New upstream version 13~git1505328970.9c1c35c5upstream/13_git1505328970.9c1c35c5

author: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2017-09-13 12:09:40 -0700
committer: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2017-09-13 12:09:40 -0700
commit: b6f94dbeacfc6f0a507413096189304c58dbe66c (patch)
tree: bce8c7db22209078618294c51d95a0c033aec7d9 /Makefile
parent: 25f7fd1fb389a5f6356f353d16c5ead80dac6bbc (diff)
download: efi-boot-shim-upstream/13_git1505328970.9c1c35c5.tar.gz
efi-boot-shim-upstream/13_git1505328970.9c1c35c5.zip
1 files changed, 181 insertions, 60 deletions
diff --git a/Makefile b/Makefile
index fb5ab276..5da82e1e 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,8 @@
-VERSION		= 12
-RELEASE		:=
-ifneq ($(RELEASE),"")
-	RELEASE:="-$(RELEASE)"
+VERSION		= 13
+ifneq ($(origin RELEASE),undefined)
+DASHRELEASE	?= -$(RELEASE)
+else
+DASHRELEASE	?=
 endif
 
 ifeq ($(MAKELEVEL),0)
@@ -10,18 +11,31 @@ endif
 override TOPDIR	:= $(abspath $(TOPDIR))
 VPATH		= $(TOPDIR)
 
-
 CC		= $(CROSS_COMPILE)gcc
 LD		= $(CROSS_COMPILE)ld
 OBJCOPY		= $(CROSS_COMPILE)objcopy
 OPENSSL		?= openssl
 HEXDUMP		?= hexdump
+INSTALL		?= install
 PK12UTIL	?= pk12util
 CERTUTIL	?= certutil
 PESIGN		?= pesign
+SBSIGN		?= sbsign
+prefix		?= /usr
+prefix		:= $(abspath $(prefix))
+datadir		?= $(prefix)/share/
+PKGNAME		?= shim
+ESPROOTDIR	?= boot/efi/
+EFIBOOTDIR	?= $(ESPROOTDIR)EFI/BOOT/
+TARGETDIR	?= $(ESPROOTDIR)EFI/$(EFIDIR)/
+DATATARGETDIR	?= $(datadir)/$(PKGNAME)/$(VERSION)$(DASHRELEASE)/$(ARCH_SUFFIX)/
+DEBUGINFO	?= $(prefix)/lib/debug/
+DEBUGSOURCE	?= $(prefix)/src/debug/
+OSLABEL		?= $(EFIDIR)
+DEFAULT_LOADER	?= \\\\grub$(ARCH_SUFFIX).efi
 
 ARCH		?= $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
-OBJCOPY_GTE224  = $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.*\((.*)\|version\) //g' | cut -f1-2 -d.` \>= 2.24)
+OBJCOPY_GTE224	= $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.*\((.*)\|version\) //g' | cut -f1-2 -d.` \>= 2.24)
 
 SUBDIRS		= $(TOPDIR)/Cryptlib $(TOPDIR)/lib
 
@@ -36,7 +50,6 @@ EFI_LIBS	= -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/
 EFI_CRT_OBJS 	= $(EFI_PATH)/crt0-efi-$(ARCH).o
 EFI_LDS		= $(TOPDIR)/elf_$(ARCH)_efi.lds
 
-DEFAULT_LOADER	:= \\\\grub.efi
 CFLAGS		= -ggdb -O0 -fno-stack-protector -fno-strict-aliasing -fpic \
 		  -fshort-wchar -Wall -Wsign-compare -Werror -fno-builtin \
 		  -Werror=sign-compare -ffreestanding -std=gnu89 \
@@ -44,9 +57,6 @@ CFLAGS		= -ggdb -O0 -fno-stack-protector -fno-strict-aliasing -fpic \
 		  "-DDEFAULT_LOADER=L\"$(DEFAULT_LOADER)\"" \
 		  "-DDEFAULT_LOADER_CHAR=\"$(DEFAULT_LOADER)\"" \
 		  $(EFI_INCLUDES)
-SHIMNAME	= shim
-MMNAME		= MokManager
-FBNAME		= fallback
 
 COMMITID ?= $(shell if [ -d .git ] ; then git log -1 --pretty=format:%H ; elif [ -f commit ]; then cat commit ; else echo commit id not available; fi)
 
