%define date 20240916
%define commit f23151f
%define OVMF /usr/share/edk2/ovmf-coconutsvsm/OVMF.coconutsvsm.fd
Name: coconut-svsm
Version: 0^%{date}g%{commit}
Release: 3%{?dist}
Summary: The Coconut Secure VM Service Module for AMD SEV-SNP

License: MIT
URL: https://github.com/coconut-svsm/coconut
Source0: file://./coconut-svsm-%{commit}.tar.xz

Patch0: 0001-RPM-Vendor-Deps.patch
Patch1: 0002-RPM-Disable-gdb-support.patch
Patch2: 0003-Disable-fuzzer.patch
Patch3: 0004-Update-dependencies.patch

BuildRequires: cargo-rpm-macros >= 24
BuildRequires: autoconf
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: clang-libs
BuildRequires: binutils
BuildRequires: curl
BuildRequires: gcc
BuildRequires: glibc-static
BuildRequires: pkg-config
BuildRequires: git
BuildRequires: make
BuildRequires: openssl-devel
BuildRequires: perl
BuildRequires: rust
BuildRequires: rust-std-static-x86_64-unknown-none
BuildRequires: bindgen-cli
BuildRequires: cargo
BuildRequires: edk2-ovmf-coconutsvsm >= 20240214


%description
Secure Virtual machine Service Module for use in
confidenial VMs based on AMD SEV-SNP memory encryption.
This is the Coconut SVSM implementation, which provides a
virtual TPM device via the Guest Communicatiom Protocl
to the guest.
Qemu with IGVM support is required to run. The provided
firmware file includes SVSM and OVMF.

%global debug_package %{nil}

# Automatic BuildRequires for Coconut
%generate_buildrequires
%cargo_generate_buildrequires

# Automatic BuildRequires for vendored ivgm
/usr/bin/cargo2rpm --path ../igvm/Cargo.toml buildrequires

%prep
%autosetup -n coconut-svsm -D -p1

rm Cargo.lock

# redirect cargo to local crates from Fedora RPMs
mkdir -p ~/.cargo
cat << EOF > ~/.cargo/config
[source.local-registry]
directory = "/usr/share/cargo/registry"

[source.crates-io]
registry = "https://crates.io"
replace-with = "local-registry"
EOF

%build

# Default flags interfere with svsm build
unset CFLAGS
unset CCFLAGS
unset LDFLAGS
unset RUSTFLAGS

stat %{OVMF}
FW_FILE=%{OVMF} make

%install
mkdir -p %{buildroot}%{_datadir}/%{name}
install \
  -m 444 \
  bin/coconut-qemu.igvm \
  %{buildroot}%{_datadir}/%{name}/coconut-qemu.igvm
install \
  -m 444 \
  bin/svsm.bin \
  %{buildroot}%{_datadir}/%{name}/coconut-svsm.bin


%files
%dir %{_datadir}/%{name}/
%{_datadir}/%{name}/coconut-svsm.bin
%{_datadir}/%{name}/coconut-qemu.igvm


%changelog
* Tue May 7 2024 Oliver Steffen <osteffen@redhat.com> - 0^20240503g13acb6a-3
- Updated to latest upstream
- Enable offline RPM build

* Wed Apr 24 2024 Cole Robinson <crobinso@redhat.com> - 0^20240408gdec6072-2
- Re-add coconut-svsm.bin output

* Mon Apr 08 2024 Oliver Steffen <osteffen@redhat.com> - 0.0.5
- Update to upstream commint dec6072, with vTPM
- Back to online builds - offline is WIP

* Tue Oct 10 2023 Oliver Steffen <osteffen@redhat.com> - 0.0.4
- Update to upstream commit c1aa81b
- Use only rust components provided by Fedora. Include the packit
  crate in the source tarball. Patch out gdb support, since gdbstub
  is not available in Fedora.

* Mon Sep 25 2023 Oliver Steffen <osteffen@redhat.com> - 0.0.3
- Update to upstream commit b8a5474

* Wed Sep 13 2023 Oliver Steffen <osteffen@redhat.com> - 0.0.2
- Update to upstream commit 9b7d797

* Wed Aug 9 2023 Oliver Steffen <osteffen@redhat.com> - 0.0.1
- Initial version of the package