Merge pull request #218459 from R-VdP/fwupd-1-8-12

fwupd: 1.8.10 -> 1.8.12
2024-11-24 07:53:19 +00:00 · 2023-03-02 13:08:49 +01:00 · 2023-03-02 13:08:49 +01:00 · a1cbe94831
commit a1cbe94831
parent 8281752e39 74be655fa9
3 changed files with 259 additions and 237 deletions
--- a/pkgs/development/libraries/libjcat/default.nix
+++ b/pkgs/development/libraries/libjcat/default.nix
@ -71,7 +71,7 @@ stdenv.mkDerivation rec {
    description = "Library for reading and writing Jcat files";
    homepage = "https://github.com/hughsie/libjcat";
    license = licenses.lgpl21Plus;
-    maintainers = with maintainers; [ jtojnar ];
+    maintainers = with maintainers; [ ];
    platforms = platforms.all;
  };
 }
--- a/pkgs/development/libraries/libxmlb/default.nix
+++ b/pkgs/development/libraries/libxmlb/default.nix
@ -71,7 +71,7 @@ stdenv.mkDerivation rec {
    description = "A library to help create and query binary XML blobs";
    homepage = "https://github.com/hughsie/libxmlb";
    license = licenses.lgpl21Plus;
-    maintainers = with maintainers; [ jtojnar ];
+    maintainers = with maintainers; [ ];
    platforms = platforms.unix;
  };
 }
--- a/pkgs/os-specific/linux/firmware/fwupd/default.nix
+++ b/pkgs/os-specific/linux/firmware/fwupd/default.nix
@ -28,6 +28,7 @@
 , ninja
 , gcab
 , gnutls
+, pandoc
 , protobufc
 , python3
 , wrapGAppsNoGuiHook
@ -79,12 +80,19 @@ let
  # Experimental
  haveFlashrom = isx86 && enableFlashrom;

-  runPythonCommand = name: buildCommandPython: runCommand name {
-    nativeBuildInputs = [ python3 ];
-      inherit buildCommandPython;
-  } ''
-    exec python3 -c "$buildCommandPython"
-  '';
+  runPythonCommand =
+    name:
+    buildCommandPython:
+
+    runCommand
+      name
+      {
+        nativeBuildInputs = [ python3 ];
+        inherit buildCommandPython;
+      }
+      ''
+        exec python3 -c "$buildCommandPython"
+      '';

  test-firmware =
    let
@ -103,205 +111,219 @@ let
        };
      };
    in
-      src // {
-        meta = src.meta // {
-          # For update script
-          position =
-            let
-              pos = builtins.unsafeGetAttrPos "updateScript" test-firmware;
-            in
-            pos.file + ":" + toString pos.line;
-        };
+    src // {
+      meta = src.meta // {
+        # For update script
+        position =
+          let
+            pos = builtins.unsafeGetAttrPos "updateScript" test-firmware;
+          in
+          pos.file + ":" + toString pos.line;
      };
-
-
-  self = stdenv.mkDerivation rec {
-    pname = "fwupd";
-    version = "1.8.10";
-
-    # libfwupd goes to lib
-    # daemon, plug-ins and libfwupdplugin go to out
-    # CLI programs go to out
-    outputs = [ "out" "lib" "dev" "devdoc" "man" "installedTests" ];
-
-    src = fetchurl {
-      url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz";
-      hash = "sha256-vvNUidNdhW9xeksjEVnkIR7CZ4oBQizZJRMFtZUq6Ow=";
    };
+in
+stdenv.mkDerivation (finalAttrs: {
+  pname = "fwupd";
+  version = "1.8.10";

-    patches = [
-      # Since /etc is the domain of NixOS, not Nix,
-      # we cannot install files there.
-      # Let’s install the files to $prefix/etc
-      # while still reading them from /etc.
-      # NixOS module for fwupd will take take care of copying the files appropriately.
-      ./add-option-for-installation-sysconfdir.patch
+  # libfwupd goes to lib
+  # daemon, plug-ins and libfwupdplugin go to out
+  # CLI programs go to out
+  outputs = [ "out" "lib" "dev" "devdoc" "man" "installedTests" ];

