]> git.proxmox.com Git - pve-edk2-firmware.git/blob - debian/rules
projects / pve-edk2-firmware.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bump version to 4.2023.08-4
[pve-edk2-firmware.git] / debian / rules
1 #!/usr/bin/make -f
2
3 SHELL=/bin/bash
4
5 include /usr/share/dpkg/default.mk
6
7 EDK2_TOOLCHAIN = GCC5
8 export $(EDK2_TOOLCHAIN)_AARCH64_PREFIX=aarch64-linux-gnu-
9
10 export PYTHON3_ENABLE=TRUE
11
12 ifeq ($(DEB_BUILD_ARCH),amd64)
13 EDK2_BUILD_ARCH=X64
14 endif
15 ifeq ($(DEB_BUILD_ARCH),i386)
16 EDK2_BUILD_ARCH=IA32
17 endif
18 ifeq ($(DEB_BUILD_ARCH),arm64)
19 EDK2_BUILD_ARCH=AARCH64
20 endif
21
22 COMMON_FLAGS = -DNETWORK_HTTP_BOOT_ENABLE=TRUE
23 COMMON_FLAGS += -DNETWORK_IP6_ENABLE=TRUE
24 COMMON_FLAGS += -DNETWORK_TLS_ENABLE
25 COMMON_FLAGS += -DSECURE_BOOT_ENABLE=TRUE
26 COMMON_FLAGS += -DTPM2_ENABLE=TRUE
27 OVMF_COMMON_FLAGS = $(COMMON_FLAGS)
28 OVMF_2M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_2MB
29 OVMF_4M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB
30 OVMF_2M_SMM_FLAGS = $(OVMF_2M_FLAGS) -DSMM_REQUIRE=TRUE
31 OVMF_4M_SMM_FLAGS = $(OVMF_4M_FLAGS) -DSMM_REQUIRE=TRUE
32 OVMF32_4M_FLAGS = $(OVMF_COMMON_FLAGS) -DFD_SIZE_4MB
33 OVMF32_4M_SMM_FLAGS = $(OVMF32_4M_FLAGS) -DSMM_REQUIRE=TRUE
34
35 AAVMF_FLAGS = $(COMMON_FLAGS) -DTPM2_CONFIG_ENABLE=TRUE
36
37 # Clear variables used internally by the edk2 build system
38 undefine WORKSPACE
39 undefine ECP_SOURCE
40 undefine EDK_SOURCE
41 undefine EFI_SOURCE
42 undefine EDK_TOOLS_PATH
43 undefine CONF_PATH
44
45 %:
46 dh $@
47
48 override_dh_auto_build: build-qemu-efi-aarch64 build-ovmf build-ovmf32
49
50 debian/setup-build-stamp:
51 cp -a debian/Logo.bmp MdeModulePkg/Logo/Logo.bmp
52 set -e; . ./edksetup.sh; \
53 make -C BaseTools ARCH=$(EDK2_BUILD_ARCH)
54 touch $@
55
56 OVMF_BUILD_DIR = Build/OvmfX64/RELEASE_$(EDK2_TOOLCHAIN)
57 OVMF3264_BUILD_DIR = Build/Ovmf3264/RELEASE_$(EDK2_TOOLCHAIN)
58 OVMF_ENROLL = $(OVMF3264_BUILD_DIR)/X64/EnrollDefaultKeys.efi
59 OVMF_SHELL = $(OVMF3264_BUILD_DIR)/X64/Shell.efi
60 OVMF_BINARIES = $(OVMF_ENROLL) $(OVMF_SHELL)
61 OVMF_IMAGES := $(addprefix debian/ovmf-install/,OVMF_CODE.fd OVMF_CODE_4M.fd OVMF_CODE.secboot.fd OVMF_CODE_4M.secboot.fd OVMF_VARS.fd OVMF_VARS_4M.fd)
62 OVMF_PREENROLLED_VARS := $(addprefix debian/ovmf-install/,OVMF_VARS.ms.fd OVMF_VARS_4M.ms.fd OVMF_VARS_4M.snakeoil.fd)
63
64 OVMF32_BUILD_DIR = Build/OvmfIa32/RELEASE_$(EDK2_TOOLCHAIN)
65 OVMF32_SHELL = $(OVMF32_BUILD_DIR)/IA32/Shell.efi
66 OVMF32_BINARIES = $(OVMF32_SHELL)
67 OVMF32_IMAGES := $(addprefix debian/ovmf32-install/,OVMF32_CODE_4M.secboot.fd OVMF_VARS_4M.fd)
68
69 QEMU_EFI_BUILD_DIR = Build/ArmVirtQemu-$(EDK2_HOST_ARCH)/RELEASE_$(EDK2_TOOLCHAIN)
70 AAVMF_BUILD_DIR = Build/ArmVirtQemu-AARCH64/RELEASE_$(EDK2_TOOLCHAIN)
71 AAVMF_ENROLL = $(AAVMF_BUILD_DIR)/AARCH64/EnrollDefaultKeys.efi
72 AAVMF_SHELL = $(AAVMF_BUILD_DIR)/AARCH64/Shell.efi
73 AAVMF_BINARIES = $(AAVMF_ENROLL) $(AAVMF_SHELL)
74 AAVMF_CODE = $(AAVMF_BUILD_DIR)/FV/AAVMF_CODE.fd
75 AAVMF_VARS = $(AAVMF_BUILD_DIR)/FV/AAVMF_VARS.fd
76 AAVMF_IMAGES = $(AAVMF_CODE) $(AAVMF_VARS)
77 AAVMF_PREENROLLED_VARS = $(addprefix $(AAVMF_BUILD_DIR)/FV/,AAVMF_VARS.ms.fd AAVMF_VARS.snakeoil.fd)
78
79 build-ovmf32: $(OVMF32_BINARIES) $(OVMF32_IMAGES)
80 $(OVMF32_BINARIES) $(OVMF32_IMAGES): debian/setup-build-stamp
81 rm -rf debian/ovmf32-install
82 mkdir debian/ovmf32-install
83 set -e; . ./edksetup.sh; \
84 build -a IA32 \
85 -t $(EDK2_TOOLCHAIN) \
86 -p OvmfPkg/OvmfPkgIa32.dsc \
87 $(OVMF32_4M_SMM_FLAGS) -b RELEASE
88 cp $(OVMF32_BUILD_DIR)/FV/OVMF_CODE.fd \
89 debian/ovmf32-install/OVMF32_CODE_4M.secboot.fd
90 cp $(OVMF32_BUILD_DIR)/FV/OVMF_VARS.fd \
91 debian/ovmf32-install/OVMF32_VARS_4M.fd
92
93 build-ovmf: $(OVMF_BINARIES) $(OVMF_IMAGES) $(OVMF_PREENROLLED_VARS)
94 $(OVMF_BINARIES) $(OVMF_IMAGES): debian/setup-build-stamp
95 rm -rf debian/ovmf-install
96 mkdir debian/ovmf-install
97 set -e; . ./edksetup.sh; \
98 build -a X64 \
99 -t $(EDK2_TOOLCHAIN) \
100 -p OvmfPkg/OvmfPkgX64.dsc \
101 $(OVMF_2M_FLAGS) -b RELEASE
102 cp $(OVMF_BUILD_DIR)/FV/OVMF_CODE.fd \
103 debian/ovmf-install/
104 cp $(OVMF_BUILD_DIR)/FV/OVMF_VARS.fd debian/ovmf-install/
105 rm -rf Build/OvmfX64
106 set -e; . ./edksetup.sh; \
107 build -a IA32 -a X64 \
108 -t $(EDK2_TOOLCHAIN) \
109 -p OvmfPkg/OvmfPkgIa32X64.dsc \
110 $(OVMF_4M_FLAGS) -b RELEASE
111 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_CODE.fd \
112 debian/ovmf-install/OVMF_CODE_4M.fd
113 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_VARS.fd \
114 debian/ovmf-install/OVMF_VARS_4M.fd
115 rm -rf Build/OvmfX64
116 set -e; . ./edksetup.sh; \
117 build -a X64 \
118 -t $(EDK2_TOOLCHAIN) \
119 -p OvmfPkg/OvmfPkgX64.dsc \
120 $(OVMF_2M_SMM_FLAGS) -b RELEASE
121 cp $(OVMF_BUILD_DIR)/FV/OVMF_CODE.fd \
122 debian/ovmf-install/OVMF_CODE.secboot.fd
123 rm -rf Build/OvmfX64
124 set -e; . ./edksetup.sh; \
125 build -a IA32 -a X64 \
126 -t $(EDK2_TOOLCHAIN) \
127 -p OvmfPkg/OvmfPkgIa32X64.dsc \
128 $(OVMF_4M_SMM_FLAGS) -b RELEASE
