]> git.proxmox.com Git - pve-edk2-firmware.git/blob - debian/rules
projects / pve-edk2-firmware.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bump version to 4.2023.08-4
[pve-edk2-firmware.git] / debian / rules
1 #!/usr/bin/make -f
2
3 SHELL=/bin/bash
4
5 include /usr/share/dpkg/default.mk
6
7 EDK2_TOOLCHAIN = GCC5
8 export $(EDK2_TOOLCHAIN)_AARCH64_PREFIX=aarch64-linux-gnu-
9
10 export PYTHON3_ENABLE=TRUE
11
12 ifeq ($(DEB_BUILD_ARCH),amd64)
13 EDK2_BUILD_ARCH=X64
14 endif
15 ifeq ($(DEB_BUILD_ARCH),i386)
16 EDK2_BUILD_ARCH=IA32
17 endif
18 ifeq ($(DEB_BUILD_ARCH),arm64)
19 EDK2_BUILD_ARCH=AARCH64
20 endif
21
22 COMMON_FLAGS = -DNETWORK_HTTP_BOOT_ENABLE=TRUE -DNETWORK_TLS_ENABLE -DSECURE_BOOT_ENABLE=TRUE
23 OVMF_COMMON_FLAGS = $(COMMON_FLAGS) -DTPM_ENABLE=TRUE
24 OVMF_2M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_2MB
25 OVMF_4M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB
26 OVMF_2M_SMM_FLAGS = $(OVMF_2M_FLAGS) -DSMM_REQUIRE=TRUE
27 OVMF_4M_SMM_FLAGS = $(OVMF_4M_FLAGS) -DSMM_REQUIRE=TRUE
28 OVMF32_4M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB
29 OVMF32_4M_SMM_FLAGS = $(OVMF32_4M_FLAGS) -DSMM_REQUIRE=TRUE
30
31 AAVMF_FLAGS = $(COMMON_FLAGS) -DTPM2_ENABLE=TRUE -DTPM2_CONFIG_ENABLE=TRUE
32
33 OVMF_VARS_GENERATOR = ./qemu-ovmf-secureboot-1-1-3/ovmf-vars-generator
34
35 # Clear variables used internally by the edk2 build system
36 undefine WORKSPACE
37 undefine ECP_SOURCE
38 undefine EDK_SOURCE
39 undefine EFI_SOURCE
40 undefine EDK_TOOLS_PATH
41 undefine CONF_PATH
42
43 %:
44 dh $@
45
46 override_dh_auto_build: build-qemu-efi-aarch64 build-ovmf build-ovmf32
47
48 debian/setup-build-stamp:
49 cp -a debian/Logo.bmp MdeModulePkg/Logo/Logo.bmp
50 set -e; . ./edksetup.sh; \
51 make -C BaseTools ARCH=$(EDK2_BUILD_ARCH)
52 touch $@
53
54 OVMF_BUILD_DIR = Build/OvmfX64/RELEASE_$(EDK2_TOOLCHAIN)
55 OVMF3264_BUILD_DIR = Build/Ovmf3264/RELEASE_$(EDK2_TOOLCHAIN)
56 OVMF_ENROLL = $(OVMF3264_BUILD_DIR)/X64/EnrollDefaultKeys.efi
57 OVMF_SHELL = $(OVMF3264_BUILD_DIR)/X64/Shell.efi
58 OVMF_BINARIES = $(OVMF_ENROLL) $(OVMF_SHELL)
59 OVMF_IMAGES := $(addprefix debian/ovmf-install/,OVMF_CODE.fd OVMF_CODE_4M.fd OVMF_CODE.secboot.fd OVMF_CODE_4M.secboot.fd OVMF_VARS.fd OVMF_VARS_4M.fd)
60 OVMF_PREENROLLED_VARS := $(addprefix debian/ovmf-install/,OVMF_VARS.ms.fd OVMF_VARS_4M.ms.fd OVMF_VARS_4M.snakeoil.fd)
61
62 OVMF32_BUILD_DIR = Build/OvmfIa32/RELEASE_$(EDK2_TOOLCHAIN)
63 OVMF32_SHELL = $(OVMF32_BUILD_DIR)/IA32/Shell.efi
64 OVMF32_BINARIES = $(OVMF32_SHELL)