-      # Install plug-ins and libfwupdplugin to $out output,
-      # they are not really part of the library.
-      ./install-fwupdplugin-to-out.patch
+  src = fetchFromGitHub {
+    owner = "fwupd";
+    repo = "fwupd";
+    rev = finalAttrs.version;
+    hash = "sha256-a4F7skyukl4jW3apGi1ie/EcuGlkZoszyZdtLFuJewA=";
+  };

-      # Installed tests are installed to different output
-      # we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle.
-      ./installed-tests-path.patch
+  patches = [
+    # Since /etc is the domain of NixOS, not Nix,
+    # we cannot install files there.
+    # Let’s install the files to $prefix/etc
+    # while still reading them from /etc.
+    # NixOS module for fwupd will take take care of copying the files appropriately.
+    ./add-option-for-installation-sysconfdir.patch

-      # EFI capsule is located in fwupd-efi now.
-      ./efi-app-path.patch
-    ];
+    # Install plug-ins and libfwupdplugin to $out output,
+    # they are not really part of the library.
+    ./install-fwupdplugin-to-out.patch

-    nativeBuildInputs = [
-      # required for firmware zipping
-      ensureNewerSourcesForZipFilesHook
-      meson
-      ninja
-      gi-docgen
-      pkg-config
-      gobject-introspection
-      gettext
-      shared-mime-info
-      valgrind
-      gcab
-      gnutls
-      protobufc # for protoc
-      python
-      wrapGAppsNoGuiHook
-      vala
-    ];
+    # Installed tests are installed to different output
+    # we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle.
+    ./installed-tests-path.patch

-    buildInputs = [
-      polkit
-      libxmlb
-      gusb
-      sqlite
-      libarchive
-      curl
-      elfutils
-      libgudev
-      colord
-      libjcat
-      libuuid
-      json-glib
-      umockdev
-      bash-completion
-      pango
-      tpm2-tss
-      efivar
-      fwupd-efi
-      protobufc
-      modemmanager
-      libmbim
-      libcbor
-      libqmi
-      xz # for liblzma
-    ] ++ lib.optionals haveDell [
-      libsmbios
-    ] ++ lib.optionals haveFlashrom [
-      flashrom
-    ];
+    # EFI capsule is located in fwupd-efi now.
+    ./efi-app-path.patch
+  ];

-    mesonFlags = [
-      "-Ddocs=enabled"
-      "-Dplugin_dummy=true"
-      # We are building the official releases.
-      "-Dsupported_build=enabled"
-      # Would dlopen libsoup to preserve compatibility with clients linking against older fwupd.
-      # https://github.com/fwupd/fwupd/commit/173d389fa59d8db152a5b9da7cc1171586639c97
-      "-Dsoup_session_compat=false"
-      "-Dudevdir=lib/udev"
-      "-Dsystemd_root_prefix=${placeholder "out"}"
-      "-Dinstalled_test_prefix=${placeholder "installedTests"}"
-      "--localstatedir=/var"
-      "--sysconfdir=/etc"
-      "-Dsysconfdir_install=${placeholder "out"}/etc"
-      "-Defi_os_dir=nixos"
-      "-Dplugin_modem_manager=enabled"
+  nativeBuildInputs = [
+    # required for firmware zipping
+    ensureNewerSourcesForZipFilesHook
+    meson
+    ninja
+    gi-docgen
+    pkg-config
+    gobject-introspection
+    gettext
+    shared-mime-info
+    valgrind
+    gcab
+    gnutls
+    pandoc
+    protobufc # for protoc
+    python
+    wrapGAppsNoGuiHook
+    vala
+  ];

