mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-05-04 19:56:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

app-crypt/efitools: Sync with Gentoo

Browse Source 
It's from Gentoo commit ae1e332058fc483a5d8d7804d34f369f4566638e.
This commit is contained in:
Krzesimir Nowak 2023-12-07 16:31:36 +01:00
parent d17611cd09
commit 4a91665cb9
7 changed files with 253 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sdk_container/src/third_party/portage-stable/app-crypt/efitools/Manifest vendored
View File

@ -1,2 +1 @@
DIST efitools-1.8.1.tar.gz 115319 BLAKE2B 3aad65defc203055122027cc3a48f50912d2f08b592841780fdc1bf337d75774116e698c4270865275ce7fe64988cd84105138ca979d81818f0065d7ae90f1d0 SHA512 114ef8e52160f5a5239ec306dbd587610849bce771ba8145ed092afd79e44f3ecee93cc1d97e2d5fdb880cc825bbbe928b3ef6701fd3b1fa444053894be1098a
DIST efitools-1.9.2.tar.gz 116037 BLAKE2B b3540932eb112e362fd0eed47090360603807dcaec8c6a10058618f8252eeb5dcbbd703d313cb6fadae62c1312815080cf2c77fc86f9dfc9f9afca24ad97f584 SHA512 77e0ad7e865814ed388ff6daabe0f4b49ba51672bf2cbb98b7905e209cbd28f9ede2f73213ce45af8a978c1e67dba24ec88a1188661317cc22317b47e575cde8

51
sdk_container/src/third_party/portage-stable/app-crypt/efitools/efitools-1.8.1.ebuild vendored
View File

@ -1,51 +0,0 @@
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
inherit flag-o-matic toolchain-funcs
DESCRIPTION="Tools for manipulating UEFI secure boot platforms"
HOMEPAGE="https://git.kernel.org/cgit/linux/kernel/git/jejb/efitools.git"
SRC_URI="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git/snapshot/${P}.tar.gz"
LICENSE="GPL-2 LGPL-2.1"
SLOT="0"
KEYWORDS="~amd64 ~arm64 ~x86"
IUSE="static"
LIB_DEPEND="dev-libs/openssl:0=[static-libs(+)]"
RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )
sys-apps/util-linux"
DEPEND="${RDEPEND}
app-crypt/sbsigntools
dev-perl/File-Slurp
static? ( ${LIB_DEPEND} )
sys-apps/help2man
sys-boot/gnu-efi
virtual/pkgconfig"
PATCHES=(
"${FILESDIR}/1.7.0-Make.rules.patch"
"${FILESDIR}/1.8.1-respect-ar.patch"
)
src_prepare() {
if use static; then
append-ldflags -static
sed -i "s/-lcrypto\b/$($(tc-getPKG_CONFIG) --static --libs libcrypto)/g" \
Makefile || die
fi
# Respect users CFLAGS
sed -i -e 's/CFLAGS.*= -O2 -g/CFLAGS += /' Make.rules || die
# Respect users LDFLAGS
sed -i -e 's/LDFLAGS/LIBS/g' Make.rules || die
sed -i -e 's/\$(CC)/& $(LDFLAGS)/g' Makefile || die
# Run 'default', to apply user patches
default
}

48
sdk_container/src/third_party/portage-stable/app-crypt/efitools/efitools-1.9.2.ebuild → sdk_container/src/third_party/portage-stable/app-crypt/efitools/efitools-1.9.2-r1.ebuild vendored
View File