65 OVMF32_IMAGES := $(addprefix debian/ovmf32-install/,OVMF32_CODE_4M.secboot.fd OVMF_VARS_4M.fd)
66
67 QEMU_EFI_BUILD_DIR = Build/ArmVirtQemu-$(EDK2_HOST_ARCH)/RELEASE_$(EDK2_TOOLCHAIN)
68 AAVMF_BUILD_DIR = Build/ArmVirtQemu-AARCH64/RELEASE_$(EDK2_TOOLCHAIN)
69 AAVMF_ENROLL = $(AAVMF_BUILD_DIR)/AARCH64/EnrollDefaultKeys.efi
70 AAVMF_SHELL = $(AAVMF_BUILD_DIR)/AARCH64/Shell.efi
71 AAVMF_BINARIES = $(AAVMF_ENROLL) $(AAVMF_SHELL)
72 AAVMF_CODE = $(AAVMF_BUILD_DIR)/FV/AAVMF_CODE.fd
73 AAVMF_VARS = $(AAVMF_BUILD_DIR)/FV/AAVMF_VARS.fd
74 AAVMF_IMAGES = $(AAVMF_CODE) $(AAVMF_VARS)
75 AAVMF_PREENROLLED_VARS = $(addprefix $(AAVMF_BUILD_DIR)/FV/,AAVMF_VARS.ms.fd AAVMF_VARS.snakeoil.fd)
76
77 build-ovmf32: $(OVMF32_BINARIES) $(OVMF32_IMAGES)
78 $(OVMF32_BINARIES) $(OVMF32_IMAGES): debian/setup-build-stamp
79 rm -rf debian/ovmf32-install
80 mkdir debian/ovmf32-install
81 set -e; . ./edksetup.sh; \
82 build -a IA32 \
83 -t $(EDK2_TOOLCHAIN) \
84 -p OvmfPkg/OvmfPkgIa32.dsc \
85 $(OVMF32_4M_SMM_FLAGS) -b RELEASE
86 cp $(OVMF32_BUILD_DIR)/FV/OVMF_CODE.fd \
87 debian/ovmf32-install/OVMF32_CODE_4M.secboot.fd
88 cp $(OVMF32_BUILD_DIR)/FV/OVMF_VARS.fd \
89 debian/ovmf32-install/OVMF32_VARS_4M.fd
90
91 build-ovmf: $(OVMF_BINARIES) $(OVMF_IMAGES) $(OVMF_PREENROLLED_VARS)
92 $(OVMF_BINARIES) $(OVMF_IMAGES): debian/setup-build-stamp
93 rm -rf debian/ovmf-install
94 mkdir debian/ovmf-install
95 set -e; . ./edksetup.sh; \
96 build -a X64 \
97 -t $(EDK2_TOOLCHAIN) \
98 -p OvmfPkg/OvmfPkgX64.dsc \
99 $(OVMF_2M_FLAGS) -b RELEASE
100 cp $(OVMF_BUILD_DIR)/FV/OVMF_CODE.fd \
101 debian/ovmf-install/
102 cp $(OVMF_BUILD_DIR)/FV/OVMF_VARS.fd debian/ovmf-install/
103 rm -rf Build/OvmfX64
104 set -e; . ./edksetup.sh; \
105 build -a IA32 -a X64 \
106 -t $(EDK2_TOOLCHAIN) \
107 -p OvmfPkg/OvmfPkgIa32X64.dsc \
108 $(OVMF_4M_FLAGS) -b RELEASE
109 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_CODE.fd \
110 debian/ovmf-install/OVMF_CODE_4M.fd
111 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_VARS.fd \
112 debian/ovmf-install/OVMF_VARS_4M.fd
113 rm -rf Build/OvmfX64
114 set -e; . ./edksetup.sh; \
115 build -a X64 \
116 -t $(EDK2_TOOLCHAIN) \
117 -p OvmfPkg/OvmfPkgX64.dsc \
118 $(OVMF_2M_SMM_FLAGS) -b RELEASE
119 cp $(OVMF_BUILD_DIR)/FV/OVMF_CODE.fd \
120 debian/ovmf-install/OVMF_CODE.secboot.fd
121 rm -rf Build/OvmfX64
122 set -e; . ./edksetup.sh; \
123 build -a IA32 -a X64 \
124 -t $(EDK2_TOOLCHAIN) \
125 -p OvmfPkg/OvmfPkgIa32X64.dsc \
126 $(OVMF_4M_SMM_FLAGS) -b RELEASE
127 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_CODE.fd \
128 debian/ovmf-install/OVMF_CODE_4M.secboot.fd
129
130 ifeq ($(call dpkg_vendor_derives_from_v1,ubuntu),yes)
131 debian/PkKek-1-vendor.pem: debian/PkKek-1-Ubuntu.pem
132 else
133 debian/PkKek-1-vendor.pem: debian/PkKek-1-Debian.pem
134 endif
135 ln -sf `basename $<` $@
136
137 debian/oem-string-%: debian/PkKek-1-%.pem
138 tr -d '\n' < $< | \
139 sed -e 's/.*-----BEGIN CERTIFICATE-----/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' -e 's/-----END CERTIFICATE-----//' > $@
140
141 %/AAVMF_VARS.ms.fd: %/AAVMF_CODE.fd %/AAVMF_VARS.fd debian/oem-string-vendor $(AAVMF_ENROLL) $(AAVMF_SHELL)
142 PYTHONPATH=$(CURDIR)/debian/python \
143 ./debian/edk2-vars-generator.py \
144 -f AAVMF -e $(AAVMF_ENROLL) -s $(AAVMF_SHELL) \
145 -c $(AAVMF_CODE) -V $(AAVMF_VARS) \
146 -C `< debian/oem-string-vendor` -o $@
147
148 %/AAVMF_VARS.snakeoil.fd: %/AAVMF_CODE.fd %/AAVMF_VARS.fd debian/oem-string-snakeoil $(AAVMF_ENROLL) $(AAVMF_SHELL)
149 PYTHONPATH=$(CURDIR)/debian/python \
150 ./debian/edk2-vars-generator.py \
151 -f AAVMF -e $(AAVMF_ENROLL) -s $(AAVMF_SHELL) \
152 -c $(AAVMF_CODE) -V $(AAVMF_VARS) \
153 -C `< debian/oem-string-snakeoil` -o $@
154
155 %/OVMF_VARS.ms.fd: %/OVMF_CODE.fd %/OVMF_VARS.fd debian/oem-string-vendor $(OVMF_ENROLL) $(OVMF_SHELL)
156 PYTHONPATH=$(CURDIR)/debian/python \
157 ./debian/edk2-vars-generator.py \
158 -f OVMF -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
159 -c debian/ovmf-install/OVMF_CODE.fd \
160 -V debian/ovmf-install/OVMF_VARS.fd \
161 -C `< debian/oem-string-vendor` -o $@
162
163 %/OVMF_VARS_4M.ms.fd: %/OVMF_CODE_4M.fd %/OVMF_VARS_4M.fd debian/oem-string-vendor $(OVMF_ENROLL) $(OVMF_SHELL)
164 PYTHONPATH=$(CURDIR)/debian/python \
165 ./debian/edk2-vars-generator.py \
166 -f OVMF_4M -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
167 -c debian/ovmf-install/OVMF_CODE_4M.fd \
168 -V debian/ovmf-install/OVMF_VARS_4M.fd \
169 -C `< debian/oem-string-vendor` -o $@
170
171 %/OVMF_VARS_4M.snakeoil.fd: %/OVMF_CODE_4M.fd %/OVMF_VARS_4M.fd debian/oem-string-snakeoil $(OVMF_ENROLL) $(OVMF_SHELL)
172 PYTHONPATH=$(CURDIR)/debian/python \
173 ./debian/edk2-vars-generator.py \
174 -f OVMF_4M -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
175 -c debian/ovmf-install/OVMF_CODE_4M.fd \
176 -V debian/ovmf-install/OVMF_VARS_4M.fd \
177 -C `< debian/oem-string-snakeoil` -o $@
178
179 ArmPkg/Library/GccLto/liblto-aarch64.a: ArmPkg/Library/GccLto/liblto-aarch64.s
