Browse Source

Special QEMU and EDK2 packages

master
PapaTutuWawa 1 year ago
parent
commit
bd117cb939
  1. 13
      .gitignore
  2. 34
      edk2-ovmf-hidden/50-edk2-ovmf-i386-secure.json
  3. 35
      edk2-ovmf-hidden/50-edk2-ovmf-x86_64-secure.json
  4. 33
      edk2-ovmf-hidden/60-edk2-ovmf-i386.json
  5. 34
      edk2-ovmf-hidden/60-edk2-ovmf-x86_64.json
  6. 199
      edk2-ovmf-hidden/PKGBUILD
  7. 233
      edk2-ovmf-hidden/edk2-202005-openssl-1.1.1g.patch
  8. 6
      edk2-ovmf-hidden/edk2-ovmf.install
  9. 1
      edk2-ovmf-hidden/edk2-shell.install
  10. 1
      qemu-hidden/65-kvm.rules
  11. 234
      qemu-hidden/PKGBUILD
  12. 9
      qemu-hidden/qemu-ga.service
  13. 8
      qemu-hidden/qemu.install

13
.gitignore

@ -1,6 +1,13 @@
# Ignore makepkg's directories
*/**/*
*/**/src
*/**/pkg
*/**/*.sig
*/**/*.xz
*/**/*.tar.gz
*/**/*.pkg.tar.zst
*/**/*.asc
*/**/.SRCINFO
# Only allow PKGBUILDS and patch files
!*/PKGBUILD
!*/*.patch
#!*/PKGBUILD
#!*/*.patch

34
edk2-ovmf-hidden/50-edk2-ovmf-i386-secure.json

@ -0,0 +1,34 @@
{
"description": "UEFI firmware for i386, with Secure Boot and SMM",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"executable": {
"filename": "/usr/share/edk2-ovmf/ia32/OVMF_CODE.secboot.fd",
"format": "raw"
},
"nvram-template": {
"filename": "/usr/share/edk2-ovmf/ia32/OVMF_VARS.fd",
"format": "raw"
}
},
"targets": [
{
"architecture": "i386",
"machines": [
"pc-q35-*"
]
}
],
"features": [
"acpi-s3",
"requires-smm",
"secure-boot",
"verbose-dynamic"
],
"tags": [
]
}

35
edk2-ovmf-hidden/50-edk2-ovmf-x86_64-secure.json

@ -0,0 +1,35 @@
{
"description": "UEFI firmware for x86_64, with Secure Boot and SMM",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"executable": {
"filename": "/usr/share/edk2-ovmf/x64/OVMF_CODE.secboot.fd",
"format": "raw"
},
"nvram-template": {
"filename": "/usr/share/edk2-ovmf/x64/OVMF_VARS.fd",
"format": "raw"
}
},
"targets": [
{
"architecture": "x86_64",
"machines": [
"pc-q35-*"
]
}
],
"features": [
"acpi-s3",
"amd-sev",
"requires-smm",
"secure-boot",
"verbose-dynamic"
],
"tags": [
]
}

33
edk2-ovmf-hidden/60-edk2-ovmf-i386.json

@ -0,0 +1,33 @@
{
"description": "UEFI firmware for i386",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"executable": {
"filename": "/usr/share/edk2-ovmf/ia32/OVMF_CODE.fd",
"format": "raw"
},
"nvram-template": {
"filename": "/usr/share/edk2-ovmf/ia32/OVMF_VARS.fd",
"format": "raw"
}
},
"targets": [
{
"architecture": "i386",
"machines": [
"pc-i440fx-*",
"pc-q35-*"
]
}
],
"features": [
"acpi-s3",
"verbose-dynamic"
],
"tags": [
]
}

34
edk2-ovmf-hidden/60-edk2-ovmf-x86_64.json

@ -0,0 +1,34 @@
{
"description": "UEFI firmware for x86_64",
"interface-types": [
"uefi"
],
"mapping": {
"device": "flash",
"executable": {
"filename": "/usr/share/edk2-ovmf/x64/OVMF_CODE.fd",
"format": "raw"
},
"nvram-template": {
"filename": "/usr/share/edk2-ovmf/x64/OVMF_VARS.fd",
"format": "raw"
}
},
"targets": [
{
"architecture": "x86_64",
"machines": [
"pc-i440fx-*",
"pc-q35-*"
]
}
],
"features": [
"acpi-s3",
"amd-sev",
"verbose-dynamic"
],
"tags": [
]
}