@ -1,7 +1,7 @@
# Copyright 1999-2021 Gentoo Authors
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
EAPI=8
inherit flag-o-matic toolchain-funcs
@ -14,43 +14,43 @@ SLOT="0"
KEYWORDS="amd64 ~arm64 x86"
IUSE="static"
LIB_DEPEND="dev-libs/openssl:0=[static-libs(+)]"
LIB_DEPEND="dev-libs/openssl:=[static-libs(+)]"
RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )
RDEPEND="
!static? ( ${LIB_DEPEND//\[static-libs(+)]} )
sys-apps/util-linux"
DEPEND="${RDEPEND}
static? ( ${LIB_DEPEND} )
sys-boot/gnu-efi"
BDEPEND="
app-crypt/sbsigntools
dev-perl/File-Slurp
static? ( ${LIB_DEPEND} )
sys-apps/help2man
sys-boot/gnu-efi
virtual/pkgconfig"
PATCHES=(
"${FILESDIR}/1.7.0-Make.rules.patch"
"${FILESDIR}/1.8.1-respect-ar.patch"
"${FILESDIR}"/1.9.2-clang16.patch
"${FILESDIR}"/1.9.2-Makefile.patch
)
src_prepare() {
if use static; then
append-ldflags -static
sed -i "s/-lcrypto\b/$($(tc-getPKG_CONFIG) --static --libs libcrypto)/g" \
Makefile || die
fi
default
# Let it build with clang.
# Let it build with clang
if tc-is-clang; then
sed -i -e 's/-fno-toplevel-reorder//g' Make.rules || die
fi
# Respect users CFLAGS
sed -i -e 's/CFLAGS.*= -O2 -g/CFLAGS += /' Make.rules || die
# Respect users LDFLAGS
sed -i -e 's/LDFLAGS/LIBS/g' Make.rules || die
sed -i -e 's/\$(CC)/& $(LDFLAGS)/g' Makefile || die
# Run 'default', to apply user patches
default
if use static; then
append-ldflags -static
export STATIC_FLAG=--static
fi
}
src_configure() {
# Calls LD directly, doesn't respect LDFLAGS. Low level package anyway.
# See bug #908813.
filter-lto
tc-export AR CC LD NM OBJCOPY PKG_CONFIG
}

11
sdk_container/src/third_party/portage-stable/app-crypt/efitools/files/1.7.0-Make.rules.patch vendored
View File

@ -1,11 +0,0 @@
--- a/Make.rules
+++ b/Make.rules
@@ -71,7 +71,7 @@
%.hash: %.efi hash-to-efi-sig-list
./hash-to-efi-sig-list $< $@
-%-blacklist.esl: %.crt cert-to-efi-hash-list
+%-blacklist.esl: %.crt cert-to-efi-sig-list
./cert-to-efi-sig-list $< $@
%-hash-blacklist.esl: %.crt cert-to-efi-hash-list

25
sdk_container/src/third_party/portage-stable/app-crypt/efitools/files/1.8.1-respect-ar.patch vendored
View File

@ -1,25 +0,0 @@
From 81503d7a43b99c036758d05c1794502c09189fa4 Mon Sep 17 00:00:00 2001
From: Matthias Maier <tamiko@43-1.org>
Date: Tue, 5 Oct 2021 22:27:52 -0500
Subject: [PATCH] Do not use ar directly
---
Make.rules | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Make.rules b/Make.rules
index e46d407..767070d 100644
--- a/Make.rules
+++ b/Make.rules
@@ -129,7 +129,7 @@ getvar = $(shell if [ "$(1)" = "PK" -o "$(1)" = "KEK" ]; then echo $(1); else ec
# sbsign --key KEK.key --cert KEK.crt --output $@ $<
%.a:
- ar rcv $@ $^
+ $(AR) rcv $@ $^
doc/%.1: doc/%.1.in %
$(HELP2MAN) --no-info -i $< -o $@ ./$*
--
2.32.0

121
sdk_container/src/third_party/portage-stable/app-crypt/efitools/files/1.9.2-Makefile.patch vendored Normal file
View File