@@ -60,39 +70,58 @@ endif
 
 ifeq ($(ARCH),x86_64)
 	CFLAGS	+= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
-		-maccumulate-outgoing-args \
-		-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
-		-DNO_BUILTIN_VA_FUNCS \
-		-DMDE_CPU_X64 "-DEFI_ARCH=L\"x64\"" -DPAGE_SIZE=4096 \
-		"-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/x64-$(VERSION)$(RELEASE)/\""
-	MMNAME	= mmx64
-	FBNAME	= fbx64
-	SHIMNAME= shimx64
-	EFI_PATH:=/usr/lib64/gnuefi
-	LIB_PATH:=/usr/lib64
-
+		   -maccumulate-outgoing-args \
+		   -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
+		   -DNO_BUILTIN_VA_FUNCS -DMDE_CPU_X64 -DPAGE_SIZE=4096
+	LIBDIR			?= $(prefix)/lib64
+	ARCH_SUFFIX		?= x64
+	ARCH_SUFFIX_UPPER	?= X64
 endif
 ifeq ($(ARCH),ia32)
 	CFLAGS	+= -mno-mmx -mno-sse -mno-red-zone -nostdinc \
-		-maccumulate-outgoing-args -m32 \
-		-DMDE_CPU_IA32 "-DEFI_ARCH=L\"ia32\"" -DPAGE_SIZE=4096 \
-		"-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/ia32-$(VERSION)$(RELEASE)/\""
-	MMNAME	= mmia32
-	FBNAME	= fbia32
-	SHIMNAME= shimia32
-	EFI_PATH:=/usr/lib/gnuefi
-	LIB_PATH:=/usr/lib
+		   -maccumulate-outgoing-args -m32 \
+		   -DMDE_CPU_IA32 -DPAGE_SIZE=4096
+	LIBDIR			?= $(prefix)/lib
+	ARCH_SUFFIX		?= ia32
+	ARCH_SUFFIX_UPPER	?= IA32
 endif
 ifeq ($(ARCH),aarch64)
-	CFLAGS += -DMDE_CPU_AARCH64 "-DEFI_ARCH=L\"aa64\"" -DPAGE_SIZE=4096 \
-		"-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/aa64-$(VERSION)$(RELEASE)/\""
-	MMNAME	= mmaa64
-	FBNAME	= fbaa64
-	SHIMNAME= shimaa64
-	EFI_PATH:=/usr/lib64/gnuefi
-	LIB_PATH:=/usr/lib64
+	CFLAGS += -DMDE_CPU_AARCH64 -DPAGE_SIZE=4096 -mstrict-align
+	LIBDIR			?= $(prefix)/lib64
+	ARCH_SUFFIX		?= aa64
+	ARCH_SUFFIX_UPPER	?= AA64
+	FORMAT			:= -O binary
+	SUBSYSTEM		:= 0xa
+	LDFLAGS			+= --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
+endif
+ifeq ($(ARCH),arm)
+	CFLAGS += -DMDE_CPU_ARM -DPAGE_SIZE=4096 -mstrict-align
+	LIBDIR			?= $(prefix)/lib
+	ARCH_SUFFIX		?= arm
+	ARCH_SUFFIX_UPPER	?= ARM
+	FORMAT			:= -O binary
+	SUBSYSTEM		:= 0xa
+	LDFLAGS			+= --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
 endif
 
+FORMAT		?= --target efi-app-$(ARCH)
+EFI_PATH	?= $(LIBDIR)/gnuefi
+
+MMSTEM		?= mm$(ARCH_SUFFIX)
+MMNAME		= $(MMSTEM).efi
+MMSONAME	= $(MMSTEM).so
+FBSTEM		?= fb$(ARCH_SUFFIX)
+FBNAME		= $(FBSTEM).efi
+FBSONAME	= $(FBSTEM).so
+SHIMSTEM	?= shim$(ARCH_SUFFIX)
+SHIMNAME	= $(SHIMSTEM).efi
+SHIMSONAME	= $(SHIMSTEM).so
+SHIMHASHNAME	= $(SHIMSTEM).hash
+BOOTEFINAME	?= BOOT$(ARCH_SUFFIX_UPPER).EFI
+BOOTCSVNAME	?= BOOT$(ARCH_SUFFIX_UPPER).CSV
+
+CFLAGS += "-DEFI_ARCH=L\"$(ARCH_SUFFIX)\"" "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/$(ARCH_SUFFIX)-$(VERSION)$(DASHRELEASE)/\""
+
 ifneq ($(origin VENDOR_CERT_FILE), undefined)
 	CFLAGS += -DVENDOR_CERT_FILE=\"$(VENDOR_CERT_FILE)\"
 endif
@@ -100,15 +129,25 @@ ifneq ($(origin VENDOR_DBX_FILE), undefined)
 	CFLAGS += -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
 endif
 
-LDFLAGS		= --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1
+LDFLAGS		= --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIBDIR) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1
 
-TARGET	= $(SHIMNAME).efi $(MMNAME).efi.signed $(FBNAME).efi.signed
-OBJS	= shim.o netboot.o cert.o replacements.o tpm.o version.o
+TARGETS	= $(SHIMNAME)
+TARGETS += $(SHIMNAME).debug $(MMNAME).debug $(FBNAME).debug
+ifneq ($(origin ENABLE_SHIM_HASH),undefined)
+TARGETS += $(SHIMHASHNAME)
+endif
+ifneq ($(origin ENABLE_SHIM_CERT),undefined)
+TARGETS	+= $(MMNAME).signed $(FBNAME).signed
+CFLAGS += -DENABLE_SHIM_CERT
+else
+TARGETS += $(MMNAME) $(FBNAME)
+endif
+OBJS	= shim.o netboot.o cert.o replacements.o tpm.o version.o errlog.o
 KEYS	= shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer
-ORIG_SOURCES	= shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h tpm.c tpm.h version.h
+ORIG_SOURCES	= shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h tpm.c tpm.h version.h errlog.c
 MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o
 ORIG_MOK_SOURCES = MokManager.c shim.h include/console.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h
-FALLBACK_OBJS = fallback.o
+FALLBACK_OBJS = fallback.o tpm.o
 ORIG_FALLBACK_SRCS = fallback.c
 
 ifneq ($(origin ENABLE_HTTPBOOT), undefined)
@@ -120,7 +159,7 @@ SOURCES = $(foreach source,$(ORIG_SOURCES),$(TOPDIR)/$(source)) version.c
 MOK_SOURCES = $(foreach source,$(ORIG_MOK_SOURCES),$(TOPDIR)/$(source))
 FALLBACK_SRCS = $(foreach source,$(ORIG_FALLBACK_SRCS),$(TOPDIR)/$(source))
 
-all: $(TARGET)
+all: $(TARGETS)
 
 shim.crt:
 	$(TOPDIR)/make-certs shim shim@xn--u4h.net all codesign 1.3.6.1.4.1.311.10.3.1 </dev/null
@@ -144,23 +183,30 @@ certdb/secmod.db: shim.crt
 	$(PK12UTIL) -d certdb/ -i shim.p12 -W "" -K ""
 	$(CERTUTIL) -d certdb/ -A -i shim.crt -n shim -t u
 
-shim.o: $(SOURCES) shim_cert.h
-shim.o: $(wildcard $(TOPDIR)/*.h *.h)
+shim.o: $(SOURCES)
+ifneq ($(origin ENABLE_SHIM_CERT),undefined)
+shim.o: shim_cert.h
+endif
+shim.o: $(wildcard $(TOPDIR)/*.h)
 
 cert.o : $(TOPDIR)/cert.S
 	$(CC) $(CFLAGS) -c -o $@ $<
 
-$(SHIMNAME).so: $(OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
+$(SHIMNAME) : $(SHIMSONAME)
+$(MMNAME) : $(MMSONAME)
+$(FBNAME) : $(FBSONAME)
+
+$(SHIMSONAME): $(OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
 	$(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS)
 
 fallback.o: $(FALLBACK_SRCS)
 
-$(FBNAME).so: $(FALLBACK_OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
+$(FBSONAME): $(FALLBACK_OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
 	$(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS)
 
 MokManager.o: $(MOK_SOURCES)
 
-$(MMNAME).so: $(MOK_OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
+$(MMSONAME): $(MOK_OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
 	$(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a
 
 Cryptlib/libcryptlib.a:
@@ -175,39 +221,112 @@ lib/lib.a:
 	if [ ! -d lib ]; then mkdir lib ; fi
 	$(MAKE) VPATH=$(TOPDIR)/lib TOPDIR=$(TOPDIR) CFLAGS="$(CFLAGS)" -C lib -f $(TOPDIR)/lib/Makefile
 
-ifeq ($(ARCH),aarch64)
-FORMAT		:= -O binary
-SUBSYSTEM	:= 0xa
-LDFLAGS		+= --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
+buildid : $(TOPDIR)/buildid.c
+	$(CC) -Og -g3 -Wall -Werror -Wextra -o $@ $< -lelf
+
+$(BOOTCSVNAME) :
+	@echo Making $@
+	@( printf "\xff\xfe" ; echo "$(SHIMNAME),$(OSLABEL),,This is the boot entry for $(OSLABEL)" | sed -z 's/./&\x00/g' ) > $@
+
+install-check :
+ifeq ($(origin LIBDIR),undefined)
+	$(error Architecture $(ARCH) is not a supported build target.)
+endif
+ifeq ($(origin EFIDIR),undefined)
+	$(error EFIDIR must be set to your reserved EFI System Partition subdirectory name)
 endif
 
-ifeq ($(ARCH),arm)
-FORMAT		:= -O binary
-SUBSYSTEM	:= 0xa
-LDFLAGS		+= --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
+install-deps : $(TARGETS)
+install-deps : $(SHIMNAME).debug $(MMNAME).debug $(FBNAME).debug buildid
+install-deps : $(BOOTCSVNAME)
+
+install-debugsource : install-deps
+	$(INSTALL) -d -m 0755 $(DESTDIR)/$(DEBUGSOURCE)/$(PKGNAME)-$(VERSION)$(DASHRELEASE)
+	find $(TOPDIR) -type f -a '(' -iname '*.c' -o -iname '*.h' -o -iname '*.S' ')' | while read file ; do \
+		outfile=$$(echo $${file} | sed -e "s,^$(TOPDIR),,") ; \
+		$(INSTALL) -d -m 0755 $(DESTDIR)/$(DEBUGSOURCE)/$(PKGNAME)-$(VERSION)$(DASHRELEASE)/$$(dirname $${outfile}) ; \
+		$(INSTALL) -m 0644 $${file} $(DESTDIR)/$(DEBUGSOURCE)/$(PKGNAME)-$(VERSION)$(DASHRELEASE)/$${outfile} ; \
+	done
+
+install-debuginfo : install-deps
+	$(INSTALL) -d -m 0755 $(DESTDIR)/
+	$(INSTALL) -d -m 0755 $(DESTDIR)/$(DEBUGINFO)$(TARGETDIR)/
+	@./buildid $(wildcard *.efi.debug) | while read file buildid ; do \
+		first=$$(echo $${buildid} | cut -b -2) ; \
+		rest=$$(echo $${buildid} | cut -b 3-) ; \
+		$(INSTALL) -d -m 0755 $(DESTDIR)/$(DEBUGINFO).build-id/$${first}/ ;\
+		$(INSTALL) -m 0644 $${file} $(DESTDIR)/$(DEBUGINFO)$(TARGETDIR) ; \
+		ln -s ../../../../..$(DEBUGINFO)$(TARGETDIR)$${file} $(DESTDIR)/$(DEBUGINFO).build-id/$${first}/$${rest}.debug ;\
+		ln -s ../../../.build-id/$${first}/$${rest} $(DESTDIR)/$(DEBUGINFO).build-id/$${first}/$${rest} ;\
+	done
+
+install : | install-check
+install : install-deps install-debuginfo install-debugsource
+	$(INSTALL) -d -m 0755 $(DESTDIR)/
+	$(INSTALL) -d -m 0700 $(DESTDIR)/$(ESPROOTDIR)
+	$(INSTALL) -d -m 0755 $(DESTDIR)/$(EFIBOOTDIR)
+	$(INSTALL) -d -m 0755 $(DESTDIR)/$(TARGETDIR)
+	$(INSTALL) -m 0644 $(SHIMNAME) $(DESTDIR)/$(EFIBOOTDIR)/$(BOOTEFINAME)
+	$(INSTALL) -m 0644 $(SHIMNAME) $(DESTDIR)/$(TARGETDIR)/
+	$(INSTALL) -m 0644 $(BOOTCSVNAME) $(DESTDIR)/$(TARGETDIR)/
+ifneq ($(origin ENABLE_SHIM_CERT),undefined)
+	$(INSTALL) -m 0644 $(FBNAME).signed $(DESTDIR)/$(EFIBOOTDIR)/$(FBNAME)
+	$(INSTALL) -m 0644 $(MMNAME).signed $(DESTDIR)/$(EFIBOOTDIR)/$(MMNAME)
+	$(INSTALL) -m 0644 $(MMNAME).signed $(DESTDIR)/$(TARGETDIR)/$(MMNAME)
+else
+	$(INSTALL) -m 0644 $(FBNAME) $(DESTDIR)/$(EFIBOOTDIR)/
+	$(INSTALL) -m 0644 $(MMNAME) $(DESTDIR)/$(EFIBOOTDIR)/
+	$(INSTALL) -m 0644 $(MMNAME) $(DESTDIR)/$(TARGETDIR)/
 endif
 
-FORMAT		?= --target efi-app-$(ARCH)
+install-as-data : install-deps
+	$(INSTALL) -d -m 0755 $(DESTDIR)/$(DATATARGETDIR)
+	$(INSTALL) -m 0644 $(SHIMNAME) $(DESTDIR)/$(DATATARGETDIR)/
+ifneq ($(origin ENABLE_SHIM_HASH),undefined)
+	$(INSTALL) -m 0644 $(SHIMHASHNAME) $(DESTDIR)/$(DATATARGETDIR)/
+endif
+ifneq ($(origin ENABLE_SHIM_CERT),undefined)
+	$(INSTALL) -m 0644 $(MMNAME).signed $(DESTDIR)/$(DATATARGETDIR)/$(MMNAME)
+	$(INSTALL) -m 0644 $(FBNAME).signed $(DESTDIR)/$(DATATARGETDIR)/$(FBNAME)
+else
+	$(INSTALL) -m 0644 $(MMNAME) $(DESTDIR)/$(DATATARGETDIR)/$(MMNAME)
+	$(INSTALL) -m 0644 $(FBNAME) $(DESTDIR)/$(DATATARGETDIR)/$(FBNAME)
+endif
 
 %.efi: %.so
 ifneq ($(OBJCOPY_GTE224),1)
 	$(error objcopy >= 2.24 is required)
 endif
 	$(OBJCOPY) -j .text -j .sdata -j .data -j .data.ident \
-		-j .dynamic -j .dynsym  -j .rel* \
+		-j .dynamic -j .dynsym -j .rel* \
 		-j .rela* -j .reloc -j .eh_frame \
 		-j .vendor_cert \
-		$(FORMAT)  $^ $@
+		$(FORMAT) $^ $@
+
+ifneq ($(origin ENABLE_SHIM_HASH),undefined)
+%.hash : %.efi
+	$(PESIGN) -i $< -P -h > $@
+endif
+
+%.efi.debug : %.so
+ifneq ($(OBJCOPY_GTE224),1)
+	$(error objcopy >= 2.24 is required)
+endif
 	$(OBJCOPY) -j .text -j .sdata -j .data \
-		-j .dynamic -j .dynsym  -j .rel* \
+		-j .dynamic -j .dynsym -j .rel* \
 		-j .rela* -j .reloc -j .eh_frame \
 		-j .debug_info -j .debug_abbrev -j .debug_aranges \
 		-j .debug_line -j .debug_str -j .debug_ranges \
 		-j .note.gnu.build-id \
-		$(FORMAT) $^ $@.debug
+		$^ $@
 
+ifneq ($(origin ENABLE_SBSIGN),undefined)
+%.efi.signed: %.efi shim.key shim.crt
+	$(SBSIGN) --key shim.key --cert shim.crt --output $@ $<
+else
 %.efi.signed: %.efi certdb/secmod.db
 	$(PESIGN) -n certdb -i $< -c "shim" -s -o $@ -f
+endif
 
 clean:
 	$(MAKE) -C Cryptlib -f $(TOPDIR)/Cryptlib/Makefile clean
@@ -243,4 +362,6 @@ archive: tag
 	@rm -rf /tmp/shim-$(VERSION)
 	@echo "The archive is in shim-$(VERSION).tar.bz2"
 
+.PHONY : install-deps shim.key
+
 export ARCH CC LD OBJCOPY EFI_INCLUDE
author	Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>	2017-09-13 12:09:40 -0700
committer	Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>	2017-09-13 12:09:40 -0700
commit	b6f94dbeacfc6f0a507413096189304c58dbe66c (patch)
tree	bce8c7db22209078618294c51d95a0c033aec7d9 /Makefile
parent	25f7fd1fb389a5f6356f353d16c5ead80dac6bbc (diff)
download	efi-boot-shim-upstream/13_git1505328970.9c1c35c5.tar.gz efi-boot-shim-upstream/13_git1505328970.9c1c35c5.zip