From 9b19060b488e68218d4c37c95ca99ae295b55d09 Mon Sep 17 00:00:00 2001 From: Bruce Leidl Date: Tue, 20 Sep 2022 11:52:08 -0400 Subject: [PATCH] override ovmf recipe from poky (for gcc 12 fixes) This can be removed after next poky upgrade --- meta-citadel/conf/layer.conf | 2 +- .../recipes-support/ovmf/ovmf-shell-image.bb | 21 ++ ...ovmf-update-path-to-native-BaseTools.patch | 33 +++ ...ile-adjust-to-build-in-under-bitbake.patch | 66 +++++ .../ovmf/ovmf/0005-debug-prefix-map.patch | 104 +++++++ .../ovmf/ovmf/0006-reproducible.patch | 180 ++++++++++++ .../ovmf/ovmf/ovmf-shell-image.wks | 4 + meta-citadel/recipes-support/ovmf/ovmf_git.bb | 265 ++++++++++++++++++ 8 files changed, 674 insertions(+), 1 deletion(-) create mode 100644 meta-citadel/recipes-support/ovmf/ovmf-shell-image.bb create mode 100644 meta-citadel/recipes-support/ovmf/ovmf/0001-ovmf-update-path-to-native-BaseTools.patch create mode 100644 meta-citadel/recipes-support/ovmf/ovmf/0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch create mode 100644 meta-citadel/recipes-support/ovmf/ovmf/0005-debug-prefix-map.patch create mode 100644 meta-citadel/recipes-support/ovmf/ovmf/0006-reproducible.patch create mode 100644 meta-citadel/recipes-support/ovmf/ovmf/ovmf-shell-image.wks create mode 100644 meta-citadel/recipes-support/ovmf/ovmf_git.bb diff --git a/meta-citadel/conf/layer.conf b/meta-citadel/conf/layer.conf index 4ade0f0..df8e02c 100644 --- a/meta-citadel/conf/layer.conf +++ b/meta-citadel/conf/layer.conf @@ -12,7 +12,7 @@ PREFERRED_RPROVIDER_libdevmapper = "lvm2" BBFILE_COLLECTIONS += "citadel" BBFILE_PATTERN_citadel = "^${LAYERDIR}/" -BBFILE_PRIORITY_citadel = "4" +BBFILE_PRIORITY_citadel = "5" LAYERSERIES_COMPAT_citadel = "kirkstone" diff --git a/meta-citadel/recipes-support/ovmf/ovmf-shell-image.bb b/meta-citadel/recipes-support/ovmf/ovmf-shell-image.bb new file mode 100644 index 0000000..50c4517 --- /dev/null +++ b/meta-citadel/recipes-support/ovmf/ovmf-shell-image.bb @@ -0,0 +1,21 @@ +DESCRIPTION = "boot image with UEFI shell and tools" +COMPATIBLE_HOST:class-target='(i.86|x86_64).*' + +# For this image recipe, only the wic format with a +# single vfat partition makes sense. Because we have no +# boot loader and no rootfs partition, not additional +# tools are needed for this .wks file. +IMAGE_FSTYPES:forcevariable = 'wic' +WKS_FILE = "ovmf/ovmf-shell-image.wks" +WKS_FILE_DEPENDS = "" + +inherit image + +# We want a minimal image with just ovmf-shell-efi unpacked in it. We +# avoid installing unnecessary stuff as much as possible, but some +# things still get through and need to be removed. +PACKAGE_INSTALL = "ovmf-shell-efi" +LINGUAS_INSTALL = "" +do_image () { + rm -rf `ls -d ${IMAGE_ROOTFS}/* | grep -v efi` +} diff --git a/meta-citadel/recipes-support/ovmf/ovmf/0001-ovmf-update-path-to-native-BaseTools.patch b/meta-citadel/recipes-support/ovmf/ovmf/0001-ovmf-update-path-to-native-BaseTools.patch new file mode 100644 index 0000000..89d9ffa --- /dev/null +++ b/meta-citadel/recipes-support/ovmf/ovmf/0001-ovmf-update-path-to-native-BaseTools.patch @@ -0,0 +1,33 @@ +From 1125f5a02c2f327aeffe2d6b66a9d816ad2eeec0 Mon Sep 17 00:00:00 2001 +From: Ricardo Neri +Date: Thu, 9 Jun 2016 02:23:01 -0700 +Subject: [PATCH 1/6] ovmf: update path to native BaseTools + +BaseTools is a set of utilities to build EDK-based firmware. These utilities +are used during the build process. Thus, they need to be built natively. +When cross-compiling, we need to provide a path to the location of these +tools. The BBAKE_EDK_TOOLS_PATH string is used as a pattern to be replaced +with the appropriate location before building. + +Signed-off-by: Ricardo Neri +Upstream-Status: Pending +--- + OvmfPkg/build.