aboutsummaryrefslogtreecommitdiff
path: root/system
diff options
context:
space:
mode:
authorK. Eugene Carlson <kvngncrlsn@gmail.com>2023-05-08 18:31:11 +0100
committerWilly Sudiarto Raharjo <willysr@slackbuilds.org>2023-05-13 19:27:04 +0700
commitfb9ce6116b2f7903fb8ac1182e03b2175ba60711 (patch)
tree004173de7eb518779164fea6c9e23f864b500ae8 /system
parent42cbc93313f836330b445774b284d430893dcf9f (diff)
system/edk2-ovmf: Added (Secure Boot enabled UEFI firmware for Qemu)
Signed-off-by: bedlam <dave@slackbuilds.org> Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
Diffstat (limited to 'system')
-rw-r--r--system/edk2-ovmf/README14
-rw-r--r--system/edk2-ovmf/edk2-ovmf.SlackBuild80
-rw-r--r--system/edk2-ovmf/edk2-ovmf.info12
-rw-r--r--system/edk2-ovmf/slack-desc19
4 files changed, 125 insertions, 0 deletions
diff --git a/system/edk2-ovmf/README b/system/edk2-ovmf/README
new file mode 100644
index 0000000000000..411848ec2b7c4
--- /dev/null
+++ b/system/edk2-ovmf/README
@@ -0,0 +1,14 @@
+edk2-ovmf (Secure Boot enabled UEFI firmware for Qemu)
+
+edk2-ovmf provides Secure Boot enabled 64- and 32-bit UEFI firmware
+that can be used with Qemu, as well as EFI varstores with pre-enrolled
+Secure Boot keys. This allows for running virtual machines with
+operating systems that require Secure Boot, such as Windows 11.
+
+Please note that, according to the TianoCore team, although the firmware
+is sufficient to run virtual machines, it does not provide the full
+protective capabilities of Secure Boot. See the whitepaper in the doc
+directory for details.
+
+Qemu needs to connect to TPM v2 in order to run Windows 11; see swtpm
+on SBo.
diff --git a/system/edk2-ovmf/edk2-ovmf.SlackBuild b/system/edk2-ovmf/edk2-ovmf.SlackBuild
new file mode 100644
index 0000000000000..ebdb7ed8665d3
--- /dev/null
+++ b/system/edk2-ovmf/edk2-ovmf.SlackBuild
@@ -0,0 +1,80 @@
+#!/bin/bash
+#
+# Slackware build script for edk2-ovmf
+#
+# Copyright 2023 K. Eugene Carlson Tsukuba, Japan
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+cd $(dirname $0) ; CWD=$(pwd)
+
+PRGNAM=edk2-ovmf
+VERSION=${VERSION:-20230301}
+FEDVER=${FEDVER:-f80f052277c8-3.fc38}
+BUILD=${BUILD:-1}
+TAG=${TAG:-_SBo}
+PKGTYPE=${PKGTYPE:-tgz}
+
+ARCH=noarch
+
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+ echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE"
+ exit 0
+fi
+
+TMP=${TMP:-/tmp/SBo}
+PKG=$TMP/package-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+set -e
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PRGNAM-$VERSION
+mkdir $PRGNAM-$VERSION
+cd $PRGNAM-$VERSION
+rpm2cpio $CWD/$PRGNAM-$VERSION\git$FEDVER.noarch.rpm | cpio -idmv
+rpm2cpio $CWD/$PRGNAM-ia32-$VERSION\git$FEDVER.noarch.rpm | cpio -idmv
+chown -R root:root .
+find -L . \
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+ -o -perm 511 \) -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+
+mkdir -p $PKG/usr/share
+cp -r usr/share/edk2/ovmf $PKG/usr/share/edk2-ovmf-x64
+cp -r usr/share/edk2/ovmf-ia32 $PKG/usr/share/edk2-ovmf-ia32
+# Firmware-loading specifications; the files do not conflict with Qemu.
+cp -r usr/share/qemu $PKG/usr/share/qemu
+
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+cp usr/share/licenses/edk2-ovmf/* $PKG/usr/doc/$PRGNAM-$VERSION
+cp usr/share/doc/edk2-ovmf/* $PKG/usr/doc/$PRGNAM-$VERSION
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE
diff --git a/system/edk2-ovmf/edk2-ovmf.info b/system/edk2-ovmf/edk2-ovmf.info
new file mode 100644
index 0000000000000..d79ade9ab67d9
--- /dev/null
+++ b/system/edk2-ovmf/edk2-ovmf.info
@@ -0,0 +1,12 @@
+PRGNAM="edk2-ovmf"
+VERSION="20230301"
+HOMEPAGE="https://github.com/tianocore/tianocore.github.io/wiki/OVMF"
+DOWNLOAD="https://kojipkgs.fedoraproject.org/packages/edk2/20230301gitf80f052277c8/3.fc38/noarch/edk2-ovmf-20230301gitf80f052277c8-3.fc38.noarch.rpm \
+ https://kojipkgs.fedoraproject.org/packages/edk2/20230301gitf80f052277c8/3.fc38/noarch/edk2-ovmf-ia32-20230301gitf80f052277c8-3.fc38.noarch.rpm"
+MD5SUM="bc7312f98d395f0d929340d537c7c1a6 \
+ 9571e5e6153807ee089bc7bae6d806e9"
+DOWNLOAD_x86_64=""
+MD5SUM_x86_64=""
+REQUIRES=""
+MAINTAINER="K. Eugene Carlson"
+EMAIL="kvngncrlsn@gmail.com"
diff --git a/system/edk2-ovmf/slack-desc b/system/edk2-ovmf/slack-desc
new file mode 100644
index 0000000000000..51fff72ba3faa
--- /dev/null
+++ b/system/edk2-ovmf/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.
+# Line up the first '|' above the ':' following the base package name, and
+# the '|' on the right side marks the last column you can put a character in.
+# You must make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+ |-----handy-ruler------------------------------------------------------|
+edk2-ovmf: edk2-ovmf (Secure Boot enabled UEFI firmware for Qemu)
+edk2-ovmf:
+edk2-ovmf: edk2-ovmf provides Secure Boot enabled UEFI firmware that can be used
+edk2-ovmf: with Qemu.
+edk2-ovmf:
+edk2-ovmf:
+edk2-ovmf:
+edk2-ovmf:
+edk2-ovmf:
+edk2-ovmf:
+edk2-ovmf: Homepage: http://www.tianocore.org/ovmf/