]>
Commit | Line | Data |
---|---|---|
33bf0acc | 1 | #!/usr/bin/make -f |
33bf0acc | 2 | |
a65627a8 | 3 | SHELL=/bin/bash |
33bf0acc | 4 | |
2b1d392a | 5 | include /usr/share/dpkg/default.mk |
33bf0acc | 6 | |
a65627a8 | 7 | EDK2_TOOLCHAIN = GCC5 |
33bf0acc TL |
8 | export $(EDK2_TOOLCHAIN)_AARCH64_PREFIX=aarch64-linux-gnu- |
9 | ||
1345c3eb | 10 | export PYTHON3_ENABLE=TRUE |
1da98c7b | 11 | |
33bf0acc TL |
12 | ifeq ($(DEB_BUILD_ARCH),amd64) |
13 | EDK2_BUILD_ARCH=X64 | |
33bf0acc | 14 | endif |
a65627a8 TL |
15 | ifeq ($(DEB_BUILD_ARCH),i386) |
16 | EDK2_BUILD_ARCH=IA32 | |
17 | endif | |
33bf0acc TL |
18 | ifeq ($(DEB_BUILD_ARCH),arm64) |
19 | EDK2_BUILD_ARCH=AARCH64 | |
20 | endif | |
a65627a8 TL |
21 | |
22 | COMMON_FLAGS = -DNETWORK_HTTP_BOOT_ENABLE=TRUE -DNETWORK_TLS_ENABLE -DSECURE_BOOT_ENABLE=TRUE | |
23 | OVMF_COMMON_FLAGS = $(COMMON_FLAGS) -DTPM_ENABLE=TRUE | |
24 | OVMF_2M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_2MB | |
25 | OVMF_4M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB | |
26 | OVMF_2M_SMM_FLAGS = $(OVMF_2M_FLAGS) -DSMM_REQUIRE=TRUE | |
27 | OVMF_4M_SMM_FLAGS = $(OVMF_4M_FLAGS) -DSMM_REQUIRE=TRUE | |
28 | OVMF32_4M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB | |
29 | OVMF32_4M_SMM_FLAGS = $(OVMF32_4M_FLAGS) -DSMM_REQUIRE=TRUE | |
30 | ||
31 | AAVMF_FLAGS = $(COMMON_FLAGS) -DTPM2_ENABLE=TRUE -DTPM2_CONFIG_ENABLE=TRUE | |
32 | ||
33 | OVMF_VARS_GENERATOR = ./qemu-ovmf-secureboot-1-1-3/ovmf-vars-generator | |
33bf0acc TL |
34 | |
35 | # Clear variables used internally by the edk2 build system | |
36 | undefine WORKSPACE | |
37 | undefine ECP_SOURCE | |
38 | undefine EDK_SOURCE | |
39 | undefine EFI_SOURCE | |
40 | undefine EDK_TOOLS_PATH | |
41 | undefine CONF_PATH | |
42 | ||
43 | %: | |
44 | dh $@ | |
45 | ||
a65627a8 | 46 | override_dh_auto_build: build-qemu-efi-aarch64 build-ovmf build-ovmf32 |
33bf0acc | 47 | |
a65627a8 | 48 | debian/setup-build-stamp: |
33bf0acc | 49 | cp -a debian/Logo.bmp MdeModulePkg/Logo/Logo.bmp |
a65627a8 | 50 | set -e; . ./edksetup.sh; \ |
33bf0acc | 51 | make -C BaseTools ARCH=$(EDK2_BUILD_ARCH) |
a65627a8 TL |
52 | touch $@ |
53 | ||
54 | OVMF_BUILD_DIR = Build/OvmfX64/RELEASE_$(EDK2_TOOLCHAIN) | |
55 | OVMF3264_BUILD_DIR = Build/Ovmf3264/RELEASE_$(EDK2_TOOLCHAIN) | |
56 | OVMF_ENROLL = $(OVMF3264_BUILD_DIR)/X64/EnrollDefaultKeys.efi | |
57 | OVMF_SHELL = $(OVMF3264_BUILD_DIR)/X64/Shell.efi | |
58 | OVMF_BINARIES = $(OVMF_ENROLL) $(OVMF_SHELL) | |
59 | OVMF_IMAGES := $(addprefix debian/ovmf-install/,OVMF_CODE.fd OVMF_CODE_4M.fd OVMF_CODE.secboot.fd OVMF_CODE_4M.secboot.fd OVMF_VARS.fd OVMF_VARS_4M.fd) | |
60 | OVMF_PREENROLLED_VARS := $(addprefix debian/ovmf-install/,OVMF_VARS.ms.fd OVMF_VARS_4M.ms.fd OVMF_VARS_4M.snakeoil.fd) | |
33bf0acc | 61 | |
a65627a8 TL |
62 | OVMF32_BUILD_DIR = Build/OvmfIa32/RELEASE_$(EDK2_TOOLCHAIN) |
