Build OVMF
Summary
Currently we rely on the hosts's QEMU + OVMF when running a carbonOS VM. Instead we should build our own
Reasoning
We should use our own tooling wherever possible
Prior Art
Unfinished patch:
commit 7490a01e3afe815371f652c82b06122792c7c217
Author: Adrian Vovk <adrianvovk@gmail.com>
Date: Fri Jun 9 18:40:58 2023 -0400
WIP! Package our own OVMF
TODO:
- As far as I can tell, I'm doing this fine. BUT, the build
isn't working for some reason :shrug:
diff --git a/elements/pkgs/acpica-tools.bst b/elements/pkgs/acpica-tools.bst
new file mode 100644
index 0000000..90f643f
--- /dev/null
+++ b/elements/pkgs/acpica-tools.bst
@@ -0,0 +1,14 @@
+kind: make
+
+sources:
+- kind: git_tag
+ url: github:acpica/acpica
+ track: R03_31_23
+# Format: RMM_DD_YY
+# release-monitoring: 18
+
+environment:
+ NOWERROR: "TRUE"
+
+build-depends:
+- buildsystems/autotools.bst
diff --git a/elements/pkgs/ovmf.bst b/elements/pkgs/ovmf.bst
new file mode 100644
index 0000000..7553c80
--- /dev/null
+++ b/elements/pkgs/ovmf.bst
@@ -0,0 +1,45 @@
+kind: manual
+
+sources:
+- kind: git_tag
+ url: github:tianocore/edk2.git
+ track: edk2-stable202305
+# release-monitoring: 125953
+
+build-depends:
+- pkgs/util-linux.bst
+- pkgs/python/all.bst
+- pkgs/acpica-tools.bst
+- pkgs/nasm.bst
+- pkgs/python/virt-firmware.bst # This is here so we can later inject certs using a bst shell
+- buildsystems/autotools.bst
+
+variables:
+ build-args: >-
+ -n $MAXJOBS
+ -b RELEASE
+ -t GCC5
+ -p %{platform}
+ -D TPM2_ENABLE
+ -D TPM2_CONFIG_ENABLE
+ -D SECURE_BOOT_ENABLE
+ -D NETWORK_ENABLE=FALSE
+ -D EXCLUDE_SHELL_FROM_FD
+ %{arch-args}
+
+ arch-args: --arch=X64 -D SMM_REQUIRE
+ platform: OvmfPkg/OvmfPkgX64.dsc
+ build-dir: Build/Ovmf64/RELEASE_GCC5
+ code: "%{build-dir}/FV/OVMF_CODE.fd"
+ vars: "%{build-dir}/FV/OVMF_VARS.fd"
+
+config:
+ build-commands:
+ - |
+ source ./edksetup.sh
+ make -C BaseTools/ -j${MAXJOBS}
+ OvmfPkg/build.sh %{build-args}
+
+ install-commands:
+ - install -Dm644 %{code} %{install-root}/ovmf-code.fd
+ - install -Dm644 %{vars} %{install-root}/ovmf-vars.fd
diff --git a/elements/pkgs/python/virt-firmware.bst b/elements/pkgs/python/virt-firmware.bst
new file mode 100644
index 0000000..cd25572
--- /dev/null
+++ b/elements/pkgs/python/virt-firmware.bst
@@ -0,0 +1,12 @@
+kind: pip
+
+sources:
+- kind: pypi
+ name: virt-firmware
+
+depends:
+- pkgs/python/all.bst
+
+build-depends:
+- pkgs/python/wheel.bst
+- buildsystems/base.bst
diff --git a/project.refs b/project.refs
index 6f1bbba..6ea3b81 100644
--- a/project.refs
+++ b/project.refs
@@ -3171,3 +3171,12 @@ projects:
- ref: v0.9.5-0-g9cfca9fe7aa7a8e29b92fe33ce8433e212c9a8ba
pkgs/linux/sign-file.bst:
- ref: v6.3.6-0-gabfd9cf1c3d4d143a889b76af835078897e46c55
+ pkgs/python/virt-firmware.bst:
+ - ref:
+ sha256sum: 4939452892d9cfda40c0adccd3b065f7b3b6f7aedaf75d5f021cd9db2a14c5d9
+ suffix:
+ c2/f8/204dc513d2d3f0f3d3aead03600f7db1b763cf02998ad7b35e7ac5ef6849/virt-firmware-23.5.tar.gz
+ pkgs/acpica-tools.bst:
+ - ref: R03_31_23-0-g4578e0e94d945e56547749316691017880c8ee74
+ pkgs/ovmf.bst:
+ - ref: edk2-stable202305-0-gba91d0292e593df8528b66f99c1b0b14fadc8e16