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/OvmfPkg/build.sh b/OvmfPkg/build.sh +index 91b1442ade..1858dae31a 100755 +--- a/OvmfPkg/build.sh ++++ b/OvmfPkg/build.sh +@@ -24,7 +24,7 @@ then + # this assumes svn pulls have the same root dir + # export EDK_TOOLS_PATH=`pwd`/../BaseTools + # This version is for the tools source in edk2 +- export EDK_TOOLS_PATH=`pwd`/BaseTools ++ export EDK_TOOLS_PATH=BBAKE_EDK_TOOLS_PATH/BaseTools + echo $EDK_TOOLS_PATH + source edksetup.sh BaseTools + else +-- +2.32.0 + diff --git a/meta-citadel/recipes-support/ovmf/ovmf/0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch b/meta-citadel/recipes-support/ovmf/ovmf/0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch new file mode 100644 index 0000000..f6141c8 --- /dev/null +++ b/meta-citadel/recipes-support/ovmf/ovmf/0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch @@ -0,0 +1,66 @@ +From 19d4c7f9812062a683b3ba60b35aac0461190456 Mon Sep 17 00:00:00 2001 +From: Ricardo Neri +Date: Fri, 26 Jul 2019 17:34:26 -0400 +Subject: [PATCH 2/6] BaseTools: makefile: adjust to build in under bitbake + +Prepend the build flags with those of bitbake. This is to build +using the bitbake native sysroot include and library directories. + +Signed-off-by: Ricardo Neri +Upstream-Status: Pending +--- + BaseTools/Source/C/Makefiles/header.makefile | 17 +++++++++-------- + 1 file changed, 9 insertions(+), 8 deletions(-) + +diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile +index 0df728f327..1299d47c87 100644 +--- a/BaseTools/Source/C/Makefiles/header.makefile ++++ b/BaseTools/Source/C/Makefiles/header.makefile +@@ -75,35 +75,36 @@ $(error Bad HOST_ARCH) + endif + + INCLUDE = $(TOOL_INCLUDE) -I $(MAKEROOT) -I $(MAKEROOT)/Include/Common -I $(MAKEROOT)/Include/ -I $(MAKEROOT)/Include/IndustryStandard -I $(MAKEROOT)/Common/ -I .. -I . $(ARCH_INCLUDE) +-BUILD_CPPFLAGS = $(INCLUDE) ++BUILD_CPPFLAGS += $(INCLUDE) + + # keep EXTRA_OPTFLAGS last + BUILD_OPTFLAGS = -O2 $(EXTRA_OPTFLAGS) + + ifeq ($(DARWIN),Darwin) + # assume clang or clang compatible flags on OS X +-BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror \ ++BUILD_CFLAGS += -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror \ + -Wno-deprecated-declarations -Wno-self-assign -Wno-unused-result -nostdlib -g + else + ifeq ($(CXX), llvm) +-BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -fwrapv \ ++BUILD_CFLAGS += -MD -fshort-wchar -fno-strict-aliasing -fwrapv \ + -fno-delete-null-pointer-checks -Wall -Werror \ + -Wno-deprecated-declarations -Wno-self-assign \ + -Wno-unused-result -nostdlib -g + else +-BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -fwrapv \ ++BUILD_CFLAGS += -MD -fshort-wchar -fno-strict-aliasing -fwrapv \ + -fno-delete-null-pointer-checks -Wall -Werror \ + -Wno-deprecated-declarations -Wno-stringop-truncation -Wno-restrict \ + -Wno-unused-result -nostdlib -g + endif + endif + ifeq ($(CXX), llvm) +-BUILD_LFLAGS = +-BUILD_CXXFLAGS = -Wno-deprecated-register -Wno-unused-result ++BUILD_LFLAGS = $(LDFLAGS) ++BUILD_CXXFLAGS += -Wno-deprecated-register -Wno-unused-result + else +-BUILD_LFLAGS = +-BUILD_CXXFLAGS = -Wno-unused-result ++BUILD_LFLAGS = $(LDFLAGS) ++BUILD_CXXFLAGS += -Wno-unused-result + endif ++ + ifeq ($(HOST_ARCH), IA32) + # + # Snow Leopard is a 32-bit and 64-bit environment. uname -m returns i386, but gcc defaults +-- +2.32.0 + diff --git a/meta-citadel/recipes-support/ovmf/ovmf/0005-debug-prefix-map.patch b/meta-citadel/recipes-support/ovmf/ovmf/0005-debug-prefix-map.patch new file mode 100644 index 0000000..9e345f4 --- /dev/null +++ b/meta-citadel/recipes-support/ovmf/ovmf/0005-debug-prefix-map.patch @@ -0,0 +1,104 @@ +From 860bb1979f3578bb83257076fe0f3bd33f9d68bf Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Mon, 14 Jun 2021 19:56:28 +0200 +Subject: [PATCH 5/6] debug prefix map + +We want to pass ${DEBUG_PREFIX_MAP} to gcc commands and also pass in + --debug-prefix-map to nasm (we carry a patch to nasm for this). The +tools definitions file is built by ovmf-native so we need to pass this in +at target build time when we know the right values so we use the environment. + +By using determininistc file paths during the ovmf build, it removes the +opportunitity for gcc/ld to change the output binaries due to path lengths +overflowing section sizes and causing small changes in the binary output. +Previously we relied on the stripped output being the same which isn't always +the case if the size of the debug symbols varies. + +Upstream-Status: Submitted [https://github.com/tianocore/edk2/pull/2202] +Signed-off-by: Richard Purdie +Signed-off-by: Alexander Kanavin +--- + BaseTools/Conf/tools_def.template | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template +index 36241b6ede..947fbf2e8d 100755 +--- a/BaseTools/Conf/tools_def.template ++++ b/BaseTools/Conf/tools_def.template +@@ -1863,7 +1863,7 @@ NOOPT_*_*_OBJCOPY_ADDDEBUGFLAG = --add-gnu-debuglink=$(DEBUG_DIR)/$(MODULE_N + *_*_*_DTCPP_PATH = DEF(DTCPP_BIN) + *_*_*_DTC_PATH = DEF(DTC_BIN) + +-DEFINE GCC_ALL_CC_FLAGS = -g -Os -fshort-wchar -fno-builtin -fno-strict-aliasing -Wall -Werror -Wno-array-bounds -include AutoGen.h -fno-common ++DEFINE GCC_ALL_CC_FLAGS = -g -Os -fshort-wchar -fno-builtin -fno-strict-aliasing -Wall -Werror -Wno-array-bounds -include AutoGen.h -fno-common ENV(GCC_PREFIX_MAP) + DEFINE GCC_IA32_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -m32 -malign-double -freorder-blocks -freorder-blocks-and-partition -O2 -mno-stack-arg-probe + DEFINE GCC_X64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mno-red-zone -Wno-address -mno-stack-arg-probe + DEFINE GCC_ARM_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections -fdata-sections -fomit-frame-pointer -Wno-address -mthumb -mfloat-abi=soft -fno-pic -fno-pie +@@ -1881,8 +1881,8 @@ DEFINE GCC_IA32_X64_ASLDLINK_FLAGS = DEF(GCC_IA32_X64_DLINK_COMMON) --entry _Ref + DEFINE GCC_ARM_ASLDLINK_FLAGS = DEF(GCC_ARM_DLINK_FLAGS) -Wl,--entry,ReferenceAcpiTable -u $(IMAGE_ENTRY_POINT) DEF(GCC_ARM_AARCH64_ASLDLINK_FLAGS) + DEFINE GCC_AARCH64_ASLDLINK_FLAGS = DEF(GCC_AARCH64_DLINK_FLAGS) -Wl,--entry,ReferenceAcpiTable -u $(IMAGE_ENTRY_POINT) DEF(GCC_ARM_AARCH64_ASLDLINK_FLAGS) + DEFINE GCC_IA32_X64_DLINK_FLAGS = DEF(GCC_IA32_X64_DLINK_COMMON) --entry _$(IMAGE_ENTRY_POINT) --file-alignment 0x20 --section-alignment 0x20 -Map $(DEST_DIR_DEBUG)/$(BASE_NAME).map +-DEFINE GCC_ASM_FLAGS = -c -x assembler -imacros AutoGen.h +-DEFINE GCC_PP_FLAGS = -E -x assembler-with-cpp -include AutoGen.h ++DEFINE GCC_ASM_FLAGS = -c -x assembler -imacros AutoGen.h ENV(GCC_PREFIX_MAP) ++DEFINE GCC_PP_FLAGS = -E -x assembler-with-cpp -include AutoGen.h ENV(GCC_PREFIX_MAP) + DEFINE GCC_VFRPP_FLAGS = -x c -E -P -DVFRCOMPILE --include $(MODULE_NAME)StrDefs.h + DEFINE GCC_ASLPP_FLAGS = -x c -E -include AutoGen.h + DEFINE GCC_ASLCC_FLAGS = -x c +@@ -2027,7 +2027,7 @@ DEFINE GCC_PP_FLAGS = -E -x assembler-with-cpp -include A + *_GCC48_IA32_DLINK2_FLAGS = DEF(GCC48_IA32_DLINK2_FLAGS) + *_GCC48_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS) + *_GCC48_IA32_OBJCOPY_FLAGS = +-*_GCC48_IA32_NASM_FLAGS = -f elf32 ++*_GCC48_IA32_NASM_FLAGS = -f elf32 ENV(NASM_PREFIX_MAP) + + DEBUG_GCC48_IA32_CC_FLAGS = DEF(GCC48_IA32_CC_FLAGS) -Os + RELEASE_GCC48_IA32_CC_FLAGS = DEF(GCC48_IA32_CC_FLAGS) -Os -Wno-unused-but-set-variable +@@ -2055,7 +2055,7 @@ RELEASE_GCC48_IA32_CC_FLAGS = DEF(GCC48_IA32_CC_FLAGS) -Os -Wno-unused-but + *_GCC48_X64_DLINK2_FLAGS = DEF(GCC48_X64_DLINK2_FLAGS) + *_GCC48_X64_RC_FLAGS = DEF(GCC_X64_RC_FLAGS) + *_GCC48_X64_OBJCOPY_FLAGS = +-*_GCC48_X64_NASM_FLAGS = -f elf64 ++*_GCC48_X64_NASM_FLAGS = -f elf64 ENV(NASM_PREFIX_MAP) + + DEBUG_GCC48_X64_CC_FLAGS = DEF(GCC48_X64_CC_FLAGS) -Os + RELEASE_GCC48_X64_CC_FLAGS = DEF(GCC48_X64_CC_FLAGS) -Os -Wno-unused-but-set-variable +@@ -2167,7 +2167,7 @@ RELEASE_GCC48_AARCH64_CC_FLAGS = DEF(GCC48_AARCH64_CC_FLAGS) -Wno-unused-but-s + *_GCC49_IA32_DLINK2_FLAGS = DEF(GCC49_IA32_DLINK2_FLAGS) + *_GCC49_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS) + *_GCC49_IA32_OBJCOPY_FLAGS = +-*_GCC49_IA32_NASM_FLAGS = -f elf32 ++*_GCC49_IA32_NASM_FLAGS = -f elf32 ENV(NASM_PREFIX_MAP) + + DEBUG_GCC49_IA32_CC_FLAGS = DEF(GCC49_IA32_CC_FLAGS) -Os + RELEASE_GCC49_IA32_CC_FLAGS = DEF(GCC49_IA32_CC_FLAGS) -Os -Wno-unused-but-set-variable -Wno-unused-const-variable +@@ -2195,7 +2195,7 @@ RELEASE_GCC49_IA32_CC_FLAGS = DEF(GCC49_IA32_CC_FLAGS) -Os -Wno-unused-but + *_GCC49_X64_DLINK2_FLAGS = DEF(GCC49_X64_DLINK2_FLAGS) + *_GCC49_X64_RC_FLAGS = DEF(GCC_X64_RC_FLAGS) + *_GCC49_X64_OBJCOPY_FLAGS = +-*_GCC49_X64_NASM_FLAGS = -f elf64 ++*_GCC49_X64_NASM_FLAGS = -f elf64 ENV(NASM_PREFIX_MAP) + + DEBUG_GCC49_X64_CC_FLAGS = DEF(GCC49_X64_CC_FLAGS) -Os + RELEASE_GCC49_X64_CC_FLAGS = DEF(GCC49_X64_CC_FLAGS) -Os -Wno-unused-but-set-variable -Wno-unused-const-variable +@@ -2313,7 +2313,7 @@ RELEASE_GCC49_AARCH64_DLINK_XIPFLAGS = -z common-page-size=0x20 + *_GCC5_IA32_DLINK2_FLAGS = DEF(GCC5_IA32_DLINK2_FLAGS) -no-pie + *_GCC5_IA32_RC_FLAGS = DEF(GCC_IA32_RC_FLAGS) + *_GCC5_IA32_OBJCOPY_FLAGS = +-*_GCC5_IA32_NASM_FLAGS = -f elf32 ++*_GCC5_IA32_NASM_FLAGS = -f elf32 ENV(NASM_PREFIX_MAP) + + DEBUG_GCC5_IA32_CC_FLAGS = DEF(GCC5_IA32_CC_FLAGS) -flto -Os + DEBUG_GCC5_IA32_DLINK_FLAGS = DEF(GCC5_IA32_X64_DLINK_FLAGS) -flto -Os -Wl,-m,elf_i386,--oformat=elf32-i386 +@@ -2345,7 +2345,7 @@ RELEASE_GCC5_IA32_DLINK_FLAGS = DEF(GCC5_IA32_X64_DLINK_FLAGS) -flto -Os -Wl, + *_GCC5_X64_DLINK2_FLAGS = DEF(GCC5_X64_DLINK2_FLAGS) + *_GCC5_X64_RC_FLAGS = DEF(GCC_X64_RC_FLAGS) + *_GCC5_X64_OBJCOPY_FLAGS = +-*_GCC5_X64_NASM_FLAGS = -f elf64 ++*_GCC5_X64_NASM_FLAGS = -f elf64 ENV(NASM_PREFIX_MAP) + + DEBUG_GCC5_X64_CC_FLAGS = DEF(GCC5_X64_CC_FLAGS) -flto -DUSING_LTO -Os + DEBUG_GCC5_X64_DLINK_FLAGS = DEF(GCC5_X64_DLINK_FLAGS) -flto -Os +-- +2.32.0 + diff --git a/meta-citadel/recipes-support/ovmf/ovmf/0006-reproducible.patch b/meta-citadel/recipes-support/ovmf/ovmf/0006-reproducible.patch new file mode 100644 index 0000000..846f408 --- /dev/null +++ b/meta-citadel/recipes-support/ovmf/ovmf/0006-reproducible.patch @@ -0,0 +1,180 @@ +From 27ed9962f5cb3afcc44d6c96c53277132a999712 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Mon, 14 Jun 2021 19:57:30 +0200 +Subject: [PATCH 6/6] reproducible + +This patch fixes various things which make the build more reproducible. Some changes +here only change intermediate artefacts but that means when you have two build trees +giving differing results, the differences can be isolated more easily. The issues here +usually become apparent with longer paths. + +This was all debugged with: +TMPDIR = "${TOPDIR}/tmp" +vs. +TMPDIR = "${TOPDIR}/tmp-inital-mylongpath-mylongpath-mylongpath-mylongpath-mylongpath-mylongpath-mylongpath-mylongpath-mylongpath" + +The patch specifically: + + * Sorts output in GNUmakefile + * Always generates indirect flags files used to avoid pathlength issues else the + compile commands suddenly change when using longer paths + * Sorts the AutoGenTimeStamp file contents + * Makes the TargetDescBlock objects from BuildEngine sortable to allow the makefile fix + * Fix ElfConvert within GenFw so that only the basename of the binary being converted + is used, else the output from "GenFw XXX.bin" differs from "GenFw /long/path/XXX.bin" + with sufficiently long paths + +Upstream-Status: Submitted [https://github.com/tianocore/edk2/pull/2176] +Signed-off-by: Richard Purdie +Signed-off-by: Alexander Kanavin +--- + BaseTools/Source/C/GenFw/Elf64Convert.c | 8 ++++--- + .../Source/Python/AutoGen/BuildEngine.py | 3 +++ + BaseTools/Source/Python/AutoGen/GenMake.py | 24 +++++++++---------- + .../Source/Python/AutoGen/ModuleAutoGen.py | 5 +++- + 4 files changed, 24 insertions(+), 16 deletions(-) + +diff --git a/BaseTools/Source/C/GenFw/Elf64Convert.c b/BaseTools/Source/C/GenFw/Elf64Convert.c +index d097db8632..a87ae6f3d0 100644 +--- a/BaseTools/Source/C/GenFw/Elf64Convert.c ++++ b/BaseTools/Source/C/GenFw/Elf64Convert.c +@@ -14,6 +14,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent + #ifndef __GNUC__ + #include + #include ++#else ++#define _GNU_SOURCE + #endif + #include + #include +@@ -769,7 +771,7 @@ ScanSections64 ( + } + mCoffOffset = mDebugOffset + sizeof(EFI_IMAGE_DEBUG_DIRECTORY_ENTRY) + + sizeof(EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY) + +- strlen(mInImageName) + 1; ++ strlen(basename(mInImageName)) + 1; + + mCoffOffset = CoffAlign(mCoffOffset); + if (SectionCount == 0) { +@@ -1608,7 +1610,7 @@ WriteDebug64 ( + EFI_IMAGE_DEBUG_DIRECTORY_ENTRY *Dir; + EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY *Nb10; + +- Len = strlen(mInImageName) + 1; ++ Len = strlen(basename(mInImageName)) + 1; + + Dir = (EFI_IMAGE_DEBUG_DIRECTORY_ENTRY*)(mCoffFile + mDebugOffset); + Dir->Type = EFI_IMAGE_DEBUG_TYPE_CODEVIEW; +@@ -1618,7 +1620,7 @@ WriteDebug64 ( + + Nb10 = (EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY*)(Dir + 1); + Nb10->Signature = CODEVIEW_SIGNATURE_NB10; +- strcpy ((char *)(Nb10 + 1), mInImageName); ++ strcpy ((char *)(Nb10 + 1), basename(mInImageName)); + + + NtHdr = (EFI_IMAGE_OPTIONAL_HEADER_UNION *)(mCoffFile + mNtHdrOffset); +diff --git a/BaseTools/Source/Python/AutoGen/BuildEngine.py b/BaseTools/Source/Python/AutoGen/BuildEngine.py +index 722fead75a..8f1c236970 100644 +--- a/BaseTools/Source/Python/AutoGen/BuildEngine.py ++++ b/BaseTools/Source/Python/AutoGen/BuildEngine.py +@@ -70,6 +70,9 @@ class TargetDescBlock(object): + else: + return str(Other) == self.Target.Path + ++ def __lt__(self, other): ++ return str(self) < str(other) ++ + def AddInput(self, Input): + if Input not in self.Inputs: + self.Inputs.append(Input) +diff --git a/BaseTools/Source/Python/AutoGen/GenMake.py b/BaseTools/Source/Python/AutoGen/GenMake.py +index 961b2ab1c3..23c1592025 100755 +--- a/BaseTools/Source/Python/AutoGen/GenMake.py ++++ b/BaseTools/Source/Python/AutoGen/GenMake.py +@@ -575,7 +575,7 @@ cleanlib: + os.remove(RespFileList) + + # convert source files and binary files to build targets +- self.ResultFileList = [str(T.Target) for T in MyAgo.CodaTargetList] ++ self.ResultFileList = sorted([str(T.Target) for T in MyAgo.CodaTargetList]) + if len(self.ResultFileList) == 0 and len(MyAgo.SourceFileList) != 0: + EdkLogger.error("build", AUTOGEN_ERROR, "Nothing to build", + ExtraData="[%s]" % str(MyAgo)) +@@ -726,7 +726,7 @@ cleanlib: + OutputFile = '' + DepsFileList = [] + +- for Cmd in self.GenFfsList: ++ for Cmd in sorted(self.GenFfsList): + if Cmd[2]: + for CopyCmd in Cmd[2]: + Src, Dst = CopyCmd +@@ -759,7 +759,7 @@ cleanlib: + self.BuildTargetList.append('\t%s' % CmdString) + + self.ParseSecCmd(DepsFileList, Cmd[1]) +- for SecOutputFile, SecDepsFile, SecCmd in self.FfsOutputFileList : ++ for SecOutputFile, SecDepsFile, SecCmd in sorted(self.FfsOutputFileList): + self.BuildTargetList.append('%s : %s' % (self.ReplaceMacro(SecOutputFile), self.ReplaceMacro(SecDepsFile))) + self.BuildTargetList.append('\t%s' % self.ReplaceMacro(SecCmd)) + self.FfsOutputFileList = [] +@@ -798,13 +798,13 @@ cleanlib: + + def CommandExceedLimit(self): + FlagDict = { +- 'CC' : { 'Macro' : '$(CC_FLAGS)', 'Value' : False}, +- 'PP' : { 'Macro' : '$(PP_FLAGS)', 'Value' : False}, +- 'APP' : { 'Macro' : '$(APP_FLAGS)', 'Value' : False}, +- 'ASLPP' : { 'Macro' : '$(ASLPP_FLAGS)', 'Value' : False}, +- 'VFRPP' : { 'Macro' : '$(VFRPP_FLAGS)', 'Value' : False}, +- 'ASM' : { 'Macro' : '$(ASM_FLAGS)', 'Value' : False}, +- 'ASLCC' : { 'Macro' : '$(ASLCC_FLAGS)', 'Value' : False}, ++ 'CC' : { 'Macro' : '$(CC_FLAGS)', 'Value' : True}, ++ 'PP' : { 'Macro' : '$(PP_FLAGS)', 'Value' : True}, ++ 'APP' : { 'Macro' : '$(APP_FLAGS)', 'Value' : True}, ++ 'ASLPP' : { 'Macro' : '$(ASLPP_FLAGS)', 'Value' : True}, ++ 'VFRPP' : { 'Macro' : '$(VFRPP_FLAGS)', 'Value' : True}, ++ 'ASM' : { 'Macro' : '$(ASM_FLAGS)', 'Value' : True}, ++ 'ASLCC' : { 'Macro' : '$(ASLCC_FLAGS)', 'Value' : True}, + } + + RespDict = {} +@@ -1007,9 +1007,9 @@ cleanlib: + if not self.ObjTargetDict.get(T.Target.SubDir): + self.ObjTargetDict[T.Target.SubDir] = set() + self.ObjTargetDict[T.Target.SubDir].add(NewFile) +- for Type in self._AutoGenObject.Targets: ++ for Type in sorted(self._AutoGenObject.Targets): + resp_file_number = 0 +- for T in self._AutoGenObject.Targets[Type]: ++ for T in sorted(self._AutoGenObject.Targets[Type]): + # Generate related macros if needed + if T.GenFileListMacro and T.FileListMacro not in self.FileListMacros: + self.FileListMacros[T.FileListMacro] = [] +diff --git a/BaseTools/Source/Python/AutoGen/ModuleAutoGen.py b/BaseTools/Source/Python/AutoGen/ModuleAutoGen.py +index d70b0d7ae8..25dca9a6df 100755 +--- a/BaseTools/Source/Python/AutoGen/ModuleAutoGen.py ++++ b/BaseTools/Source/Python/AutoGen/ModuleAutoGen.py +@@ -1484,6 +1484,9 @@ class ModuleAutoGen(AutoGen): + for File in Files: + if File.lower().endswith('.pdb'): + AsBuiltInfDict['binary_item'].append('DISPOSABLE|' + File) ++ ++ AsBuiltInfDict['binary_item'] = sorted(AsBuiltInfDict['binary_item']) ++ + HeaderComments = self.Module.HeaderComments + StartPos = 0 + for Index in range(len(HeaderComments)): +@@ -1759,7 +1762,7 @@ class ModuleAutoGen(AutoGen): + if os.path.exists (self.TimeStampPath): + os.remove (self.TimeStampPath) + +- SaveFileOnChange(self.TimeStampPath, "\n".join(FileSet), False) ++ SaveFileOnChange(self.TimeStampPath, "\n".join(sorted(FileSet)), False) + + # Ignore generating makefile when it is a binary module + if self.IsBinaryModule: +-- +2.32.0 + diff --git a/meta-citadel/recipes-support/ovmf/ovmf/ovmf-shell-image.wks b/meta-citadel/recipes-support/ovmf/ovmf/ovmf-shell-image.wks new file mode 100644 index 0000000..1d2f16b --- /dev/null +++ b/meta-citadel/recipes-support/ovmf/ovmf/ovmf-shell-image.wks @@ -0,0 +1,4 @@ +# short-description: Create an EFI disk image with just the EFI system partition + +part / --source rootfs --ondisk sda --fstype=vfat --align 1024 +bootloader --ptable gpt --timeout=5 diff --git a/meta-citadel/recipes-support/ovmf/ovmf_git.bb b/meta-citadel/recipes-support/ovmf/ovmf_git.bb new file mode 100644 index 0000000..4054223 --- /dev/null +++ b/meta-citadel/recipes-support/ovmf/ovmf_git.bb @@ -0,0 +1,265 @@ +SUMMARY = "OVMF - UEFI firmware for Qemu and KVM" +DESCRIPTION = "OVMF is an EDK II based project to enable UEFI support for \ +Virtual Machines. OVMF contains sample UEFI firmware for QEMU and KVM" +HOMEPAGE = "https://github.com/tianocore/tianocore.github.io/wiki/OVMF" +LICENSE = "BSD-2-Clause-Patent" +LICENSE:class-target = "${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'BSD-2-Clause-Patent & OpenSSL', 'BSD-2-Clause-Patent', d)}" +LIC_FILES_CHKSUM = "file://OvmfPkg/License.txt;md5=06357ddc23f46577c2aeaeaf7b776d65" + +# Enabling Secure Boot adds a dependency on OpenSSL and implies +# compiling OVMF twice, so it is disabled by default. Distros +# may change that default. +PACKAGECONFIG ??= "" +PACKAGECONFIG += "${@bb.utils.contains('MACHINE_FEATURES', 'tpm', 'tpm', '', d)}" +PACKAGECONFIG += "${@bb.utils.contains('MACHINE_FEATURES', 'tpm2', 'tpm', '', d)}" +PACKAGECONFIG[secureboot] = ",,," +PACKAGECONFIG[tpm] = "-D TPM_ENABLE=TRUE,-D TPM_ENABLE=FALSE,," + +# GCC12 trips on it +#see https://src.fedoraproject.org/rpms/edk2/blob/rawhide/f/0032-Basetools-turn-off-gcc12-warning.patch +BUILD_CFLAGS += "-Wno-error=stringop-overflow" + +SRC_URI = "gitsm://github.com/tianocore/edk2.git;branch=master;protocol=https \ + file://0001-ovmf-update-path-to-native-BaseTools.patch \ + file://0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch \ + file://0005-debug-prefix-map.patch \ + file://0006-reproducible.patch \ + " + +PV = "edk2-stable202205" +SRCREV = "16779ede2d366bfc6b702e817356ccf43425bcc8" +UPSTREAM_CHECK_GITTAGREGEX = "(?Pedk2-stable.*)" + +inherit deploy + +PARALLEL_MAKE = "" + +S = "${WORKDIR}/git" + +DEPENDS = "nasm-native acpica-native ovmf-native util-linux-native" + +EDK_TOOLS_DIR="edk2_basetools" + +# OVMF has trouble building with the default optimization of -O2. +BUILD_OPTIMIZATION="-pipe" + +# OVMF supports IA only, although it could conceivably support ARM someday. +COMPATIBLE_HOST:class-target='(i.86|x86_64).*' + +# Additional build flags for OVMF with Secure Boot. +# Fedora also uses "-D SMM_REQUIRE -D EXCLUDE_SHELL_FROM_FD". +OVMF_SECURE_BOOT_EXTRA_FLAGS ??