199
edk2-ovmf-hidden/PKGBUILD

@ -0,0 +1,199 @@
# Maintainer: David Runge <dvzrv@archlinux.org>
_brotli_ver=1.0.7
_openssl_ver=1.1.1g
pkgbase=edk2
pkgname=('edk2-shell' 'edk2-ovmf')
pkgver=202005
pkgrel=3
pkgdesc="Modern, feature-rich firmware development environment for the UEFI specifications"
arch=('any')
url="https://github.com/tianocore/edk2"
license=('BSD')
makedepends=('acpica' 'iasl' 'util-linux-libs' 'nasm' 'python')
conflicts=('edk2-ovmf')
options=(!makeflags)
source=("$pkgbase-$pkgver.tar.gz::https://github.com/tianocore/${pkgbase}/archive/${pkgbase}-stable${pkgver}.tar.gz"
"https://www.openssl.org/source/openssl-${_openssl_ver}.tar.gz"{,.asc}
"brotli-${_brotli_ver}.tar.gz::https://github.com/google/brotli/archive/v${_brotli_ver}.tar.gz"
"${pkgbase}-202005-openssl-1.1.1g.patch"
"50-edk2-ovmf-i386-secure.json"
"50-edk2-ovmf-x86_64-secure.json"
"60-edk2-ovmf-i386.json"
"60-edk2-ovmf-x86_64.json")
sha512sums=('864e5b8babb28eea05f59e17581209c853c004993842a7a6b104e96bd1fd29d9dd3a1545fb44639f2442acc51b078c4996621e1f927fbf449dc1b86421b432ac'
'01e3d0b1bceeed8fb066f542ef5480862001556e0f612e017442330bbd7e5faee228b2de3513d7fc347446b7f217e27de1003dc9d7214d5833b97593f3ec25ab'
'SKIP'
'a82362aa36d2f2094bca0b2808d9de0d57291fb3a4c29d7c0ca0a37e73087ec5ac4df299c8c363e61106fccf2fe7f58b5cf76eb97729e2696058ef43b1d3930a'
'3605c67d9c8870562086f63e96ffe8039cb394266298b382df61e12c777b6c37a2d2eb3fd5147cb3f00fabddc6dba139ba53da42ea81b1cbeb8f587c6d4cc251'
'55e4187b11b27737f61e528c02ff43b9381c0cb09140e803531616766f9cb9401115d88d946b56171784cc028f9571279640eb39b6a9fa8e02ec0c8d1b036a3e'
'a1236585b30d720540de2e9527d8c90ff2d428e800b3da545b23461dc698dc91fe441b62bb8cbca76e08f4ec1eb485619e9ab26157deb06e7fb33e7f5f9dd8b6'
'c81e072aabfb01d29cf5194111524e2c4c8684979de6b6793db10299c95bb94f7b1d0a98b057df0664d7a894a2b40e9b4c3576112fae400a95eaf5fe5fc9369b'
'2030dc1d49d56fce8af56c5777fd40f04041e39ff806dd8c021e161227bdd646982024db6758230b8332dc68f16bc6918e1d54ad3c022e21e148d6b65ea778b3')
validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491') # Matt Caswell <matt@openssl.org>
_arch_list=('IA32' 'X64')
_build_type='RELEASE'
_build_plugin='GCC5'
prepare() {
mv -v "$pkgbase-$pkgbase-stable$pkgver" "$pkgbase-$pkgver"
cd "$pkgbase-$pkgver"
# applying fixes to build against openssl-1.1.1g
patch -Np1 -i "../${pkgbase}-202005-openssl-1.1.1g.patch"
# symlinking openssl into place
rm -rfv CryptoPkg/Library/OpensslLib/openssl
ln -sfv "${srcdir}/openssl-$_openssl_ver" CryptoPkg/Library/OpensslLib/openssl
# copying required pre-generated header into place (to not also have to patch openssl)
cp -v CryptoPkg/Library/Include/internal/dso_conf.h CryptoPkg/Library/OpensslLib/openssl/include/crypto/
# symlinking brotli into place
rm -rfv BaseTools/Source/C/BrotliCompress/brotli MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
ln -sfv "${srcdir}/brotli-${_brotli_ver}" BaseTools/Source/C/BrotliCompress/brotli
ln -sfv "${srcdir}/brotli-${_brotli_ver}" MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
# -Werror, not even once
sed -e 's/ -Werror//g' \
-i BaseTools/Conf/*.template BaseTools/Source/C/Makefiles/*.makefile
# Mask that we're using OVMF
sed -e 's/EFI\ Development\ Kit II\ \/\ OVMF\\0/Argus BIOS\\0/' \
-i OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.c
}
build() {
cd "$pkgbase-$pkgver"
local _arch
make -C BaseTools
. edksetup.sh
for _arch in ${_arch_list[@]}; do
# shell
echo "Building shell (${_arch})."
BaseTools/BinWrappers/PosixLike/build -p ShellPkg/ShellPkg.dsc \
-a "${_arch}" \
-b "${_build_type}" \
-n "$(nproc)" \
-t "${_build_plugin}"
# ovmf
if [[ "${_arch}" == 'IA32' ]]; then
echo "Building ovmf (${_arch}) with secure boot"
OvmfPkg/build.sh -p OvmfPkg/OvmfPkgIa32.dsc \
-a "${_arch}" \
-b "${_build_type}" \
-n "$(nproc)" \
-t "${_build_plugin}" \
-D LOAD_X64_ON_IA32_ENABLE \
-D NETWORK_IP6_ENABLE \
-D TPM_ENABLE \
-D HTTP_BOOT_ENABLE \
-D TLS_ENABLE \
-D FD_SIZE_2MB \
-D SECURE_BOOT_ENABLE \
-D SMM_REQUIRE \
-D EXCLUDE_SHELL_FROM_FD
mv -v Build/Ovmf{Ia32,IA32-secure}
echo "Building ovmf (${_arch}) without secure boot"
OvmfPkg/build.sh -p OvmfPkg/OvmfPkgIa32.dsc \
-a "${_arch}" \
-b "${_build_type}" \
-n "$(nproc)" \
-t "${_build_plugin}" \
-D LOAD_X64_ON_IA32_ENABLE \
-D NETWORK_IP6_ENABLE \
-D TPM_ENABLE \
-D HTTP_BOOT_ENABLE \
-D TLS_ENABLE \
-D FD_SIZE_2MB
mv -v Build/Ovmf{Ia32,IA32}
fi
if [[ "${_arch}" == 'X64' ]]; then
echo "Building ovmf (${_arch}) with secure boot"
OvmfPkg/build.sh -p "OvmfPkg/OvmfPkg${_arch}.dsc" \
-a "${_arch}" \
-b "${_build_type}" \
-n "$(nproc)" \
-t "${_build_plugin}" \
-D NETWORK_IP6_ENABLE \
-D TPM_ENABLE \
-D FD_SIZE_2MB \
-D TLS_ENABLE \
-D HTTP_BOOT_ENABLE \
-D SECURE_BOOT_ENABLE \
-D SMM_REQUIRE \
-D EXCLUDE_SHELL_FROM_FD
mv -v Build/OvmfX64{,-secure}
echo "Building ovmf (${_arch}) without secure boot"
OvmfPkg/build.sh -p "OvmfPkg/OvmfPkg${_arch}.dsc" \
-a "${_arch}" \
-b "${_build_type}" \
-n "$(nproc)" \
-t "${_build_plugin}" \
-D NETWORK_IP6_ENABLE \
-D TPM_ENABLE \
-D FD_SIZE_2MB \
-D TLS_ENABLE \
-D HTTP_BOOT_ENABLE
fi
done
}
package_edk2-shell() {
pkgdesc="EDK2 UEFI Shell"
provides=('uefi-shell')
cd "$pkgbase-$pkgver"
local _arch
# minimal UEFI shell, as defined in ShellPkg/Application/Shell/ShellPkg.inf
local _min='7C04A583-9E3E-4f1c-AD65-E05268D0B4D1'
# full UEFI shell, as defined in ShellPkg/ShellPkg.dsc
local _full='EA4BB293-2D7F-4456-A681-1F22F42CD0BC'
for _arch in ${_arch_list[@]}; do
install -vDm 644 "Build/Shell/${_build_type}_${_build_plugin}/${_arch}/Shell_${_min}.efi" \
"${pkgdir}/usr/share/${pkgname}/${_arch,,}/Shell.efi"
install -vDm 644 "Build/Shell/${_build_type}_${_build_plugin}/${_arch}/Shell_${_full}.efi" \
"${pkgdir}/usr/share/${pkgname}/${_arch,,}/Shell_Full.efi"
done
# license
install -vDm 644 License.txt -t "${pkgdir}/usr/share/licenses/${pkgname}"
# docs
install -vDm 644 {ReadMe.rst,Maintainers.txt} \
-t "${pkgdir}/usr/share/doc/${pkgname}"
}
package_edk2-ovmf() {
pkgdesc="Open Virtual Machine Firmware to support firmware for Virtual Machines"
provides=('ovmf')
conflicts=('ovmf')
replaces=('ovmf')
license+=('MIT')
install="${pkgname}.install"
cd "$pkgbase-$pkgver"
local _arch
# installing the various firmwares
for _arch in ${_arch_list[@]}; do
# installing OVMF.fd for xen: https://bugs.archlinux.org/task/58635
install -vDm 644 "Build/Ovmf${_arch}/${_build_type}_${_build_plugin}/FV/OVMF.fd" \
-t "${pkgdir}/usr/share/${pkgname}/${_arch,,}"
install -vDm 644 "Build/Ovmf${_arch}/${_build_type}_${_build_plugin}/FV/OVMF_CODE.fd" \
-t "${pkgdir}/usr/share/${pkgname}/${_arch,,}"
install -vDm 644 "Build/Ovmf${_arch}/${_build_type}_${_build_plugin}/FV/OVMF_VARS.fd" \
-t "${pkgdir}/usr/share/${pkgname}/${_arch,,}"
install -vDm 644 "Build/Ovmf${_arch}-secure/${_build_type}_${_build_plugin}/FV/OVMF_CODE.fd" \
"${pkgdir}/usr/share/${pkgname}/${_arch,,}/OVMF_CODE.secboot.fd"
done
# installing qemu descriptors in accordance with qemu:
# https://git.qemu.org/?p=qemu.git;a=tree;f=pc-bios/descriptors
# https://bugs.archlinux.org/task/64206
install -vDm 644 ../*"${pkgname}"*.json -t "${pkgdir}/usr/share/qemu/firmware"
# adding symlink for previous ovmf location
# https://bugs.archlinux.org/task/66528
ln -svf "/usr/share/${pkgname}" "${pkgdir}/usr/share/ovmf"
# adding a symlink for applications with questionable heuristics (such as lxd)
ln -svf "/usr/share/${pkgname}" "${pkgdir}/usr/share/OVMF"
# licenses
install -vDm 644 License.txt -t "${pkgdir}/usr/share/licenses/${pkgname}"
install -vDm 644 OvmfPkg/License.txt \
"${pkgdir}/usr/share/licenses/${pkgname}/OvmfPkg.License.txt"
# docs
install -vDm 644 {OvmfPkg/README,ReadMe.rst,Maintainers.txt} \
-t "${pkgdir}/usr/share/doc/${pkgname}"
}

