nixpkgs/pkgs/tools/security/chipsec/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

87 lines
2.4 KiB
Nix
Raw Normal View History

2021-03-28 21:57:16 +00:00
{ lib
, stdenv
, fetchFromGitHub
, kernel ? null
, elfutils
2021-03-28 21:57:16 +00:00
, nasm
, python3
, withDriver ? false
}:
python3.pkgs.buildPythonApplication rec {
2020-03-29 10:34:50 +00:00
pname = "chipsec";
2023-05-14 08:12:47 +00:00
version = "1.10.6";
2022-01-18 11:37:52 +00:00
2021-03-28 21:57:16 +00:00
disabled = !stdenv.isLinux;
2018-12-27 19:28:59 +00:00
src = fetchFromGitHub {
owner = "chipsec";
repo = "chipsec";
rev = version;
2023-05-14 08:12:47 +00:00
hash = "sha256-+pbFG1SmSO/cnt1e+kel7ereC0I1OCJKKsS0KaJDWdc=";
2018-12-27 19:28:59 +00:00
};
patches = lib.optionals withDriver [ ./ko-path.diff ./compile-ko.diff ];
2024-06-21 13:17:03 +00:00
postPatch = ''
substituteInPlace tests/software/util.py \
--replace-fail "assertRegexpMatches" "assertRegex"
'';
KSRC = lib.optionalString withDriver "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";
2020-06-17 04:20:00 +00:00
2019-03-24 12:44:59 +00:00
nativeBuildInputs = [
2021-03-28 21:57:16 +00:00
nasm
] ++ lib.optionals (lib.meta.availableOn stdenv.buildPlatform elfutils) [
elfutils
2023-05-14 08:12:47 +00:00
] ++ lib.optionals withDriver kernel.moduleBuildDependencies;
2018-12-27 19:28:59 +00:00
nativeCheckInputs = with python3.pkgs; [
2022-01-18 11:37:52 +00:00
distro
pytestCheckHook
2021-03-28 21:57:16 +00:00
];
2018-12-27 19:28:59 +00:00
preBuild = lib.optionalString withDriver ''
export CHIPSEC_BUILD_LIB=$(mktemp -d)
mkdir -p $CHIPSEC_BUILD_LIB/chipsec/helper/linux
'';
env.NIX_CFLAGS_COMPILE = toString [
2022-12-23 16:57:29 +00:00
# Needed with GCC 12
"-Wno-error=dangling-pointer"
];
preInstall = lib.optionalString withDriver ''
mkdir -p $out/${python3.pkgs.python.sitePackages}/drivers/linux
mv $CHIPSEC_BUILD_LIB/chipsec/helper/linux/chipsec.ko \
$out/${python3.pkgs.python.sitePackages}/drivers/linux/chipsec.ko
'';
2022-01-18 11:37:52 +00:00
setupPyBuildFlags = [
"--build-lib=$CHIPSEC_BUILD_LIB"
] ++ lib.optionals (!withDriver) [
2022-01-18 11:37:52 +00:00
"--skip-driver"
];
2018-12-27 19:28:59 +00:00
2022-01-18 11:37:52 +00:00
pythonImportsCheck = [
"chipsec"
];
2018-12-27 19:28:59 +00:00
meta = with lib; {
2018-12-27 19:28:59 +00:00
description = "Platform Security Assessment Framework";
longDescription = ''
CHIPSEC is a framework for analyzing the security of PC platforms
including hardware, system firmware (BIOS/UEFI), and platform components.
It includes a security test suite, tools for accessing various low level
interfaces, and forensic capabilities. It can be run on Windows, Linux,
Mac OS X and UEFI shell.
'';
2021-03-28 21:57:16 +00:00
license = licenses.gpl2Only;
homepage = "https://github.com/chipsec/chipsec";
2023-05-14 08:14:26 +00:00
maintainers = with maintainers; [ johnazoidberg erdnaxe ];
platforms = [ "x86_64-linux" ] ++ lib.optional (!withDriver) "x86_64-darwin";
# https://github.com/chipsec/chipsec/issues/1793
broken = withDriver && kernel.kernelOlder "5.4" && kernel.isHardened;
2018-12-27 19:28:59 +00:00
};
}