-      # We do not want to place the daemon into lib (cyclic reference)
-      "--libexecdir=${placeholder "out"}/libexec"
-    ] ++ lib.optionals (!haveDell) [
-      "-Dplugin_dell=disabled"
-      "-Dplugin_synaptics_mst=disabled"
-    ] ++ lib.optionals (!haveRedfish) [
-      "-Dplugin_redfish=disabled"
-    ] ++ lib.optionals (!haveFlashrom) [
-      "-Dplugin_flashrom=disabled"
-    ] ++ lib.optionals (!haveMSR) [
-      "-Dplugin_msr=disabled"
-    ];
+  buildInputs = [
+    polkit
+    libxmlb
+    gusb
+    sqlite
+    libarchive
+    curl
+    elfutils
+    libgudev
+    colord
+    libjcat
+    libuuid
+    json-glib
+    umockdev
+    bash-completion
+    pango
+    tpm2-tss
+    efivar
+    fwupd-efi
+    protobufc
+    modemmanager
+    libmbim
+    libcbor
+    libqmi
+    xz # for liblzma
+  ] ++ lib.optionals haveDell [
+    libsmbios
+  ] ++ lib.optionals haveFlashrom [
+    flashrom
+  ];

-    # TODO: wrapGAppsHook wraps efi capsule even though it is not ELF
-    dontWrapGApps = true;
+  mesonFlags = [
+    "-Ddocs=enabled"
+    "-Dplugin_dummy=true"
+    # We are building the official releases.
+    "-Dsupported_build=enabled"
+    # Would dlopen libsoup to preserve compatibility with clients linking against older fwupd.
+    # https://github.com/fwupd/fwupd/commit/173d389fa59d8db152a5b9da7cc1171586639c97
+    "-Dsoup_session_compat=false"
+    "-Dudevdir=lib/udev"
+    "-Dsystemd_root_prefix=${placeholder "out"}"
+    "-Dinstalled_test_prefix=${placeholder "installedTests"}"
+    "--localstatedir=/var"
+    "--sysconfdir=/etc"
+    "-Dsysconfdir_install=${placeholder "out"}/etc"
+    "-Defi_os_dir=nixos"
+    "-Dplugin_modem_manager=enabled"

-    doCheck = true;
+    # We do not want to place the daemon into lib (cyclic reference)
+    "--libexecdir=${placeholder "out"}/libexec"
+  ] ++ lib.optionals (!haveDell) [
+    "-Dplugin_dell=disabled"
+    "-Dplugin_synaptics_mst=disabled"
+  ] ++ lib.optionals (!haveRedfish) [
+    "-Dplugin_redfish=disabled"
+  ] ++ lib.optionals (!haveFlashrom) [
+    "-Dplugin_flashrom=disabled"
+  ] ++ lib.optionals (!haveMSR) [
+    "-Dplugin_msr=disabled"
+  ];

-    # Environment variables
+  # TODO: wrapGAppsHook wraps efi capsule even though it is not ELF
+  dontWrapGApps = true;

-    # Fontconfig error: Cannot load default config file
-    FONTCONFIG_FILE =
-      let
-        fontsConf = makeFontsConf {
-          fontDirectories = [ freefont_ttf ];
-        };
-      in fontsConf;
+  doCheck = true;

-    # error: “PolicyKit files are missing”
-    # https://github.com/NixOS/nixpkgs/pull/67625#issuecomment-525788428
-    PKG_CONFIG_POLKIT_GOBJECT_1_ACTIONDIR = "/run/current-system/sw/share/polkit-1/actions";
+  # Environment variables

-    # Phase hooks
+  # Fontconfig error: Cannot load default config file
+  FONTCONFIG_FILE =
+    let
+      fontsConf = makeFontsConf {
+        fontDirectories = [ freefont_ttf ];
+      };
+    in
+    fontsConf;

-    postPatch = ''
-      patchShebangs \
-        contrib/generate-version-script.py \
-        po/test-deps
+  # error: “PolicyKit files are missing”
+  # https://github.com/NixOS/nixpkgs/pull/67625#issuecomment-525788428
+  PKG_CONFIG_POLKIT_GOBJECT_1_ACTIONDIR = "/run/current-system/sw/share/polkit-1/actions";

-      substituteInPlace data/installed-tests/fwupdmgr-p2p.sh \
-        --replace "gdbus" ${glib.bin}/bin/gdbus
+  # Phase hooks

-      # tests fail with: Failed to load SMBIOS: neither SMBIOS or DT found
-      sed -i 's/test(.*)//' plugins/lenovo-thinklmi/meson.build
-      sed -i 's/test(.*)//' plugins/mtd/meson.build
-      # fails on amd cpu
-      sed -i 's/test(.*)//' libfwupdplugin/meson.build
-      # in nixos test tries to chmod 0777 $out/share/installed-tests/fwupd/tests/redfish.conf
-      sed -i "s/get_option('tests')/false/" plugins/redfish/meson.build
-    '';
+  postPatch = ''
+    patchShebangs \
+      contrib/generate-version-script.py \
+      po/test-deps

-    preBuild = ''
-      # jcat-tool at buildtime requires a home directory
-      export HOME="$(mktemp -d)"
-    '';
+    substituteInPlace data/installed-tests/fwupdmgr-p2p.sh \
+      --replace "gdbus" ${glib.bin}/bin/gdbus

-    preCheck = ''
-      addToSearchPath XDG_DATA_DIRS "${shared-mime-info}/share"
+    # tests fail with: Failed to load SMBIOS: neither SMBIOS or DT found
+    sed -i 's/test(.*)//' plugins/lenovo-thinklmi/meson.build
+    sed -i 's/test(.*)//' plugins/mtd/meson.build
+    # fails on amd cpu
+    sed -i 's/test(.*)//' libfwupdplugin/meson.build
+    # in nixos test tries to chmod 0777 $out/share/installed-tests/fwupd/tests/redfish.conf
+    sed -i "s/get_option('tests')/false/" plugins/redfish/meson.build

-      echo "12345678901234567890123456789012" > machine-id
-      export NIX_REDIRECTS=/etc/machine-id=$(realpath machine-id) \
-      LD_PRELOAD=${libredirect}/lib/libredirect.so
-    '';
+    # Device tests use device emulation and need to download emulation data from
+    # the internet, which does not work on our test VMs.
+    # It's probably better to disable these tests for NixOS by setting
+    # the device-tests directory to /dev/null.
+    # For more info on device emulation, see:
+    #   https://github.com/fwupd/fwupd/blob/eeeac4e9ba8a6513428b456a551bffd95d533e50/docs/device-emulation.md
+    substituteInPlace data/installed-tests/meson.build \
+      --replace "join_paths(datadir, 'fwupd', 'device-tests')" "'/dev/null'"
+  '';

-    preInstall = ''
-      # We have pkexec on PATH so Meson will try to use it when installation fails
-      # due to being unable to write to e.g. /etc.
-      # Let’s pretend we already ran pkexec –
-      # the pkexec on PATH would complain it lacks setuid bit,
-      # obscuring the underlying error.
-      # https://github.com/mesonbuild/meson/blob/492cc9bf95d573e037155b588dc5110ded4d9a35/mesonbuild/minstall.py#L558
-      export PKEXEC_UID=-1
-    '';
+  preBuild = ''
+    # jcat-tool at buildtime requires a home directory
+    export HOME="$(mktemp -d)"
+  '';

-    postInstall = ''
-      # These files have weird licenses so they are shipped separately.
-      cp --recursive --dereference "${test-firmware}/installed-tests/tests" "$installedTests/libexec/installed-tests/fwupd"
-    '';
+  preCheck = ''
+    addToSearchPath XDG_DATA_DIRS "${shared-mime-info}/share"

