From 51b45b03649b53f867fc3f0e0e8768b88e945fa5 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Fri, 15 Feb 2019 21:47:22 +0000
Subject: [PATCH] Add uname.patch to avoid architecture variability

Signed-off-by: Luca Boccassi <bluca@debian.org>
---
 debian/changelog           |  2 ++
 debian/patches/series      |  1 +
 debian/patches/uname.patch | 32 ++++++++++++++++++++++++++++++++
 3 files changed, 35 insertions(+)
 create mode 100644 debian/patches/uname.patch

diff --git a/debian/changelog b/debian/changelog
index b45b10b..8967a44 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -9,6 +9,8 @@ shim (15+1533136590.3beb971-3) UNRELEASED; urgency=medium
   [ Luca Boccassi ]
   * Override lintian error about template rules file.
   * Include /usr/share/dpkg/architecture.mk instead of shelling out.
+  * Add uname.patch to avoid embedding the kernel architecture in the
+    binary and to use a fixed string instead.
 
  -- Luca Boccassi <bluca@debian.org>  Fri, 15 Feb 2019 19:50:10 +0000
 
diff --git a/debian/patches/series b/debian/patches/series
index 767bfb5..01e6063 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 fixup_git.patch
+uname.patch
diff --git a/debian/patches/uname.patch b/debian/patches/uname.patch
new file mode 100644
index 0000000..851c3c9
--- /dev/null
+++ b/debian/patches/uname.patch
@@ -0,0 +1,32 @@
+Author: Luca Boccassi <bluca@debian.org>
+Description: Makefile: use fixed build host if SOURCE_DATE_EPOCH is defined
+ If SOURCE_DATE_EPOCH is defined then we can be reasonably sure the
+ user wants the build to be fully reproducible, so use a fixed string.
+ In case of a cross build, using uname -s -m -p -i o will still report
+ the host's kernel architecture, which will trip some CIs like
+ Debian's.
+Forwarded: https://github.com/rhboot/shim/pull/169
+--- a/Makefile
++++ b/Makefile
+@@ -46,6 +46,12 @@ ifneq ($(origin ENABLE_HTTPBOOT), undefined)
+ 	SOURCES += httpboot.c include/httpboot.h
+ endif
+ 
++ifeq ($(SOURCE_DATE_EPOCH),)
++	UNAME=$(shell uname -s -m -p -i -o)
++else
++	UNAME=buildhost
++endif
++
+ SOURCES = $(foreach source,$(ORIG_SOURCES),$(TOPDIR)/$(source)) version.c
+ MOK_SOURCES = $(foreach source,$(ORIG_MOK_SOURCES),$(TOPDIR)/$(source))
+ FALLBACK_SRCS = $(foreach source,$(ORIG_FALLBACK_SRCS),$(TOPDIR)/$(source))
+@@ -66,7 +72,7 @@ shim_cert.h: shim.cer
+ 
+ version.c : $(TOPDIR)/version.c.in
+ 	sed	-e "s,@@VERSION@@,$(VERSION)," \
+-		-e "s,@@UNAME@@,$(shell uname -s -m -p -i -o)," \
++		-e "s,@@UNAME@@,$(UNAME)," \
+ 		-e "s,@@COMMIT@@,$(COMMIT_ID)," \
+ 		< $< > $@
+