63 | OVMF32_SHELL = $(OVMF32_BUILD_DIR)/IA32/Shell.efi | |
64 | OVMF32_BINARIES = $(OVMF32_SHELL) | |
65 | OVMF32_IMAGES := $(addprefix debian/ovmf32-install/,OVMF32_CODE_4M.secboot.fd OVMF_VARS_4M.fd) | |
66 | ||
67 | QEMU_EFI_BUILD_DIR = Build/ArmVirtQemu-$(EDK2_HOST_ARCH)/RELEASE_$(EDK2_TOOLCHAIN) | |
68 | AAVMF_BUILD_DIR = Build/ArmVirtQemu-AARCH64/RELEASE_$(EDK2_TOOLCHAIN) | |
69 | AAVMF_ENROLL = $(AAVMF_BUILD_DIR)/AARCH64/EnrollDefaultKeys.efi | |
70 | AAVMF_SHELL = $(AAVMF_BUILD_DIR)/AARCH64/Shell.efi | |
71 | AAVMF_BINARIES = $(AAVMF_ENROLL) $(AAVMF_SHELL) | |
72 | AAVMF_CODE = $(AAVMF_BUILD_DIR)/FV/AAVMF_CODE.fd | |
73 | AAVMF_VARS = $(AAVMF_BUILD_DIR)/FV/AAVMF_VARS.fd | |
74 | AAVMF_IMAGES = $(AAVMF_CODE) $(AAVMF_VARS) | |
75 | AAVMF_PREENROLLED_VARS = $(addprefix $(AAVMF_BUILD_DIR)/FV/,AAVMF_VARS.ms.fd AAVMF_VARS.snakeoil.fd) | |
76 | ||
77 | build-ovmf32: $(OVMF32_BINARIES) $(OVMF32_IMAGES) | |
78 | $(OVMF32_BINARIES) $(OVMF32_IMAGES): debian/setup-build-stamp | |
79 | rm -rf debian/ovmf32-install | |
80 | mkdir debian/ovmf32-install | |
81 | set -e; . ./edksetup.sh; \ | |
82 | build -a IA32 \ | |
83 | -t $(EDK2_TOOLCHAIN) \ | |
84 | -p OvmfPkg/OvmfPkgIa32.dsc \ | |
85 | $(OVMF32_4M_SMM_FLAGS) -b RELEASE | |
86 | cp $(OVMF32_BUILD_DIR)/FV/OVMF_CODE.fd \ | |
87 | debian/ovmf32-install/OVMF32_CODE_4M.secboot.fd | |
88 | cp $(OVMF32_BUILD_DIR)/FV/OVMF_VARS.fd \ | |
89 | debian/ovmf32-install/OVMF32_VARS_4M.fd | |
90 | ||
91 | build-ovmf: $(OVMF_BINARIES) $(OVMF_IMAGES) $(OVMF_PREENROLLED_VARS) | |
92 | $(OVMF_BINARIES) $(OVMF_IMAGES): debian/setup-build-stamp | |
93 | rm -rf debian/ovmf-install | |
94 | mkdir debian/ovmf-install | |
95 | set -e; . ./edksetup.sh; \ | |
96 | build -a X64 \ | |
97 | -t $(EDK2_TOOLCHAIN) \ | |
98 | -p OvmfPkg/OvmfPkgX64.dsc \ | |
99 | $(OVMF_2M_FLAGS) -b RELEASE | |
100 | cp $(OVMF_BUILD_DIR)/FV/OVMF_CODE.fd \ | |
101 | debian/ovmf-install/ | |
102 | cp $(OVMF_BUILD_DIR)/FV/OVMF_VARS.fd debian/ovmf-install/ | |
103 | rm -rf Build/OvmfX64 | |
104 | set -e; . ./edksetup.sh; \ | |
105 | build -a IA32 -a X64 \ | |
106 | -t $(EDK2_TOOLCHAIN) \ | |
107 | -p OvmfPkg/OvmfPkgIa32X64.dsc \ | |
108 | $(OVMF_4M_FLAGS) -b RELEASE | |
109 | cp $(OVMF3264_BUILD_DIR)/FV/OVMF_CODE.fd \ | |
110 | debian/ovmf-install/OVMF_CODE_4M.fd | |
111 | cp $(OVMF3264_BUILD_DIR)/FV/OVMF_VARS.fd \ | |
112 | debian/ovmf-install/OVMF_VARS_4M.fd | |
113 | rm -rf Build/OvmfX64 | |
33bf0acc | 114 | set -e; . ./edksetup.sh; \ |
a65627a8 TL |
115 | build -a X64 \ |
116 | -t $(EDK2_TOOLCHAIN) \ | |
117 | -p OvmfPkg/OvmfPkgX64.dsc \ | |
118 | $(OVMF_2M_SMM_FLAGS) -b RELEASE | |
119 | cp $(OVMF_BUILD_DIR)/FV/OVMF_CODE.fd \ | |
120 | debian/ovmf-install/OVMF_CODE.secboot.fd | |
121 | rm -rf Build/OvmfX64 | |
122 | set -e; . ./edksetup.sh; \ | |
123 | build -a IA32 -a X64 \ | |
124 | -t $(EDK2_TOOLCHAIN) \ | |
125 | -p OvmfPkg/OvmfPkgIa32X64.dsc \ | |
126 | $(OVMF_4M_SMM_FLAGS) -b RELEASE | |
127 | cp $(OVMF3264_BUILD_DIR)/FV/OVMF_CODE.fd \ | |
128 | debian/ovmf-install/OVMF_CODE_4M.secboot.fd | |
129 | ||
130 | ifeq ($(call dpkg_vendor_derives_from_v1,ubuntu),yes) | |
131 | debian/PkKek-1-vendor.pem: debian/PkKek-1-Ubuntu.pem | |
132 | else | |
133 | debian/PkKek-1-vendor.pem: debian/PkKek-1-Debian.pem | |
134 | endif | |
135 | ln -sf `basename $<` $@ | |
136 | ||
137 | debian/oem-string-%: debian/PkKek-1-%.pem | |
138 | tr -d '\n' < $< | \ | |
139 | sed -e 's/.*-----BEGIN CERTIFICATE-----/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' -e 's/-----END CERTIFICATE-----//' > $@ | |
140 | ||
141 | %/AAVMF_VARS.ms.fd: %/AAVMF_CODE.fd %/AAVMF_VARS.fd debian/oem-string-vendor $(AAVMF_ENROLL) $(AAVMF_SHELL) | |
142 | PYTHONPATH=$(CURDIR)/debian/python \ | |
143 | ./debian/edk2-vars-generator.py \ | |
144 | -f AAVMF -e $(AAVMF_ENROLL) -s $(AAVMF_SHELL) \ | |
145 | -c $(AAVMF_CODE) -V $(AAVMF_VARS) \ | |
146 | -C `< debian/oem-string-vendor` -o $@ | |
147 | ||
148 | %/AAVMF_VARS.snakeoil.fd: %/AAVMF_CODE.fd %/AAVMF_VARS.fd debian/oem-string-snakeoil $(AAVMF_ENROLL) $(AAVMF_SHELL) | |
149 | PYTHONPATH=$(CURDIR)/debian/python \ | |
150 | ./debian/edk2-vars-generator.py \ | |
151 | -f AAVMF -e $(AAVMF_ENROLL) -s $(AAVMF_SHELL) \ | |
152 | -c $(AAVMF_CODE) -V $(AAVMF_VARS) \ | |
153 | -C `< debian/oem-string-snakeoil` -o $@ | |
154 | ||
155 | %/OVMF_VARS.ms.fd: %/OVMF_CODE.fd %/OVMF_VARS.fd debian/oem-string-vendor $(OVMF_ENROLL) $(OVMF_SHELL) | |
156 | PYTHONPATH=$(CURDIR)/debian/python \ | |
157 | ./debian/edk2-vars-generator.py \ | |
158 | -f OVMF -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \ | |
159 | -c debian/ovmf-install/OVMF_CODE.fd \ | |
160 | -V debian/ovmf-install/OVMF_VARS.fd \ | |
161 | -C `< debian/oem-string-vendor` -o $@ | |
162 | ||
163 | %/OVMF_VARS_4M.ms.fd: %/OVMF_CODE_4M.fd %/OVMF_VARS_4M.fd debian/oem-string-vendor $(OVMF_ENROLL) $(OVMF_SHELL) | |
164 | PYTHONPATH=$(CURDIR)/debian/python \ | |
165 | ./debian/edk2-vars-generator.py \ | |
166 | -f OVMF_4M -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \ | |
167 | -c debian/ovmf-install/OVMF_CODE_4M.fd \ | |
168 | -V debian/ovmf-install/OVMF_VARS_4M.fd \ | |
169 | -C `< debian/oem-string-vendor` -o $@ | |
170 | ||
171 | %/OVMF_VARS_4M.snakeoil.fd: %/OVMF_CODE_4M.fd %/OVMF_VARS_4M.fd debian/oem-string-snakeoil $(OVMF_ENROLL) $(OVMF_SHELL) | |
172 | PYTHONPATH=$(CURDIR)/debian/python \ | |
173 | ./debian/edk2-vars-generator.py \ | |
174 | -f OVMF_4M -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \ | |
175 | -c debian/ovmf-install/OVMF_CODE_4M.fd \ | |
176 | -V debian/ovmf-install/OVMF_VARS_4M.fd \ | |
177 | -C `< debian/oem-string-snakeoil` -o $@ | |
178 | ||
179 | ArmPkg/Library/GccLto/liblto-aarch64.a: ArmPkg/Library/GccLto/liblto-aarch64.s | |
