public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

edk2: 2017-12-05 -> 201905

Browse Source 
* Move to stable version;
* Refactor `setup` to `mkDerivation`;
* Use flags instead of `sed`;
* Support Secure Boot builds.
This commit is contained in:
Nikolay Amiantov 2019-07-15 17:35:30 +03:00
parent 9125f51b70
commit c3a6c8de88
3 changed files with 56 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
pkgs/applications/virtualization/OVMF/default.nix
View File

@ -1,4 +1,9 @@
{ stdenv, lib, edk2, nasm, iasl, seabios, openssl, secureBoot ? false }: { stdenv, lib, edk2, utillinux, nasm, iasl
, csmSupport ? false, seabios ? null
, secureBoot ? false
}:
assert csmSupport -> seabios != null;
let let
@ -12,58 +17,23 @@ let
throw "Unsupported architecture"; throw "Unsupported architecture";
version = (builtins.parseDrvName edk2.name).version; version = (builtins.parseDrvName edk2.name).version;
src = edk2.src;
in in
stdenv.mkDerivation (edk2.setup projectDscPath { edk2.mkDerivation projectDscPath {
name = "OVMF-${version}"; name = "OVMF-${version}";
inherit src;
outputs = [ "out" "fd" ]; outputs = [ "out" "fd" ];
# TODO: properly include openssl for secureBoot buildInputs = [ utillinux nasm iasl ];
buildInputs = [nasm iasl] ++ stdenv.lib.optionals (secureBoot == true) [ openssl ];
hardeningDisable = [ "stackprotector" "pic" "fortify" ]; hardeningDisable = [ "format" "stackprotector" "pic" "fortify" ];
unpackPhase = '' buildFlags =
# $fd is overwritten during the build lib.optional secureBoot "-DSECURE_BOOT_ENABLE=TRUE"
export OUTPUT_FD=$fd ++ lib.optionals csmSupport [ "-D CSM_ENABLE" "-D FD_SIZE_2MB" ];
for file in \ postPatch = lib.optionalString csmSupport ''
"${src}"/{UefiCpuPkg,MdeModulePkg,IntelFrameworkModulePkg,PcAtChipsetPkg,FatBinPkg,EdkShellBinPkg,MdePkg,ShellPkg,OptionRomPkg,IntelFrameworkPkg,FatPkg,CryptoPkg,SourceLevelDebugPkg};
do
ln -sv "$file" .
done
${if stdenv.isAarch64 then ''
ln -sv ${src}/ArmPkg .
ln -sv ${src}/ArmPlatformPkg .
ln -sv ${src}/ArmVirtPkg .
ln -sv ${src}/EmbeddedPkg .
ln -sv ${src}/OvmfPkg .
'' else if seabios != null then ''
cp -r ${src}/OvmfPkg .
chmod +w OvmfPkg/Csm/Csm16
cp ${seabios}/Csm16.bin OvmfPkg/Csm/Csm16/Csm16.bin cp ${seabios}/Csm16.bin OvmfPkg/Csm/Csm16/Csm16.bin
'' else ''
ln -sv ${src}/OvmfPkg .
''}
${lib.optionalString secureBoot ''
ln -sv ${src}/SecurityPkg .
ln -sv ${src}/CryptoPkg .
''}
'';
buildPhase = if stdenv.isAarch64 then ''
build -n $NIX_BUILD_CORES
'' else if seabios == null then ''
build -n $NIX_BUILD_CORES ${lib.optionalString secureBoot "-DSECURE_BOOT_ENABLE=TRUE"}
'' else ''
build -n $NIX_BUILD_CORES -D CSM_ENABLE -D FD_SIZE_2MB ${lib.optionalString secureBoot "-DSECURE_BOOT_ENABLE=TRUE"}
''; '';
postFixup = if stdenv.isAarch64 then '' postFixup = if stdenv.isAarch64 then ''
@ -77,8 +47,8 @@ stdenv.mkDerivation (edk2.setup projectDscPath {
dd of=$fd/AAVMF/QEMU_EFI-pflash.raw if=$fd/FV/QEMU_EFI.fd conv=notrunc dd of=$fd/AAVMF/QEMU_EFI-pflash.raw if=$fd/FV/QEMU_EFI.fd conv=notrunc
dd of=$fd/AAVMF/vars-template-pflash.raw if=/dev/zero bs=1M count=64 dd of=$fd/AAVMF/vars-template-pflash.raw if=/dev/zero bs=1M count=64
'' else '' '' else ''
mkdir -vp $OUTPUT_FD/FV mkdir -vp $fd/FV
mv -v $out/FV/OVMF{,_CODE,_VARS}.fd $OUTPUT_FD/FV mv -v $out/FV/OVMF{,_CODE,_VARS}.fd $fd/FV
''; '';
dontPatchELF = true; dontPatchELF = true;
@ -89,4 +59,4 @@ stdenv.mkDerivation (edk2.setup projectDscPath {
license = stdenv.lib.licenses.bsd2; license = stdenv.lib.licenses.bsd2;
platforms = ["x86_64-linux" "i686-linux" "aarch64-linux"]; platforms = ["x86_64-linux" "i686-linux" "aarch64-linux"];
}; };
}) }

83
pkgs/development/compilers/edk2/default.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchFromGitHub, fetchpatch, libuuid, python2, iasl }: { stdenv, fetchgit, fetchpatch, libuuid, python3, iasl, bc }:
let let
pythonEnv = python2.withPackages(ps: [ps.tkinter]); pythonEnv = python3.withPackages (ps: [ps.tkinter]);
targetArch = if stdenv.isi686 then targetArch = if stdenv.isi686 then
"IA32" "IA32"
@ -13,80 +13,67 @@ else
throw "Unsupported architecture"; throw "Unsupported architecture";
edk2 = stdenv.mkDerivation { edk2 = stdenv.mkDerivation {
name = "edk2-2017-12-05"; pname = "edk2";
version = "201905";
src = fetchFromGitHub { # submodules
owner = "tianocore"; src = fetchgit {
repo = "edk2"; url = "https://github.com/tianocore/edk2";
rev = "f71a70e7a4c93a6143d7bad8ab0220a947679697"; rev = "edk2-stable${edk2.version}";
sha256 = "0k48xfwxcgcim1bhkggc19hilvsxsf5axvvcpmld0ng1fcfg0cr6"; sha256 = "0fk40h4nj4qg8shg0yd1zj4iyspslms5fx95ysi04akv90k5sqkn";
}; };
patches = [
(fetchpatch {
name = "short-circuit-the-transfer-of-an-empty-S3_CONTEXT.patch";
url = "https://github.com/tianocore/edk2/commit/9e2a8e928995c3b1bb664b73fd59785055c6b5f6.diff";
sha256 = "0x24npijhgpjpsn3n74wayf8qcbaj97vi4z2iyf4almavqq8qaz4";
})
];
buildInputs = [ libuuid pythonEnv ]; buildInputs = [ libuuid pythonEnv ];
makeFlags = "-C BaseTools"; makeFlags = [ "-C BaseTools" ];
hardeningDisable = [ "format" "fortify" ]; hardeningDisable = [ "format" "fortify" ];
installPhase = '' installPhase = ''
mkdir -vp $out mkdir -vp $out
mv -v BaseTools $out mv -v BaseTools $out
mv -v EdkCompatibilityPkg $out
mv -v edksetup.sh $out mv -v edksetup.sh $out
''; '';
enableParallelBuilding = true; enableParallelBuilding = true;
meta = { meta = with stdenv.lib; {
description = "Intel EFI development kit"; description = "Intel EFI development kit";
homepage = https://sourceforge.net/projects/edk2/; homepage = https://sourceforge.net/projects/edk2/;
license = stdenv.lib.licenses.bsd2; license = licenses.bsd2;
branch = "UDK2017";
platforms = [ "x86_64-linux" "i686-linux" "aarch64-linux" ]; platforms = [ "x86_64-linux" "i686-linux" "aarch64-linux" ];
}; };
passthru = { passthru = {
setup = projectDscPath: attrs: { mkDerivation = projectDscPath: attrs: stdenv.mkDerivation ({
buildInputs = [ pythonEnv ] ++ inherit (edk2) src;
stdenv.lib.optionals (attrs ? buildInputs) attrs.buildInputs;
configurePhase = '' buildInputs = [ bc pythonEnv ] ++ attrs.buildInputs or [];
mkdir -v Conf
cp ${edk2}/BaseTools/Conf/target.template Conf/target.txt prePatch = ''
sed -i Conf/target.txt \ rm -rf BaseTools
-e 's|Nt32Pkg/Nt32Pkg.dsc|${projectDscPath}|' \
-e 's|MYTOOLS|GCC49|' \
-e 's|IA32|${targetArch}|' \
-e 's|DEBUG|RELEASE|'\
cp ${edk2}/BaseTools/Conf/tools_def.template Conf/tools_def.txt
sed -i Conf/tools_def.txt \
-e 's|DEFINE GCC48_IA32_PREFIX = /usr/bin/|DEFINE GCC48_IA32_PREFIX = ""|' \
-e 's|DEFINE GCC48_X64_PREFIX = /usr/bin/|DEFINE GCC48_X64_PREFIX = ""|' \
-e 's|DEFINE UNIX_IASL_BIN = /usr/bin/iasl|DEFINE UNIX_IASL_BIN = ${iasl}/bin/iasl|'
export WORKSPACE="$PWD"
export EFI_SOURCE="$PWD/EdkCompatibilityPkg"
ln -sv ${edk2}/BaseTools BaseTools ln -sv ${edk2}/BaseTools BaseTools
ln -sv ${edk2}/EdkCompatibilityPkg EdkCompatibilityPkg
. ${edk2}/edksetup.sh BaseTools
''; '';
buildPhase = " configurePhase = ''
build runHook preConfigure
"; export WORKSPACE="$PWD"
. ${edk2}/edksetup.sh BaseTools
runHook postConfigure
'';
installPhase = "mv -v Build/*/* $out"; buildPhase = ''
} // (removeAttrs attrs [ "buildInputs" ] ); runHook preBuild
build -a ${targetArch} -b RELEASE -t GCC5 -p ${projectDscPath} -n $NIX_BUILD_CORES $buildFlags
runHook postBuild
'';
installPhase = ''
runHook preInstall
mv -v Build/*/* $out
runHook postInstall
'';
} // removeAttrs attrs [ "buildInputs" ]);
}; };
}; };

6
pkgs/top-level/all-packages.nix
View File

@ -14871,9 +14871,9 @@ in
qboot = pkgsi686Linux.callPackage ../applications/virtualization/qboot { }; qboot = pkgsi686Linux.callPackage ../applications/virtualization/qboot { };
OVMF = callPackage ../applications/virtualization/OVMF { seabios = null; openssl = null; }; OVMF = callPackage ../applications/virtualization/OVMF { };
OVMF-CSM = OVMF.override { openssl = null; }; OVMF-CSM = OVMF.override { csmSupport = true; };
#WIP: OVMF-secureBoot = OVMF.override { seabios = null; secureBoot = true; }; OVMF-secureBoot = OVMF.override { secureBoot = true; };
seabios = callPackage ../applications/virtualization/seabios { }; seabios = callPackage ../applications/virtualization/seabios { };