mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-28 00:24:18 +00:00
aff1f4ab94
The following parameters are now available: * hardeningDisable To disable specific hardening flags * hardeningEnable To enable specific hardening flags Only the cc-wrapper supports this right now, but these may be reused by other wrappers, builders or setup hooks. cc-wrapper supports the following flags: * fortify * stackprotector * pie (disabled by default) * pic * strictoverflow * format * relro * bindnow
57 lines
1.6 KiB
Nix
57 lines
1.6 KiB
Nix
{ stdenv, edk2, nasm, iasl, seabios, openssl, secureBoot ? false }:
|
|
|
|
let
|
|
|
|
targetArch = if stdenv.isi686 then
|
|
"Ia32"
|
|
else if stdenv.isx86_64 then
|
|
"X64"
|
|
else
|
|
throw "Unsupported architecture";
|
|
|
|
in
|
|
|
|
stdenv.mkDerivation (edk2.setup "OvmfPkg/OvmfPkg${targetArch}.dsc" {
|
|
name = "OVMF-2014-12-10";
|
|
|
|
# TODO: properly include openssl for secureBoot
|
|
buildInputs = [nasm iasl] ++ stdenv.lib.optionals (secureBoot == true) [ openssl ];
|
|
|
|
hardeningDisable = [ "stackprotector" "pic" "fortify" ];
|
|
|
|
unpackPhase = ''
|
|
for file in \
|
|
"${edk2.src}"/{UefiCpuPkg,MdeModulePkg,IntelFrameworkModulePkg,PcAtChipsetPkg,FatBinPkg,EdkShellBinPkg,MdePkg,ShellPkg,OptionRomPkg,IntelFrameworkPkg};
|
|
do
|
|
ln -sv "$file" .
|
|
done
|
|
|
|
${if (seabios == false) then ''
|
|
ln -sv ${edk2.src}/OvmfPkg .
|
|
'' else ''
|
|
cp -r ${edk2.src}/OvmfPkg .
|
|
chmod +w OvmfPkg/Csm/Csm16
|
|
cp ${seabios}/Csm16.bin OvmfPkg/Csm/Csm16/Csm16.bin
|
|
''}
|
|
|
|
${if (secureBoot == true) then ''
|
|
ln -sv ${edk2.src}/SecurityPkg .
|
|
ln -sv ${edk2.src}/CryptoPkg .
|
|
'' else ''
|
|
''}
|
|
'';
|
|
|
|
buildPhase = if (seabios == false) then ''
|
|
build ${if secureBoot then "-DSECURE_BOOT_ENABLE=TRUE" else ""}
|
|
'' else ''
|
|
build -D CSM_ENABLE -D FD_SIZE_2MB ${if secureBoot then "-DSECURE_BOOT_ENABLE=TRUE" else ""}
|
|
'';
|
|
|
|
meta = {
|
|
description = "Sample UEFI firmware for QEMU and KVM";
|
|
homepage = http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=OVMF;
|
|
license = stdenv.lib.licenses.bsd2;
|
|
platforms = ["x86_64-linux" "i686-linux"];
|
|
};
|
|
})
|