180 | $($(EDK2_TOOLCHAIN)_AARCH64_PREFIX)gcc -c -fpic $< -o $@ | |
181 | ||
182 | build-qemu-efi: debian/setup-build-stamp | |
20ffa59c | 183 | set -e; . ./edksetup.sh; \ |
20ffa59c TL |
184 | build -a $(EDK2_HOST_ARCH) \ |
185 | -t $(EDK2_TOOLCHAIN) \ | |
186 | -p ArmVirtPkg/ArmVirtQemu.dsc \ | |
a65627a8 TL |
187 | $(AAVMF_FLAGS) -b RELEASE |
188 | dd if=/dev/zero of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_CODE.fd bs=1M seek=64 count=0 | |
189 | dd if=$(QEMU_EFI_BUILD_DIR)/FV/QEMU_EFI.fd of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_CODE.fd conv=notrunc | |
190 | dd if=/dev/zero of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_VARS.fd bs=1M seek=64 count=0 | |
191 | ||
192 | build-qemu-efi-aarch64: $(AAVMF_BINARIES) $(AAVMF_PREENROLLED_VARS) | |
193 | $(AAVMF_BINARIES): ArmPkg/Library/GccLto/liblto-aarch64.a | |
20ffa59c TL |
194 | $(MAKE) -f debian/rules build-qemu-efi EDK2_ARCH_DIR=AArch64 EDK2_HOST_ARCH=AARCH64 FW_NAME=AAVMF |
195 | ||
33bf0acc | 196 | override_dh_auto_clean: |
a65627a8 TL |
197 | -. ./edksetup.sh; build clean |
198 | make -C BaseTools clean | |
199 | ||
200 | # Only embed code that is actually used; requested by the Ubuntu Security Team | |
201 | EMBEDDED_SUBMODULES += CryptoPkg/Library/OpensslLib/openssl | |
202 | EMBEDDED_SUBMODULES += ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3 | |
203 | EMBEDDED_SUBMODULES += MdeModulePkg/Library/BrotliCustomDecompressLib/brotli | |
204 | get-orig-source: | |
205 | # Should be executed on a checkout of the upstream master branch, | |
206 | # with the debian/ directory manually copied in. | |
207 | rm -rf edk2.tmp && git clone . edk2.tmp | |
208 | # Embed submodules. Don't recurse - openssl will bring in MBs of | |
209 | # stuff we don't need | |
210 | set -e; cd edk2.tmp; \ | |
211 | for submodule in $(EMBEDDED_SUBMODULES); do \ | |
212 | git submodule update --init $$submodule; \ | |
213 | done | |
214 | rm -rf edk2-$(DEB_VERSION_UPSTREAM) && \ | |
215 | mkdir edk2-$(DEB_VERSION_UPSTREAM) | |
216 | cd edk2.tmp && git archive HEAD | \ | |
217 | tar xv -C ../edk2-$(DEB_VERSION_UPSTREAM) | |
218 | cd edk2.tmp && git submodule foreach \ | |
219 | 'git archive HEAD | tar xv -C $$toplevel/../edk2-$(DEB_VERSION_UPSTREAM)/$$sm_path' | |
220 | ln -s ../debian edk2-$(DEB_VERSION_UPSTREAM) | |
221 | # Remove known-binary files | |
222 | cd edk2-$(DEB_VERSION_UPSTREAM) && python3 ./debian/remove-binaries.py | |
223 | # Look for possible unknown binary files | |
224 | cd edk2-$(DEB_VERSION_UPSTREAM) && python3 ./debian/find-binaries.py | |
225 | rm edk2-$(DEB_VERSION_UPSTREAM)/debian | |
226 | tar Jcvf ../edk2_$(DEB_VERSION_UPSTREAM).orig.tar.xz \ | |
227 | edk2-$(DEB_VERSION_UPSTREAM) | |
228 | rm -rf edk2.tmp edk2-$(DEB_VERSION_UPSTREAM) | |
229 | ||
230 | .PHONY: build-ovmf build-ovmf32 build-qemu-efi build-qemu-efi-aarch64 |