-    preFixup = let
+    echo "12345678901234567890123456789012" > machine-id
+    export NIX_REDIRECTS=/etc/machine-id=$(realpath machine-id) \
+    LD_PRELOAD=${libredirect}/lib/libredirect.so
+  '';
+
+  preInstall = ''
+    # We have pkexec on PATH so Meson will try to use it when installation fails
+    # due to being unable to write to e.g. /etc.
+    # Let’s pretend we already ran pkexec –
+    # the pkexec on PATH would complain it lacks setuid bit,
+    # obscuring the underlying error.
+    # https://github.com/mesonbuild/meson/blob/492cc9bf95d573e037155b588dc5110ded4d9a35/mesonbuild/minstall.py#L558
+    export PKEXEC_UID=-1
+  '';
+
+  postInstall = ''
+    # These files have weird licenses so they are shipped separately.
+    cp --recursive --dereference "${test-firmware}/installed-tests/tests" "$installedTests/libexec/installed-tests/fwupd"
+  '';
+
+  preFixup =
+    let
      binPath = [
        efibootmgr
        bubblewrap
        tpm2-tools
      ];
-    in ''
+    in
+    ''
      gappsWrapperArgs+=(
        --prefix XDG_DATA_DIRS : "${shared-mime-info}/share"
        # See programs reached with fu_common_find_program_in_path in source
@ -309,60 +331,62 @@ let
      )
    '';

-    postFixup = ''
-      # Since we had to disable wrapGAppsHook, we need to wrap the executables manually.
-      find -L "$out/bin" "$out/libexec" -type f -executable -print0 \
-        | while IFS= read -r -d ''' file; do
-        if [[ "$file" != *.efi ]]; then
-          echo "Wrapping program $file"
-          wrapGApp "$file"
-        fi
-      done
+  postFixup = ''
+    # Since we had to disable wrapGAppsHook, we need to wrap the executables manually.
+    find -L "$out/bin" "$out/libexec" -type f -executable -print0 \
+      | while IFS= read -r -d ''' file; do
+      if [[ "$file" != *.efi ]]; then
+        echo "Wrapping program $file"
+        wrapGApp "$file"
+      fi
+    done

-      # Cannot be in postInstall, otherwise _multioutDocs hook in preFixup will move right back.
-      moveToOutput "share/doc" "$devdoc"
-    '';
+    # Cannot be in postInstall, otherwise _multioutDocs hook in preFixup will move right back.
+    moveToOutput "share/doc" "$devdoc"
+  '';

-    separateDebugInfo = true;
+  separateDebugInfo = true;

-    passthru = {
-      filesInstalledToEtc = [
-        "fwupd/bios-settings.d/README.md"
-        "fwupd/daemon.conf"
-        "fwupd/remotes.d/lvfs-testing.conf"
-        "fwupd/remotes.d/lvfs.conf"
-        "fwupd/remotes.d/vendor.conf"
-        "fwupd/remotes.d/vendor-directory.conf"
-        "fwupd/uefi_capsule.conf"
-        "pki/fwupd/GPG-KEY-Linux-Foundation-Firmware"
-        "pki/fwupd/GPG-KEY-Linux-Vendor-Firmware-Service"
-        "pki/fwupd/LVFS-CA.pem"
-        "pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata"
-        "pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service"
-        "pki/fwupd-metadata/LVFS-CA.pem"
-        "grub.d/35_fwupd"
-      ] ++ lib.optionals haveDell [
-        "fwupd/remotes.d/dell-esrt.conf"
-      ] ++ lib.optionals haveRedfish [
-        "fwupd/redfish.conf"
-      ] ++ lib.optionals haveMSR [
-        "fwupd/msr.conf"
-      ] ++ lib.optionals isx86 [
-        "fwupd/thunderbolt.conf"
-      ];
+  passthru = {
+    filesInstalledToEtc = [
+      "fwupd/bios-settings.d/README.md"
+      "fwupd/daemon.conf"
+      "fwupd/remotes.d/lvfs-testing.conf"
+      "fwupd/remotes.d/lvfs.conf"
+      "fwupd/remotes.d/vendor.conf"
+      "fwupd/remotes.d/vendor-directory.conf"
+      "fwupd/uefi_capsule.conf"
+      "pki/fwupd/GPG-KEY-Linux-Foundation-Firmware"
+      "pki/fwupd/GPG-KEY-Linux-Vendor-Firmware-Service"
+      "pki/fwupd/LVFS-CA.pem"
+      "pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata"
+      "pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service"
+      "pki/fwupd-metadata/LVFS-CA.pem"
+      "grub.d/35_fwupd"
+    ] ++ lib.optionals haveDell [
+      "fwupd/remotes.d/dell-esrt.conf"
+    ] ++ lib.optionals haveRedfish [
+      "fwupd/redfish.conf"
+    ] ++ lib.optionals haveMSR [
+      "fwupd/msr.conf"
+    ] ++ lib.optionals isx86 [
+      "fwupd/thunderbolt.conf"
+    ];

-      # DisabledPlugins key in fwupd/daemon.conf
-      defaultDisabledPlugins = [
-        "test"
-        "test_ble"
-      ];
+    # DisabledPlugins key in fwupd/daemon.conf
+    defaultDisabledPlugins = [
+      "test"
+      "test_ble"
+    ];

-      # For updating.
-      inherit test-firmware;
+    # For updating.
+    inherit test-firmware;

-      tests = let
+    tests =
+      let
        listToPy = list: "[${lib.concatMapStringsSep ", " (f: "'${f}'") list}]";
-      in {
+      in
+      {
        installedTests = nixosTests.installed-tests.fwupd;

        passthruMatches = runPythonCommand "fwupd-test-passthru-matches" ''
@ -371,29 +395,27 @@ let
          import os
          import pathlib

-          etc = '${self}/etc'
+          etc = '${finalAttrs.finalPackage}/etc'
          package_etc = set(itertools.chain.from_iterable([[os.path.relpath(os.path.join(prefix, file), etc) for file in files] for (prefix, dirs, files) in os.walk(etc)]))
-          passthru_etc = set(${listToPy passthru.filesInstalledToEtc})
+          passthru_etc = set(${listToPy finalAttrs.passthru.filesInstalledToEtc})
          assert len(package_etc - passthru_etc) == 0, f'fwupd package contains the following paths in /etc that are not listed in passthru.filesInstalledToEtc: {package_etc - passthru_etc}'
          assert len(passthru_etc - package_etc) == 0, f'fwupd package lists the following paths in passthru.filesInstalledToEtc that are not contained in /etc: {passthru_etc - package_etc}'

          config = configparser.RawConfigParser()
-          config.read('${self}/etc/fwupd/daemon.conf')
+          config.read('${finalAttrs.finalPackage}/etc/fwupd/daemon.conf')
          package_disabled_plugins = config.get('fwupd', 'DisabledPlugins').rstrip(';').split(';')
-          passthru_disabled_plugins = ${listToPy passthru.defaultDisabledPlugins}
+          passthru_disabled_plugins = ${listToPy finalAttrs.passthru.defaultDisabledPlugins}
          assert package_disabled_plugins == passthru_disabled_plugins, f'Default disabled plug-ins in the package {package_disabled_plugins} do not match those listed in passthru.defaultDisabledPlugins {passthru_disabled_plugins}'

          pathlib.Path(os.getenv('out')).touch()
        '';
      };
-    };
-
-    meta = with lib; {
-      homepage = "https://fwupd.org/";
-      maintainers = with maintainers; [ jtojnar ];
-      license = licenses.lgpl21Plus;
-      platforms = platforms.linux;
-    };
  };

-in self
+  meta = with lib; {
+    homepage = "https://fwupd.org/";
+    maintainers = with maintainers; [ ];
+    license = licenses.lgpl21Plus;
+    platforms = platforms.linux;
+  };
+})