@ -0,0 +1,121 @@
--- a/Makefile
+++ b/Makefile
@@ -21,6 +21,8 @@
KEYBLACKLISTAUTH = $(ALLKEYS:=-blacklist.auth)
KEYHASHBLACKLISTAUTH = $(ALLKEYS:=-hash-blacklist.auth)
+SSL_LIBS = $(shell $(PKG_CONFIG) $(STATIC_FLAG) --libs libcrypto)
+
export TOPDIR := $(shell pwd)/
include Make.rules
@@ -88,31 +90,31 @@
ShimReplace.so: lib/lib-efi.a
cert-to-efi-sig-list: cert-to-efi-sig-list.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
sig-list-to-certs: sig-list-to-certs.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
sign-efi-sig-list: sign-efi-sig-list.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
hash-to-efi-sig-list: hash-to-efi-sig-list.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a
cert-to-efi-hash-list: cert-to-efi-hash-list.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
efi-keytool: efi-keytool.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a
efi-readvar: efi-readvar.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
efi-updatevar: efi-updatevar.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
flash-var: flash-var.o lib/lib.a
- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
+ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a
clean:
rm -f PK.* KEK.* DB.* $(EFIFILES) $(EFISIGNED) $(BINARIES) *.o *.so
--- a/Make.rules
+++ b/Make.rules
@@ -15,8 +15,7 @@
endif
INCDIR = -I$(TOPDIR)include/ -I/usr/include/efi -I/usr/include/efi/$(ARCH) -I/usr/include/efi/protocol
CPPFLAGS = -DCONFIG_$(ARCH)
-CFLAGS = -O2 -g $(ARCH3264) -fpic -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants -fno-stack-protector -ffreestanding -fno-stack-check
-LDFLAGS = -nostdlib
+CFLAGS += $(ARCH3264) -fpic -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants -fno-stack-protector -ffreestanding -fno-stack-check
CRTOBJ = crt0-efi-$(ARCH).o
CRTPATHS = /lib /lib64 /lib/efi /lib64/efi /usr/lib /usr/lib64 /usr/lib/efi /usr/lib64/efi /usr/lib/gnuefi /usr/lib64/gnuefi
CRTPATH = $(shell for f in $(CRTPATHS); do if [ -e $$f/$(CRTOBJ) ]; then echo $$f; break; fi; done)
@@ -24,10 +23,9 @@
# there's a bug in the gnu tools ... the .reloc section has to be
# aligned otherwise the file alignment gets screwed up
LDSCRIPT = elf_$(ARCH)_efi.lds
-LDFLAGS += -shared -Bsymbolic $(CRTOBJS) -L $(CRTPATH) -L /usr/lib -L /usr/lib64 -T $(LDSCRIPT)
+LIBS += -nostdlib -shared -Bsymbolic $(CRTOBJS) -L $(CRTPATH) -T $(LDSCRIPT)
LOADLIBES = -lefi -lgnuefi $(shell $(CC) $(ARCH3264) -print-libgcc-file-name)
FORMAT = --target=efi-app-$(ARCH)
-OBJCOPY = objcopy
MYGUID = 11111111-2222-3333-4444-123456789abc
INSTALL = install
BINDIR = $(DESTDIR)/usr/bin
@@ -47,12 +45,12 @@
endif
ifeq ($(ARCH),arm)
- LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a
+ LIBS += --defsym=EFI_SUBSYSTEM=0x0a
FORMAT = -O binary
endif
ifeq ($(ARCH),aarch64)
- LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a
+ LIBS += --defsym=EFI_SUBSYSTEM=0x0a
FORMAT = -O binary
endif
@@ -61,9 +59,9 @@
-j .rel -j .rela -j .rel.* -j .rela.* -j .rel* -j .rela* \
-j .reloc $(FORMAT) $*.so $@
%.so: %.o
- $(LD) $(LDFLAGS) $^ -o $@ $(LOADLIBES)
+ $(LD) $(LIBS) $^ -o $@ $(LOADLIBES)
# check we have no undefined symbols
- nm -D $@ | grep ' U ' && exit 1 || exit 0
+ $(NM) -D $@ | grep ' U ' && exit 1 || exit 0
%.h: %.auth
./xxdi.pl $< > $@
@@ -71,7 +69,7 @@
%.hash: %.efi hash-to-efi-sig-list
./hash-to-efi-sig-list $< $@
-%-blacklist.esl: %.crt cert-to-efi-hash-list
+%-blacklist.esl: %.crt cert-to-efi-sig-list
./cert-to-efi-sig-list $< $@
%-hash-blacklist.esl: %.crt cert-to-efi-hash-list
@@ -129,7 +127,7 @@
# sbsign --key KEK.key --cert KEK.crt --output $@ $<
%.a:
- ar rcv $@ $^
+ $(AR) rcv $@ $^
doc/%.1: doc/%.1.in %
$(HELP2MAN) --no-info -i $< -o $@ ./$*

