sys-firmware/edk2-ovmf-bin: Drop in favour of edk2-bin, bump to 202408

Gentoo has moved this package so that it can support multiple platforms.
The newer version is needed for Secure Boot support on arm64. This is
newer than the version that QEMU is currently pinned to so unpin it via
the USE flag.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>

.github/workflows/portage-stable-packages-list

@@ -624,7 +624,7 @@ sys-devel/gnuconfig
 sys-devel/m4
 sys-devel/patch
 
-sys-firmware/edk2-ovmf-bin
+sys-firmware/edk2-bin
 sys-firmware/intel-microcode
 sys-firmware/ipxe
 sys-firmware/seabios-bin

sdk_container/src/third_party/coreos-overlay/coreos-devel/sdk-depends/sdk-depends-0.0.1.ebuild

@@ -43,7 +43,7 @@ DEPEND="
 	sys-apps/seismograph
 	sys-boot/grub
 	amd64? ( sys-boot/shim )
-	sys-firmware/edk2-ovmf-bin
+	sys-firmware/edk2-bin
 	sys-fs/btrfs-progs
 	sys-fs/cryptsetup
 	dev-perl/Parse-Yapp

sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords

@@ -135,6 +135,11 @@ dev-util/catalyst ~amd64 ~arm64
 # Keep versions on both arches in sync.
 =sys-devel/binutils-config-5.5.2 ~arm64
 =sys-devel/gettext-0.22.5 ~arm64
+
+# Needed in SDK for Secure Boot on arm64.
+=sys-firmware/edk2-bin-202408 ~amd64 ~arm64
+
+# Keep versions on both arches in sync.
 =sys-fs/btrfs-progs-6.10.1 ~arm64
 =sys-fs/quota-4.09-r1 ~arm64
 =sys-libs/cracklib-2.10.2 ~arm64

sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/sdk/package.use

@@ -29,5 +29,8 @@ sys-libs/zlib static-libs
 virtual/jpeg static-libs
 x11-libs/pixman static-libs
 
+# Get latest EDK2 firmware for Secure Boot on arm64.
+app-emulation/qemu -pin-upstream-blobs
+
 # Enable gssapi for SDK
 net-dns/bind-tools           gssapi

sdk_container/src/third_party/portage-stable/sys-firmware/edk2-ovmf-bin/Manifest

@@ -1 +0,0 @@
-DIST edk2-ovmf-202202-1.xpak 2672386 BLAKE2B 75c15d4379610ab2af85b78166e350d52f4f1bc1fff5b2eb693ad0d7b1f6648e65d8ae3e2c5467f93f1557ad3b4fa664ab2d76ff10794667de22c2ea8cca6b2d SHA512 06783b89c96bada0fd025ff39eaee501a027abcb03c0bdcf3ff497d52be22927ab03013d90f145ee94a8662cfffe4f8c154dcd06db1bb1acef8a85ae43de14a3

sdk_container/src/third_party/portage-stable/sys-firmware/edk2-ovmf-bin/edk2-ovmf-bin-202202.ebuild

@@ -1,71 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit readme.gentoo-r1 secureboot
-
-BINPKG="${P/-bin/}-1"
-
-DESCRIPTION="UEFI firmware for 64-bit x86 virtual machines"
-HOMEPAGE="https://github.com/tianocore/edk2"
-SRC_URI="https://dev.gentoo.org/~ajak/distfiles/${BINPKG}.xpak"
-S="${WORKDIR}"
-
-# TODO: the binary 202105 package currently lacks the preseeded
-#       OVMF_VARS.secboot.fd file (that we typically get from fedora)
-
-LICENSE="BSD-2 MIT"
-SLOT="0"
-KEYWORDS="amd64 arm64 ~loong ~ppc ppc64 ~riscv x86"
-
-RDEPEND="!sys-firmware/edk2-ovmf"
-
-DISABLE_AUTOFORMATTING=true
-DOC_CONTENTS="This package contains the tianocore edk2 UEFI firmware for 64-bit x86
-virtual machines. The firmware is located under
-	/usr/share/edk2-ovmf/OVMF_CODE.fd
-	/usr/share/edk2-ovmf/OVMF_VARS.fd
-	/usr/share/edk2-ovmf/OVMF_CODE.secboot.fd
-
-If USE=binary is enabled, we also install an OVMF variables file (coming from
-fedora) that contains secureboot default keys
-
-	/usr/share/edk2-ovmf/OVMF_VARS.secboot.fd
-
-If you have compiled this package by hand, you need to either populate all
-necessary EFI variables by hand by booting
-	/usr/share/edk2-ovmf/UefiShell.(iso|img)
-or creating OVMF_VARS.secboot.fd by hand:
-	https://github.com/puiterwijk/qemu-ovmf-secureboot
-
-The firmware does not support csm (due to no free csm implementation
-available). If you need a firmware with csm support you have to download
-one for yourself. Firmware blobs are commonly labeled
-	OVMF{,_CODE,_VARS}-with-csm.fd
-
-In order to use the firmware you can run qemu the following way
-
-	$ qemu-system-x86_64 \
-		-drive file=/usr/share/edk2-ovmf/OVMF.fd,if=pflash,format=raw,unit=0,readonly=on \
-		..."
-
-src_unpack() {
-	tar -xf - < <(xz -c -d --single-stream "${DISTDIR}/${BINPKG}.xpak") || die "unpacking binpkg failed"
-}
-
-src_install() {
-	mv "usr/share/doc/${P/-bin/}" "usr/share/doc/${PF}" || die
-
-	# Don't want to try to install the readme from the source package
-	rm "usr/share/doc/${PF}/README.gentoo.bz2"
-	mv usr "${ED}" || die
-
-	secureboot_auto_sign --in-place
-
-	readme.gentoo_create_doc
-}
-
-pkg_postinst() {
-	readme.gentoo_print_elog
-}

sdk_container/src/third_party/portage-stable/sys-firmware/edk2-ovmf-bin/metadata.xml

@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
-	<maintainer type="project">
-		<email>virtualization@gentoo.org</email>
-		<name>Gentoo Virtualization Project</name>
-	</maintainer>
-	<upstream>
-		<remote-id type="cpe">cpe:/a:tianocore:edk2</remote-id>
-	</upstream>
-</pkgmetadata>