233
edk2-ovmf-hidden/edk2-202005-openssl-1.1.1g.patch

@ -0,0 +1,233 @@
diff -ruN a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
--- a/CryptoPkg/CryptoPkg.dec 2020-06-02 09:05:21.000000000 +0200
+++ b/CryptoPkg/CryptoPkg.dec 2020-06-09 15:21:52.055912797 +0200
@@ -23,7 +23,6 @@
Private
Library/Include
Library/OpensslLib/openssl/include
- Library/OpensslLib/openssl/crypto/include
[LibraryClasses]
## @libraryclass Provides basic library functions for cryptographic primitives.
diff -ruN a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c 2020-06-02 09:05:21.000000000 +0200
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c 2020-06-09 15:26:52.686439106 +0200
@@ -7,7 +7,7 @@
**/
#include "InternalCryptLib.h"
-#include "internal/sm3.h"
+#include <crypto/sm3.h>
/**
Retrieves the size, in bytes, of the context buffer required for SM3 hash operations.
diff -ruN a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c 2020-06-02 09:05:21.000000000 +0200
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c 2020-06-09 15:22:47.512057737 +0200
@@ -15,13 +15,12 @@
#include <openssl/asn1.h>
#include <openssl/x509.h>
#include <openssl/bio.h>
-#include <internal/x509_int.h>
#include <openssl/pkcs7.h>
#include <openssl/bn.h>
#include <openssl/x509_vfy.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
-#include <internal/asn1_int.h>
+#include <crypto/asn1.h>
/**
This function will return the leaf signer certificate in a chain. This is
diff -ruN a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf 2020-06-02 09:05:21.000000000 +0200
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf 2020-06-09 11:08:33.349121703 +0200
@@ -477,45 +477,44 @@
$(OPENSSL_PATH)/crypto/s390x_arch.h
$(OPENSSL_PATH)/crypto/sparc_arch.h
$(OPENSSL_PATH)/crypto/vms_rms.h
- $(OPENSSL_PATH)/crypto/aes/aes_locl.h
+ $(OPENSSL_PATH)/crypto/aes/aes_local.h
$(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h
- $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h
+ $(OPENSSL_PATH)/crypto/asn1/asn1_local.h
$(OPENSSL_PATH)/crypto/asn1/charmap.h
$(OPENSSL_PATH)/crypto/asn1/standard_methods.h
$(OPENSSL_PATH)/crypto/asn1/tbl_standard.h
- $(OPENSSL_PATH)/crypto/async/async_locl.h
+ $(OPENSSL_PATH)/crypto/async/async_local.h
$(OPENSSL_PATH)/crypto/async/arch/async_null.h
$(OPENSSL_PATH)/crypto/async/arch/async_posix.h
$(OPENSSL_PATH)/crypto/async/arch/async_win.h
- $(OPENSSL_PATH)/crypto/bio/bio_lcl.h
- $(OPENSSL_PATH)/crypto/bn/bn_lcl.h
+ $(OPENSSL_PATH)/crypto/bio/bio_local.h
+ $(OPENSSL_PATH)/crypto/bn/bn_local.h
$(OPENSSL_PATH)/crypto/bn/bn_prime.h
$(OPENSSL_PATH)/crypto/bn/rsaz_exp.h
- $(OPENSSL_PATH)/crypto/comp/comp_lcl.h
+ $(OPENSSL_PATH)/crypto/comp/comp_local.h
$(OPENSSL_PATH)/crypto/conf/conf_def.h
- $(OPENSSL_PATH)/crypto/conf/conf_lcl.h
- $(OPENSSL_PATH)/crypto/dh/dh_locl.h
- $(OPENSSL_PATH)/crypto/dso/dso_locl.h
- $(OPENSSL_PATH)/crypto/evp/evp_locl.h
- $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h
- $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h
- $(OPENSSL_PATH)/crypto/md5/md5_locl.h
- $(OPENSSL_PATH)/crypto/modes/modes_lcl.h
+ $(OPENSSL_PATH)/crypto/conf/conf_local.h
+ $(OPENSSL_PATH)/crypto/dh/dh_local.h
+ $(OPENSSL_PATH)/crypto/dso/dso_local.h
+ $(OPENSSL_PATH)/crypto/evp/evp_local.h
+ $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
+ $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
+ $(OPENSSL_PATH)/crypto/md5/md5_local.h
+ $(OPENSSL_PATH)/crypto/modes/modes_local.h
$(OPENSSL_PATH)/crypto/objects/obj_dat.h
- $(OPENSSL_PATH)/crypto/objects/obj_lcl.h
+ $(OPENSSL_PATH)/crypto/objects/obj_local.h
$(OPENSSL_PATH)/crypto/objects/obj_xref.h
- $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h
- $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h
- $(OPENSSL_PATH)/crypto/rand/rand_lcl.h
- $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h
- $(OPENSSL_PATH)/crypto/sha/sha_locl.h
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_local.h
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_local.h
+ $(OPENSSL_PATH)/crypto/rand/rand_local.h
+ $(OPENSSL_PATH)/crypto/rsa/rsa_local.h
+ $(OPENSSL_PATH)/crypto/sha/sha_local.h
$(OPENSSL_PATH)/crypto/siphash/siphash_local.h
- $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h
- $(OPENSSL_PATH)/crypto/store/store_locl.h
- $(OPENSSL_PATH)/crypto/ui/ui_locl.h
- $(OPENSSL_PATH)/crypto/x509/x509_lcl.h
+ $(OPENSSL_PATH)/crypto/sm3/sm3_local.h
+ $(OPENSSL_PATH)/crypto/store/store_local.h
+ $(OPENSSL_PATH)/crypto/ui/ui_local.h
+ $(OPENSSL_PATH)/crypto/x509/x509_local.h
$(OPENSSL_PATH)/crypto/x509v3/ext_dat.h
- $(OPENSSL_PATH)/crypto/x509v3/pcy_int.h
$(OPENSSL_PATH)/crypto/x509v3/standard_exts.h
$(OPENSSL_PATH)/crypto/x509v3/v3_admis.h
$(OPENSSL_PATH)/ssl/bio_ssl.c
@@ -562,13 +561,13 @@
$(OPENSSL_PATH)/ssl/t1_trce.c
$(OPENSSL_PATH)/ssl/tls13_enc.c
$(OPENSSL_PATH)/ssl/tls_srp.c
- $(OPENSSL_PATH)/ssl/packet_locl.h
+ $(OPENSSL_PATH)/ssl/packet_local.h
$(OPENSSL_PATH)/ssl/ssl_cert_table.h
- $(OPENSSL_PATH)/ssl/ssl_locl.h
+ $(OPENSSL_PATH)/ssl/ssl_local.h
$(OPENSSL_PATH)/ssl/record/record.h
- $(OPENSSL_PATH)/ssl/record/record_locl.h
+ $(OPENSSL_PATH)/ssl/record/record_local.h
$(OPENSSL_PATH)/ssl/statem/statem.h
- $(OPENSSL_PATH)/ssl/statem/statem_locl.h
+ $(OPENSSL_PATH)/ssl/statem/statem_local.h
# Autogenerated files list ends here
buildinf.h
rand_pool_noise.h
diff -ruN a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf 2020-06-02 09:05:21.000000000 +0200
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf 2020-06-09 11:17:31.877356870 +0200
@@ -477,45 +477,44 @@
$(OPENSSL_PATH)/crypto/s390x_arch.h
$(OPENSSL_PATH)/crypto/sparc_arch.h
$(OPENSSL_PATH)/crypto/vms_rms.h
- $(OPENSSL_PATH)/crypto/aes/aes_locl.h
+ $(OPENSSL_PATH)/crypto/aes/aes_local.h
$(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h
- $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h
+ $(OPENSSL_PATH)/crypto/asn1/asn1_local.h
$(OPENSSL_PATH)/crypto/asn1/charmap.h
$(OPENSSL_PATH)/crypto/asn1/standard_methods.h
$(OPENSSL_PATH)/crypto/asn1/tbl_standard.h
- $(OPENSSL_PATH)/crypto/async/async_locl.h
+ $(OPENSSL_PATH)/crypto/async/async_local.h
$(OPENSSL_PATH)/crypto/async/arch/async_null.h
$(OPENSSL_PATH)/crypto/async/arch/async_posix.h
$(OPENSSL_PATH)/crypto/async/arch/async_win.h
- $(OPENSSL_PATH)/crypto/bio/bio_lcl.h
- $(OPENSSL_PATH)/crypto/bn/bn_lcl.h
+ $(OPENSSL_PATH)/crypto/bio/bio_local.h