108
sdk_container/src/third_party/portage-stable/app-crypt/efitools/files/1.9.2-clang16.patch vendored Normal file
View File

@ -0,0 +1,108 @@
--- a/cert-to-efi-sig-list.c
+++ b/cert-to-efi-sig-list.c
@@ -6,7 +6,6 @@
#include <stdint.h>
-#define __STDC_VERSION__ 199901L
#include <efi.h>
#ifdef CONFIG_arm
/* FIXME:
--- a/efi-keytool.c
+++ b/efi-keytool.c
@@ -15,7 +15,6 @@
#include <fcntl.h>
#include <unistd.h>
-#define __STDC_VERSION__ 199901L
#include <efi.h>
#include <kernel_efivars.h>
--- a/efi-readvar.c
+++ b/efi-readvar.c
@@ -17,7 +17,6 @@
#include <openssl/x509.h>
-#define __STDC_VERSION__ 199901L
#include <efi.h>
#include <kernel_efivars.h>
--- a/efi-updatevar.c
+++ b/efi-updatevar.c
@@ -20,7 +20,6 @@
#include <openssl/err.h>
#include <openssl/pem.h>
-#define __STDC_VERSION__ 199901L
#include <efi.h>
#include <kernel_efivars.h>
--- a/flash-var.c
+++ b/flash-var.c
@@ -1,3 +1,5 @@
+#define _XOPEN_SOURCE 700
+
#include <stdlib.h>
#include <stdint.h>
#include <sys/types.h>
@@ -10,7 +12,6 @@
#include <fcntl.h>
#include <unistd.h>
-#define __STDC_VERSION__ 199901L
#include <efi.h>
#include <version.h>
--- a/hash-to-efi-sig-list.c
+++ b/hash-to-efi-sig-list.c
@@ -4,7 +4,6 @@
* see COPYING file
*/
#include <stdint.h>
-#define __STDC_VERSION__ 199901L
#include <efi.h>
#ifdef CONFIG_arm
/* FIXME:
--- a/include/variableformat.h
+++ b/include/variableformat.h
@@ -109,7 +109,7 @@
#pragma pack()
-inline BOOLEAN
+static inline BOOLEAN
IsValidVariableHeader (VARIABLE_HEADER *vh) {
if (vh == NULL || vh->StartId != VARIABLE_DATA)
return FALSE;
--- a/lib/kernel_efivars.c
+++ b/lib/kernel_efivars.c
@@ -16,7 +16,6 @@
#include <unistd.h>
#include <time.h>
-#define __STDC_VERSION__ 199901L
#include <efi.h>
#include <kernel_efivars.h>
--- a/sig-list-to-certs.c
+++ b/sig-list-to-certs.c
@@ -4,7 +4,6 @@
* see COPYING file
*/
#include <stdint.h>
-#define __STDC_VERSION__ 199901L
#include <efi.h>
#ifdef CONFIG_arm
/* FIXME:
--- a/sign-efi-sig-list.c
+++ b/sign-efi-sig-list.c
@@ -4,7 +4,7 @@
* see COPYING file
*/
#include <stdint.h>
-#define __STDC_VERSION__ 199901L
+#define _XOPEN_SOURCE 700
#include <efi.h>
#ifdef CONFIG_arm
/* FIXME: