[gentoo-commits] repo/gentoo:master commit in: sys-firmware/edk2-ovmf/

["Matthias Maier" <tamiko@gentoo.org>]

commit:     dee51fb9e273c98d521b6d7083030f89d8c13ad5
Author:     Matthias Maier <tamiko <AT> gentoo <DOT> org>
AuthorDate: Mon Jan  3 23:51:34 2022 +0000
Commit:     Matthias Maier <tamiko <AT> gentoo <DOT> org>
CommitDate: Tue Jan  4 00:02:11 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dee51fb9

sys-firmware/edk2-ovmf: clean up vulnerable

Bug: https://bugs.gentoo.org/797232
Bug: https://bugs.gentoo.org/797703
Package-Manager: Portage-3.0.30, Repoman-3.0.3
Signed-off-by: Matthias Maier <tamiko <AT> gentoo.org>

 sys-firmware/edk2-ovmf/Manifest                |   3 -
 sys-firmware/edk2-ovmf/edk2-ovmf-202008.ebuild | 186 -------------------------
 2 files changed, 189 deletions(-)

diff --git a/sys-firmware/edk2-ovmf/Manifest b/sys-firmware/edk2-ovmf/Manifest
index 82d355e9d92e..109f312f8e6e 100644
--- a/sys-firmware/edk2-ovmf/Manifest
+++ b/sys-firmware/edk2-ovmf/Manifest
@@ -1,7 +1,4 @@
 DIST brotli-666c3280cc11dc433c303d79a83d4ffbdd12cc8d.tar.gz 23855739 BLAKE2B 7406ec5b29ac66afbcd7c1376bb3208f298d19b6592b2869c52173aa64947d58bd443f9a61c67deaf046be910a0e31c0b843e5508e97e0e1f5e7bce100d86904 SHA512 df8e90562c4fd7f0e787949df6bc4f5a165b39bd333f442d27874fe65640fbba268f9350d7113e6761a5acceb66d78e75f1a296e5a89b94574edf28109cdc812
-DIST edk2-ovmf-202008-bin.tar.xz 3486024 BLAKE2B 8283db554ad7024e3a55b62ed0a560ed9f729d728f1dee3806814b1eb8d89dabc4fd70433f7f77656b65d9af7919d036074a53a95190a1aa8b65ab7d73495ffc SHA512 d0c8b249a7a2124e8bb63a4358466e86a3a837e76586565dd4762351998d8561374eabb8a1303dbf71ac269c15552d9e8cff71d65bc6fe8a3a81fb4fb032e0d8
-DIST edk2-ovmf-202008-qemu-firmware.tar.xz 680 BLAKE2B 176f8e94a3f605acc72850634cbf155619490f5998125521a392a8e9c7d2b78841b841f0cb5ea860f14645b124cf1921256bbe46960efbe3401805d89bbfbed6 SHA512 b72f248ab4d49503c3e8e686e22beb77f0e48d2c6c9523f389f20504e0c30fa11fa0fcb5607d7d5bb1ba2433894fa458864c5761335e39de4b2a40b01203f043
-DIST edk2-ovmf-202008.tar.gz 13172590 BLAKE2B 10acf77d0e70e21ca425ea41c0062f8cebe2cc607b93a2a253bcd87cea1546e791776a34d43fbf4f1040f4fc32e3ee413d44873d0f00b9e523816519cfed634e SHA512 c32340104f27b9b85f79e934cc9eeb739d47b01e13975c88f39b053e9bc5a1ecfe579ab3b63fc7747cc328e104b337b53d41deb4470c3f20dbbd5552173a4666
 DIST edk2-ovmf-202105-qemu-firmware.tar.xz 672 BLAKE2B e87845a84c83f65db836fd054c81a4f3062d5e0fcc51aa0ecf9c2d23c8741f218d38ef737d140f5935ce8d9c34508e5f3b9f54bf9c547a391fa63cdc2ecf1233 SHA512 6100502f26db26e407dacce57c96b1abfd372bcb31767a068332afa09ac435a092fd2a73db27670d27c6e927c26e88315346bbac70578571108434b9683bd00c
 DIST edk2-ovmf-202105-r1-bin.tar.xz 2633188 BLAKE2B 93b4bd1c75da69406b5d27ac32d8b7c63dc8248bcd5d54832e520a4b009be4b7f215eb7d489ecb7cb16d31e02452dfa06b8fa709f37c44e59b4ff70a550076c7 SHA512 356c2110abce43da9c0654324e222cbbab7085e3aa23d1ba4c98011e4d4992a37d61fa45394305b748d119dba12f65d7c7d630b9f8038065ba4672d758c702be
 DIST edk2-ovmf-202105.tar.gz 13702868 BLAKE2B 3ec01d467562380ca2fd3bd807d2f6c55e4637c1afd71533f8f5b22cc634dc4c8cb63dab921677f8b315d17b3c9d0b6b00a0e2f3f8da61107033e9e81bf5a64d SHA512 c263345cbb243c63985f974a61f37c577a139d6a7099d2b8c9e1a553e5ebf16de12fb711b72624081c6bf637f8084bbf71731ab99e5747d81da460388ac25791