+ $(OPENSSL_PATH)/crypto/bn/bn_local.h
$(OPENSSL_PATH)/crypto/bn/bn_prime.h
$(OPENSSL_PATH)/crypto/bn/rsaz_exp.h
- $(OPENSSL_PATH)/crypto/comp/comp_lcl.h
+ $(OPENSSL_PATH)/crypto/comp/comp_local.h
$(OPENSSL_PATH)/crypto/conf/conf_def.h
- $(OPENSSL_PATH)/crypto/conf/conf_lcl.h
- $(OPENSSL_PATH)/crypto/dh/dh_locl.h
- $(OPENSSL_PATH)/crypto/dso/dso_locl.h
- $(OPENSSL_PATH)/crypto/evp/evp_locl.h
- $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h
- $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h
- $(OPENSSL_PATH)/crypto/md5/md5_locl.h
- $(OPENSSL_PATH)/crypto/modes/modes_lcl.h
+ $(OPENSSL_PATH)/crypto/conf/conf_local.h
+ $(OPENSSL_PATH)/crypto/dh/dh_local.h
+ $(OPENSSL_PATH)/crypto/dso/dso_local.h
+ $(OPENSSL_PATH)/crypto/evp/evp_local.h
+ $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
+ $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
+ $(OPENSSL_PATH)/crypto/md5/md5_local.h
+ $(OPENSSL_PATH)/crypto/modes/modes_local.h
$(OPENSSL_PATH)/crypto/objects/obj_dat.h
- $(OPENSSL_PATH)/crypto/objects/obj_lcl.h
+ $(OPENSSL_PATH)/crypto/objects/obj_local.h
$(OPENSSL_PATH)/crypto/objects/obj_xref.h
- $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h
- $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h
- $(OPENSSL_PATH)/crypto/rand/rand_lcl.h
- $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h
- $(OPENSSL_PATH)/crypto/sha/sha_locl.h
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_local.h
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_local.h
+ $(OPENSSL_PATH)/crypto/rand/rand_local.h
+ $(OPENSSL_PATH)/crypto/rsa/rsa_local.h
+ $(OPENSSL_PATH)/crypto/sha/sha_local.h
$(OPENSSL_PATH)/crypto/siphash/siphash_local.h
- $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h
- $(OPENSSL_PATH)/crypto/store/store_locl.h
- $(OPENSSL_PATH)/crypto/ui/ui_locl.h
- $(OPENSSL_PATH)/crypto/x509/x509_lcl.h
+ $(OPENSSL_PATH)/crypto/sm3/sm3_local.h
+ $(OPENSSL_PATH)/crypto/store/store_local.h
+ $(OPENSSL_PATH)/crypto/ui/ui_local.h
+ $(OPENSSL_PATH)/crypto/x509/x509_local.h
$(OPENSSL_PATH)/crypto/x509v3/ext_dat.h
- $(OPENSSL_PATH)/crypto/x509v3/pcy_int.h
$(OPENSSL_PATH)/crypto/x509v3/standard_exts.h
$(OPENSSL_PATH)/crypto/x509v3/v3_admis.h
# Autogenerated files list ends here
diff -ruN a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl
--- a/CryptoPkg/Library/OpensslLib/process_files.pl 2020-06-02 09:05:21.000000000 +0200
+++ b/CryptoPkg/Library/OpensslLib/process_files.pl 2020-06-09 12:36:16.400775802 +0200
@@ -111,8 +111,8 @@
# Generate dso_conf.h per config data
system(
"perl -I. -Mconfigdata util/dofile.pl " .
- "crypto/include/internal/dso_conf.h.in " .
- "> include/internal/dso_conf.h"
+ "include/crypto/dso_conf.h.in " .
+ "> include/crypto/dso_conf.h"
) == 0 ||
die "Failed to generate dso_conf.h!\n";
diff -ruN a/CryptoPkg/Library/OpensslLib/rand_pool.c b/CryptoPkg/Library/OpensslLib/rand_pool.c
--- a/CryptoPkg/Library/OpensslLib/rand_pool.c 2020-06-02 09:05:21.000000000 +0200
+++ b/CryptoPkg/Library/OpensslLib/rand_pool.c 2020-06-17 21:00:46.335684557 +0200
@@ -7,9 +7,8 @@
**/
-#include "internal/rand_int.h"
#include <openssl/aes.h>
-
+#include <crypto/rand.h>
#include <Uefi.h>
#include <Library/TimerLib.h>

