proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-08-06 00:23:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
b017e4554b
efi-boot-shim/Make.defaults
Fabian Grünbichler b017e4554b New upstream version 16.0
2025-03-24 10:18:24 +01:00

203 lines
6.1 KiB
Makefile
Raw Blame History

# load the local configuration if it exists
-include Make.local
-include $(TOPDIR)/Make.local
COMPILER ?= gcc
CC = $(CROSS_COMPILE)$(COMPILER)
HOSTCC = $(COMPILER)
LD = $(CROSS_COMPILE)ld
OBJCOPY = $(CROSS_COMPILE)objcopy
DOS2UNIX ?= dos2unix
D2UFLAGS ?= -r -l -F -f -n
OPENSSL ?= openssl
HEXDUMP ?= hexdump
INSTALL ?= install
PK12UTIL ?= pk12util
CERTUTIL ?= certutil
PESIGN ?= pesign
SBSIGN ?= sbsign
prefix ?= /usr
prefix := $(abspath $(prefix))
datadir ?= $(prefix)/share/
PKGNAME ?= shim
ESPROOTDIR ?= boot/efi/
EFIBOOTDIR ?= $(ESPROOTDIR)EFI/BOOT/
TARGETDIR ?= $(ESPROOTDIR)EFI/$(EFIDIR)/
DATATARGETDIR ?= $(datadir)/$(PKGNAME)/$(VERSION)$(DASHRELEASE)/$(ARCH_SUFFIX)/
DEBUGINFO ?= $(prefix)/lib/debug/
DEBUGSOURCE ?= $(prefix)/src/debug/
OSLABEL ?= $(EFIDIR)
DEFAULT_LOADER ?= \\\\grub$(ARCH_SUFFIX).efi
DASHJ ?= -j$(shell echo $$(($$(grep -c "^model name" /proc/cpuinfo) + 1)))
ARCH ?= $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
OBJCOPY_GTE224 = $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.*\((.*)\|version\) //g' | cut -f1-2 -d.` \>= 2.24)
OPTIMIZATIONS ?= -Os
FA_OPTIMIZATIONS ?= -O2
ifneq ($(FANALYZER),)
override OPTIMIZATIONS := $(FA_OPTIMIZATIONS)
override CCACHE_DISABLE := true
endif
export OPTIMIZATIONS
ifneq ($(CCACHE_DISABLE),)
export CCACHE_DISABLE
endif
SUBDIRS = $(TOPDIR)/Cryptlib $(TOPDIR)/lib
EFI_INCLUDE ?= $(TOPDIR)/gnu-efi/inc
EFI_INCLUDES = -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
override EFI_INCLUDES := $(EFI_INCLUDES)
EFI_CRT_OBJS = $(LOCAL_EFI_PATH)/crt0-efi-$(ARCH_GNUEFI).o
EFI_LDS = $(TOPDIR)/elf_$(ARCH)_efi.lds
CLANG_WARNINGS = -Wno-pointer-bool-conversion \
-Wno-unknown-attributes
CLANG_BUGS = $(if $(findstring gcc,$(CC)),-maccumulate-outgoing-args,) \
$(if $(findstring clang,$(CC)),$(CLANG_WARNINGS))
COMMIT_ID ?= $(shell if [ -e .git ] ; then git log -1 --pretty=format:%H ; elif [ -f commit ]; then cat commit ; else echo master; fi)
ifeq ($(ARCH),x86_64)
ARCH_CFLAGS ?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
$(CLANG_BUGS) -m64 \
-DMDE_CPU_X64 -DPAGE_SIZE=4096
ARCH_GNUEFI ?= x86_64
ARCH_SUFFIX ?= x64
ARCH_SUFFIX_UPPER ?= X64
ARCH_LDFLAGS ?=
endif
ifeq ($(ARCH),ia32)
ARCH_CFLAGS ?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
$(CLANG_BUGS) -m32 -malign-double \
-DMDE_CPU_IA32 -DPAGE_SIZE=4096
ARCH_GNUEFI ?= ia32
ARCH_SUFFIX ?= ia32
ARCH_SUFFIX_UPPER ?= IA32
ARCH_LDFLAGS ?=
ARCH_CFLAGS ?= -m32
endif
ifeq ($(ARCH),aarch64)
ARCH_CFLAGS ?= -DMDE_CPU_AARCH64 -DPAGE_SIZE=4096 -mstrict-align
ARCH_GNUEFI ?= aarch64
ARCH_SUFFIX ?= aa64
ARCH_SUFFIX_UPPER ?= AA64
ARCH_LDFLAGS ?=
ARCH_CFLAGS ?=
endif
ifeq ($(ARCH),arm)
ARCH_CFLAGS ?= -DMDE_CPU_ARM -DPAGE_SIZE=4096 -mno-unaligned-access
ARCH_GNUEFI ?= arm
ARCH_SUFFIX ?= arm
ARCH_SUFFIX_UPPER ?= ARM
FORMAT := -O binary
SUBSYSTEM := 0xa
ARCH_LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
