[gentoo-commits] repo/gentoo:master commit in: sys-firmware/edk2-ovmf/

Sun, 28 Jul 2019 16:18:13 -0700 

commit:     fff18dae2f07b0bf7b885912abfdc49fa283055e
Author:     Matthias Maier <tamiko <AT> gentoo <DOT> org>
AuthorDate: Sun Jul 28 21:11:51 2019 +0000
Commit:     Matthias Maier <tamiko <AT> gentoo <DOT> org>
CommitDate: Sun Jul 28 23:17:26 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fff18dae

sys-firmware/edk2-ovmf: update live ebuild

Package-Manager: Portage-2.3.69, Repoman-2.3.16
Signed-off-by: Matthias Maier <tamiko <AT> gentoo.org>

 ...k2-ovmf-9999.ebuild => edk2-ovmf-999999.ebuild} | 73 +++++++++++++++++-----
 1 file changed, 57 insertions(+), 16 deletions(-)

diff --git a/sys-firmware/edk2-ovmf/edk2-ovmf-9999.ebuild 
b/sys-firmware/edk2-ovmf/edk2-ovmf-999999.ebuild
similarity index 50%
rename from sys-firmware/edk2-ovmf/edk2-ovmf-9999.ebuild
rename to sys-firmware/edk2-ovmf/edk2-ovmf-999999.ebuild
index a3779c68d3d..8bd303ef2cb 100644
--- a/sys-firmware/edk2-ovmf/edk2-ovmf-9999.ebuild
+++ b/sys-firmware/edk2-ovmf/edk2-ovmf-999999.ebuild
@@ -1,10 +1,10 @@
 # Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=6
+EAPI=7
 
 PYTHON_REQ_USE="sqlite"
-PYTHON_COMPAT=( python2_7 )
+PYTHON_COMPAT=( python{2_7,3_5,3_6,3_7} )
 
 inherit eutils python-any-r1 readme.gentoo-r1
 
@@ -12,22 +12,21 @@ DESCRIPTION="UEFI firmware for 64-bit x86 virtual machines"
 HOMEPAGE="https://github.com/tianocore/edk2";
 
 NON_BINARY_DEPEND="
+       app-emulation/qemu
        >=dev-lang/nasm-2.0.7
        >=sys-power/iasl-20160729
        ${PYTHON_DEPS}
 "
 DEPEND=""
 RDEPEND=""
-if [[ ${PV} == "9999" ]] ; then
+if [[ ${PV} == "999999" ]] ; then
        inherit git-r3
        EGIT_REPO_URI="https://github.com/tianocore/edk2";
        DEPEND+="
                ${NON_BINARY_DEPEND}
        "
 else
-       SRC_URI="
-               binary? ( 
https://dev.gentoo.org/~tamiko/distfiles/${P}-bin.tar.xz )
-               !binary? ( https://dev.gentoo.org/~tamiko/distfiles/${P}.tar.xz 
)"
+       SRC_URI=""
        KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
        IUSE="+binary"
        REQUIRED_USE+="
@@ -40,7 +39,6 @@ else
                        )
                )"
        PATCHES=(
-               "${FILESDIR}"/${P}-build_system_fixes.patch
        )
 fi
 
@@ -50,9 +48,20 @@ SLOT="0"
 DISABLE_AUTOFORMATTING=true
 DOC_CONTENTS="This package contains the tianocore edk2 UEFI firmware for 
64-bit x86
 virtual machines. The firmware is located under
-       /usr/share/edk2-ovmf/OVMF.fd
        /usr/share/edk2-ovmf/OVMF_CODE.fd
        /usr/share/edk2-ovmf/OVMF_VARS.fd
+       /usr/share/edk2-ovmf/OVMF_CODE.secboot.fd
+
+If USE=binary is enabled, we also install an OVMF variables file (coming from
+fedora) that contains secureboot default keys
+
+       /usr/share/edk2-ovmf/OVMF_VARS.secboot.fd
+
+If you have compiled this package by hand, you need to either populate all
+necessary EFI variables by hand by booting
+       /usr/share/edk2-ovmf/UefiShell.(iso|img)
+or creating OVMF_VARS.secboot.fd by hand:
+       https://github.com/puiterwijk/qemu-ovmf-secureboot
 
 The firmware does not support csm (due to no free csm implementation
 available). If you need a firmware with csm support you have to download
@@ -68,14 +77,15 @@ In order to use the firmware you can run qemu the following 
way
 You can register the firmware for use in libvirt by adding to 
/etc/libvirt/qemu.conf:
        nvram = [
                
\"/usr/share/edk2-ovmf/OVMF_CODE.fd:/usr/share/edk2-ovmf/OVMF_VARS.fd\"
+               
\"/usr/share/edk2-ovmf/OVMF_CODE.secboot.fd:/usr/share/edk2-ovmf/OVMF_VARS.fd\"
        ]"
 
 pkg_setup() {
-        [[ ${PV} != "9999" ]] && use binary || python-any-r1_pkg_setup
+       [[ ${PV} != "999999" ]] && use binary || python-any-r1_pkg_setup
 }
 
 src_prepare() {
-       if  [[ ${PV} != "9999" ]] && use binary; then
+       if  [[ ${PV} != "999999" ]] && use binary; then
                eapply_user
                return
        fi
@@ -87,23 +97,54 @@ src_compile() {
        TARGET_NAME=RELEASE
        TARGET_TOOLS=GCC49
 
-       [[ ${PV} != "9999" ]] && use binary && return
+       BUILD_FLAGS="-D TLS_ENABLE \
+               -D HTTP_BOOT_ENABLE \
+               -D NETWORK_IP6_ENABLE \
+               -D FD_SIZE_2MB"
+
+       SECUREBOOT_BUILD_FLAGS="${BUILD_FLAGS} \
+               -D SECURE_BOOT_ENABLE \
+               -D SMM_REQUIRE \
+               -D EXCLUDE_SHELL_FROM_FD"
+
+       [[ ${PV} != "999999" ]] && use binary && return
 
        emake ARCH=${TARGET_ARCH} -C BaseTools
 
        . ./edksetup.sh
 
+       # Build all EFI firmware blobs:
+
+       mkdir -p ovmf
+
        ./OvmfPkg/build.sh \
                -a "${TARGET_ARCH}" -b "${TARGET_NAME}" -t "${TARGET_TOOLS}" \
-               -D FD_SIZE_2MB \
-               || die "OvmfPkg/build.sh failed"
+               ${BUILD_FLAGS} || die "OvmfPkg/build.sh failed"
+
+       cp Build/OvmfX64/*/FV/OVMF_*.fd ovmf/
+       rm -rf Build/OvmfX64
+
+       ./OvmfPkg/build.sh \
+               -a "${TARGET_ARCH}" -b "${TARGET_NAME}" -t "${TARGET_TOOLS}" \
+               ${SECUREBOOT_BUILD_FLAGS} || die "OvmfPkg/build.sh failed"
+
+       cp Build/OvmfX64/*/FV/OVMF_CODE.fd ovmf/OVMF_CODE.secboot.fd || die "cp 
failed"
+       cp Build/OvmfX64/*/X64/Shell.efi ovmf/ || die "cp failed"
+       cp Build/OvmfX64/*/X64/EnrollDefaultKeys.efi ovmf || die "cp failed"
+
+       # Build a convenience UefiShell.img:
+
+       mkdir -p iso_image/efi/boot || die "mkdir failed"
+       cp ovmf/Shell.efi iso_image/efi/boot/bootx64.efi || die "cp failed"
+       cp ovmf/EnrollDefaultKeys.efi iso_image || die "cp failed"
+       qemu-img convert --image-opts \
+               
driver=vvfat,floppy=on,fat-type=12,label=UEFI_SHELL,dir=iso_image \
+               ovmf/UefiShell.img || die "qemu-img failed"
 }
 
 src_install() {
-       local builddir="Build/OvmfX64/${TARGET_NAME}_${TARGET_TOOLS}/FV"
-
        insinto /usr/share/${PN}
-       doins "${builddir}"/OVMF{,_CODE,_VARS}.fd
+       doins ovmf/*
 
        readme.gentoo_create_doc
 }

Reply via email to