%define date 202505019
%global debug_package %{nil}
%bcond check 1
%define OVMF /usr/share/edk2/ovmf/OVMF.amdsev.fd

Name: coconut-svsm
Version: %{date}
Release: 3%{?dist}
Summary: The Coconut Secure VM Service Module for AMD SEV-SNP

License: MIT
URL: https://github.com/coconut-svsm/coconut

Source: coconut-svsm.tar.xz

Patch: 0001-remove-gdbstub.patch
Patch: 0002-bump-bitfield-struct-version.patch
Patch: 0003-remove-verification.patch
Patch: 0004-remove-fuzz.patch

ExclusiveArch: x86_64

BuildRequires: cargo-rpm-macros >= 24
BuildRequires: binutils >= 2.39
BuildRequires: rust-std-static-x86_64-unknown-none
BuildRequires: clang
BuildRequires: clang-libs
BuildRequires: glibc-static
BuildRequires: openssl-devel
BuildRequires: automake
BuildRequires: autoconf
BuildRequires: autoconf-archive
BuildRequires: perl
BuildRequires: edk2-ovmf = 20250221-1.copr8963748

BuildRequires: nano
BuildRequires: less

%description
Secure Virtual machine Service Module for use in
confidenial VMs based on AMD SEV-SNP memory encryption.
This is the Coconut SVSM implementation, which provides a
virtual TPM device via the Guest Communicatiom Protocl
to the guest.
Qemu with IGVM support is required to run. The provided
firmware file includes SVSM and OVMF.

%prep
%autosetup -n coconut-svsm -p1
# TODO: fix before importing in fedora
# not using cargo_prep because it overwrites .cargo/config.toml
# %%cargo_prep
rm -f Cargo.lock

# redirect cargo to local crates from Fedora RPMs
mkdir -p ~/.cargo
cat << EOF > ~/.cargo/config
[source.local-registry]
directory = "/usr/share/cargo/registry"

[source.crates-io]
registry = "https://crates.io"
replace-with = "local-registry"
EOF

%generate_buildrequires
%cargo_generate_buildrequires

%build
%cargo_license_summary

unset CFLAGS
unset CCFLAGS
unset LDFLAGS
unset RUSTFLAGS

# These should help for the TODO
# export CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS="-C code-model=kernel"
# export CARGO_TARGET_X86_64_UNKNOWN_NONE_RUSTFLAGS="--cfg aes_force_soft --cfg polyval_force_soft"

# make sure that edk2 file is available
stat %{OVMF}
FW_FILE=%{OVMF} cargo xbuild --release configs/qemu-target.json

%if %{with check}
%check
cargo test
%endif

%install
echo %{buildroot}

mkdir -p %{buildroot}%{_datadir}/%{name}
install \
  -m 444 \
  ./bin/coconut-qemu.igvm \
  %{buildroot}%{_datadir}/%{name}/coconut-qemu.igvm


%files
%dir %{_datadir}/%{name}/
%{_datadir}/%{name}/coconut-qemu.igvm

%changelog
* Wed Apr 9 2025 Luigi Leonardi <leonardi@redhat.com> - 0.1
- First release of coconut-svsm