMAND=%{__python3}
|
|
|
b0c3aff |
source ./edksetup.sh
|
|
|
b0c3aff |
|
|
Thierry Vignaud |
8553aaf |
# compiler
|
|
|
720bc3e |
CC_FLAGS="-t GCC5"
|
|
|
b0c3aff |
|
|
|
b0c3aff |
# parallel builds
|
|
|
b0c3aff |
JOBS="%{?_smp_mflags}"
|
|
|
b0c3aff |
JOBS="${JOBS#-j}"
|
|
|
b0c3aff |
if test "$JOBS" != ""; then
|
|
|
b0c3aff |
CC_FLAGS="${CC_FLAGS} -n $JOBS"
|
|
|
b0c3aff |
fi
|
|
|
b0c3aff |
|
|
|
b0c3aff |
# common features
|
|
|
7407978 |
CC_FLAGS="$CC_FLAGS --cmd-len=65536 -b DEBUG --hash"
|
|
|
720bc3e |
CC_FLAGS="$CC_FLAGS -D NETWORK_IP6_ENABLE"
|
|
|
3c65313 |
CC_FLAGS="$CC_FLAGS -D TPM2_ENABLE"
|
|
|
b0c3aff |
|
|
|
b0c3aff |
# ovmf features
|
|
|
b0c3aff |
OVMF_FLAGS="${CC_FLAGS}"
|
|
Patrick Uiterwijk |
1c6083c |
OVMF_FLAGS="${OVMF_FLAGS} -D NETWORK_TLS_ENABLE"
|
|
Patrick Uiterwijk |
966ede6 |
OVMF_FLAGS="${OVMF_FLAGS} -D NETWORK_HTTP_BOOT_ENABLE"
|
|
|
b0c3aff |
OVMF_FLAGS="${OVMF_FLAGS} -D NETWORK_IP6_ENABLE"
|
|
|
410bf18 |
OVMF_FLAGS="${OVMF_FLAGS} -D FD_SIZE_2MB"
|
|
|
b0c3aff |
|
|
|
b0c3aff |
# ovmf + secure boot features
|
|
|
b0c3aff |
OVMF_SB_FLAGS="${OVMF_FLAGS}"
|
|
|
b0c3aff |
OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D SECURE_BOOT_ENABLE"
|
|
|
b0c3aff |
OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D SMM_REQUIRE"
|
|
|
b0c3aff |
OVMF_SB_FLAGS="${OVMF_SB_FLAGS} -D EXCLUDE_SHELL_FROM_FD"
|
|
|
b0c3aff |
|
|
|
b0c3aff |
# arm firmware features
|
|
|
b0c3aff |
ARM_FLAGS="${CC_FLAGS}"
|
|
|
b0c3aff |
ARM_FLAGS="${ARM_FLAGS} -D DEBUG_PRINT_ERROR_LEVEL=0x8040004F"
|
|
|
b0c3aff |
|
|
|
1db20ef |
unset MAKEFLAGS
|
|
|
285b943 |
make -C BaseTools %{?_smp_mflags} \
|
|
|
285b943 |
EXTRA_OPTFLAGS="%{optflags}" \
|
|
|
285b943 |
EXTRA_LDFLAGS="%{__global_ldflags}"
|
|
|
798d0f4 |
sed -i -e 's/-Werror//' Conf/tools_def.txt
|
|
|
b0c3aff |
|
|
|
ad70d15 |
|
|
|
568a37b |
%if 0%{?cross:1}
|
|
|
720bc3e |
export GCC5_IA32_PREFIX="x86_64-linux-gnu-"
|
|
|
720bc3e |
export GCC5_X64_PREFIX="x86_64-linux-gnu-"
|
|
|
720bc3e |
export GCC5_AARCH64_PREFIX="aarch64-linux-gnu-"
|
|
|
720bc3e |
export GCC5_ARM_PREFIX="arm-linux-gnu-"
|
|
|
568a37b |
%endif
|
|
|
568a37b |
|
|
|
568a37b |
# build ovmf (x64)
|
|
|
568a37b |
%if 0%{?build_ovmf_x64:1}
|
|
|
b0c3aff |
mkdir -p ovmf
|
|
|
b0c3aff |
build ${OVMF_FLAGS} -a X64 -p OvmfPkg/OvmfPkgX64.dsc
|
|
|
ad70d15 |
cp Build/OvmfX64/*/FV/OVMF_*.fd ovmf/
|
|
|
b0c3aff |
rm -rf Build/OvmfX64
|
|
|
b0c3aff |
|
|
|
ad70d15 |
# build ovmf (x64) with secure boot
|
|
|
b0c3aff |
build ${OVMF_SB_FLAGS} -a IA32 -a X64 -p OvmfPkg/OvmfPkgIa32X64.dsc
|
|
|
b0c3aff |
cp Build/Ovmf3264/*/FV/OVMF_CODE.fd ovmf/OVMF_CODE.secboot.fd
|
|
|
b0c3aff |
|
|
|
ad70d15 |
# build ovmf (x64) shell iso with EnrollDefaultKeys
|
|
|
ad70d15 |
cp Build/Ovmf3264/*/X64/Shell.efi ovmf/
|
|
|
b0c3aff |
cp Build/Ovmf3264/*/X64/EnrollDefaultKeys.efi ovmf
|
|
|
ad70d15 |
sh %{_sourcedir}/build-iso.sh ovmf/
|
|
|
0792202 |
|
|
|
7407978 |
%if !%{skip_enroll}
|
|
|
0792202 |
python3 qemu-ovmf-secureboot-%{qosb_version}/ovmf-vars-generator \
|
|
|
7407978 |
--qemu-binary /usr/bin/qemu-system-x86_64 \
|
|
|
7407978 |
--ovmf-binary ovmf/OVMF_CODE.secboot.fd \
|
|
|
7407978 |
--ovmf-template-vars ovmf/OVMF_VARS.fd \
|
|
|
7407978 |