diff --git a/sys-firmware/edk2-ovmf/edk2-ovmf-202008.ebuild b/sys-firmware/edk2-ovmf/edk2-ovmf-202008.ebuild
deleted file mode 100644
index c02cae3b5fcf..000000000000
--- a/sys-firmware/edk2-ovmf/edk2-ovmf-202008.ebuild
+++ /dev/null
@@ -1,186 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_REQ_USE="sqlite"
-PYTHON_COMPAT=( python3_{7,8,9} )
-
-inherit python-any-r1 readme.gentoo-r1
-
-DESCRIPTION="UEFI firmware for 64-bit x86 virtual machines"
-HOMEPAGE="https://github.com/tianocore/edk2"
-
-NON_BINARY_DEPEND="
-	app-emulation/qemu
-	>=dev-lang/nasm-2.0.7
-	>=sys-power/iasl-20160729
-	${PYTHON_DEPS}
-"
-DEPEND=""
-RDEPEND=""
-if [[ ${PV} == "999999" ]] ; then
-	inherit git-r3
-	EGIT_REPO_URI="https://github.com/tianocore/edk2"
-	DEPEND+="
-		${NON_BINARY_DEPEND}
-	"
-else
-	BUNDLED_OPENSSL_SUBMODULE_SHA="e2e09d9fba1187f8d6aafaa34d4172f56f1ffb72"
-	BUNDLED_BROTLI_SUBMODULE_SHA="666c3280cc11dc433c303d79a83d4ffbdd12cc8d"
-	# Binary versions taken from fedora:
-	# http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/e/
-	#   edk2-ovmf-20200801stable-1.fc34.noarch.rpm
-
-	# TODO: talk with tamiko about unbundling
-	SRC_URI="
-		!binary? (
-			https://github.com/tianocore/edk2/archive/edk2-stable${PV}.tar.gz -> ${P}.tar.gz
-			https://github.com/openssl/openssl/archive/${BUNDLED_OPENSSL_SUBMODULE_SHA}.tar.gz -> openssl-${BUNDLED_OPENSSL_SUBMODULE_SHA}.tar.gz
-			https://github.com/google/brotli/archive/${BUNDLED_BROTLI_SUBMODULE_SHA}.tar.gz -> brotli-${BUNDLED_BROTLI_SUBMODULE_SHA}.tar.gz
-		)
-		binary? ( https://dev.gentoo.org/~mva/distfiles/${P}-bin.tar.xz )
-		https://dev.gentoo.org/~mva/distfiles/${P}-qemu-firmware.tar.xz
-	"
-	KEYWORDS="amd64 arm64 ~ppc ppc64 x86"
-	IUSE="+binary"
-	REQUIRED_USE+="
-		!amd64? ( binary )
-	"
-	DEPEND+="
-		!binary? (
-			amd64? (
-				${NON_BINARY_DEPEND}
-			)
-		)"
-	PATCHES=(
-	)
-fi
-
-LICENSE="BSD-2 MIT"
-SLOT="0"
-
-S="${WORKDIR}/edk2-edk2-stable${PV}"
-
-DISABLE_AUTOFORMATTING=true
-DOC_CONTENTS="This package contains the tianocore edk2 UEFI firmware for 64-bit x86
-virtual machines. The firmware is located under
-	/usr/share/edk2-ovmf/OVMF_CODE.fd
-	/usr/share/edk2-ovmf/OVMF_VARS.fd
-	/usr/share/edk2-ovmf/OVMF_CODE.secboot.fd
-
-If USE=binary is enabled, we also install an OVMF variables file (coming from
-fedora) that contains secureboot default keys
-
-	/usr/share/edk2-ovmf/OVMF_VARS.secboot.fd
-
-If you have compiled this package by hand, you need to either populate all
-necessary EFI variables by hand by booting
-	/usr/share/edk2-ovmf/UefiShell.(iso|img)
-or creating OVMF_VARS.secboot.fd by hand:
-	https://github.com/puiterwijk/qemu-ovmf-secureboot
-
-The firmware does not support csm (due to no free csm implementation
-available). If you need a firmware with csm support you have to download
-one for yourself. Firmware blobs are commonly labeled
-	OVMF{,_CODE,_VARS}-with-csm.fd
