forked from brl/citadel
249 lines
9.0 KiB
BlitzBasic
249 lines
9.0 KiB
BlitzBasic
SUMMARY = "OVMF - UEFI firmware for Qemu and KVM"
|
|
DESCRIPTION = "OVMF is an EDK II based project to enable UEFI support for \
|
|
Virtual Machines. OVMF contains sample UEFI firmware for QEMU and KVM"
|
|
HOMEPAGE = "https://github.com/tianocore/tianocore.github.io/wiki/OVMF"
|
|
LICENSE = "BSD"
|
|
LICENSE_class-target = "${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'BSD & OpenSSL', 'BSD', d)}"
|
|
LIC_FILES_CHKSUM = "file://OvmfPkg/License.txt;md5=343dc88e82ff33d042074f62050c3496"
|
|
|
|
# Enabling Secure Boot adds a dependency on OpenSSL and implies
|
|
# compiling OVMF twice, so it is disabled by default. Distros
|
|
# may change that default.
|
|
PACKAGECONFIG ??= ""
|
|
PACKAGECONFIG[secureboot] = ",,,"
|
|
|
|
SRC_URI = "git://github.com/tianocore/edk2.git;branch=master \
|
|
file://0001-ia32-Dont-use-pie.patch \
|
|
file://0002-ovmf-update-path-to-native-BaseTools.patch \
|
|
file://0003-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch \
|
|
file://0004-ovmf-enable-long-path-file.patch \
|
|
file://VfrCompile-increase-path-length-limit.patch \
|
|
file://no-stack-protector-all-archs.patch \
|
|
"
|
|
UPSTREAM_VERSION_UNKNOWN = "1"
|
|
|
|
OPENSSL_RELEASE = "openssl-1.1.0e"
|
|
|
|
SRC_URI_append_class-target = " \
|
|
${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'http://www.openssl.org/source/${OPENSSL_RELEASE}.tar.gz;name=openssl;subdir=${S}/CryptoPkg/Library/OpensslLib', '', d)} \
|
|
file://0007-OvmfPkg-EnrollDefaultKeys-application-for-enrolling-.patch \
|
|
"
|
|
|
|
SRCREV="ec4910cd3336565fdb61dafdd9ec4ae7a6160ba3"
|
|
SRC_URI[openssl.md5sum] = "51c42d152122e474754aea96f66928c6"
|
|
SRC_URI[openssl.sha256sum] = "57be8618979d80c910728cfc99369bf97b2a1abd8f366ab6ebdee8975ad3874c"
|
|
|
|
inherit deploy
|
|
|
|
PARALLEL_MAKE_class-native = ""
|
|
|
|
S = "${WORKDIR}/git"
|
|
|
|
DEPENDS_class-native="util-linux-native iasl-native ossp-uuid-native qemu-native"
|
|
|
|
DEPENDS_class-target="ovmf-native"
|
|
|
|
DEPENDS_append = " nasm-native"
|
|
|
|
EDK_TOOLS_DIR="edk2_basetools"
|
|
|
|
# OVMF has trouble building with the default optimization of -O2.
|
|
BUILD_OPTIMIZATION="-pipe"
|
|
|
|
# OVMF supports IA only, although it could conceivably support ARM someday.
|
|
COMPATIBLE_HOST='(i.86|x86_64).*'
|
|
|
|
# Additional build flags for OVMF with Secure Boot.
|
|
# Fedora also uses "-D SMM_REQUIRE -D EXCLUDE_SHELL_FROM_FD".
|
|
OVMF_SECURE_BOOT_EXTRA_FLAGS ??= ""
|
|
OVMF_SECURE_BOOT_FLAGS = "-DSECURE_BOOT_ENABLE=TRUE ${OVMF_SECURE_BOOT_EXTRA_FLAGS}"
|
|
|
|
do_patch[postfuncs] += "fix_basetools_location"
|
|
fix_basetools_location () {
|
|
}
|
|
fix_basetools_location_class-target() {
|
|
# Replaces the fake path inserted by 0002-ovmf-update-path-to-native-BaseTools.patch.
|
|
# Necessary for finding the actual BaseTools from ovmf-native.
|
|
sed -i -e 's#BBAKE_EDK_TOOLS_PATH#${STAGING_BINDIR_NATIVE}/${EDK_TOOLS_DIR}#' ${S}/OvmfPkg/build.sh
|
|
}
|
|
|
|
do_patch[postfuncs] += "fix_iasl"
|
|
fix_iasl() {
|
|
}
|
|
fix_iasl_class-native() {
|
|
# iasl is not installed under /usr/bin when building with OE.
|
|
sed -i -e 's#/usr/bin/iasl#${STAGING_BINDIR_NATIVE}/iasl#' ${S}/BaseTools/Conf/tools_def.template