6
edk2-ovmf-hidden/edk2-ovmf.install

@ -0,0 +1,6 @@
post_install() {
# note for users of ovmf
if [ "$(vercmp "$1" '202002-9')" -le 0 ]; then
echo -e "The firmware location has changed to /usr/share/edk2-ovmf/. Symlinks are provided for backwards compatibility.\nNOTE: To update the paths run 'virsh edit' on virtual machines that use OVMF."
fi
}

1
edk2-ovmf-hidden/edk2-shell.install

@ -0,0 +1 @@
# empty install file to satisfy makepkg

1
qemu-hidden/65-kvm.rules

@ -0,0 +1 @@
KERNEL=="vhost-net", GROUP="kvm", MODE="0660", TAG+="uaccess", OPTIONS+="static_node=vhost-net"

234
qemu-hidden/PKGBUILD

@ -0,0 +1,234 @@
# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
# Contributor: Sébastien "Seblu" Luttringer <seblu@seblu.net>
pkgbase=qemu
pkgname=(qemu qemu-headless qemu-arch-extra qemu-headless-arch-extra
qemu-block-{iscsi,rbd,gluster} qemu-guest-agent)
pkgdesc="A generic and open source machine emulator and virtualizer"
pkgver=5.1.0
pkgrel=2
arch=(x86_64)
license=(GPL2 LGPL2.1)
url="https://wiki.qemu.org/"
_headlessdeps=(seabios gnutls libpng libaio numactl libnfs
lzo snappy curl vde2 libcap-ng spice libcacard usbredir libslirp
libssh zstd liburing)
depends=(virglrenderer sdl2 vte3 libpulse libjack.so brltty "${_headlessdeps[@]}")
makedepends=(spice-protocol python ceph libiscsi glusterfs python-sphinx xfsprogs)
source=(https://download.qemu.org/qemu-$pkgver.tar.xz{,.sig}
qemu-ga.service
65-kvm.rules)
sha512sums=('e213edb71d93d5167ddce7546220ecb7b52a7778586a4f476f65bd1e510c9cfc6d1876238a7b501d9cc3fd31cc2ae4b7fb9e753bc3f12cc17cd16dfce2a96ba3'
'SKIP'
'269c0f0bacbd06a3d817fde02dce26c99d9f55c9e3b74bb710bd7e5cdde7a66b904d2eb794c8a605bf9305e4e3dee261a6e7d4ec9d9134144754914039f176e4'
'bdf05f99407491e27a03aaf845b7cc8acfa2e0e59968236f10ffc905e5e3d5e8569df496fd71c887da2b5b8d1902494520c7da2d3a8258f7fd93a881dd610c99')
validpgpkeys=('CEACC9E15534EBABB82D3FA03353C9CEF108B584') # Michael Roth <flukshun@gmail.com>
case $CARCH in
i?86) _corearch=i386 ;;
x86_64) _corearch=x86_64 ;;
esac
prepare() {
mkdir build-{full,headless}
mkdir -p extra-arch-{full,headless}/usr/{bin,share/qemu}
cd "${srcdir}/${pkgbase}-${pkgver}"
qemu_hd_replacement="WDC WD20EARS"
qemu_dvd_replacement="DVD-ROM"
hypervisor_string_replacement="\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0"
sed -i "s/QEMU HARDDISK/$qemu_hd_replacement/g" hw/ide/core.c
sed -i "s/QEMU HARDDISK/$qemu_hd_replacement/g" hw/scsi/scsi-disk.c
sed -i "s/QEMU DVD-ROM/$qemu_dvd_replacement/g" hw/ide/core.c
sed -i "s/QEMU DVD-ROM/$qemu_dvd_replacement/g" hw/ide/atapi.c
sed -i "s/QEMU PenPartner tablet/<WOOT> PenPartner tablet/g" hw/usb/dev-wacom.c
sed -i 's/s->vendor = g_strdup("QEMU");/s->vendor = g_strdup("<WOOT>");/g' hw/scsi/scsi-disk.c
sed -i "s/QEMU CD-ROM/$qemu_dvd_replacement/g" hw/scsi/scsi-disk.c
sed -i 's/padstr8(buf + 8, 8, "QEMU");/padstr8(buf + 8, 8, "<WOOT>");/g' hw/ide/atapi.c
sed -i 's/QEMU MICRODRIVE/<WOOT> MICRODRIVE/g' hw/ide/core.c
sed -i "s/KVMKVMKVM\\0\\0\\0/$hypervisor_string_replacement/g" target/i386/kvm.c
sed -i 's/"bochs"/"<WOOT>"/g' block/bochs.c
sed -i 's/"BOCHS "/"ALASKA"/g' include/hw/acpi/aml-build.h
sed -i 's/Microsoft Hv/$hypervisor_string_replacement/g' target/i386/kvm.c
}
build() {
_build full \
--audio-drv-list="pa"
_build headless \
--audio-drv-list= \
--disable-sdl \
--disable-gtk \
--disable-vte \
--disable-brlapi \
--disable-opengl \
--disable-virglrenderer
}
_build() (
cd build-$1
../${pkgname}-${pkgver}/configure \
--target-list=x86_64-softmmu \
--prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
--libexecdir=/usr/lib/qemu \
--extra-ldflags="$LDFLAGS" \
--smbd=/usr/bin/smbd \
--enable-modules \
--enable-sdl \
--enable-slirp=system \
--enable-xfsctl \
"${@:2}"
make
)
