[PATCH v2 2/3][disco linux] UBUNTU: [Packaging] decompress gzipped efi images in signing tarball

[dann frazier]

From: Seth Forshee <seth.forshee at canonical.com>

The arm64 generic kernel image files are gzipped. For UEFI secure
boot grub will validate the sigature on the decompressed image,
so the file in the signing tarbal must also be decompressed.

When this happens we want the kernel to be recompressed in the
linux-image package, but we don't currently have a way to let
linux-signed know that this should happen. Facilitate this by
adding a <efi-image>.vars file to the signing tarball which will
contain shell variables and can be sourced during linux-signed
build. Add "GZIP=1" to this file when decompressing the kernel
image to indicate that the kernel image should be gzipped after
signing.

Signed-off-by: Seth Forshee <seth.forshee at canonical.com>
Signed-off-by: dann frazier <dann.frazier at canonical.com>
---
 debian/rules.d/2-binary-arch.mk | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/debian/rules.d/2-binary-arch.mk b/debian/rules.d/2-binary-arch.mk
index 61805f69e3fcd..55ce305ffcc8a 100644
--- a/debian/rules.d/2-binary-arch.mk
+++ b/debian/rules.d/2-binary-arch.mk
@@ -120,8 +120,17 @@ endif
 
 ifeq ($(uefi_signed),true)
 	install -d $(signingv)
-	cp -p $(pkgdir_bin)/boot/$(instfile)-$(abi_release)-$* \
-		$(signingv)/$(instfile)-$(abi_release)-$*.efi;
+	# gzipped kernel images must be decompressed for signing
+	if [[ "$(kernfile)" =~ \.gz$$ ]]; then \
+		< $(pkgdir_bin)/boot/$(instfile)-$(abi_release)-$* \
+			gunzip -cv > $(signingv)/$(instfile)-$(abi_release)-$*.efi; \
+		cp -p --attributes-only $(pkgdir_bin)/boot/$(instfile)-$(abi_release)-$* \
+			$(signingv)/$(instfile)-$(abi_release)-$*.efi; \
+		echo "GZIP=1" >> $(signingv)/$(instfile)-$(abi_release)-$*.efi.vars; \
+	else \
+		cp -p $(pkgdir_bin)/boot/$(instfile)-$(abi_release)-$* \
+			$(signingv)/$(instfile)-$(abi_release)-$*.efi; \
+	fi
 endif
 ifeq ($(opal_signed),true)
 	install -d $(signingv)
-- 
2.20.1