|
|
}
|
|
|
|
# Inject CC and friends into the build. LINKER already is in GNUmakefile.
|
|
# Must be idempotent and thus remove old assignments that were inserted
|
|
# earlier.
|
|
do_patch[postfuncs] += "fix_toolchain"
|
|
fix_toolchain() {
|
|
sed -i \
|
|
-e '/^\(CC\|CXX\|AS\|AR\|LD\|LINKER\) =/d' \
|
|
-e '/^APPLICATION/a CC = ${CC}\nCXX = ${CXX}\nAS = ${AS}\nAR = ${AR}\nLD = ${LD}\nLINKER = $(CC)' \
|
|
${S}/BaseTools/Source/C/Makefiles/app.makefile
|
|
sed -i \
|
|
-e '/^\(CC\|CXX\|AS\|AR\|LD\)/d' \
|
|
-e '/^VFR_CPPFLAGS/a CC = ${CC}\nCXX = ${CXX}\nAS = ${AS}\nAR = ${AR}\nLD = ${LD}' \
|
|
${S}/BaseTools/Source/C/VfrCompile/GNUmakefile
|
|
}
|
|
fix_toolchain_append_class-native() {
|
|
# This tools_def.template is going to be used by the target ovmf and
|
|
# defines which compilers to use. For the GCC toolchain definitions,
|
|
# that will be ${HOST_PREFIX}gcc. However, "make" doesn't need that
|
|
# prefix.
|
|
#
|
|
# Injecting ENV(HOST_PREFIX) matches exporting that value as env
|
|
# variable in do_compile_class-target.
|
|
sed -i \
|
|
-e 's#\(ENV\|DEF\)(GCC.*_PREFIX)#ENV(HOST_PREFIX)#' \
|
|
-e 's#ENV(HOST_PREFIX)make#make#' \
|
|
${S}/BaseTools/Conf/tools_def.template
|
|
sed -i \
|
|
-e '/^\(LFLAGS\|CFLAGS\) +=/d' \
|
|
-e '/^LINKER/a LFLAGS += ${BUILD_LDFLAGS}\nCFLAGS += ${BUILD_CFLAGS}' \
|
|
${S}/BaseTools/Source/C/Makefiles/app.makefile \
|
|
${S}/BaseTools/Source/C/VfrCompile/GNUmakefile
|
|
# Linking with gold fails:
|
|
# internal error in do_layout, at ../../gold/object.cc:1821
|
|
# make: *** [.../OUTPUT/Facs.acpi] Error 1
|
|
# We intentionally hard-code the use of ld.bfd regardless of DISTRO_FEATURES
|
|
# to make ovmf-native reusable across distros.
|
|
sed -i \
|
|
-e 's#^\(DEFINE GCC.*DLINK.*FLAGS *=\)#\1 -fuse-ld=bfd#' \
|
|
${S}/BaseTools/Conf/tools_def.template
|
|
}
|
|
|
|
GCC_VER="$(${CC} -v 2>&1 | tail -n1 | awk '{print $3}')"
|
|
|
|
fixup_target_tools() {
|
|
case ${1} in
|
|
4.4.*)
|
|
FIXED_GCCVER=GCC44
|
|
;;
|
|
4.5.*)
|
|
FIXED_GCCVER=GCC45
|
|
;;
|
|
4.6.*)
|
|
FIXED_GCCVER=GCC46
|
|
;;
|
|
4.7.*)
|
|
FIXED_GCCVER=GCC47
|
|
;;
|
|
4.8.*)
|
|
FIXED_GCCVER=GCC48
|
|
;;
|
|
4.9.*)
|
|
FIXED_GCCVER=GCC49
|
|
;;
|
|
*)
|
|
FIXED_GCCVER=GCC5
|
|
;;
|
|
esac
|
|
echo ${FIXED_GCCVER}
|
|
}
|
|
|
|
do_compile_class-native() {
|
|
oe_runmake -C ${S}/BaseTools
|
|
}
|
|
|
|
do_compile_class-target() {
|
|
export LFLAGS="${LDFLAGS}"
|
|
PARALLEL_JOBS="${@ '${PARALLEL_MAKE}'.replace('-j', '-n')}"
|
|
OVMF_ARCH="X64"
|
|
if [ "${TARGET_ARCH}" != "x86_64" ] ; then
|
|
OVMF_ARCH="IA32"
|
|
fi
|
|
|
|
# The build for the target uses BaseTools/Conf/tools_def.template
|
|
# from ovmf-native to find the compiler, which depends on
|
|
# exporting HOST_PREFIX.
|
|
export HOST_PREFIX="${HOST_PREFIX}"