endif
DEFINES = -DDEFAULT_LOADER='L"$(DEFAULT_LOADER)"' \
-DDEFAULT_LOADER_CHAR='"$(DEFAULT_LOADER)"'
INCLUDES = -nostdinc \
-I$(TOPDIR)/Cryptlib -I$(TOPDIR)/Cryptlib/Include \
-I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH_GNUEFI) -I$(EFI_INCLUDE)/protocol \
-I$(TOPDIR)/include -iquote $(TOPDIR) -iquote $(shell pwd) \
-isystem $(TOPDIR)/include/system \
-isystem $(shell $(CC) $(ARCH_CFLAGS) -print-file-name=include)
override DEFAULT_FEATUREFLAGS = \
-std=gnu11 \
-ggdb -gdwarf-4 -gstrict-dwarf \
-ffreestanding \
$(shell $(CC) -fmacro-prefix-map=./=./ -E -x c /dev/null >/dev/null 2>&1 && echo -fmacro-prefix-map='$(TOPDIR)/=$(DEBUGSRC)') \
-fno-stack-protector \
-fno-strict-aliasing \
-fpic \
-fshort-wchar
$(call update-variable,FEATUREFLAGS)
$(call conditional-add-flag,$(FANALYZER),analyzer,FEATUREFLAGS,-fanalyzer)
$(call conditional-add-flag,$(COLOR),diagnostics-color,FEATUREFLAGS,-fdiagnostics-color=always)
override DEFAULT_WARNFLAGS = \
-Wall \
-Wextra \
-Wno-missing-field-initializers
$(call update-variable,WARNFLAGS)
override DEFAULT_WERRFLAGS = \
-Werror
$(call update-variable,WERRFLAGS)
CFLAGS = $(FEATUREFLAGS) \
$(OPTIMIZATIONS) \
$(WARNFLAGS) \
$(if $(findstring clang,$(CC)),$(CLANG_WARNINGS)) \
$(ARCH_CFLAGS) \
$(WERRFLAGS) \
$(INCLUDES) \
$(DEFINES)
POST_PROCESS_PE_FLAGS =
ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined)
DEFINES += -DOVERRIDE_SECURITY_POLICY
endif
ifneq ($(origin REQUIRE_TPM), undefined)
DEFINES += -DREQUIRE_TPM
endif
ifneq ($(origin DISABLE_REMOVABLE_LOAD_OPTIONS), undefined)
DEFINES += -DDISABLE_REMOVABLE_LOAD_OPTIONS
endif
LIB_GCC = $(shell $(CC) $(ARCH_CFLAGS) -print-libgcc-file-name)
EFI_LIBS = -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC)
FORMAT ?= --target efi-app-$(ARCH)
LOCAL_EFI_PATH = gnu-efi/$(ARCH_GNUEFI)/gnuefi
LIBDIR = gnu-efi/$(ARCH_GNUEFI)/lib
MMSTEM ?= mm$(ARCH_SUFFIX)
MMNAME = $(MMSTEM).efi
MMSONAME = $(MMSTEM).so
FBSTEM ?= fb$(ARCH_SUFFIX)
FBNAME = $(FBSTEM).efi
FBSONAME = $(FBSTEM).so
SHIMSTEM ?= shim$(ARCH_SUFFIX)
SHIMNAME = $(SHIMSTEM).efi
SHIMSONAME = $(SHIMSTEM).so
SHIMHASHNAME = $(SHIMSTEM).hash
BOOTEFINAME ?= BOOT$(ARCH_SUFFIX_UPPER).EFI
BOOTCSVNAME ?= BOOT$(ARCH_SUFFIX_UPPER).CSV
DEFINES += -DEFI_ARCH='L"$(ARCH_SUFFIX)"' \
-DDEBUGDIR='L"/usr/lib/debug/usr/share/shim/$(ARCH_SUFFIX)-$(VERSION)$(DASHRELEASE)/"'
ifneq ($(origin VENDOR_DB_FILE), undefined)
DEFINES += -DVENDOR_DB_FILE=\"$(VENDOR_DB_FILE)\"
endif
ifneq ($(origin VENDOR_CERT_FILE), undefined)
DEFINES += -DVENDOR_CERT_FILE=\"$(VENDOR_CERT_FILE)\"
endif
ifneq ($(origin VENDOR_DBX_FILE), undefined)
DEFINES += -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
endif
ifneq ($(origin SBAT_AUTOMATIC_DATE), undefined)
DEFINES += -DSBAT_AUTOMATIC_DATE=$(SBAT_AUTOMATIC_DATE)
endif
LDFLAGS = --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(LOCAL_EFI_PATH) -L$(LIBDIR) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1 $(ARCH_LDFLAGS) --no-undefined
ifneq ($(DEBUG),)
export DEBUG
endif
ifneq ($(VERBOSE),)
export VERBOSE
endif
export DEFINES
# vim:filetype=make
Reference in New Issue View Git Blame Copy Permalink