]> git.proxmox.com Git - pve-edk2-firmware.git/blob - debian/rules
projects / pve-edk2-firmware.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
update submodule, patches and buildsys to 2023.08
[pve-edk2-firmware.git] / debian / rules
1 #!/usr/bin/make -f
2
3 SHELL=/bin/bash
4
5 include /usr/share/dpkg/default.mk
6
7 BUILD_TYPE ?= RELEASE
8 EDK2_TOOLCHAIN = GCC5
9 export $(EDK2_TOOLCHAIN)_AARCH64_PREFIX=aarch64-linux-gnu-
10
11 export PYTHON3_ENABLE=TRUE
12
13 ifeq ($(DEB_BUILD_ARCH),amd64)
14 EDK2_BUILD_ARCH=X64
15 endif
16 ifeq ($(DEB_BUILD_ARCH),i386)
17 EDK2_BUILD_ARCH=IA32
18 endif
19 ifeq ($(DEB_BUILD_ARCH),arm64)
20 EDK2_BUILD_ARCH=AARCH64
21 endif
22
23 PCD_RELEASE_DATE = $(shell date -d@$(SOURCE_DATE_EPOCH) "+%m/%d/%Y")
24 PCD_FLAGS = --pcd PcdFirmwareVendor=L"Proxmox distribution of EDK II\\0"
25 PCD_FLAGS += --pcd PcdFirmwareVersionString=L"$(DEB_VERSION)\\0"
26 PCD_FLAGS += --pcd PcdFirmwareReleaseDateString=L"$(PCD_RELEASE_DATE)\\0"
27 COMMON_FLAGS = -DNETWORK_HTTP_BOOT_ENABLE=TRUE
28 COMMON_FLAGS += -DNETWORK_IP6_ENABLE=TRUE
29 COMMON_FLAGS += -DNETWORK_TLS_ENABLE
30 COMMON_FLAGS += -DSECURE_BOOT_ENABLE=TRUE
31 COMMON_FLAGS += $(PCD_FLAGS)
32 OVMF_COMMON_FLAGS = $(COMMON_FLAGS)
33 OVMF_COMMON_FLAGS += -DTPM2_ENABLE=TRUE
34 OVMF_4M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB
35 OVMF_4M_SMM_FLAGS = $(OVMF_4M_FLAGS) -DSMM_REQUIRE=TRUE
36 OVMF32_4M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB
37 OVMF32_4M_SMM_FLAGS = $(OVMF32_4M_FLAGS) -DSMM_REQUIRE=TRUE
38
39 AAVMF_FLAGS = $(COMMON_FLAGS)
40 AAVMF_FLAGS += -DTPM2_ENABLE=TRUE
41 AAVMF_FLAGS += -DTPM2_CONFIG_ENABLE=TRUE
42 AAVMF_FLAGS += -DCAVIUM_ERRATUM_27456=TRUE
43
44
45 # Clear variables used internally by the edk2 build system
46 undefine WORKSPACE
47 undefine ECP_SOURCE
48 undefine EDK_SOURCE
49 undefine EFI_SOURCE
50 undefine EDK_TOOLS_PATH
51 undefine CONF_PATH
52
53 %:
54 dh $@
55
56 override_dh_auto_build: build-qemu-efi-aarch64 build-ovmf build-ovmf32
57
58 debian/setup-build-stamp:
59 cp -a debian/Logo.bmp MdeModulePkg/Logo/Logo.bmp
60 set -e; . ./edksetup.sh; \
61 make -C BaseTools ARCH=$(EDK2_BUILD_ARCH)
62 touch $@
63
64 OVMF_INSTALL_DIR = debian/ovmf-install
65 OVMF_BUILD_DIR = Build/OvmfX64/$(BUILD_TYPE)_$(EDK2_TOOLCHAIN)
66 OVMF3264_BUILD_DIR = Build/Ovmf3264/$(BUILD_TYPE)_$(EDK2_TOOLCHAIN)
67 OVMF_ENROLL = $(OVMF3264_BUILD_DIR)/X64/EnrollDefaultKeys.efi
68 OVMF_SHELL = $(OVMF3264_BUILD_DIR)/X64/Shell.efi
69 OVMF_BINARIES = $(OVMF_ENROLL) $(OVMF_SHELL)
70 OVMF_IMAGES := $(addprefix $(OVMF_INSTALL_DIR)/,OVMF_CODE_4M.fd OVMF_CODE_4M.secboot.fd OVMF_VARS_4M.fd)
71 OVMF_PREENROLLED_VARS := $(addprefix $(OVMF_INSTALL_DIR)/,OVMF_VARS_4M.ms.fd OVMF_VARS_4M.snakeoil.fd)
72
73 OVMF32_INSTALL_DIR = debian/ovmf32-install
74 OVMF32_BUILD_DIR = Build/OvmfIa32/$(BUILD_TYPE)_$(EDK2_TOOLCHAIN)
75 OVMF32_SHELL = $(OVMF32_BUILD_DIR)/IA32/Shell.efi
76 OVMF32_BINARIES = $(OVMF32_SHELL)
77 OVMF32_IMAGES := $(addprefix $(OVMF32_INSTALL_DIR)/,OVMF32_CODE_4M.secboot.fd OVMF32_VARS_4M.fd)
78
79 QEMU_EFI_BUILD_DIR = Build/ArmVirtQemu-$(EDK2_HOST_ARCH)/$(BUILD_TYPE)_$(EDK2_TOOLCHAIN)
80 AAVMF_BUILD_DIR = Build/ArmVirtQemu-AARCH64/$(BUILD_TYPE)_$(EDK2_TOOLCHAIN)
81 AAVMF_ENROLL = $(AAVMF_BUILD_DIR)/AARCH64/EnrollDefaultKeys.efi
82 AAVMF_SHELL = $(AAVMF_BUILD_DIR)/AARCH64/Shell.efi
83 AAVMF_BINARIES = $(AAVMF_ENROLL) $(AAVMF_SHELL)
84 AAVMF_CODE = $(AAVMF_BUILD_DIR)/FV/AAVMF_CODE.fd
85 AAVMF_VARS = $(AAVMF_BUILD_DIR)/FV/AAVMF_VARS.fd
86 AAVMF_IMAGES = $(AAVMF_CODE) $(AAVMF_VARS)
87 AAVMF_PREENROLLED_VARS = $(addprefix $(AAVMF_BUILD_DIR)/FV/,AAVMF_VARS.ms.fd AAVMF_VARS.snakeoil.fd)
88
89 build-ovmf32: $(OVMF32_BINARIES) $(OVMF32_IMAGES)
90 $(OVMF32_BINARIES) $(OVMF32_IMAGES): debian/setup-build-stamp
91 rm -rf $(OVMF32_INSTALL_DIR)
92 mkdir $(OVMF32_INSTALL_DIR)
93 set -e; . ./edksetup.sh; \
94 build -a IA32 \
95 -t $(EDK2_TOOLCHAIN) \
96 -p OvmfPkg/OvmfPkgIa32.dsc \
97 $(OVMF32_4M_SMM_FLAGS) -b $(BUILD_TYPE)
98 cp $(OVMF32_BUILD_DIR)/FV/OVMF_CODE.fd \
99 $(OVMF32_INSTALL_DIR)/OVMF32_CODE_4M.secboot.fd
100 cp $(OVMF32_BUILD_DIR)/FV/OVMF_VARS.fd \
101 $(OVMF32_INSTALL_DIR)/OVMF32_VARS_4M.fd
102
103 build-ovmf: $(OVMF_BINARIES) $(OVMF_IMAGES) $(OVMF_PREENROLLED_VARS)
104 $(OVMF_BINARIES) $(OVMF_IMAGES): debian/setup-build-stamp
105 rm -rf $(OVMF_INSTALL_DIR)
106 mkdir $(OVMF_INSTALL_DIR)
107 rm -rf Build/OvmfX64
108 set -e; . ./edksetup.sh; \
109 build -a IA32 -a X64 \
110 -t $(EDK2_TOOLCHAIN) \
111 -p OvmfPkg/OvmfPkgIa32X64.dsc \
112 $(OVMF_4M_FLAGS) -b $(BUILD_TYPE)
113 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_CODE.fd \
114 $(OVMF_INSTALL_DIR)/OVMF_CODE_4M.fd
115 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_VARS.fd \
116 $(OVMF_INSTALL_DIR)/OVMF_VARS_4M.fd
117 rm -rf Build/OvmfX64
118 set -e; . ./edksetup.sh; \
119 build -a IA32 -a X64 \
120 -t $(EDK2_TOOLCHAIN) \
121 -p OvmfPkg/OvmfPkgIa32X64.dsc \
122 $(OVMF_4M_SMM_FLAGS) -b $(BUILD_TYPE)
123 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_CODE.fd \
124 $(OVMF_INSTALL_DIR)/OVMF_CODE_4M.secboot.fd
125
126 ifeq ($(call dpkg_vendor_derives_from_v1,ubuntu),yes)
127 debian/PkKek-1-vendor.pem: debian/PkKek-1-Ubuntu.pem
128 else
129 debian/PkKek-1-vendor.pem: debian/PkKek-1-Debian.pem
130 endif
131 ln -sf `basename $<` $@
132
133 debian/oem-string-%: debian/PkKek-1-%.pem
134 tr -d '\n' < $< | \
135 sed -e 's/.*-----BEGIN CERTIFICATE-----/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' -e 's/-----END CERTIFICATE-----//' > $@
136
137 %/AAVMF_VARS.ms.fd: %/AAVMF_CODE.fd %/AAVMF_VARS.fd debian/oem-string-vendor $(AAVMF_ENROLL) $(AAVMF_SHELL)
138 PYTHONPATH=$(CURDIR)/debian/python \
139 python3 ./debian/edk2-vars-generator.py \
140 -f AAVMF -e $(AAVMF_ENROLL) -s $(AAVMF_SHELL) \
141 -c $(AAVMF_CODE) -V $(AAVMF_VARS) \
142 -C `< debian/oem-string-vendor` -o $@
143
144 %/AAVMF_VARS.snakeoil.fd: %/AAVMF_CODE.fd %/AAVMF_VARS.fd debian/oem-string-snakeoil $(AAVMF_ENROLL) $(AAVMF_SHELL)
145 PYTHONPATH=$(CURDIR)/debian/python \
146 python3 ./debian/edk2-vars-generator.py \
147 -f AAVMF -e $(AAVMF_ENROLL) -s $(AAVMF_SHELL) \
148 -c $(AAVMF_CODE) -V $(AAVMF_VARS) \
149 --no-default \
150 -C `< debian/oem-string-snakeoil` -o $@
151
152 %/OVMF_VARS.ms.fd: %/OVMF_CODE.fd %/OVMF_VARS.fd debian/oem-string-vendor $(OVMF_ENROLL) $(OVMF_SHELL)
153 PYTHONPATH=$(CURDIR)/debian/python \
154 python3 ./debian/edk2-vars-generator.py \
155 -f OVMF -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
156 -c $(OVMF_INSTALL_DIR)/OVMF_CODE.fd \
157 -V $(OVMF_INSTALL_DIR)/OVMF_VARS.fd \
158 -C `< debian/oem-string-vendor` -o $@
159
160 %/OVMF_VARS_4M.ms.fd: %/OVMF_CODE_4M.fd %/OVMF_VARS_4M.fd debian/oem-string-vendor $(OVMF_ENROLL) $(OVMF_SHELL)
161 PYTHONPATH=$(CURDIR)/debian/python \
162 python3 ./debian/edk2-vars-generator.py \
163 -f OVMF_4M -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
164 -c $(OVMF_INSTALL_DIR)/OVMF_CODE_4M.fd \
165 -V $(OVMF_INSTALL_DIR)/OVMF_VARS_4M.fd \
166 -C `< debian/oem-string-vendor` -o $@
167
168 %/OVMF_VARS_4M.snakeoil.fd: %/OVMF_CODE_4M.fd %/OVMF_VARS_4M.fd debian/oem-string-snakeoil $(OVMF_ENROLL) $(OVMF_SHELL)
169 PYTHONPATH=$(CURDIR)/debian/python \
170 python3 ./debian/edk2-vars-generator.py \
171 -f OVMF_4M -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
172 -c $(OVMF_INSTALL_DIR)/OVMF_CODE_4M.fd \
173 -V $(OVMF_INSTALL_DIR)/OVMF_VARS_4M.fd \
174 --no-default \
175 -C `< debian/oem-string-snakeoil` -o $@
176
177 ArmPkg/Library/GccLto/liblto-aarch64.a: ArmPkg/Library/GccLto/liblto-aarch64.s
178 $($(EDK2_TOOLCHAIN)_AARCH64_PREFIX)gcc -c -fpic $< -o $@
179
180 ArmPkg/Library/GccLto/liblto-arm.a: ArmPkg/Library/GccLto/liblto-arm.s
181 $($(EDK2_TOOLCHAIN)_ARM_PREFIX)gcc -c -fpic $< -o $@
182
183 build-qemu-efi: debian/setup-build-stamp
184 set -e; . ./edksetup.sh; \
185 build -a $(EDK2_HOST_ARCH) \
186 -t $(EDK2_TOOLCHAIN) \
187 -p ArmVirtPkg/ArmVirtQemu.dsc \
188 $(AAVMF_FLAGS) -b $(BUILD_TYPE)
189 cp $(QEMU_EFI_BUILD_DIR)/FV/QEMU_EFI.fd \
190 $(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_CODE.fd
191 cp $(QEMU_EFI_BUILD_DIR)/FV/QEMU_VARS.fd \
192 $(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_VARS.fd
193 # QEMU expects 64MiB CODE and VARS files on ARM/AARCH64 architectures
194 # Truncate the firmware files to the expected size
195 truncate -s 64M $(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_CODE.fd
196 truncate -s 64M $(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_VARS.fd
197
198 build-qemu-efi-aarch64: $(AAVMF_BINARIES) $(AAVMF_IMAGES) $(AAVMF_PREENROLLED_VARS)
199 $(AAVMF_BINARIES) $(AAVMF_IMAGES): ArmPkg/Library/GccLto/liblto-aarch64.a
200 $(MAKE) -f debian/rules build-qemu-efi EDK2_ARCH_DIR=AArch64 EDK2_HOST_ARCH=AARCH64 FW_NAME=AAVMF
201
202 override_dh_auto_clean:
203 -. ./edksetup.sh; build clean
204 make -C BaseTools clean
205
206 # Only embed code that is actually used; requested by the Ubuntu Security Team
207 EMBEDDED_SUBMODULES += CryptoPkg/Library/OpensslLib/openssl
208 EMBEDDED_SUBMODULES += ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3
209 EMBEDDED_SUBMODULES += MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
210 EMBEDDED_SUBMODULES += MdePkg/Library/MipiSysTLib/mipisyst
211 get-orig-source:
212 # Should be executed on a checkout of the upstream master branch,
213 # with the debian/ directory manually copied in.
214 rm -rf edk2.tmp && git clone . edk2.tmp
215 # Embed submodules. Don't recurse - openssl will bring in MBs of
216 # stuff we don't need
217 set -e; cd edk2.tmp; \
218 for submodule in $(EMBEDDED_SUBMODULES); do \
219 git submodule update --depth 1 --init $$submodule; \
220 done
221 rm -rf edk2-$(DEB_VERSION_UPSTREAM) && \
222 mkdir edk2-$(DEB_VERSION_UPSTREAM)
223 cd edk2.tmp && git archive HEAD | \
224 tar xv -C ../edk2-$(DEB_VERSION_UPSTREAM)
225 cd edk2.tmp && git submodule foreach \
226 'git archive HEAD | tar xv -C $$toplevel/../edk2-$(DEB_VERSION_UPSTREAM)/$$sm_path'
227 ln -s ../debian edk2-$(DEB_VERSION_UPSTREAM)
228 # Remove known-binary files
229 cd edk2-$(DEB_VERSION_UPSTREAM) && python3 ./debian/remove-binaries.py
230 # Look for possible unknown binary files
231 cd edk2-$(DEB_VERSION_UPSTREAM) && python3 ./debian/find-binaries.py
232 rm edk2-$(DEB_VERSION_UPSTREAM)/debian
233 tar Jcvf ../edk2_$(DEB_VERSION_UPSTREAM).orig.tar.xz \
234 edk2-$(DEB_VERSION_UPSTREAM)
235 rm -rf edk2.tmp edk2-$(DEB_VERSION_UPSTREAM)
236
237 .PHONY: build-ovmf build-ovmf32 build-qemu-efi build-qemu-efi-aarch64
EDK2 Firmware for PVE