|
|
|
|
# BaseTools/Conf gets copied to Conf, but only if that does not
|
|
# exist yet. To ensure that an updated template gets used during
|
|
# incremental builds, we need to remove the copy before we start.
|
|
rm -f `ls ${S}/Conf/*.txt | grep -v ReadMe.txt`
|
|
|
|
# ${WORKDIR}/ovmf is a well-known location where do_install and
|
|
# do_deploy will be able to find the files.
|
|
rm -rf ${WORKDIR}/ovmf
|
|
mkdir ${WORKDIR}/ovmf
|
|
OVMF_DIR_SUFFIX="X64"
|
|
if [ "${TARGET_ARCH}" != "x86_64" ] ; then
|
|
OVMF_DIR_SUFFIX="Ia32" # Note the different capitalization
|
|
fi
|
|
FIXED_GCCVER=$(fixup_target_tools ${GCC_VER})
|
|
bbnote FIXED_GCCVER is ${FIXED_GCCVER}
|
|
build_dir="${S}/Build/Ovmf$OVMF_DIR_SUFFIX/RELEASE_${FIXED_GCCVER}"
|
|
|
|
bbnote "Building without Secure Boot."
|
|
rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX
|
|
${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER}
|
|
ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.fd
|
|
ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.code.fd
|
|
ln ${build_dir}/FV/OVMF_VARS.fd ${WORKDIR}/ovmf/ovmf.vars.fd
|
|
ln ${build_dir}/${OVMF_ARCH}/Shell.efi ${WORKDIR}/ovmf/
|
|
|
|
if ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'true', 'false', d)}; then
|
|
# See CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt and
|
|
# https://src.fedoraproject.org/cgit/rpms/edk2.git/tree/ for
|
|
# building with Secure Boot enabled.
|
|
bbnote "Building with Secure Boot."
|
|
rm -rf ${S}/Build/Ovmf$OVMF_DIR_SUFFIX
|
|
ln -sf ${OPENSSL_RELEASE} ${S}/CryptoPkg/Library/OpensslLib/openssl
|
|
${S}/OvmfPkg/build.sh $PARALLEL_JOBS -a $OVMF_ARCH -b RELEASE -t ${FIXED_GCCVER} ${OVMF_SECURE_BOOT_FLAGS}
|
|
ln ${build_dir}/FV/OVMF.fd ${WORKDIR}/ovmf/ovmf.secboot.fd
|
|
ln ${build_dir}/FV/OVMF_CODE.fd ${WORKDIR}/ovmf/ovmf.secboot.code.fd
|
|
ln ${build_dir}/${OVMF_ARCH}/EnrollDefaultKeys.efi ${WORKDIR}/ovmf/
|
|
fi
|
|
}
|
|
|
|
do_install_class-native() {
|
|
install -d ${D}/${bindir}/edk2_basetools
|
|
cp -r ${S}/BaseTools ${D}/${bindir}/${EDK_TOOLS_DIR}
|
|
}
|
|
|
|
do_install_class-target() {
|
|
# Content for UEFI shell iso. We install the EFI shell as
|
|
# bootx64/ia32.efi because then it can be started even when the
|
|
# firmware itself does not contain it.
|
|
install -d ${D}/efi/boot
|
|
install ${WORKDIR}/ovmf/Shell.efi ${D}/efi/boot/boot${@ "ia32" if "${TARGET_ARCH}" != "x86_64" else "x64"}.efi
|
|
if ${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'true', 'false', d)}; then
|
|
install ${WORKDIR}/ovmf/EnrollDefaultKeys.efi ${D}
|
|
fi
|
|
}
|
|
|
|
# This always gets packaged because ovmf-shell-image depends on it.
|
|
# This allows testing that recipe in all configurations because it
|
|
# can always be part of a world build.
|
|
#
|
|
# However, EnrollDefaultKeys.efi is only included when Secure Boot is enabled.
|
|
PACKAGES =+ "ovmf-shell-efi"
|
|
FILES_ovmf-shell-efi = " \
|
|
EnrollDefaultKeys.efi \
|
|
efi/ \
|
|
"
|
|
|
|
do_deploy() {
|
|
}
|
|
do_deploy[cleandirs] = "${DEPLOYDIR}"
|
|
do_deploy_class-target() {
|
|
# For use with "runqemu ovmf".
|
|
for i in \
|
|
ovmf \
|
|
ovmf.code \
|
|
ovmf.vars \
|
|
${@bb.utils.contains('PACKAGECONFIG', 'secureboot', 'ovmf.secboot ovmf.secboot.code', '', d)} \
|
|
; do
|
|
qemu-img convert -f raw -O qcow2 ${WORKDIR}/ovmf/$i.fd ${DEPLOYDIR}/$i.qcow2
|
|
done
|
|
}
|
|
addtask do_deploy after do_compile before do_build
|
|
|
|
BBCLASSEXTEND = "native"
|
|
TOOLCHAIN = "gcc"
|