## START: Set by rpmautospec ## (rpmautospec version 0.8.4) ## RPMAUTOSPEC: autochangelog ## END: Set by rpmautospec %define date 2026.02 %define version_name v%{date}-devel %global debug_package %{nil} %bcond check 0 %define OVMF /usr/share/edk2/ovmf/OVMF.amdsev.fd %define PACKIT_COMMIT 91e7796f47c7a677d549124f6aefc9c126331f34 %define OPENSSL_VER 3.5.5 %define TPM_COMMIT 3b1f0e623f244abe2015df9e3ba86de5c9118524 Name: coconut-svsm Version: v%{date}.devel Release: 1%{?dist} Summary: The Coconut Secure VM Service Module for AMD SEV-SNP License: MIT URL: https://github.com/coconut-svsm/coconut Source0: https://github.com/coconut-svsm/svsm/archive/refs/tags/%{version_name}.tar.gz Source1: https://github.com/coconut-svsm/packit/archive/%{PACKIT_COMMIT}/packit-%{PACKIT_COMMIT}.tar.gz Source2: openssl-%{OPENSSL_VER}.tar.gz Source3: https://github.com/TrustedComputingGroup/TPM/archive/%{TPM_COMMIT}/TPM-%{TPM_COMMIT}.tar.gz Provides: bundled(openssl) = %{OPENSSL_VER} Patch: 0001-remove-gdbstub.patch Patch: 0002-bump-bitfield-struct-version.patch Patch: 0003-remove-verification.patch Patch: 0004-remove-fuzz.patch Patch: 0005-Remove-attestation-and-its-dependencies.patch Patch: 0006-bump-bindgen-to-0.72.1.patch Patch: 0001-remove-packit-submodule.patch Patch: 0001-remove-openssl-submodule.patch Patch: 0001-remove-TPM-submodule.patch ExclusiveArch: x86_64 BuildRequires: cargo-rpm-macros >= 24 BuildRequires: binutils >= 2.39 BuildRequires: rust-std-static-x86_64-unknown-none BuildRequires: gcc clang BuildRequires: clang-libs BuildRequires: glibc-static BuildRequires: openssl-devel #BuildRequires: automake BuildRequires: cmake #BuildRequires: autoconf-archive BuildRequires: perl BuildRequires: edk2-ovmf >= 20250812 %description Secure Virtual machine Service Module for use in confidenial VMs based on AMD SEV-SNP memory encryption. This is the Coconut SVSM implementation, which provides a virtual TPM device via the Guest Communicatiom Protocl to the guest. Qemu with IGVM support is required to run. The provided firmware file includes SVSM and OVMF. %prep %autosetup -n svsm-%{date}-devel -p1 tar -xf %{SOURCE1} --strip-components=1 --directory packit tar -xf %{SOURCE2} --strip-components=1 --directory libtcgtpm/deps/openssl tar -xf %{SOURCE3} --strip-components=1 --directory libtcgtpm/deps/tpm-20-ref # TODO: fix before importing in fedora # not using cargo_prep because it overwrites .cargo/config.toml #%%cargo_prep rm -f Cargo.lock # redirect cargo to local crates from Fedora RPMs mkdir -p ~/.cargo cat << EOF > ~/.cargo/config [source.local-registry] directory = "/usr/share/cargo/registry" [source.crates-io] registry = "https://crates.io" replace-with = "local-registry" [alias] xbuild = "run --package xbuild --release --" EOF %generate_buildrequires %cargo_generate_buildrequires -a %build %cargo_license_summary unset CFLAGS unset CCFLAGS unset LDFLAGS unset RUSTFLAGS # These should help for the TODO # export CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS="-C code-model=kernel" # export CARGO_TARGET_X86_64_UNKNOWN_NONE_RUSTFLAGS="--cfg aes_force_soft --cfg polyval_force_soft -C linker-flavor=ld -C force-frame-pointers" # make sure that edk2 file is available stat %{OVMF} FW_FILE=%{OVMF} make %install echo %{buildroot} mkdir -p %{buildroot}%{_datadir}/%{name} install \ -m 444 \ ./bin/coconut-qemu.igvm \ %{buildroot}%{_datadir}/%{name}/coconut-qemu.igvm %files %dir %{_datadir}/%{name}/ %{_datadir}/%{name}/coconut-qemu.igvm %changelog ## START: Generated by rpmautospec * Mon Mar 23 2026 Luigi Leonardi - v2026.02.devel-4 - Uncommitted changes * Mon Mar 23 2026 Luigi Leonardi - v2026.02.devel-3 - add openssl submodule * Mon Mar 23 2026 Luigi Leonardi - v2026.02.devel-2 - Packit submodule * Tue Mar 10 2026 Luigi Leonardi - v2026.02.devel-1 - Rebase to the 2026-02-dev release * Thu Jan 29 2026 Luigi Leonardi - v2026.01.devel-1 - Rebase to the 2026-01-dev release * Tue Dec 02 2025 Luigi Leonardi - v2025.11.devel-1 - Rebase to the 2025-11-dev release * Tue Oct 28 2025 Luigi Leonardi - v2025.10.devel-1 - Rebase to the 2025-10-dev release * Tue Sep 23 2025 Luigi Leonardi - v2025.09.devel-1 - Rebase to the 2025-09-dev release * Mon Sep 22 2025 Luigi Leonardi - v2025.08.devel-2 - Drop useless deps * Tue Sep 16 2025 Luigi Leonardi - v2025.08.devel-1 - Rebase to the 2025-08-dev release * Tue Sep 16 2025 Luigi Leonardi - 202505019-2 - Shallow copy for the repo. Added tests * Tue Sep 16 2025 Luigi Leonardi - 202505019-1 - First commit ## END: Generated by rpmautospec