project-lakitu/sys-boot/shim/shim-15.6.ebuild - cos/overlays/board-overlays - Git at Google

 # Copyright 2018 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 EAPI=7

 SRC_URI="https://github.com/rhboot/shim/releases/download/${PV}/shim-${PV}.tar.bz2"
 KEYWORDS="*"

 inherit eutils multilib toolchain-funcs

 DESCRIPTION="Red Hat UEFI shim loader"
 HOMEPAGE="https://github.com/rhboot/shim"
 LICENSE="BSD-2"
 SLOT="0"
 IUSE=""

 RDEPEND=""
 DEPEND="dev-libs/openssl
 	platform-key? ( sys-boot/platform-key )
 	"
 IUSE="platform-key"

 PATCHES=(
 	"${FILESDIR}"/shim-15.4-fix-gcc-host-leak.patch
 	"${FILESDIR}"/shim-15.4-force-ld.bfd.patch
 	"${FILESDIR}"/shim-15.5-fix-clang-format-error.patch
 	"${FILESDIR}"/shim-15.6-revert-modernize-aarch64.patch
 	"${FILESDIR}"/shim-15.6-fix-CVE-2023-40547.patch
 	"${FILESDIR}"/shim-15.6-fix-cve-2023-40551.patch
 	"${FILESDIR}"/shim-15.6-fix-cve-2023-40546.patch
 	"${FILESDIR}"/shim-15.6-fix-cve-2023-40550.patch
 	"${FILESDIR}"/shim-15.6-add-overflow-primitives.patch
 	"${FILESDIR}"/shim-15.6-fix-cve-2023-40549.patch
 	"${FILESDIR}"/shim-15.6-fix-cve-2023-40548.patch
 )


 shim_arch() {
 	case ${ARCH} in
 	amd64) echo "x86_64";;
 	arm64) echo "aarch64";;
 	*)     eerror "unsupported architecture: ${ARCH}";;
 	esac
 }

 shim_binary() {
 	case ${ARCH} in
 	amd64) echo "shimx64.efi";;
 	arm64) echo "shimaa64.efi";;
 	*)     eerror "unsupported architecture: ${ARCH}";;
 	esac
 }

 src_prepare() {
 	cros_allow_gnu_build_tools
 	default
 }

 src_compile() {
 	local extra_opts=()

 	if use platform-key; then
 		extra_opts+=( VENDOR_CERT_FILE="${ROOT}/build/share/platform-key/signing_key.cer" )
 	fi

 	tc-export BUILD_CC
 	emake ARCH="$(shim_arch)" \
 		CROSS_COMPILE="${CHOST}-" \
 		HOSTCC="${BUILD_CC}" \
 		DEFAULT_LOADER="\\\\\\\\grub-lakitu.efi" \
 		"${extra_opts[@]}" \
 		"$(shim_binary)"
 }

 src_install() {
 	insinto /boot/efi/boot
 	doins "$(shim_binary)"
 }
	# Copyright 2018 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	EAPI=7

	SRC_URI="https://github.com/rhboot/shim/releases/download/${PV}/shim-${PV}.tar.bz2"
	KEYWORDS="*"

	inherit eutils multilib toolchain-funcs

	DESCRIPTION="Red Hat UEFI shim loader"
	HOMEPAGE="https://github.com/rhboot/shim"
	LICENSE="BSD-2"
	SLOT="0"
	IUSE=""

	RDEPEND=""
	DEPEND="dev-libs/openssl
	platform-key? ( sys-boot/platform-key )
	"
	IUSE="platform-key"

	PATCHES=(
	"${FILESDIR}"/shim-15.4-fix-gcc-host-leak.patch
	"${FILESDIR}"/shim-15.4-force-ld.bfd.patch
	"${FILESDIR}"/shim-15.5-fix-clang-format-error.patch
	"${FILESDIR}"/shim-15.6-revert-modernize-aarch64.patch
	"${FILESDIR}"/shim-15.6-fix-CVE-2023-40547.patch
	"${FILESDIR}"/shim-15.6-fix-cve-2023-40551.patch
	"${FILESDIR}"/shim-15.6-fix-cve-2023-40546.patch
	"${FILESDIR}"/shim-15.6-fix-cve-2023-40550.patch
	"${FILESDIR}"/shim-15.6-add-overflow-primitives.patch
	"${FILESDIR}"/shim-15.6-fix-cve-2023-40549.patch
	"${FILESDIR}"/shim-15.6-fix-cve-2023-40548.patch
	)


	shim_arch() {
	case ${ARCH} in
	amd64) echo "x86_64";;
	arm64) echo "aarch64";;
	*) eerror "unsupported architecture: ${ARCH}";;
	esac
	}

	shim_binary() {
	case ${ARCH} in
	amd64) echo "shimx64.efi";;
	arm64) echo "shimaa64.efi";;
	*) eerror "unsupported architecture: ${ARCH}";;
	esac
	}

	src_prepare() {
	cros_allow_gnu_build_tools
	default
	}

	src_compile() {
	local extra_opts=()

	if use platform-key; then
	extra_opts+=( VENDOR_CERT_FILE="${ROOT}/build/share/platform-key/signing_key.cer" )
	fi

	tc-export BUILD_CC
	emake ARCH="$(shim_arch)" \
	CROSS_COMPILE="${CHOST}-" \
	HOSTCC="${BUILD_CC}" \
	DEFAULT_LOADER="\\\\\\\\grub-lakitu.efi" \
	"${extra_opts[@]}" \
	"$(shim_binary)"
	}

	src_install() {
	insinto /boot/efi/boot
	doins "$(shim_binary)"
	}