--uefi-shell-iso ovmf/UefiShell.iso \
|
|
|
b9bff0b |
--oem-string "$(< PkKek1.oemstr)" \
|
|
|
7407978 |
--skip-testing \
|
|
|
7407978 |
ovmf/OVMF_VARS.secboot.fd
|
|
|
167eadb |
%else
|
|
|
167eadb |
# This isn't going to actually give secureboot, but makes json files happy
|
|
|
167eadb |
# if we need to test disabling ovmf-vars-generator
|
|
|
167eadb |
cp ovmf/OVMF_VARS.fd ovmf/OVMF_VARS.secboot.fd
|
|
|
7407978 |
%endif
|
|
|
568a37b |
%endif
|
|
|
b0c3aff |
|
|
|
ad70d15 |
|
|
|
ad70d15 |
# build ovmf-ia32
|
|
|
568a37b |
%if 0%{?build_ovmf_ia32:1}
|
|
|
ad70d15 |
mkdir -p ovmf-ia32
|
|
|
ad70d15 |
build ${OVMF_FLAGS} -a IA32 -p OvmfPkg/OvmfPkgIa32.dsc
|
|
|
429a275 |
cp Build/OvmfIa32/*/FV/OVMF_CODE*.fd ovmf-ia32/
|
|
|
429a275 |
# cp VARS files from from ovmf/, which are all we need
|
|
|
429a275 |
cp ovmf/OVMF_VARS*.fd ovmf-ia32/
|
|
|
ad70d15 |
rm -rf Build/OvmfIa32
|
|
|
ad70d15 |
|
|
|
ad70d15 |
# build ovmf-ia32 with secure boot
|
|
|
ad70d15 |
build ${OVMF_SB_FLAGS} -a IA32 -p OvmfPkg/OvmfPkgIa32.dsc
|
|
|
ad70d15 |
cp Build/OvmfIa32/*/FV/OVMF_CODE.fd ovmf-ia32/OVMF_CODE.secboot.fd
|
|
|
ad70d15 |
|
|
|
ad70d15 |
# build ovmf-ia32 shell iso with EnrollDefaultKeys
|
|
|
ad70d15 |
cp Build/OvmfIa32/*/IA32/Shell.efi ovmf-ia32/Shell.efi
|
|
|
ad70d15 |
cp Build/OvmfIa32/*/IA32/EnrollDefaultKeys.efi ovmf-ia32/EnrollDefaultKeys.efi
|
|
|
ad70d15 |
sh %{_sourcedir}/build-iso.sh ovmf-ia32/
|
|
|
568a37b |
%endif
|
|
|
ad70d15 |
|
|
|
ad70d15 |
|
|
|
d31a567 |
# build aarch64 firmware
|
|
|
568a37b |
%if 0%{?build_aavmf_aarch64:1}
|
|
|
b0c3aff |
mkdir -p aarch64
|
|
|
b0c3aff |
build $ARM_FLAGS -a AARCH64 -p ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
b0c3aff |
cp Build/ArmVirtQemu-AARCH64/DEBUG_*/FV/*.fd aarch64
|
|
|
b0c3aff |
dd of="aarch64/QEMU_EFI-pflash.raw" if="/dev/zero" bs=1M count=64
|
|
|
b0c3aff |
dd of="aarch64/QEMU_EFI-pflash.raw" if="aarch64/QEMU_EFI.fd" conv=notrunc
|
|
|
b0c3aff |
dd of="aarch64/vars-template-pflash.raw" if="/dev/zero" bs=1M count=64
|
|
|
568a37b |
%endif
|
|
|
1db20ef |
|
|
|
ad70d15 |
|
|
|
d31a567 |
# build aarch64 firmware
|
|
|
568a37b |
%if 0%{?build_aavmf_arm:1}
|
|
|
d31a567 |
mkdir -p arm
|
|
|
d31a567 |
build $ARM_FLAGS -a ARM -p ArmVirtPkg/ArmVirtQemu.dsc
|
|
|
d31a567 |
cp Build/ArmVirtQemu-ARM/DEBUG_*/FV/*.fd arm
|
|
|
d31a567 |
dd of="arm/QEMU_EFI-pflash.raw" if="/dev/zero" bs=1M count=64
|
|
|
d31a567 |
dd of="arm/QEMU_EFI-pflash.raw" if="arm/QEMU_EFI.fd" conv=notrunc
|
|
|
d31a567 |
dd of="arm/vars-template-pflash.raw" if="/dev/zero" bs=1M count=64
|
|
|
568a37b |
%endif
|
|
|
9f191dd |
|
|
|
7407978 |
|
|
|
7407978 |
|
|
|
0792202 |
%check
|
|
|
0792202 |
%if 0%{?build_ovmf_x64:1}
|
|
|
0792202 |
%if 0%{?qosb_testing}
|
|
|
7407978 |
%if !%{skip_enroll}
|
|
|
0792202 |
python3 qemu-ovmf-secureboot-%{qosb_version}/ovmf-vars-generator \
|
|
|
7407978 |
--qemu-binary /usr/bin/qemu-system-x86_64 \
|
|
|
7407978 |
--ovmf-binary ovmf/OVMF_CODE.secboot.fd \
|
|
|
7407978 |
--ovmf-template-vars ovmf/OVMF_VARS.fd \
|
|
|
7407978 |
--uefi-shell-iso ovmf/UefiShell.iso \
|
|
|
7407978 |
--skip-enrollment \
|
|
|
7407978 |
--print-output \
|
|
|
7407978 |
--no-download \
|
|
|
7407978 |
--kernel-path `rpm -ql kernel-core | grep "\/vmlinuz$" -m 1` \
