File project.diff of Package OVMF

--- OVMF.spec.orig
+++ OVMF.spec
@@ -1,5 +1,5 @@
-%define svncurrent r14071
-%define svntarball r14071
+%define svncurrent r14395
+%define svntarball r14395
 %define dirname %{name}-0.1+%{svntarball}
 Name:       OVMF
 Summary:    Intel Open Virtual Machine Firmware (UEFI Secure Boot)
@@ -9,6 +9,12 @@ Group:      Applications/Productivity
 License:    GPLv3
 Source0:    %{dirname}.tar.gz
 Source1:    http://www.openssl.org/source/openssl-0.9.8w.tar.gz
+Source2:    SLES-UEFI-CA-Certificate-2048.crt
+Source3:    SLES-UEFI-SIGN-Certificate-2048.crt
+Source4:    MicCorKEKCA2011_2011-06-24.crt
+Source5:    MicCorUEFCA2011_2011-06-27.crt
+Source6:    openSUSE-UEFI-CA-Certificate.crt
+Source7:    openSUSE-UEFI-SIGN-Certificate.crt
 %if %{svncurrent} != %{svntarball}
 Patch0:	    edk2-%{svntarball}-%{svncurrent}.diff
 %endif
@@ -18,12 +24,16 @@ Patch3:     0003-edk2-add-readme.patch
 Patch4:	    0004-add-GCC47-definition-one-removal-of-melf_x86_64.patch
 Patch5:	    0005-edk-image-size.patch
 Patch6:	    0006-edk-add-shell.efi-target.patch
+Patch7:     OVMF-embed-default-keys.patch
+Patch8:     OVMF-adjust-variable-size.patch
+Patch9:     OVMF-use-generic-sb-config.patch
 BuildRequires: iasl
 BuildRequires: libuuid-devel
 BuildRequires: gcc
 BuildRequires: gcc-c++
 BuildRequires: python
-
+BuildRequires: openssl
+BuildRequires: vim-base
 Requires: qemu
 
 %description
@@ -47,6 +57,9 @@ with qemu
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
 # Intel has special patches for openssl
 pushd CryptoPkg/Library/OpensslLib/openssl-0.9.8w
 patch -p0 -i ../EDKII_openssl-0.9.8w.patch
@@ -64,20 +77,56 @@ export TOOL_CHAIN_TAG=GCC$(gcc -dumpvers
 make -C BaseTools
 printenv
 . ./edksetup.sh
-sed "s/^TOOL_CHAIN_TAG[ 	]*=.*$/TOOL_CHAIN_TAG = ${TOOL_CHAIN_TAG}/" edktargets/target.txt.%{filearch} > Conf/target.txt
-build
+#sed "s/^TOOL_CHAIN_TAG[ 	]*=.*$/TOOL_CHAIN_TAG = ${TOOL_CHAIN_TAG}/" edktargets/target.txt.%{filearch} > Conf/target.txt
+#build
+# OVMF without keys
 sed "s/^TOOL_CHAIN_TAG[ 	]*=.*$/TOOL_CHAIN_TAG = ${TOOL_CHAIN_TAG}/" edktargets/target.txt.ovmf.%{filearch} > Conf/target.txt
-build
-sed "s/^TOOL_CHAIN_TAG[ 	]*=.*$/TOOL_CHAIN_TAG = ${TOOL_CHAIN_TAG}/" edktargets/target.txt.shell.%{filearch} > Conf/target.txt
-build
+build -D BUILD_NEW_SHELL -D FD_SIZE_2MB #-D NETWORK_ENABLE
+cp Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF.fd Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF-no-key.fd
+
+# OVMF with SUSE keys
+openssl x509 -in %{SOURCE2} -outform DER > Default_PK
+openssl x509 -in %{SOURCE2} -outform DER > Default_KEK
+openssl x509 -in %{SOURCE3} -outform DER > Default_DB
+xxd -i Default_PK > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_PK.h
+xxd -i Default_KEK > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_KEK.h
+xxd -i Default_DB > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_DB.h
+build -D BUILD_NEW_SHELL -D FD_SIZE_2MB
+cp Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF.fd Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF-suse.fd
+
+# OVMF with MS keys
+cat %{SOURCE4} > Default_PK
+cat %{SOURCE4} > Default_KEK
+cat %{SOURCE5} > Default_DB
+xxd -i Default_PK > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_PK.h
+xxd -i Default_KEK > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_KEK.h
+xxd -i Default_DB > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_DB.h
+build -D BUILD_NEW_SHELL -D FD_SIZE_2MB
+cp Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF.fd Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF-ms.fd
+
+# OVMF with openSUSE keys
+openssl x509 -in %{SOURCE6} -outform DER > Default_PK
+openssl x509 -in %{SOURCE6} -outform DER > Default_KEK
+openssl x509 -in %{SOURCE7} -outform DER > Default_DB
+xxd -i Default_PK > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_PK.h
+xxd -i Default_KEK > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_KEK.h
+xxd -i Default_DB > SecurityPkg/VariableAuthenticated/RuntimeDxe/Default_DB.h
+build -D BUILD_NEW_SHELL -D FD_SIZE_2MB
+cp Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF.fd Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF-opensuse.fd
+
+#sed "s/^TOOL_CHAIN_TAG[ 	]*=.*$/TOOL_CHAIN_TAG = ${TOOL_CHAIN_TAG}/" edktargets/target.txt.shell.%{filearch} > Conf/target.txt
+#build
 
 %install
 export TOOL_CHAIN_TAG=GCC$(gcc -dumpversion|sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/')
 rm -rf %{buildroot}
 install -m 0644 -D README.txt %{buildroot}/%{_datadir}/qemu-ovmf/README
-install -m 0644 -D Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF.fd %{buildroot}/%{_datadir}/qemu-ovmf/bios/bios.bin
-install -m 0755 -D Build/MdeModule/DEBUG_${TOOL_CHAIN_TAG}/X64/HelloWorld.efi %{buildroot}/%{_datadir}/qemu-ovmf/efi/HelloWorld.efi
-install -m 0755 -D Build/Shell/DEBUG_${TOOL_CHAIN_TAG}/X64/Shell.efi %{buildroot}/%{_datadir}/qemu-ovmf/efi/Shell.efi
+install -m 0644 -D Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF-no-key.fd %{buildroot}/%{_datadir}/qemu-ovmf/bios/bios.bin
+install -m 0644 -D Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF-suse.fd %{buildroot}/%{_datadir}/qemu-ovmf/bios-suse/bios.bin
+install -m 0644 -D Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF-ms.fd %{buildroot}/%{_datadir}/qemu-ovmf/bios-ms/bios.bin
+install -m 0644 -D Build/OvmfX64/DEBUG_${TOOL_CHAIN_TAG}/FV/OVMF-opensuse.fd %{buildroot}/%{_datadir}/qemu-ovmf/bios-opensuse/bios.bin
+#install -m 0755 -D Build/MdeModule/DEBUG_${TOOL_CHAIN_TAG}/X64/HelloWorld.efi %{buildroot}/%{_datadir}/qemu-ovmf/efi/HelloWorld.efi
+#install -m 0755 -D Build/Shell/DEBUG_${TOOL_CHAIN_TAG}/X64/Shell.efi %{buildroot}/%{_datadir}/qemu-ovmf/efi/Shell.efi
 
 %files 
 %defattr(-,root,root,-)