summaryrefslogtreecommitdiff
path: root/app-crypt/efitools
diff options
context:
space:
mode:
Diffstat (limited to 'app-crypt/efitools')
-rw-r--r--app-crypt/efitools/Manifest3
-rw-r--r--app-crypt/efitools/efitools-1.9.2-r1.ebuild52
-rw-r--r--app-crypt/efitools/files/1.9.2-Makefile.patch121
-rw-r--r--app-crypt/efitools/files/1.9.2-clang16.patch108
4 files changed, 284 insertions, 0 deletions
diff --git a/app-crypt/efitools/Manifest b/app-crypt/efitools/Manifest
index a7ea541655bf..eb5d1d523391 100644
--- a/app-crypt/efitools/Manifest
+++ b/app-crypt/efitools/Manifest
@@ -1,5 +1,8 @@
AUX 1.7.0-Make.rules.patch 296 BLAKE2B ca12dbe2f0bb60cffcbe2646a99f421e1f7f9d3b9eab0c96481cbbcfe064efc81afb25e8819746051e3f47b325eb97d213b7ebf95df60a195a5d16d68332f42d SHA512 a8d6245b09e80e2c9082589e62c2687234ee7838d19255e07aadfd05ddffdb1817e38eac434e71d5f0e19b7f9a88a51126349ae4aa324a634769050dbf433f0d
AUX 1.8.1-respect-ar.patch 634 BLAKE2B a75d716b2f16f9c64e0a99fb91eda15a1009cd29576fbaf70d02b6565a6374647e924a964b607832ef122f003871578eff7dfac8b30deaaf292527cf24506b58 SHA512 4bfa8347a5e6965971320fd7fbbb1b8b8a57ac4aa186bf0ee1264190fefc34fee00bf40cec094763ee1d3adfc2c9d121de7832ce735734f442836941d2bd070c
+AUX 1.9.2-Makefile.patch 4250 BLAKE2B f71ed4b638a21d90249ec7e045ff15fa49f315c8accce4bc42154d7fc9d5c3d45c059e2fc4c9980531726f5392bb2746d1fad184a1a791f002e461c6e2c0fc02 SHA512 cd579b1ce5467ecbe0e9b53d2439d32e14669e846bad5fe0116524e1f7d3d9bff34538f3dc7b35fb21d147c870e739f0d9b783aa5f75c1d8e34b6b764ec200dc
+AUX 1.9.2-clang16.patch 2098 BLAKE2B 1d6c58a5908a498d47244e24eb2518d992a8f1de09da32baad510d7db010a548006b00b8a3c21a7517fc433f5a1a75abbc9ee4831759421a93beff3bfbc25c97 SHA512 c74625f804a5cb892047b2fcb0fdf759224680eafb6e6392a9098d19af786b0b7392eeb6cceee0c57684403cd97c350f8880655eb487dbb8f57841086efb5d01
DIST efitools-1.9.2.tar.gz 116037 BLAKE2B b3540932eb112e362fd0eed47090360603807dcaec8c6a10058618f8252eeb5dcbbd703d313cb6fadae62c1312815080cf2c77fc86f9dfc9f9afca24ad97f584 SHA512 77e0ad7e865814ed388ff6daabe0f4b49ba51672bf2cbb98b7905e209cbd28f9ede2f73213ce45af8a978c1e67dba24ec88a1188661317cc22317b47e575cde8
+EBUILD efitools-1.9.2-r1.ebuild 1121 BLAKE2B 793763cdefe49a5d122b484bee0171069f3108159a00168a4346a1ace69c3bca9fd3278f2ae1a2e7bc476803cb1884e7cb247e4032af2d24f162a4ab713a0f14 SHA512 5d094bc9f5ca6856bc725a436b1be174469f9dcfeaf88dd8ca75fb459245052398be5953614a7dfe543a04e104ad9325eefb374bc7dc007d0d7df45ff2f2ab97
EBUILD efitools-1.9.2.ebuild 1371 BLAKE2B 3b6365e47baea942517f9a607ada4b332ad1a305bda1a6e160e2a9a86b04b1f622f060ec34a0f296138c9b312bc984155c6103eb9f953389d0021c0ed742a78e SHA512 b5509e5b8bc324d493d47d62685be8079ed940da0ed27ced73644351a57d4ec17df0b6247dffea03dd675a9c1202f89104c8625f0de8a126fcadae5972faaf23