= "" +OVMF_SECURE_BOOT_FLAGS = "-DSECURE_BOOT_ENABLE=TRUE ${OVMF_SECURE_BOOT_EXTRA_FLAGS}" + +export PYTHON_COMMAND = "${HOSTTOOLS_DIR}/python3" + +do_patch[postfuncs] += "fix_basetools_location" +fix_basetools_location () { +} +fix_basetools_location:class-target() { + # Replaces the fake path inserted by 0002-ovmf-update-path-to-native-BaseTools.patch. + # Necessary for finding the actual BaseTools from ovmf-native. + sed -i -e 's#BBAKE_EDK_TOOLS_PATH#${STAGING_BINDIR_NATIVE}/${EDK_TOOLS_DIR}#' ${S}/OvmfPkg/build.sh +} + +do_patch[postfuncs] += "fix_iasl" +fix_iasl() { +} +fix_iasl:class-native() { + # iasl is not installed under /usr/bin when building with OE. + sed -i -e 's#/usr/bin/iasl#${STAGING_BINDIR_NATIVE}/iasl#' ${S}/BaseTools/Conf/tools_def.template +} + +# Inject CC and friends into the build. LINKER already is in GNUmakefile. +# Must be idempotent and thus remove old assignments that were inserted +# earlier. +do_patch[postfuncs] += "fix_toolchain" +fix_toolchain() { + sed -i \ + -e '/^\(CC\|CXX\|AS\|AR\|LD\|LINKER\) =/d' \ + -e '/^APPLICATION/a CC = ${CC}\nCXX = ${CXX}\nAS = ${AS}\nAR = ${AR}\nLD = ${LD}\nLINKER = $(CC)' \ + ${S}/BaseTools/Source/C/Makefiles/app.makefile + sed -i \ + -e '/^\(CC\|CXX\|AS\|AR\|LD\)/d' \ + -e '/^VFR_CPPFLAGS/a CC = ${CC}\nCXX = ${CXX}\nAS = ${AS}\nAR = ${AR}\nLD = ${LD}' \ + ${S}/BaseTools/Source/C/VfrCompile/GNUmakefile +} +fix_toolchain:append:class-native() { + # This tools_def.template is going to be used by the target ovmf and + # defines which compilers to use. For the GCC toolchain definitions, + # that will be ${HOST_PREFIX}gcc. However, "make" doesn't need that + # prefix. + # + # Injecting ENV(HOST_PREFIX) matches exporting that value as env + # variable in do_compile:class-target. + sed -i \ + -e 's#\(ENV\|DEF\)(GCC.*_PREFIX)#ENV(HOST_PREFIX)#' \ + -e 's#ENV(HOST_PREFIX)make#make#' \ + ${S}/BaseTools/Conf/tools_def.template + sed -i \ + -e '/^\(LFLAGS\|CFLAGS\) +=/d' \ + -e '/^LINKER/a LFLAGS += ${BUILD_LDFLAGS}\nCFLAGS += ${BUILD_CFLAGS}' \ + ${S}/BaseTools/Source/C/Makefiles/app.makefile \ + ${S}/BaseTools/Source/C/VfrCompile/GNUmakefile + # Linking with gold fails: + # internal error in do_layout, at ../../gold/object.cc:1821 + # make: *** [.../OUTPUT/Facs.acpi] Error 1 + # We intentionally hard-code the use of ld.bfd regardless of DISTRO_FEATURES + # to make ovmf-native reusable across distros. + sed -i \ + -e 's#^\(DEFINE GCC.*DLINK.*FLAGS *=\)#\1 -fuse-ld=bfd#' \ + -e 's#-flto#-fno-lto#g' \ + -e 's#-DUSING_LTO##g' \ + ${S}/BaseTools/Conf/tools_def.template +} + +# We disable lto above since the results are not reproducible and make it hard to compare +# binary build aretfacts to debug reproducibility problems. +# Surprisingly, if you disable lto, you see compiler warnings which are fatal. We therefore +# have to hack warnings overrides into GCC_PREFIX_MAP to allow it to build. + +# We want to pass ${DEBUG_PREFIX_MAP} to gcc commands and also pass in +# --debug-prefix-map to nasm (we carry a patch to nasm for this). The +# tools definitions are built by ovmf-native so we need to pass this in +# at target build time when we know the right values. +export NASM_PREFIX_MAP = "--debug-prefix-map=${WORKDIR}=/usr/src/debug/ovmf/${EXTENDPE}${PV}-${PR}" +export GCC_PREFIX_MAP = "${DEBUG_PREFIX_MAP} -Wno-stringop-overflow -Wno-maybe-uninitialized" + +GCC_VER="$(${CC} -v 2>&1 | tail -n1 | awk '{print $3}')" + +fixup_target_tools() { + case ${1} in + 4.4.*) + FIXED_GCCVER=GCC44 + ;; + 4.5.*) + FIXED_GCCVER=GCC45 + ;; + 4.6.*) + FIXED_GCCVER=GCC46 + ;; + 4.7.*) + FIXED_GCCVER=GCC47 + ;; + 4.8.*) + FIXED_GCCVER=GCC48 + ;; + 4.9.*) + FIXED_GCCVER=GCC49 + ;; + *) + FIXED_GCCVER=GCC5 + ;; + esac + echo ${FIXED_GCCVER} +} + +do_compile:class-native() { + oe_runmake -C ${S}/BaseTools +} + +do_compile:class-target() { + export LFLAGS="${LDFLAGS}" + PARALLEL_JOBS="${@oe.utils.parallel_make_argument(d, '-n %d')}" + OVMF_ARCH="X64" + if [ "${TARGET_ARCH}" != "x86_64" ] ; then + OVMF_ARCH="IA32" + fi + + # The build for the target uses BaseTools/Conf/tools_def.template + # from ovmf-native to find the compiler, which depends on + # exporting HOST_PREFIX. + export HOST_PREFIX="${HOST_PREFIX}" + + # BaseTools/Conf gets copied to Conf, but only if that does not + # exist yet. To ensure that an updated template gets used during + # incremental builds, we need to remove the copy before we start. + rm -f `ls ${S}/Conf/*.txt | grep -v ReadMe.txt` + + # ${WORKDIR}/ovmf is a well-known location where do_install and + # do_deploy will be able to find the files. + rm -rf ${WORKDIR}/ovmf + mkdir ${WORKDIR}/ovmf + OVMF_DIR_SUFFIX="X64" + if [ "${TARGET_ARCH}" != "x86_64" ] ; then + OVMF_DIR_SUFFIX="Ia32" # Note the different capitalization + fi + FIXED_GCCVER=$(fixup_target_tools ${GCC_VER}) + bbnote FIXED_GCCVER is ${FIXED_GCCVER} + build_dir="${S}/Build/Ovmf$OVMF_DIR_SUFFIX/RELEASE_${FIXED_GCCVER}" + + bbnote "Building without Secure Boot." + rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX + ${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER} ${PACKAGECONFIG_CONFARGS} + ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.fd + ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.code.fd + ln ${build_dir}/FV/OVMF_VARS.fd ${WORKDIR}/ovmf/ovmf.vars.fd + ln ${build_dir}/${OVMF_ARCH}/Shell.efi ${WORKDIR}/ovmf/ + + if ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'true', 'false', d)}; then + # Repeat build with the Secure Boot flags. + bbnote "Building with Secure Boot." + rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX + ${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER} ${PACKAGECONFIG_CONFARGS} ${OVMF_SECURE_BOOT_FLAGS} + ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.secboot.fd + ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.secboot.code.fd + ln ${build_dir}/${OVMF_ARCH}/EnrollDefaultKeys.efi ${WORKDIR}/ovmf/ + fi +} + +do_install:class-native() { + install -d ${D}/${bindir}/edk2_basetools + cp -r ${S}/BaseTools ${D}/${bindir}/${EDK_TOOLS_DIR} +} + +do_install:class-target() { + # Content for UEFI shell iso. We install the EFI shell as + # bootx64/ia32.efi because then it can be started even when the + # firmware itself does not contain it. + install -d ${D}/efi/boot + install ${WORKDIR}/ovmf/Shell.efi ${D}/efi/boot/boot${@ "ia32" if "${TARGET_ARCH}" != "x86_64" else "x64"}.efi + if ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'true', 'false', d)}; then + install ${WORKDIR}/ovmf/EnrollDefaultKeys.efi ${D} + fi +} + +# This always gets packaged because ovmf-shell-image depends on it. +# This allows testing that recipe in all configurations because it +# can always be part of a world build. +# +# However, EnrollDefaultKeys.efi is only included when Secure Boot is enabled. +PACKAGES =+ "ovmf-shell-efi" +FILES:ovmf-shell-efi = " \ + EnrollDefaultKeys.efi \ + efi/ \ +" + +DEPLOYDEP = "" +DEPLOYDEP:class-target = "qemu-system-native:do_populate_sysroot" +DEPLOYDEP:class-target += " ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'openssl-native:do_populate_sysroot', '', d)}" +do_deploy[depends] += "${DEPLOYDEP}" + +do_deploy() { +} +do_deploy:class-target() { + # For use with "runqemu ovmf". + for i in \ + ovmf \ + ovmf.code \ + ovmf.vars \ + ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'ovmf.secboot ovmf.secboot.code', '', d)} \ + ; do + qemu-img convert -f raw -O qcow2 ${WORKDIR}/ovmf/$i.fd ${DEPLOYDIR}/$i.qcow2 + done + + if ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'true', 'false', d)}; then + # Create a test Platform Key and first Key Exchange Key to use with EnrollDefaultKeys + openssl req -new -x509 -newkey rsa:2048 -keyout ${DEPLOYDIR}/OvmfPkKek1.key \ + -out ${DEPLOYDIR}/OvmfPkKek1.crt -nodes -days 20 -subj "/CN=OVMFSecBootTest" + openssl x509 -in ${DEPLOYDIR}/OvmfPkKek1.crt -out ${DEPLOYDIR}/OvmfPkKek1.pem -outform PEM + fi +} +addtask do_deploy after do_compile before do_build + +BBCLASSEXTEND = "native" +TOOLCHAIN = "gcc"