package_qemu() {
optdepends=('qemu-arch-extra: extra architectures support')
provides=(qemu-headless)
conflicts=(qemu-headless)
replaces=(qemu-kvm)
_package full
}
package_qemu-headless() {
pkgdesc="QEMU without GUI"
depends=("${_headlessdeps[@]}")
optdepends=('qemu-headless-arch-extra: extra architectures support')
_package headless
}
_package() {
optdepends+=('samba: SMB/CIFS server support'
'qemu-block-iscsi: iSCSI block support'
'qemu-block-rbd: RBD block support'
'qemu-block-gluster: glusterfs block support')
install=qemu.install
options=(!strip !emptydirs)
make -C build-$1 DESTDIR="$pkgdir" install "${@:2}"
# systemd stuff
install -Dm644 65-kvm.rules "$pkgdir/usr/lib/udev/rules.d/65-kvm.rules"
# remove conflicting /var/run directory
cd "$pkgdir"
rm -r var
cd usr/lib
# bridge_helper needs suid
# https://bugs.archlinux.org/task/32565
chmod u+s qemu/qemu-bridge-helper
# remove split block modules
rm qemu/block-{iscsi,rbd,gluster}.so
cd ../bin
# remove extra arch
for _bin in qemu-*; do
[[ -f $_bin ]] || continue
case ${_bin#qemu-} in
# guest agent
ga) rm "$_bin"; continue ;;
# tools
edid|img|io|keymap|nbd|pr-helper|storage-daemon) continue ;;
# core emu
system-${_corearch}) continue ;;
esac
mv "$_bin" "$srcdir/extra-arch-$1/usr/bin"
done
cd ../share/qemu
for _blob in *; do
[[ -f $_blob ]] || continue
case $_blob in
# provided by seabios package
bios.bin|bios-256k.bin|vgabios-cirrus.bin|vgabios-qxl.bin|\
vgabios-stdvga.bin|vgabios-vmware.bin|vgabios-virtio.bin|vgabios-bochs-display.bin|\
vgabios-ramfb.bin) rm "$_blob"; continue ;;
# provided by edk2-ovmf package
edk2-*) rm "$_blob"; continue ;;
# iPXE ROMs
efi-*|pxe-*) continue ;;
# core blobs
bios-microvm.bin|kvmvapic.bin|linuxboot*|multiboot.bin|sgabios.bin|vgabios*) continue ;;
# Trace events definitions
trace-events*) continue ;;
esac
mv "$_blob" "$srcdir/extra-arch-$1/usr/share/qemu"
done
# provided by edk2-ovmf package
rm -r firmware
cd ..
if [ "$1" = headless ]; then rm -r {applications,icons}; fi
}
package_qemu-arch-extra() {
pkgdesc="QEMU for foreign architectures"
depends=(qemu)
provides=(qemu-headless-arch-extra)
conflicts=(qemu-headless-arch-extra)
options=(!strip)
mv extra-arch-full/usr "$pkgdir"
}
package_qemu-headless-arch-extra() {
pkgdesc="QEMU without GUI, for foreign architectures"
depends=(qemu-headless)
options=(!strip)
mv extra-arch-headless/usr "$pkgdir"
}
package_qemu-block-iscsi() {
pkgdesc="QEMU iSCSI block module"
depends=(glib2 libiscsi)
install -D build-full/block-iscsi.so "$pkgdir/usr/lib/qemu/block-iscsi.so"
}
package_qemu-block-rbd() {
pkgdesc="QEMU RBD block module"
depends=(glib2 ceph-libs)
install -D build-full/block-rbd.so "$pkgdir/usr/lib/qemu/block-rbd.so"
}
package_qemu-block-gluster() {
pkgdesc="QEMU GlusterFS block module"
depends=(glib2 glusterfs)
install -D build-full/block-gluster.so "$pkgdir/usr/lib/qemu/block-gluster.so"
}
package_qemu-guest-agent() {
pkgdesc="QEMU Guest Agent"
depends=(gcc-libs glib2 libudev.so)
install -D build-full/qemu-ga "$pkgdir/usr/bin/qemu-ga"
install -Dm644 qemu-ga.service "$pkgdir/usr/lib/systemd/system/qemu-ga.service"
install -Dm755 "$srcdir/qemu-$pkgver/scripts/qemu-guest-agent/fsfreeze-hook" "$pkgdir/etc/qemu/fsfreeze-hook"
}
# vim:set ts=2 sw=2 et:

9
qemu-hidden/qemu-ga.service

@ -0,0 +1,9 @@
[Unit]
Description=QEMU Guest Agent
ConditionPathExists=/dev/virtio-ports/org.qemu.guest_agent.0
[Service]
ExecStart=/usr/bin/qemu-ga
[Install]
WantedBy=multi-user.target

8
qemu-hidden/qemu.install

@ -0,0 +1,8 @@
# Arg 1: the new package version
post_install() {
# trigger events on modules files when already loaded
for _f in /sys/devices/virtual/misc/{kvm,vhost-net}; do
[[ -e "$_f" ]] && udevadm trigger "$_f"
done
:
}
Loading…
Cancel
Save