MISC metadata.xml 218 BLAKE2B e650ab1b6c50b385efc18a924f5382ef66cd5669e4c138270215328e5b595a45b519dc48925a76e824ba834e159865adbb131c0b7e166c2ffaf91d3c63b76163 SHA512 79219cfff4bf8680335548005e5f1f64270e1dcbabb2700b033e355fa65f0a5aefb0eaec20fbe231fc4525a7511693b84c0d957452fc9aa39e4ab31a1e1e56eb
diff --git a/app-crypt/efitools/efitools-1.9.2-r1.ebuild b/app-crypt/efitools/efitools-1.9.2-r1.ebuild
new file mode 100644
index 000000000000..ae06bba83d82
--- /dev/null
+++ b/app-crypt/efitools/efitools-1.9.2-r1.ebuild
@@ -0,0 +1,52 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit flag-o-matic toolchain-funcs
+
+DESCRIPTION="Tools for manipulating UEFI secure boot platforms"
+HOMEPAGE="https://git.kernel.org/cgit/linux/kernel/git/jejb/efitools.git"
+SRC_URI="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git/snapshot/${P}.tar.gz"
+
+LICENSE="GPL-2 LGPL-2.1"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~x86"
+IUSE="static"
+
+LIB_DEPEND="dev-libs/openssl:=[static-libs(+)]"
+
+RDEPEND="
+ !static? ( ${LIB_DEPEND//\[static-libs(+)]} )
+ sys-apps/util-linux"
+DEPEND="${RDEPEND}
+ static? ( ${LIB_DEPEND} )
+ sys-boot/gnu-efi"
+BDEPEND="
+ app-crypt/sbsigntools
+ dev-perl/File-Slurp
+ sys-apps/help2man
+ virtual/pkgconfig"
+
+PATCHES=(
+ "${FILESDIR}"/1.9.2-clang16.patch
+ "${FILESDIR}"/1.9.2-Makefile.patch
+)
+
+src_prepare() {
+ default
+
+ # Let it build with clang
+ if tc-is-clang; then
+ sed -i -e 's/-fno-toplevel-reorder//g' Make.rules || die
+ fi
+
+ if use static; then
+ append-ldflags -static
+ export STATIC_FLAG=--static
+ fi
+}
+
+src_configure() {
+ tc-export AR CC LD NM OBJCOPY PKG_CONFIG
+}
diff --git a/app-crypt/efitools/files/1.9.2-Makefile.patch b/app-crypt/efitools/files/1.9.2-Makefile.patch
new file mode 100644
index 000000000000..e8e99b1858a5
--- /dev/null
+++ b/app-crypt/efitools/files/1.9.2-Makefile.patch
@@ -0,0 +1,121 @@
+--- a/Makefile
++++ b/Makefile
+@@ -21,6 +21,8 @@
+ KEYBLACKLISTAUTH = $(ALLKEYS:=-blacklist.auth)
+ KEYHASHBLACKLISTAUTH = $(ALLKEYS:=-hash-blacklist.auth)
+
++SSL_LIBS = $(shell $(PKG_CONFIG) $(STATIC_FLAG) --libs libcrypto)
++
+ export TOPDIR := $(shell pwd)/
+
+ include Make.rules
+@@ -88,31 +90,31 @@
+ ShimReplace.so: lib/lib-efi.a
+
+ cert-to-efi-sig-list: cert-to-efi-sig-list.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
+
+ sig-list-to-certs: sig-list-to-certs.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
+
+ sign-efi-sig-list: sign-efi-sig-list.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
+
+ hash-to-efi-sig-list: hash-to-efi-sig-list.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a
+
+ cert-to-efi-hash-list: cert-to-efi-hash-list.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
+