|
|
|
7407978 |
ovmf/OVMF_VARS.secboot.fd
|
|
|
0792202 |
%endif
|
|
|
0792202 |
%endif
|
|
|
7407978 |
%endif
|
|
|
7407978 |
|
|
|
7407978 |
|
|
|
0792202 |
|
|
|
9f191dd |
%install
|
|
|
720bc3e |
cp CryptoPkg/Library/OpensslLib/openssl/LICENSE LICENSE.openssl
|
|
|
b0c3aff |
mkdir -p %{buildroot}%{_bindir} \
|
|
|
b0c3aff |
%{buildroot}%{_datadir}/%{name}/Conf \
|
|
|
b0c3aff |
%{buildroot}%{_datadir}/%{name}/Scripts
|
|
|
b0c3aff |
install BaseTools/Source/C/bin/* \
|
|
|
49ef316 |
%{buildroot}%{_bindir}
|
|
|
b0c3aff |
install BaseTools/BinWrappers/PosixLike/LzmaF86Compress \
|
|
|
b0c3aff |
%{buildroot}%{_bindir}
|
|
|
b0c3aff |
install BaseTools/BuildEnv \
|
|
|
0655ef8 |
%{buildroot}%{_datadir}/%{name}
|
|
|
b0c3aff |
install BaseTools/Conf/*.template \
|
|
|
d282ae2 |
%{buildroot}%{_datadir}/%{name}/Conf
|
|
|
b0c3aff |
install BaseTools/Scripts/GccBase.lds \
|
|
|
d282ae2 |
%{buildroot}%{_datadir}/%{name}/Scripts
|
|
|
d282ae2 |
|
|
|
b0c3aff |
cp -R BaseTools/Source/Python %{buildroot}%{_datadir}/%{name}/Python
|
|
|
d282ae2 |
for i in build BPDG Ecc GenDepex GenFds GenPatchPcdTable PatchPcdValue TargetTool Trim UPT; do
|
|
|
b0c3aff |
echo '#!/bin/sh
|
|
|
b0c3aff |
export PYTHONPATH=%{_datadir}/%{name}/Python
|
|
|
b846ca0 |
exec python3 '%{_datadir}/%{name}/Python/$i/$i.py' "$@"' > %{buildroot}%{_bindir}/$i
|
|
|
9f191dd |
chmod +x %{buildroot}%{_bindir}/$i
|
|
|
9f191dd |
done
|
|
|
9f191dd |
|
|
|
167eadb |
# For distro-provided firmware packages, the specification
|
|
|
167eadb |
# (https://git.qemu.org/?p=qemu.git;a=blob;f=docs/interop/firmware.json)
|
|
|
167eadb |
# says the JSON "descriptor files" to be searched in this directory:
|
|
|
167eadb |
# `/usr/share/firmware/`. Create it.
|
|
|
167eadb |
mkdir -p %{buildroot}/%{_datadir}/qemu/firmware
|
|
|
167eadb |
|
|
|
b0c3aff |
mkdir -p %{buildroot}/usr/share/%{name}
|
|
|
568a37b |
%if 0%{?build_ovmf_x64:1}
|
|
|
b0c3aff |
cp -a ovmf %{buildroot}/usr/share/%{name}
|
|
|
568a37b |
# Libvirt hardcodes this directory name
|
|
|
568a37b |
mkdir %{buildroot}/usr/share/OVMF
|
|
|
568a37b |
ln -sf ../%{name}/ovmf/OVMF_CODE.fd %{buildroot}/usr/share/OVMF
|
|
|
568a37b |
ln -sf ../%{name}/ovmf/OVMF_CODE.secboot.fd %{buildroot}/usr/share/OVMF
|
|
|
498742e |
ln -sf ../%{name}/ovmf/OVMF_VARS.fd %{buildroot}/usr/share/OVMF
|
|
|
0792202 |
ln -sf ../%{name}/ovmf/OVMF_VARS.secboot.fd %{buildroot}/usr/share/OVMF
|
|
|
568a37b |
ln -sf ../%{name}/ovmf/UefiShell.iso %{buildroot}/usr/share/OVMF
|
|
|
674b3c8 |
|
|
|
167eadb |
for f in %{_sourcedir}/*edk2-ovmf-x64*.json; do
|
|
|
167eadb |
install -pm 644 $f %{buildroot}/%{_datadir}/qemu/firmware
|
|
|
167eadb |
done
|
|
|
568a37b |
%endif
|
|
|
167eadb |
|
|
|
167eadb |
|
|
|
568a37b |
%if 0%{?build_ovmf_ia32:1}
|
|
|
ad70d15 |
cp -a ovmf-ia32 %{buildroot}/usr/share/%{name}
|
|
|
674b3c8 |
|
|
|
167eadb |
for f in %{_sourcedir}/*edk2-ovmf-ia32*.json; do
|
|
|
167eadb |
install -pm 644 $f %{buildroot}/%{_datadir}/qemu/firmware
|
|
|
167eadb |
done
|
|
|
568a37b |
%endif
|
|
|
167eadb |
|
|
|
167eadb |
|
|
|
568a37b |
%if 0%{?build_aavmf_aarch64:1}
|
|
|
b0c3aff |
cp -a aarch64 %{buildroot}/usr/share/%{name}
|
|
|
568a37b |
# Libvirt hardcodes this directory name
|
|
|
568a37b |
mkdir %{buildroot}/usr/share/AAVMF
|
|
|
568a37b |
ln -sf ../%{name}/aarch64/QEMU_EFI-pflash.raw %{buildroot}/usr/share/AAVMF/AAVMF_CODE.fd
|
|
|
568a37b |
ln -sf ../%{name}/aarch64/vars-template-pflash.raw %{buildroot}/usr/share/AAVMF/AAVMF_VARS.fd
|
|
|
674b3c8 |
|
|
|
167eadb |
for f in %{_sourcedir}/*edk2-aarch64*.json; do
|
|
|
167eadb |
install -pm 644 $f %{buildroot}/%{_datadir}/qemu/firmware
|
|
|
167eadb |
done
|
|
|
568a37b |
%endif
|
|
|
167eadb |
|
|
|
167eadb |
|
|
|
568a37b |
%if 0%{?build_aavmf_arm:1}
|
|
|
d31a567 |
cp -a arm %{buildroot}/usr/share/%{name}
|
|
|
568a37b |
ln -sf ../%{name}/arm/QEMU_EFI-pflash.raw %{buildroot}/usr/share/AAVMF/AAVMF32_CODE.fd
|
|
|
167eadb |
|
|
|
167eadb |
for f in %{_sourcedir}/*edk2-arm*.json; do
|
|
|
167eadb |
install -pm 644 $f %{buildroot}/%{_datadir}/qemu/firmware
|
|
|
167eadb |
done
|
|
|
568a37b |
%endif
|
|
|
1db20ef |
|
|
|
167eadb |
|
|
|
0792202 |
install qemu-ovmf-secureboot-%{qosb_version}/ovmf-vars-generator %{buildroot}%{_bindir}
|
|
|
0792202 |
|
|
|
b0c3aff |
|
|
|
9f191dd |
%files tools
|
|
|
3485002 |
%license License.txt
|
|
|
720bc3e |
%license LICENSE.openssl
|
|
|
3485002 |
%{_bindir}/Brotli
|
|
|
7ae6f15 |
%{_bindir}/DevicePath
|
|
|
9f191dd |
%{_bindir}/EfiRom
|
|
|
9f191dd |
%{_bindir}/GenCrc32
|
|
|
9f191dd |
%{_bindir}/GenFfs
|
|
|
9f191dd |
%{_bindir}/GenFv
|
|
|
9f191dd |
%{_bindir}/GenFw
|
|
|
9f191dd |
%{_bindir}/GenSec
|
|
|
9f191dd |
%{_bindir}/LzmaCompress
|
|
|
d282ae2 |
%{_bindir}/LzmaF86Compress
|
|
|
9f191dd |
%{_bindir}/Split
|
|
|
d282ae2 |
%{_bindir}/TianoCompress
|
|
|
9f191dd |
%{_bindir}/VfrCompile
|
|
|
9f191dd |
%{_bindir}/VolInfo
|
|
|
b0c3aff |
%dir %{_datadir}/%{name}
|
|
|
0655ef8 |
%{_datadir}/%{name}/BuildEnv
|
|
|
b0c3aff |
%{_datadir}/%{name}/Conf
|
|
|
b0c3aff |
%{_datadir}/%{name}/Scripts
|
|
|
9f191dd |
|
|
|
9f191dd |
%files tools-python
|
|
|
d282ae2 |
%{_bindir}/build
|
|
|
9f191dd |
%{_bindir}/BPDG
|
|
|
d282ae2 |
%{_bindir}/Ecc
|
|
|
9f191dd |
%{_bindir}/GenDepex
|
|
|
9f191dd |
%{_bindir}/GenFds
|
|
|
9f191dd |
%{_bindir}/GenPatchPcdTable
|
|
|
9f191dd |
%{_bindir}/PatchPcdValue
|
|
|
9f191dd |
%{_bindir}/TargetTool
|
|
|
9f191dd |
%{_bindir}/Trim
|
|
|
9f191dd |
%{_bindir}/UPT
|
|
|
b0c3aff |
%dir %{_datadir}/%{name}
|
|
|
b0c3aff |
%{_datadir}/%{name}/Python
|
|
|
9f191dd |
|
|
|
9f191dd |
%files tools-doc
|
|
|
b0c3aff |
%doc BaseTools/UserManuals/*.rtf
|
|
|
b0c3aff |
|
|
|
0792202 |
%files qosb
|
|
|
0792202 |
%license LICENSE.qosb
|
|
|
0792202 |
%doc README.qosb
|
|
|
0792202 |
%{_bindir}/ovmf-vars-generator
|
|
|
0792202 |
|
|
|
568a37b |
%if 0%{?build_ovmf_x64:1}
|
|
|
b0c3aff |
%files ovmf
|
|
|
b0c3aff |
%license OvmfPkg/License.txt
|
|
|
b0c3aff |
%license LICENSE.openssl
|
|
|
b0c3aff |
%doc OvmfPkg/README
|
|
|
3485002 |
%doc ovmf-whitepaper-c770f8c.txt
|
|
|
b0c3aff |
%dir /usr/share/%{name}
|
|
|
b0c3aff |
%dir /usr/share/%{name}/ovmf
|
|
|
674b3c8 |
%dir /usr/share/qemu/firmware
|
|
|
b0c3aff |
/usr/share/%{name}/ovmf/OVMF*.fd
|
|
|
b0c3aff |
/usr/share/%{name}/ovmf/*.efi
|
|
|
b0c3aff |
/usr/share/%{name}/ovmf/*.iso
|
|
|
167eadb |
/usr/share/qemu/firmware/*edk2-ovmf-x64*.json
|
|
|
568a37b |
/usr/share/OVMF