129 cp $(OVMF3264_BUILD_DIR)/FV/OVMF_CODE.fd \
130 debian/ovmf-install/OVMF_CODE_4M.secboot.fd
131
132 ifeq ($(call dpkg_vendor_derives_from_v1,ubuntu),yes)
133 debian/PkKek-1-vendor.pem: debian/PkKek-1-Ubuntu.pem
134 else
135 debian/PkKek-1-vendor.pem: debian/PkKek-1-Debian.pem
136 endif
137 ln -sf `basename $<` $@
138
139 debian/oem-string-%: debian/PkKek-1-%.pem
140 tr -d '\n' < $< | \
141 sed -e 's/.*-----BEGIN CERTIFICATE-----/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' -e 's/-----END CERTIFICATE-----//' > $@
142
143 %/AAVMF_VARS.ms.fd: %/AAVMF_CODE.fd %/AAVMF_VARS.fd debian/oem-string-vendor $(AAVMF_ENROLL) $(AAVMF_SHELL)
144 PYTHONPATH=$(CURDIR)/debian/python \
145 ./debian/edk2-vars-generator.py \
146 -f AAVMF -e $(AAVMF_ENROLL) -s $(AAVMF_SHELL) \
147 -c $(AAVMF_CODE) -V $(AAVMF_VARS) \
148 -C `< debian/oem-string-vendor` -o $@
149
150 %/AAVMF_VARS.snakeoil.fd: %/AAVMF_CODE.fd %/AAVMF_VARS.fd debian/oem-string-snakeoil $(AAVMF_ENROLL) $(AAVMF_SHELL)
151 PYTHONPATH=$(CURDIR)/debian/python \
152 ./debian/edk2-vars-generator.py \
153 -f AAVMF -e $(AAVMF_ENROLL) -s $(AAVMF_SHELL) \
154 -c $(AAVMF_CODE) -V $(AAVMF_VARS) \
155 -C `< debian/oem-string-snakeoil` -o $@
156
157 %/OVMF_VARS.ms.fd: %/OVMF_CODE.fd %/OVMF_VARS.fd debian/oem-string-vendor $(OVMF_ENROLL) $(OVMF_SHELL)
158 PYTHONPATH=$(CURDIR)/debian/python \
159 ./debian/edk2-vars-generator.py \
160 -f OVMF -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
161 -c debian/ovmf-install/OVMF_CODE.fd \
162 -V debian/ovmf-install/OVMF_VARS.fd \
163 -C `< debian/oem-string-vendor` -o $@
164
165 %/OVMF_VARS_4M.ms.fd: %/OVMF_CODE_4M.fd %/OVMF_VARS_4M.fd debian/oem-string-vendor $(OVMF_ENROLL) $(OVMF_SHELL)
166 PYTHONPATH=$(CURDIR)/debian/python \
167 ./debian/edk2-vars-generator.py \
168 -f OVMF_4M -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
169 -c debian/ovmf-install/OVMF_CODE_4M.fd \
170 -V debian/ovmf-install/OVMF_VARS_4M.fd \
171 -C `< debian/oem-string-vendor` -o $@
172
173 %/OVMF_VARS_4M.snakeoil.fd: %/OVMF_CODE_4M.fd %/OVMF_VARS_4M.fd debian/oem-string-snakeoil $(OVMF_ENROLL) $(OVMF_SHELL)
174 PYTHONPATH=$(CURDIR)/debian/python \
175 ./debian/edk2-vars-generator.py \
176 -f OVMF_4M -e $(OVMF_ENROLL) -s $(OVMF_SHELL) \
177 -c debian/ovmf-install/OVMF_CODE_4M.fd \
178 -V debian/ovmf-install/OVMF_VARS_4M.fd \
179 -C `< debian/oem-string-snakeoil` -o $@
180
181 ArmPkg/Library/GccLto/liblto-aarch64.a: ArmPkg/Library/GccLto/liblto-aarch64.s
182 $($(EDK2_TOOLCHAIN)_AARCH64_PREFIX)gcc -c -fpic $< -o $@
183
184 build-qemu-efi: debian/setup-build-stamp
185 set -e; . ./edksetup.sh; \
186 build -a $(EDK2_HOST_ARCH) \
187 -t $(EDK2_TOOLCHAIN) \
188 -p ArmVirtPkg/ArmVirtQemu.dsc \
189 $(AAVMF_FLAGS) -b RELEASE
190 dd if=/dev/zero of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_CODE.fd bs=1M seek=64 count=0
191 dd if=$(QEMU_EFI_BUILD_DIR)/FV/QEMU_EFI.fd of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_CODE.fd conv=notrunc
192 dd if=/dev/zero of=$(QEMU_EFI_BUILD_DIR)/FV/$(FW_NAME)_VARS.fd bs=1M seek=64 count=0
193
194 build-qemu-efi-aarch64: $(AAVMF_BINARIES) $(AAVMF_PREENROLLED_VARS)
195 $(AAVMF_BINARIES): ArmPkg/Library/GccLto/liblto-aarch64.a
196 $(MAKE) -f debian/rules build-qemu-efi EDK2_ARCH_DIR=AArch64 EDK2_HOST_ARCH=AARCH64 FW_NAME=AAVMF
197
198 override_dh_auto_clean:
199 -. ./edksetup.sh; build clean
200 make -C BaseTools clean
201
202 # Only embed code that is actually used; requested by the Ubuntu Security Team
203 EMBEDDED_SUBMODULES += CryptoPkg/Library/OpensslLib/openssl
204 EMBEDDED_SUBMODULES += ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3
205 EMBEDDED_SUBMODULES += MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
206 get-orig-source:
207 # Should be executed on a checkout of the upstream master branch,
208 # with the debian/ directory manually copied in.
209 rm -rf edk2.tmp && git clone . edk2.tmp
210 # Embed submodules. Don't recurse - openssl will bring in MBs of
211 # stuff we don't need
212 set -e; cd edk2.tmp; \
213 for submodule in $(EMBEDDED_SUBMODULES); do \
214 git submodule update --init $$submodule; \
215 done
216 rm -rf edk2-$(DEB_VERSION_UPSTREAM) && \
217 mkdir edk2-$(DEB_VERSION_UPSTREAM)
218 cd edk2.tmp && git archive HEAD | \
219 tar xv -C ../edk2-$(DEB_VERSION_UPSTREAM)
220 cd edk2.tmp && git submodule foreach \
221 'git archive HEAD | tar xv -C $$toplevel/../edk2-$(DEB_VERSION_UPSTREAM)/$$sm_path'
222 ln -s ../debian edk2-$(DEB_VERSION_UPSTREAM)
223 # Remove known-binary files
224 cd edk2-$(DEB_VERSION_UPSTREAM) && python3 ./debian/remove-binaries.py
225 # Look for possible unknown binary files
226 cd edk2-$(DEB_VERSION_UPSTREAM) && python3 ./debian/find-binaries.py
227 rm edk2-$(DEB_VERSION_UPSTREAM)/debian
228 tar Jcvf ../edk2_$(DEB_VERSION_UPSTREAM).orig.tar.xz \
229 edk2-$(DEB_VERSION_UPSTREAM)
230 rm -rf edk2.tmp edk2-$(DEB_VERSION_UPSTREAM)
231
232 .PHONY: build-ovmf build-ovmf32 build-qemu-efi build-qemu-efi-aarch64
EDK2 Firmware for PVE