+ efi-keytool: efi-keytool.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a
+
+ efi-readvar: efi-readvar.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
+
+ efi-updatevar: efi-updatevar.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a -lcrypto
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a $(SSL_LIBS)
+
+ flash-var: flash-var.o lib/lib.a
+- $(CC) $(ARCH3264) -o $@ $< lib/lib.a
++ $(CC) $(LDFLAGS) $(ARCH3264) -o $@ $< lib/lib.a
+
+ clean:
+ rm -f PK.* KEK.* DB.* $(EFIFILES) $(EFISIGNED) $(BINARIES) *.o *.so
+--- a/Make.rules
++++ b/Make.rules
+@@ -15,8 +15,7 @@
+ endif
+ INCDIR = -I$(TOPDIR)include/ -I/usr/include/efi -I/usr/include/efi/$(ARCH) -I/usr/include/efi/protocol
+ CPPFLAGS = -DCONFIG_$(ARCH)
+-CFLAGS = -O2 -g $(ARCH3264) -fpic -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants -fno-stack-protector -ffreestanding -fno-stack-check
+-LDFLAGS = -nostdlib
++CFLAGS += $(ARCH3264) -fpic -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants -fno-stack-protector -ffreestanding -fno-stack-check
+ CRTOBJ = crt0-efi-$(ARCH).o
+ CRTPATHS = /lib /lib64 /lib/efi /lib64/efi /usr/lib /usr/lib64 /usr/lib/efi /usr/lib64/efi /usr/lib/gnuefi /usr/lib64/gnuefi
+ CRTPATH = $(shell for f in $(CRTPATHS); do if [ -e $$f/$(CRTOBJ) ]; then echo $$f; break; fi; done)
+@@ -24,10 +23,9 @@
+ # there's a bug in the gnu tools ... the .reloc section has to be
+ # aligned otherwise the file alignment gets screwed up
+ LDSCRIPT = elf_$(ARCH)_efi.lds
+-LDFLAGS += -shared -Bsymbolic $(CRTOBJS) -L $(CRTPATH) -L /usr/lib -L /usr/lib64 -T $(LDSCRIPT)
++LIBS += -nostdlib -shared -Bsymbolic $(CRTOBJS) -L $(CRTPATH) -T $(LDSCRIPT)
+ LOADLIBES = -lefi -lgnuefi $(shell $(CC) $(ARCH3264) -print-libgcc-file-name)
+ FORMAT = --target=efi-app-$(ARCH)
+-OBJCOPY = objcopy
+ MYGUID = 11111111-2222-3333-4444-123456789abc
+ INSTALL = install
+ BINDIR = $(DESTDIR)/usr/bin
+@@ -47,12 +45,12 @@
+ endif
+
+ ifeq ($(ARCH),arm)
+- LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a
++ LIBS += --defsym=EFI_SUBSYSTEM=0x0a
+ FORMAT = -O binary
+ endif
+
+ ifeq ($(ARCH),aarch64)
+- LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a
++ LIBS += --defsym=EFI_SUBSYSTEM=0x0a
+ FORMAT = -O binary
+ endif
+
+@@ -61,9 +59,9 @@
+ -j .rel -j .rela -j .rel.* -j .rela.* -j .rel* -j .rela* \
+ -j .reloc $(FORMAT) $*.so $@
+ %.so: %.o
+- $(LD) $(LDFLAGS) $^ -o $@ $(LOADLIBES)
++ $(LD) $(LIBS) $^ -o $@ $(LOADLIBES)
+ # check we have no undefined symbols
+- nm -D $@ | grep ' U ' && exit 1 || exit 0
++ $(NM) -D $@ | grep ' U ' && exit 1 || exit 0
+
+ %.h: %.auth
+ ./xxdi.pl $< > $@
+@@ -71,7 +69,7 @@
+ %.hash: %.efi hash-to-efi-sig-list
+ ./hash-to-efi-sig-list $< $@
+
+-%-blacklist.esl: %.crt cert-to-efi-hash-list
++%-blacklist.esl: %.crt cert-to-efi-sig-list
+ ./cert-to-efi-sig-list $< $@
+
+ %-hash-blacklist.esl: %.crt cert-to-efi-hash-list
+@@ -129,7 +127,7 @@
+ # sbsign --key KEK.key --cert KEK.crt --output $@ $<
+
+ %.a:
+- ar rcv $@ $^
++ $(AR) rcv $@ $^
+
+ doc/%.1: doc/%.1.in %
+ $(HELP2MAN) --no-info -i $< -o $@ ./$*
diff --git a/app-crypt/efitools/files/1.9.2-clang16.patch b/app-crypt/efitools/files/1.9.2-clang16.patch
new file mode 100644
index 000000000000..944a731bcde8
--- /dev/null
+++ b/app-crypt/efitools/files/1.9.2-clang16.patch
@@ -0,0 +1,108 @@
+--- a/cert-to-efi-sig-list.c
++++ b/cert-to-efi-sig-list.c
+@@ -6,7 +6,6 @@
+
+
+ #include <stdint.h>
+-#define __STDC_VERSION__ 199901L
+ #include <efi.h>
+ #ifdef CONFIG_arm
+ /* FIXME:
+--- a/efi-keytool.c
++++ b/efi-keytool.c
+@@ -15,7 +15,6 @@
+ #include <fcntl.h>
+ #include <unistd.h>
+
+-#define __STDC_VERSION__ 199901L
+ #include <efi.h>
+
+ #include <kernel_efivars.h>
+--- a/efi-readvar.c
++++ b/efi-readvar.c
+@@ -17,7 +17,6 @@
+
+ #include <openssl/x509.h>
+
+-#define __STDC_VERSION__ 199901L
+ #include <efi.h>
+
+ #include <kernel_efivars.h>
+--- a/efi-updatevar.c
++++ b/efi-updatevar.c
+@@ -20,7 +20,6 @@
+ #include <openssl/err.h>
+ #include <openssl/pem.h>
+
+-#define __STDC_VERSION__ 199901L
+ #include <efi.h>
+
+ #include <kernel_efivars.h>
+--- a/flash-var.c
++++ b/flash-var.c
+@@ -1,3 +1,5 @@
++#define _XOPEN_SOURCE 700
++
+ #include <stdlib.h>
+ #include <stdint.h>
+ #include <sys/types.h>
+@@ -10,7 +12,6 @@
+ #include <fcntl.h>
+ #include <unistd.h>
+
+-#define __STDC_VERSION__ 199901L
+ #include <efi.h>
+
+ #include <version.h>
+--- a/hash-to-efi-sig-list.c
++++ b/hash-to-efi-sig-list.c
+@@ -4,7 +4,6 @@
+ * see COPYING file
+ */
+ #include <stdint.h>
+-#define __STDC_VERSION__ 199901L
+ #include <efi.h>
+ #ifdef CONFIG_arm
+ /* FIXME:
+--- a/include/variableformat.h
++++ b/include/variableformat.h
+@@ -109,7 +109,7 @@
+
+ #pragma pack()
+
+-inline BOOLEAN
++static inline BOOLEAN
+ IsValidVariableHeader (VARIABLE_HEADER *vh) {
+ if (vh == NULL || vh->StartId != VARIABLE_DATA)
+ return FALSE;
+--- a/lib/kernel_efivars.c
++++ b/lib/kernel_efivars.c
+@@ -16,7 +16,6 @@
+ #include <unistd.h>
+ #include <time.h>
+
+-#define __STDC_VERSION__ 199901L
+ #include <efi.h>
+
+ #include <kernel_efivars.h>
+--- a/sig-list-to-certs.c
++++ b/sig-list-to-certs.c
+@@ -4,7 +4,6 @@
+ * see COPYING file
+ */
+ #include <stdint.h>
+-#define __STDC_VERSION__ 199901L
+ #include <efi.h>
+ #ifdef CONFIG_arm
+ /* FIXME:
+--- a/sign-efi-sig-list.c
++++ b/sign-efi-sig-list.c
+@@ -4,7 +4,7 @@
+ * see COPYING file
+ */
+ #include <stdint.h>
+-#define __STDC_VERSION__ 199901L
++#define _XOPEN_SOURCE 700
+ #include <efi.h>
+ #ifdef CONFIG_arm
+ /* FIXME: