lirent/qemu-spoof
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
qemu-spoof/Makefile
T

78 lines
3.4 KiB
Makefile
Raw Permalink Blame History

# qemu-spoof — inject the seed-driven spoof module + anti-detect patches into
# pve-qemu and build the pve-qemu-kvm .deb.
#
# make prepare # init submodules, drop in the module, queue patches, bump changelog
# make deb # build the .deb (runs pve-qemu's own dpkg-buildpackage)
# make clean
#
# Build on Debian trixie (matches pve-qemu 11.0). Never on a production node.
# Override PVE to build against a pve-qemu checkout kept outside this tree:
# make PVE=/path/to/pve-qemu deb
PVE ?= pve-qemu
QSRC := $(PVE)/qemu
PATCHDIR := $(PVE)/debian/patches
SERIES := $(PATCHDIR)/series
# package revision = qemu-spoof commit count: unique + monotonic + orderable per
# content change, so a rebuilt/improved package gets a new version (no 409 on the
# immutable registry) and apt always picks the latest.
SPOOF_REV ?= $(shell git rev-list --count HEAD 2>/dev/null || echo 1)
TAG := qemu-spoof
# Epoch: makes our package version permanently OUTRANK any stock pve-qemu-kvm
# (which has no epoch), so a Proxmox repo update never reverts the spoof. We pull
# upstream fixes deliberately by rebuilding on a newer pve-qemu and re-publishing
# (the epoch carries forward). Set EPOCH= to disable.
EPOCH ?= 1
.PHONY: all prepare deb clean distclean submodule
all: deb
submodule:
@if [ ! -f "$(QSRC)/configure" ]; then \
git submodule update --init --recursive; \
fi
cd $(QSRC) && meson subprojects download
# Idempotent: safe to re-run. pve-qemu copies the qemu/ working tree (cp -a) into
# its build dir, so the module files we drop in here are compiled; the call-site
# wiring is applied on top via debian/patches/series (quilt).
prepare: submodule
@echo ">> install spoof module headers + sources into the qemu tree"
@for h in src/spoof*.h; do install -D -m644 "$$h" "$(QSRC)/include/hw/misc/$$(basename $$h)"; done
@for c in src/spoof*.c; do install -D -m644 "$$c" "$(QSRC)/hw/misc/$$(basename $$c)"; done
@echo ">> register sources in hw/misc/meson.build"
@for c in src/spoof*.c; do b=$$(basename "$$c"); \
grep -q "$$b" $(QSRC)/hw/misc/meson.build || \
echo "system_ss.add(files('$$b'))" >> $(QSRC)/hw/misc/meson.build; \
echo " + $$b"; done
@echo ">> queue anti-detect patches into the series"
@for p in patches/0*.patch; do \
[ -e "$$p" ] || continue; \
b=$$(basename $$p); \
cp -f $$p $(PATCHDIR)/$$b; \
grep -qxF "$$b" $(SERIES) || echo "$$b" >> $(SERIES); \
echo " + $$b"; \
done
@echo ">> bump changelog with epoch $(EPOCH) so it permanently outranks stock pve-qemu-kvm"
@cd $(PVE) && { head -1 debian/changelog | grep -q "$(TAG)" || { \
cur=$$(dpkg-parsechangelog -S Version); \
dch -v "$(EPOCH):$${cur}+$(TAG)$(SPOOF_REV)" "qemu-spoof: seed-driven per-VM hardware identity"; }; }
@cd $(PVE) && head -1 debian/changelog
@echo ">> prepared. run 'make deb'."
deb: prepare
$(MAKE) -C $(PVE) deb
@echo ">> built:"; ls -1 $(PVE)/*.deb 2>/dev/null || ls -1 *.deb 2>/dev/null || true
clean:
-$(MAKE) -C $(PVE) clean 2>/dev/null || true
rm -f *.deb *.buildinfo *.changes
# Drop the injected files + series entries so the submodule is pristine again.
distclean: clean
-cd $(QSRC) && git checkout -- hw/misc/meson.build 2>/dev/null || true
-rm -f $(QSRC)/hw/misc/spoof*.c $(QSRC)/include/hw/misc/spoof*.h
-cd $(PVE) && git checkout -- debian/patches/series debian/changelog 2>/dev/null || true
-rm -f $(PATCHDIR)/0*qemu-spoof* $(PATCHDIR)/9*antidetect*
Reference in New Issue View Git Blame Copy Permalink