|
|
|
568a37b |
%endif
|
|
|
b0c3aff |
|
|
|
568a37b |
%if 0%{?build_ovmf_ia32:1}
|
|
|
ad70d15 |
%files ovmf-ia32
|
|
|
ad70d15 |
%license OvmfPkg/License.txt
|
|
|
ad70d15 |
%license LICENSE.openssl
|
|
|
ad70d15 |
%doc OvmfPkg/README
|
|
|
3485002 |
%doc ovmf-whitepaper-c770f8c.txt
|
|
|
ad70d15 |
%dir /usr/share/%{name}
|
|
|
ad70d15 |
%dir /usr/share/%{name}/ovmf-ia32
|
|
|
674b3c8 |
%dir /usr/share/qemu/firmware
|
|
|
ad70d15 |
/usr/share/%{name}/ovmf-ia32/OVMF*.fd
|
|
|
ad70d15 |
/usr/share/%{name}/ovmf-ia32/*.efi
|
|
|
ad70d15 |
/usr/share/%{name}/ovmf-ia32/*.iso
|
|
|
167eadb |
/usr/share/qemu/firmware/*edk2-ovmf-ia32*.json
|
|
|
568a37b |
%endif
|
|
|
ad70d15 |
|
|
|
568a37b |
%if 0%{?build_aavmf_aarch64:1}
|
|
|
b0c3aff |
%files aarch64
|
|
|
3485002 |
%license OvmfPkg/License.txt
|
|
|
3485002 |
%license LICENSE.openssl
|
|
|
b0c3aff |
%dir /usr/share/%{name}
|
|
|
b0c3aff |
%dir /usr/share/%{name}/aarch64
|
|
|
674b3c8 |
%dir /usr/share/qemu/firmware
|
|
|
b0c3aff |
/usr/share/%{name}/aarch64/QEMU*.fd
|
|
|
b0c3aff |
/usr/share/%{name}/aarch64/*.raw
|
|
|
167eadb |
/usr/share/qemu/firmware/*edk2-aarch64*.json
|
|
|
568a37b |
/usr/share/AAVMF/AAVMF_*
|
|
|
568a37b |
%endif
|
|
|
1db20ef |
|
|
|
568a37b |
%if 0%{?build_aavmf_arm:1}
|
|
|
d31a567 |
%files arm
|
|
|
3485002 |
%license OvmfPkg/License.txt
|
|
|
3485002 |
%license LICENSE.openssl
|
|
|
d31a567 |
%dir /usr/share/%{name}
|
|
|
d31a567 |
%dir /usr/share/%{name}/arm
|
|
|
674b3c8 |
%dir /usr/share/qemu/firmware
|
|
|
d31a567 |
/usr/share/%{name}/arm/QEMU*.fd
|
|
|
d31a567 |
/usr/share/%{name}/arm/*.raw
|
|
|
167eadb |
/usr/share/qemu/firmware/*edk2-arm*.json
|
|
|
568a37b |
/usr/share/AAVMF/AAVMF32_*
|
|
|
568a37b |
%endif
|
|
|
d31a567 |
|
|
|
9f191dd |
|
|
|
9f191dd |
%changelog
|
|
|
0a0d662 |
* Mon Apr 13 2020 Cole Robinson <aintdiscole@gmail.com> - 20200201stable-1
|
|
|
0a0d662 |
- Update to stable-202002
|
|
|
0a0d662 |
|
|
 |
bccf75f |
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 20190501stable-5
|
|
|
bccf75f |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
|
bccf75f |
|
|
Patrick Uiterwijk |
966ede6 |
* Fri Sep 06 2019 Patrick Uiterwijk <puiterwijk@redhat.com> - 20190501stable-4
|
|
Patrick Uiterwijk |
966ede6 |
- Updated HTTP_BOOT option to new upstream value
|
|
Patrick Uiterwijk |
966ede6 |
|
|
|
14344b0 |
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 20190501stable-3
|
|
|
14344b0 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
|
14344b0 |
|
|
|
b9bff0b |
* Mon Jul 15 2019 Cole Robinson <aintdiscole@gmail.com> - 20190501stable-2
|
|
|
b9bff0b |
- License is now BSD-2-Clause-Patent
|
|
|
b9bff0b |
- Re-enable secureboot enrollment
|
|
|
b9bff0b |
- Use qemu-ovmf-secureboot from git
|
|
|
b9bff0b |
|
|
|
7407978 |
* Thu Jul 11 2019 Cole Robinson <crobinso@redhat.com> - 20190501stable-1
|
|
|
7407978 |
- Update to stable-201905
|
|
|
7407978 |
- Update to openssl-1.1.1b
|
|
|
1b8f627 |
- Ship VARS file for ovmf-ia32 (bug 1688596)
|
|
|
674b3c8 |
- Ship Fedora-variant JSON "firmware descriptor files"
|
|
|
674b3c8 |
- Resolves rhbz#1728652
|
|
|
7407978 |
|
|
|
e9ffba6 |
* Mon Mar 18 2019 Cole Robinson <aintdiscole@gmail.com> - 20190308stable-1
|
|
|
e9ffba6 |
- Use YYYYMMDD versioning to fix upgrade path
|
|
|
e9ffba6 |
|
|
|
e9ffba6 |
* Fri Mar 15 2019 Cole Robinson <aintdiscole@gmail.com> - 201903stable-1
|
|
|
b846ca0 |
- Update to stable-201903
|
|
|
b846ca0 |
- Update to openssl-1.1.0j
|
|
|
b846ca0 |
- Move to python3 deps
|
|
|
b846ca0 |
|
|
|
bffed9b |
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 20180815gitcb5f4f45ce-6
|
|
|
bffed9b |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
|
|
bffed9b |
|
|
Patrick Uiterwijk |
a2a5397 |
* Wed Nov 14 2018 Patrick Uiterwijk <puiterwijk@redhat.com> - 20180815gitcb5f4f45ce-5
|
|
Patrick Uiterwijk |
a2a5397 |
- Add -qosb dependency on python3
|
|
Patrick Uiterwijk |
a2a5397 |
|
|
|
ec71add |
* Fri Nov 9 2018 Paolo Bonzini <pbonzini@redhat.com> - 20180815gitcb5f4f45ce-4
|
|
|
ec71add |
- Fix network boot via grub (bz 1648476)
|
|
|
ec71add |
|
|
|
3aa0957 |
* Wed Sep 12 2018 Paolo Bonzini <pbonzini@redhat.com> - 20180815gitcb5f4f45ce-3
|
|
|
3aa0957 |
- Explicitly compile the scripts using py_byte_compile
|
|
|
3aa0957 |
|
|
|
285b943 |
* Fri Aug 31 2018 Cole Robinson <crobinso@redhat.com> - 20180815gitcb5f4f45ce-2
|
|
|
285b943 |
- Fix passing through RPM build flags (bz 1540244)
|
|
|
285b943 |
|
|
|
9fc821a |
* Tue Aug 21 2018 Cole Robinson <crobinso@redhat.com> - 20180815gitcb5f4f45ce-1
|
|
|
9fc821a |
- Update to edk2 git cb5f4f45ce, edk2-stable201808
|
|
|
3c65313 |
- Update to qemu-ovmf-secureboot-1.1.3
|
|
|
3c65313 |
- Enable TPM2 support
|
|
|
9fc821a |
|
|
|
83f3ca8 |
* Mon Jul 23 2018 Paolo Bonzini <pbonzini@redhat.com> - 20180529gitee3198e672e2-5
|
|
|
83f3ca8 |
- Fixes for AMD SEV on OVMF_CODE.fd
|
|
|
83f3ca8 |
- Add Provides for bundled OpenSSL
|
|
|
83f3ca8 |
|
|
|
720bc3e |
* Wed Jul 18 2018 Paolo Bonzini <pbonzini@redhat.com> - 20180529gitee3198e672e2-4
|
|
|
720bc3e |
- Enable IPv6
|
|
|
720bc3e |
|
|
|
20639a2 |
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20180529gitee3198e672e2-3
|
|
|
20639a2 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
|
|
20639a2 |
|
|
|
9fbea3b |
* Wed Jun 20 2018 Paolo Bonzini <pbonzini@redhat.com> - 20180529gitee3198e672e2-2
|
|
|
9fbea3b |
- Backport two bug fixes from RHEL: connect again virtio-rng devices, and
|
|
|
9fbea3b |
connect consoles unconditionally in OVMF (ARM firmware already did it)
|
|
|
9fbea3b |
|
|
|
7ae6f15 |
* Tue May 29 2018 Paolo Bonzini <pbonzini@redhat.com> - 20180529gitee3198e672e2-1
|
|
|
9fbea3b |
- Rebase to ee3198e672e2
|
|
|
7ae6f15 |
|
|
|
b7103cb |
* Tue May 01 2018 Cole Robinson <crobinso@redhat.com> - 20171011git92d07e4-7
|
|
|
b7103cb |
- Bump release for new build
|
|
|
b7103cb |
|
|
|
0792202 |
* Fri Mar 30 2018 Patrick Uiterwijk <puiterwijk@redhat.com> - 20171011git92d07e4-6
|
|
|
0792202 |
- Add qemu-ovmf-secureboot (qosb)
|
|
|
0792202 |
- Generate pre-enrolled Secure Boot OVMF VARS files
|
|
|
0792202 |
|
|
|
6ea72cd |
* Wed Mar 07 2018 Paolo Bonzini <pbonzini@redhat.com> - 20171011git92d07e4-5
|
|
|
6ea72cd |
- Fix GCC 8 compilation
|
|
|
6ea72cd |
- Replace dosfstools and mtools with qemu-img vvfat
|
|
|
6ea72cd |
|
|
|
d3e5a8d |
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20171011git92d07e4-4
|
|
|
d3e5a8d |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
|
d3e5a8d |
|
|
|
91c79aa |
* Fri Jan 19 2018 Paolo Bonzini <pbonzini@redhat.com> - 20170209git296153c5-3
|
|
|
91c79aa |
- Add OpenSSL patches from Fedora
|
|
|
91c79aa |
- Enable TLS_MODE
|
|
|
91c79aa |
|
|
|
2e34e08 |
* Fri Nov 17 2017 Paolo Bonzini <pbonzini@redhat.com> - 20170209git296153c5-2
|
|
|
2e34e08 |
- Backport patches 19-21 from RHEL
|
|
|
2e34e08 |
- Add patches 22-24 to fix SEV slowness
|
|
|
2e34e08 |
- Add fedora conditionals
|
|
|
2e34e08 |
|
|
|
2e34e08 |
* Tue Nov 14 2017 Paolo Bonzini <pbonzini@redhat.com> - 20171011git92d07e4-1
|
|
|
3485002 |
- Import source and patches from RHEL version
|
|
|
3485002 |
- Update OpenSSL to 1.1.0e
|
|
|
3485002 |
- Refresh 0099-Tweak-the-tools_def-to-support-cross-compiling.patch
|
|
|
3485002 |
|
|
|
568a37b |
* Mon Nov 13 2017 Paolo Bonzini <pbonzini@redhat.com> - 20170209git296153c5-6
|
|
|
568a37b |
- Allow non-cross builds
|
|
|
568a37b |
- Install /usr/share/OVMF and /usr/share/AAVMF
|
|
|
568a37b |
|
|
|
c356e99 |
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20170209git296153c5-5
|
|
|
c356e99 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
|
|
c356e99 |
|
|
|
3f09d52 |
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20170209git296153c5-4
|
|
|
3f09d52 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
|
3f09d52 |
|
|
|
ad70d15 |
* Wed Mar 15 2017 Cole Robinson <crobinso@redhat.com> - 20170209git296153c5-3
|
|
|
ad70d15 |
- Ship ovmf-ia32 package (bz 1424722)
|
|
|
ad70d15 |
|
|
|
ed852ec |
* Thu Feb 16 2017 Cole Robinson <crobinso@redhat.com> - 20170209git296153c5-2
|
|
|
ed852ec |
- Update EnrollDefaultKeys patch (bz #1398743)
|
|
|
ed852ec |
|
|
|
d7ad692 |
* Mon Feb 13 2017 Paolo Bonzini <pbonzini@redhat.com> - 20170209git296153c5-1
|
|
|
d7ad692 |
- Rebase to git master
|
|
|
d7ad692 |
- New patch 0010 fixes failure to build from source.
|
|
|
d7ad692 |
|
|
|
5b845e6 |
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20161105git3b25ca8-2
|
|
|
5b845e6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
|
|
5b845e6 |
|
|
|
b178193 |
* Sun Nov 06 2016 Cole Robinson <crobinso@redhat.com> - 20161105git3b25ca8-1
|
|
|
b178193 |
- Rebase to git master
|
|
|
b178193 |
|
|
 |
da615e4 |
* Fri Sep 9 2016 Tom Callaway <spot@fedoraproject.org> - 20160418gita8c39ba-5
|
|
|
da615e4 |
- replace legally problematic openssl source with "hobbled" tarball
|
|
|
da615e4 |
|
|
|
d31a567 |
* Thu Jul 21 2016 Gerd Hoffmann <kraxel@redhat.com> - 20160418gita8c39ba-4
|
|
|
d31a567 |
- Also build for armv7.
|
|
|
d31a567 |
|
|
|
d31a567 |
* Tue Jul 19 2016 Gerd Hoffmann <kraxel@redhat.com> 20160418gita8c39ba-3
|
|
|
18632eb |
- Update EnrollDefaultKeys patch.
|
|
|
18632eb |
|
|
|
4980150 |
* Fri Jul 8 2016 Paolo Bonzini <pbonzini@redhat.com> - 20160418gita8c39ba-2
|
|
|
4980150 |
- Distribute edk2-ovmf on aarch64
|
|
|
4980150 |
|
|
|
1db20ef |
* Sat May 21 2016 Cole Robinson <crobinso@redhat.com> - 20160418gita8c39ba-1
|
|
|
1db20ef |
- Distribute edk2-aarch64 on x86 (bz #1338027)
|
|
|
1db20ef |
|
|
|
b0c3aff |
* Mon Apr 18 2016 Gerd Hoffmann <kraxel@redhat.com> 20160418gita8c39ba-0
|
|
|
b0c3aff |
- Update to latest git.
|
|
|
b0c3aff |
- Add firmware builds (FatPkg is free now).
|
|
|
b0c3aff |
|
|
|
7e23287 |
* Mon Feb 15 2016 Cole Robinson <crobinso@redhat.com> 20151127svn18975-3
|
|
|
7e23287 |
- Fix FTBFS gcc warning (bz 1307439)
|
|
|
7e23287 |
|
|
 |
f62d424 |
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 20151127svn18975-2
|
|
|
f62d424 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
|
f62d424 |
|
|
|
7e23287 |
* Fri Nov 27 2015 Paolo Bonzini <pbonzini@redhat.com> - 20151127svn18975-1
|
|
|
ac38c1f |
- Rebase to 20151127svn18975-1
|
|
|
ac38c1f |
- Linker script renamed to GccBase.lds
|
|
|
ac38c1f |
|
|
|
2478ec3 |
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20150519svn17469-2
|
|
|
2478ec3 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
|
2478ec3 |
|
|
|
ac38c1f |
* Tue May 19 2015 Paolo Bonzini <pbonzini@redhat.com> - 20150519svn17469-1
|
|
|
98fad17 |
- Rebase to 20150519svn17469-1
|
|
|
98fad17 |
- edk2-remove-tree-check.patch now upstream
|
|
|
98fad17 |
|
|
 |
e9a7650 |
* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 20140724svn2670-6
|
|
|
e9a7650 |
- Rebuilt for GCC 5 C++11 ABI change
|
|
|
e9a7650 |
|
|
|
c83d141 |
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20140724svn2670-5
|
|
|
c83d141 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
|
|
c83d141 |
|
|
|
d2839d5 |
* Thu Jul 24 2014 Paolo Bonzini <pbonzini@redhat.com> - 20140724svn2670-1
|
|
|
d2839d5 |
- Rebase to 20140724svn2670-1
|
|
|
d2839d5 |
|
|
|
7fb4019 |
* Tue Jun 24 2014 Paolo Bonzini <pbonzini@redhat.com> - 20140624svn2649-1
|
|
|
7fb4019 |
- Use standalone .tar.xz from buildtools repo
|
|
|
7fb4019 |
|
|
|
0655ef8 |
* Tue Jun 24 2014 Paolo Bonzini <pbonzini@redhat.com> - 20140328svn15376-4
|
|
|
0655ef8 |
- Install BuildTools/BaseEnv
|
|
|
0655ef8 |
|
|
|
d282ae2 |
* Mon Jun 23 2014 Paolo Bonzini <pbonzini@redhat.com> - 20140328svn15376-3
|
|
|
d282ae2 |
- Rebase to get GCC48 configuration
|
|
|
d282ae2 |
- Package EDK_TOOLS_PATH as /usr/share/edk2
|
|
|
d282ae2 |
- Package "build" and LzmaF86Compress too, as well as the new
|
|
|
d282ae2 |
tools Ecc and TianoCompress.
|
|
|
d282ae2 |
|
|
|
4d07804 |
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20131114svn14844-2
|
|
|
4d07804 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
4d07804 |
|
|
|
f8ed429 |
* Thu Nov 14 2013 Paolo Bonzini <pbonzini@redhat.com> - 20131114svn14844-1
|
|
|
f8ed429 |
- Upgrade to r14844.
|
|
|
60a9a27 |
- Remove upstreamed parts of patch 1.
|
|
|
f8ed429 |
|
|
|
79e1605 |
* Fri Nov 8 2013 Paolo Bonzini <pbonzini@redhat.com> - 20130515svn14365-7
|
|
|
79e1605 |
- Make BaseTools compile on ARM.
|
|
|
79e1605 |
|
|
|
5171129 |
* Fri Aug 30 2013 Paolo Bonzini <pbonzini@redhat.com> - 20130515svn14365-6
|
|
|
5171129 |
- Revert previous change; firmware packages should be noarch, and building
|
|
|
5171129 |
BaseTools twice is simply wrong.
|
|
|
5171129 |
|
|
|
a1a88ec |
* Mon Aug 19 2013 Kay Sievers <kay@redhat.com> - 20130515svn14365-5
|
|
|
a1a88ec |
- Add sub-package with EFI shell
|
|
|
a1a88ec |
|
|
|
e144da5 |
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20130515svn14365-4
|
|
|
e144da5 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
|
|
e144da5 |
|
|
 |
1516367 |
* Thu May 23 2013 Dan HorĂ¡k <dan[at]danny.cz> 20130515svn14365-3
|
|
|
1516367 |
- set ExclusiveArch
|
|
|
1516367 |
|
|
|
9f191dd |
* Thu May 16 2013 Paolo Bonzini <pbonzini@redhat.com> 20130515svn14365-2
|
|
|
9f191dd |
- Fix edk2-tools-python Requires
|
|
|
9f191dd |
|
|
|
9f191dd |
* Wed May 15 2013 Paolo Bonzini <pbonzini@redhat.com> 20130515svn14365-1
|
|
|
9f191dd |
- Split edk2-tools-doc and edk2-tools-python
|
|
|
9f191dd |
- Fix Python BuildRequires
|
|
|
9f191dd |
- Remove FatBinPkg at package creation time.
|
|
|
9f191dd |
- Use fully versioned dependency.
|
|
|
9f191dd |
- Add comment on how to generate the sources.
|
|
|
9f191dd |
|
|
|
9f191dd |
* Thu May 2 2013 Paolo Bonzini <pbonzini@redhat.com> 20130502.g732d199-1
|
|
|
9f191dd |
- Create.
|