-
-In order to use the firmware you can run qemu the following way
-
-	$ qemu-system-x86_64 \
-		-drive file=/usr/share/edk2-ovmf/OVMF.fd,if=pflash,format=raw,unit=0,readonly=on \
-		...
-
-You can register the firmware for use in libvirt by adding to /etc/libvirt/qemu.conf:
-	nvram = [
-		\"/usr/share/edk2-ovmf/OVMF_CODE.fd:/usr/share/edk2-ovmf/OVMF_VARS.fd\"
-		\"/usr/share/edk2-ovmf/OVMF_CODE.secboot.fd:/usr/share/edk2-ovmf/OVMF_VARS.fd\"
-	]"
-
-pkg_setup() {
-	[[ ${PV} != "999999" ]] && use binary || python-any-r1_pkg_setup
-}
-
-src_prepare() {
-	if ! use binary; then
-		sed -i -r \
-			-e "/function SetupPython3/,/\}/{s,\\\$\(whereis python3\),${EPYTHON},g}" \
-			"${S}"/edksetup.sh || die "Fixing for correct Python3 support failed"
-	fi
-	if  [[ ${PV} != "999999" ]]; then
-		if use binary; then
-			eapply_user
-			return
-		else
-			# Bundled submodules
-			cp -rl "${WORKDIR}/openssl-${BUNDLED_OPENSSL_SUBMODULE_SHA}"/* "CryptoPkg/Library/OpensslLib/openssl/"
-			cp -rl "${WORKDIR}/brotli-${BUNDLED_BROTLI_SUBMODULE_SHA}"/* "BaseTools/Source/C/BrotliCompress/brotli/"
-			cp -rl "${WORKDIR}/brotli-${BUNDLED_BROTLI_SUBMODULE_SHA}"/* "MdeModulePkg/Library/BrotliCustomDecompressLib/brotli/"
-		fi
-	fi
-	default
-}
-
-src_compile() {
-	TARGET_ARCH=X64
-	TARGET_NAME=RELEASE
-	TARGET_TOOLS=GCC49
-
-	BUILD_FLAGS="-D TLS_ENABLE \
-		-D HTTP_BOOT_ENABLE \
-		-D NETWORK_IP6_ENABLE \
-		-D FD_SIZE_2MB"
-
-	SECUREBOOT_BUILD_FLAGS="${BUILD_FLAGS} \
-		-D SECURE_BOOT_ENABLE \
-		-D SMM_REQUIRE \
-		-D EXCLUDE_SHELL_FROM_FD"
-
-	[[ ${PV} != "999999" ]] && use binary && return
-
-	emake ARCH=${TARGET_ARCH} -C BaseTools
-
-	. ./edksetup.sh
-
-	# Build all EFI firmware blobs:
-
-	mkdir -p ovmf
-
-	./OvmfPkg/build.sh \
-		-a "${TARGET_ARCH}" -b "${TARGET_NAME}" -t "${TARGET_TOOLS}" \
-		${BUILD_FLAGS} || die "OvmfPkg/build.sh failed"
-
-	cp Build/OvmfX64/*/FV/OVMF_*.fd ovmf/
-	rm -rf Build/OvmfX64
-
-	./OvmfPkg/build.sh \
-		-a "${TARGET_ARCH}" -b "${TARGET_NAME}" -t "${TARGET_TOOLS}" \
-		${SECUREBOOT_BUILD_FLAGS} || die "OvmfPkg/build.sh failed"
-
-	cp Build/OvmfX64/*/FV/OVMF_CODE.fd ovmf/OVMF_CODE.secboot.fd || die "cp failed"
-	cp Build/OvmfX64/*/X64/Shell.efi ovmf/ || die "cp failed"
-	cp Build/OvmfX64/*/X64/EnrollDefaultKeys.efi ovmf || die "cp failed"
-
-	# Build a convenience UefiShell.img:
-
-	mkdir -p iso_image/efi/boot || die "mkdir failed"
-	cp ovmf/Shell.efi iso_image/efi/boot/bootx64.efi || die "cp failed"
-	cp ovmf/EnrollDefaultKeys.efi iso_image || die "cp failed"
-	qemu-img convert --image-opts \
-		driver=vvfat,floppy=on,fat-type=12,label=UEFI_SHELL,dir=iso_image \
-		ovmf/UefiShell.img || die "qemu-img failed"
-}
-
-src_install() {
-	insinto /usr/share/${PN}
-	doins ovmf/*
-
-	insinto /usr/share/qemu/firmware
-	doins qemu/*
-
-	readme.gentoo_create_doc
-}
-
-pkg_postinst() {
-	readme.gentoo_print_elog
-}