Doan Tran Cong Danh
maxice8
parent
719c6ef3d8
commit
2c4a4c02a8
6 changed files with 213 additions and 0 deletions
1
srcpkgs/efitools-efi
Symbolic link
1
srcpkgs/efitools-efi
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
efitools
|
||||
11
srcpkgs/efitools/patches/libressl-compatibility.patch
Normal file
11
srcpkgs/efitools/patches/libressl-compatibility.patch
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
--- a/cert-to-efi-hash-list.c 2018-04-21 20:59:24.814748503 +0200
|
||||
+++ b/cert-to-efi-hash-list.c 2018-04-21 20:59:51.868581307 +0200
|
||||
@@ -135,7 +135,7 @@
|
||||
X509 *cert = PEM_read_bio_X509(cert_bio, NULL, NULL, NULL);
|
||||
unsigned char *cert_buf = NULL;
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||
int cert_len = i2d_X509_CINF(cert->cert_info, &cert_buf);
|
||||
#else
|
||||
int cert_len = i2d_re_X509_tbs(cert, &cert_buf);
|
||||
|
|
@ -0,0 +1,45 @@
|
|||
diff --git a/Makefile b/Makefile
|
||||
index 30e236b..31004a6 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -82,31 +82,31 @@ HelloWorld.so: lib/lib-efi.a
|
||||
ShimReplace.so: lib/lib-efi.a
|
||||
|
||||
cert-to-efi-sig-list: cert-to-efi-sig-list.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a -lcrypto
|
||||
|
||||
sig-list-to-certs: sig-list-to-certs.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a -lcrypto
|
||||
|
||||
sign-efi-sig-list: sign-efi-sig-list.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a -lcrypto
|
||||
|
||||
hash-to-efi-sig-list: hash-to-efi-sig-list.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a
|
||||
|
||||
cert-to-efi-hash-list: cert-to-efi-hash-list.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a -lcrypto
|
||||
|
||||
efi-keytool: efi-keytool.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a
|
||||
|
||||
efi-readvar: efi-readvar.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a -lcrypto
|
||||
|
||||
efi-updatevar: efi-updatevar.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a -lcrypto
|
||||
|
||||
flash-var: flash-var.o lib/lib.a
|
||||
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
|
||||
+ $(CC) $(ARCH3264) -o $@ $< $(CFLAGS) $(LDFLAGS) lib/lib.a
|
||||
|
||||
clean:
|
||||
rm -f PK.* KEK.* DB.* $(EFIFILES) $(EFISIGNED) $(BINARIES) *.o *.so
|
||||
|
|
@ -0,0 +1,81 @@
|
|||
diff --git a/Make.rules b/Make.rules
|
||||
index 489ad8c..ac46165 100644
|
||||
--- a/Make.rules
|
||||
+++ b/Make.rules
|
||||
@@ -14,9 +14,9 @@ else
|
||||
$(error unknown architecture $(ARCH))
|
||||
endif
|
||||
INCDIR = -I$(TOPDIR)include/ -I/usr/include/efi -I/usr/include/efi/$(ARCH) -I/usr/include/efi/protocol
|
||||
-CPPFLAGS = -DCONFIG_$(ARCH)
|
||||
-CFLAGS = -O2 -g $(ARCH3264) -fpic -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants -fno-stack-protector -ffreestanding -fno-stack-check
|
||||
-LDFLAGS = -nostdlib
|
||||
+EFI_CPPFLAGS = -DCONFIG_$(ARCH)
|
||||
+EFI_CFLAGS = -O2 -g $(ARCH3264) -fpic -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants -fno-stack-protector -ffreestanding -fno-stack-check
|
||||
+EFI_LDFLAGS = -nostdlib
|
||||
CRTOBJ = crt0-efi-$(ARCH).o
|
||||
CRTPATHS = /lib /lib64 /lib/efi /lib64/efi /usr/lib /usr/lib64 /usr/lib/efi /usr/lib64/efi /usr/lib/gnuefi /usr/lib64/gnuefi
|
||||
CRTPATH = $(shell for f in $(CRTPATHS); do if [ -e $$f/$(CRTOBJ) ]; then echo $$f; break; fi; done)
|
||||
@@ -24,7 +24,7 @@ CRTOBJS = $(CRTPATH)/$(CRTOBJ)
|
||||
# there's a bug in the gnu tools ... the .reloc section has to be
|
||||
# aligned otherwise the file alignment gets screwed up
|
||||
LDSCRIPT = elf_$(ARCH)_efi.lds
|
||||
-LDFLAGS += -shared -Bsymbolic $(CRTOBJS) -L $(CRTPATH) -L /usr/lib -L /usr/lib64 -T $(LDSCRIPT)
|
||||
+EFI_LDFLAGS += -shared -Bsymbolic $(CRTOBJS) -L $(CRTPATH) -L /usr/lib -L /usr/lib64 -T $(LDSCRIPT)
|
||||
LOADLIBES = -lefi -lgnuefi $(shell $(CC) $(ARCH3264) -print-libgcc-file-name)
|
||||
FORMAT = --target=efi-app-$(ARCH)
|
||||
OBJCOPY = objcopy
|
||||
@@ -36,23 +36,23 @@ EFIDIR = $(DESTDIR)/usr/share/efitools/efi
|
||||
DOCDIR = $(DESTDIR)/usr/share/efitools
|
||||
|
||||
# globally use EFI calling conventions (requires gcc >= 4.7)
|
||||
-CFLAGS += -DGNU_EFI_USE_MS_ABI
|
||||
+EFI_CFLAGS += -DGNU_EFI_USE_MS_ABI
|
||||
|
||||
ifeq ($(ARCH),x86_64)
|
||||
- CFLAGS += -DEFI_FUNCTION_WRAPPER -mno-red-zone
|
||||
+ EFI_CFLAGS += -DEFI_FUNCTION_WRAPPER -mno-red-zone
|
||||
endif
|
||||
|
||||
ifeq ($(ARCH),ia32)
|
||||
- CFLAGS += -mno-red-zone
|
||||
+ EFI_CFLAGS += -mno-red-zone
|
||||
endif
|
||||
|
||||
ifeq ($(ARCH),arm)
|
||||
- LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a
|
||||
+ EFI_LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a
|
||||
FORMAT = -O binary
|
||||
endif
|
||||
|
||||
ifeq ($(ARCH),aarch64)
|
||||
- LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a
|
||||
+ EFI_LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a
|
||||
FORMAT = -O binary
|
||||
endif
|
||||
|
||||
@@ -61,7 +61,7 @@ endif
|
||||
-j .rel -j .rela -j .rel.* -j .rela.* -j .rel* -j .rela* \
|
||||
-j .reloc $(FORMAT) $*.so $@
|
||||
%.so: %.o
|
||||
- $(LD) $(LDFLAGS) $^ -o $@ $(LOADLIBES)
|
||||
+ $(LD) $(EFI_LDFLAGS) $^ -o $@ $(LOADLIBES)
|
||||
# check we have no undefined symbols
|
||||
nm -D $@ | grep ' U ' && exit 1 || exit 0
|
||||
|
||||
@@ -99,13 +99,13 @@ getvar = $(shell if [ "$(1)" = "PK" -o "$(1)" = "KEK" ]; then echo $(1); else ec
|
||||
./sign-efi-sig-list -a -c PK.crt -k PK.key dbx $< $@
|
||||
|
||||
%.o: %.c
|
||||
- $(CC) $(INCDIR) $(CFLAGS) $(CPPFLAGS) -c $< -o $@
|
||||
+ $(CC) $(INCDIR) $(EFI_CFLAGS) $(EFI_CPPFLAGS) -c $< -o $@
|
||||
|
||||
%.efi.o: %.c
|
||||
- $(CC) $(INCDIR) $(CFLAGS) $(CPPFLAGS) -fno-toplevel-reorder -DBUILD_EFI -c $< -o $@
|
||||
+ $(CC) $(INCDIR) $(EFI_CFLAGS) $(EFI_CPPFLAGS) -fno-toplevel-reorder -DBUILD_EFI -c $< -o $@
|
||||
|
||||
%.efi.s: %.c
|
||||
- $(CC) -S $(INCDIR) $(CFLAGS) $(CPPFLAGS) -fno-toplevel-reorder -DBUILD_EFI -c $< -o $@
|
||||
+ $(CC) -S $(INCDIR) $(EFI_CFLAGS) $(EFI_CPPFLAGS) -fno-toplevel-reorder -DBUILD_EFI -c $< -o $@
|
||||
|
||||
%.crt:
|
||||
openssl req -new -x509 -newkey rsa:2048 -subj "/CN=$*/" -keyout $*.key -out $@ -days 3650 -nodes -sha256