180 $($(EDK2_TOOLCHAIN)_AARCH64_PREFIX)gcc -c -fpic $< -o $@
181
182 build-qemu-efi: debian/setup-build-stamp
183 set -e; . ./edksetup.sh; \
184 build -a $(EDK2_HOST_ARCH) \
185 -t $(EDK2_TOOLCHAIN) \
186 -p ArmVirtPkg/ArmVirtQemu.dsc \
187 $(AAVMF_FLAGS) -b RELEASE
188 dd if=/dev/zero of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_CODE.fd bs=1M seek=64 count=0
189 dd if=$(QEMU_EFI_BUILD_DIR)/FV/QEMU_EFI.fd of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_CODE.fd conv=notrunc
190 dd if=/dev/zero of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_VARS.fd bs=1M seek=64 count=0
191
192 build-qemu-efi-aarch64: $(AAVMF_BINARIES) $(AAVMF_PREENROLLED_VARS)
193 $(AAVMF_BINARIES): ArmPkg/Library/GccLto/liblto-aarch64.a
194 $(MAKE) -f debian/rules build-qemu-efi EDK2_ARCH_DIR=AArch64 EDK2_HOST_ARCH=AARCH64 FW_NAME=AAVMF
195
196 override_dh_auto_clean:
197 -. ./edksetup.sh; build clean
198 make -C BaseTools clean
199
200 # Only embed code that is actually used; requested by the Ubuntu Security Team
201 EMBEDDED_SUBMODULES += CryptoPkg/Library/OpensslLib/openssl
202 EMBEDDED_SUBMODULES += ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3
203 EMBEDDED_SUBMODULES += MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
204 get-orig-source:
205 # Should be executed on a checkout of the upstream master branch,
206 # with the debian/ directory manually copied in.
207 rm -rf edk2.tmp && git clone . edk2.tmp
208 # Embed submodules. Don't recurse - openssl will bring in MBs of
209 # stuff we don't need
210 set -e; cd edk2.tmp; \
211 for submodule in $(EMBEDDED_SUBMODULES); do \
212 git submodule update --init $$submodule; \
213 done
214 rm -rf edk2-$(DEB_VERSION_UPSTREAM) && \
215 mkdir edk2-$(DEB_VERSION_UPSTREAM)
216 cd edk2.tmp && git archive HEAD | \
217 tar xv -C ../edk2-$(DEB_VERSION_UPSTREAM)
218 cd edk2.tmp && git submodule foreach \
219 'git archive HEAD | tar xv -C $$toplevel/../edk2-$(DEB_VERSION_UPSTREAM)/$$sm_path'
220 ln -s ../debian edk2-$(DEB_VERSION_UPSTREAM)
221 # Remove known-binary files
222 cd edk2-$(DEB_VERSION_UPSTREAM) && python3 ./debian/remove-binaries.py
223 # Look for possible unknown binary files
224 cd edk2-$(DEB_VERSION_UPSTREAM) && python3 ./debian/find-binaries.py
225 rm edk2-$(DEB_VERSION_UPSTREAM)/debian
226 tar Jcvf ../edk2_$(DEB_VERSION_UPSTREAM).orig.tar.xz \
227 edk2-$(DEB_VERSION_UPSTREAM)
228 rm -rf edk2.tmp edk2-$(DEB_VERSION_UPSTREAM)
229
230 .PHONY: build-ovmf build-ovmf32 build-qemu-efi build-qemu-efi-aarch64
EDK2 Firmware for PVE