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
diff --git a/Makefile b/Makefile
|
||||
index 7d471da..30e236b 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -1,4 +1,4 @@
|
||||
-EFIFILES = HelloWorld.efi LockDown.efi Loader.efi ReadVars.efi UpdateVars.efi \
|
||||
+EFIFILES = HelloWorld.efi Loader.efi ReadVars.efi UpdateVars.efi \
|
||||
KeyTool.efi HashTool.efi SetNull.efi ShimReplace.efi
|
||||
BINARIES = cert-to-efi-sig-list sig-list-to-certs sign-efi-sig-list \
|
||||
hash-to-efi-sig-list efi-readvar efi-updatevar cert-to-efi-hash-list \
|
||||
@@ -27,20 +27,14 @@ include Make.rules
|
||||
|
||||
EFISIGNED = $(patsubst %.efi,%-signed.efi,$(EFIFILES))
|
||||
|
||||
-all: $(EFISIGNED) $(BINARIES) $(MANPAGES) noPK.auth $(KEYAUTH) \
|
||||
- $(KEYUPDATEAUTH) $(KEYBLACKLISTAUTH) $(KEYHASHBLACKLISTAUTH)
|
||||
-
|
||||
+all: $(EFIFILES) $(BINARIES)
|
||||
|
||||
install: all
|
||||
- $(INSTALL) -m 755 -d $(MANDIR)
|
||||
- $(INSTALL) -m 644 $(MANPAGES) $(MANDIR)
|
||||
$(INSTALL) -m 755 -d $(EFIDIR)
|
||||
$(INSTALL) -m 755 $(EFIFILES) $(EFIDIR)
|
||||
$(INSTALL) -m 755 -d $(BINDIR)
|
||||
$(INSTALL) -m 755 $(BINARIES) $(BINDIR)
|
||||
$(INSTALL) -m 755 mkusb.sh $(BINDIR)/efitool-mkusb
|
||||
- $(INSTALL) -m 755 -d $(DOCDIR)
|
||||
- $(INSTALL) -m 644 README COPYING $(DOCDIR)
|
||||
|
||||
lib/lib.a lib/lib-efi.a: FORCE
|
||||
$(MAKE) -C lib $(notdir $@)
|
||||
43
srcpkgs/efitools/template
Normal file
43
srcpkgs/efitools/template
Normal file
|
|
@ -0,0 +1,43 @@
|
|||
# Template file for 'efitools'
|
||||
pkgname=efitools
|
||||
version=1.9.2
|
||||
revision=1
|
||||
build_style=gnu-makefile
|
||||
hostmakedepends="perl-File-Slurp"
|
||||
makedepends="gnu-efi-libs libressl-devel"
|
||||
short_desc="Tools to manipulate EFI secure boot platforms"
|
||||
maintainer="Doan Tran Cong Danh <congdanhqx@gmail.com>"
|
||||
license="GPL-2.0-only"
|
||||
homepage="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git"
|
||||
distfiles="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git/snapshot/${pkgname}-${version}.tar.gz"
|
||||
checksum=0f315b36e7d1ba74bfc97ab9f304f0a3072c47578bbe5e42594acae381f9acfe
|
||||
patch_args="-Nup1"
|
||||
|
||||
post_patch() {
|
||||
[ ! "$CROSS_BUILD" ] && return
|
||||
|
||||
case "${XBPS_TARGET_MACHINE}" in
|
||||
arm*) _ARCH=arm ;;
|
||||
i686*) _ARCH=ia32 ;;
|
||||
*) _ARCH="${XBPS_TARGET_MACHINE%-musl}" ;;
|
||||
esac
|
||||
# 1: correct target arch
|
||||
# 2,3,4: include and lib inside sysroot
|
||||
# 5: use cross-objcopy
|
||||
sed -i -e "/^ARCH[[:space:]]*=/s/=.*/=${_ARCH}/" \
|
||||
-e "s,^\(CRTPATH.*=\).*,\1${XBPS_CROSS_BASE}/usr/lib," \
|
||||
-e "/^INCDIR/s,I\(/usr/include\),I${XBPS_CROSS_BASE}\1,g" \
|
||||
-e "s,-L /usr/lib,-L ${XBPS_CROSS_BASE}/usr/lib,g" \
|
||||
-e "/^OBJCOPY/d" \
|
||||
Make.rules
|
||||
}
|
||||
|
||||
efitools-efi_package() {
|
||||
short_desc+=" - bare metal tools"
|
||||
nostrip=yes
|
||||
noverifyrdeps=yes
|
||||
noshlibprovides=yes
|
||||
pkg_install() {
|
||||
vmove usr/share/efitools
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue