rpi5: uefi & arm-tf current packaging state
parent
19df296944
commit
718e2a32e3
|
@ -250,7 +250,7 @@ in {
|
|||
pipewire
|
||||
(v4l-utils.override { withGUI = false; })
|
||||
|
||||
rpi5-arm-tf
|
||||
rpi5-edk2
|
||||
];
|
||||
programs.nix-index.enable = lib.mkForce false;
|
||||
services.journald.extraConfig = ''
|
||||
|
|
|
@ -10,6 +10,7 @@ self: super: rec {
|
|||
linuxPackages_rpi5 = self.linuxPackagesFor linux_rpi5;
|
||||
|
||||
rpi5-arm-tf = self.callPackage ../pkgs/rpi5-arm-tf.nix { };
|
||||
rpi5-edk2-tools = self.callPackage ../pkgs/rpi5-edk2-tools.nix { };
|
||||
rpi5-uefi = self.callPackage ../pkgs/rpi5-uefi.nix { };
|
||||
rpi5-uefi-bin = self.callPackage ../pkgs/rpi5-uefi-bin.nix { };
|
||||
}
|
||||
|
|
|
@ -4,14 +4,6 @@ stdenv.mkDerivation rec {
|
|||
name = "arm-trusted-firmware-rpi5";
|
||||
version = "20240316";
|
||||
|
||||
# src = fetchFromGitHub {
|
||||
# owner = "worproject";
|
||||
# repo = "rpi5-uefi";
|
||||
# rev = "c1ca184c608dca75a346cc56b8eaf42648d83e86";
|
||||
# fetchSubmodules = true;
|
||||
# hash = "sha256-mGMqgJXsEFq79aHes8HUGcKrfbGjeAHTA/xzbq5qURs=";
|
||||
# };
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "worproject";
|
||||
repo = "arm-trusted-firmware";
|
||||
|
@ -24,6 +16,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
makeFlags = [
|
||||
"HOSTCC=$(CC_FOR_BUILD)"
|
||||
"AS=$(CC_FOR_BUILD)"
|
||||
"CROSS_COMPILE=${stdenv.cc.targetPrefix}"
|
||||
# binutils 2.39 regression
|
||||
# `warning: /build/source/build/rk3399/release/bl31/bl31.elf has a LOAD segment with RWX permissions`
|
||||
|
@ -37,7 +30,7 @@ stdenv.mkDerivation rec {
|
|||
"SMC_PCI_SUPPORT=1"
|
||||
];
|
||||
|
||||
filesToInstall = [ "build/rpi5/release" ];
|
||||
filesToInstall = [ "build/rpi5/release/*" ];
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
|
|
@ -0,0 +1,59 @@
|
|||
{ lib, stdenv, fetchFromGitHub, openssl
|
||||
, buildPackages, runCommand, clangStdenv, fetchpatch, libuuid
|
||||
, python3 }:
|
||||
|
||||
let
|
||||
srcWithVendoring = fetchFromGitHub {
|
||||
owner = "worproject";
|
||||
repo = "rpi5-uefi";
|
||||
rev = "c1ca184c608dca75a346cc56b8eaf42648d83e86";
|
||||
fetchSubmodules = true;
|
||||
hash = "sha256-mGMqgJXsEFq79aHes8HUGcKrfbGjeAHTA/xzbq5qURs=";
|
||||
};
|
||||
pythonEnv = buildPackages.python3.withPackages (ps: [ ps.tkinter ]);
|
||||
in stdenv.mkDerivation {
|
||||
name = "rpi5-edk2-tools";
|
||||
version = "20240316";
|
||||
|
||||
# We don't want EDK2 to keep track of OpenSSL,
|
||||
# they're frankly bad at it.
|
||||
src = runCommand "edk2-unvendored-src" { } ''
|
||||
cp --no-preserve=mode -r ${srcWithVendoring} $out
|
||||
rm -rf $out/edk2/CryptoPkg/Library/OpensslLib/openssl
|
||||
mkdir -p $out/edk2/CryptoPkg/Library/OpensslLib/openssl
|
||||
tar --strip-components=1 -xf ${buildPackages.openssl.src} -C $out/edk2/CryptoPkg/Library/OpensslLib/openssl
|
||||
chmod -R +w $out/
|
||||
|
||||
# Fix missing INT64_MAX include that edk2 explicitly does not provide
|
||||
# via it's own <stdint.h>. Let's pull in openssl's definition instead:
|
||||
sed -i $out/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/property/property_parse.c \
|
||||
-e '1i #include "internal/numbers.h"'
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ pythonEnv ];
|
||||
depsBuildBuild = [ buildPackages.stdenv.cc buildPackages.bash ];
|
||||
depsHostHost = [ libuuid ];
|
||||
strictDeps = true;
|
||||
|
||||
# trick taken from https://src.fedoraproject.org/rpms/edk2/blob/08f2354cd280b4ce5a7888aa85cf520e042955c3/f/edk2.spec#_319
|
||||
GCC5_AARCH64_PREFIX = stdenv.cc.targetPrefix;
|
||||
|
||||
makeFlags = [ "-C edk2/BaseTools" ];
|
||||
|
||||
env.NIX_CFLAGS_COMPILE = "-Wno-return-type"
|
||||
+ lib.optionalString stdenv.cc.isGNU " -Wno-error=stringop-truncation"
|
||||
+ lib.optionalString stdenv.isDarwin " -Wno-error=macro-redefined";
|
||||
|
||||
hardeningDisable = [ "format" "fortify" ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -vp $out
|
||||
mv -v edk2/BaseTools $out
|
||||
mv -v edk2/edksetup.sh $out
|
||||
# patchShebangs fails to see these when cross compiling
|
||||
for i in $out/BaseTools/BinWrappers/PosixLike/*; do
|
||||
substituteInPlace $i --replace '/usr/bin/env bash' ${buildPackages.bash}/bin/bash
|
||||
chmod +x "$i"
|
||||
done
|
||||
'';
|
||||
}
|
|
@ -1,4 +1,49 @@
|
|||
{ lib, stdenv, fetchFromGitHub, fetchFromGitLab, openssl, pkgsCross
|
||||
, buildPackages }:
|
||||
{ lib, stdenv, openssl, pkgsCross
|
||||
, buildPackages, runCommand, rpi5-arm-tf, rpi5-edk2-tools, libuuid
|
||||
, python3, bc }:
|
||||
|
||||
stdenv.mkDerivation { }
|
||||
let
|
||||
pythonEnv = buildPackages.python3.withPackages (ps: [ps.tkinter]);
|
||||
in stdenv.mkDerivation {
|
||||
name = "rpi5-arm-uefi";
|
||||
|
||||
inherit (rpi5-edk2-tools) src version;
|
||||
|
||||
nativeBuildInputs = [ bc pythonEnv ];
|
||||
depsBuildBuild = [ buildPackages.stdenv.cc ];
|
||||
strictDeps = true;
|
||||
|
||||
# trick taken from https://src.fedoraproject.org/rpms/edk2/blob/08f2354cd280b4ce5a7888aa85cf520e042955c3/f/edk2.spec#_319
|
||||
GCC5_AARCH64_PREFIX = stdenv.cc.targetPrefix;
|
||||
|
||||
prePatch = ''
|
||||
rm -rf BaseTools
|
||||
ln -sv ${rpi5-edk2-tools}/BaseTools BaseTools
|
||||
'';
|
||||
|
||||
configurePhase = ''
|
||||
runHook preConfigure
|
||||
export WORKSPACE="$PWD"
|
||||
. ${rpi5-edk2-tools}/edksetup.sh BaseTools
|
||||
runHook postConfigure
|
||||
'';
|
||||
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
build -a AARCH64 \
|
||||
-b RELEASE \
|
||||
-t GCC \
|
||||
-p edk2-platforms/Platform/RaspberryPi/RPi5/RPi5.dsc \
|
||||
-D TFA_BUILD_ARTIFACTS=${rpi5-arm-tf} \
|
||||
--pcd gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString=L"${rpi5-edk2-tools.version}" \
|
||||
-n $NIX_BUILD_CORES $buildFlags
|
||||
|
||||
runHook postBuild
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
mv -v Build/*/* $out
|
||||
runHook postInstall
|
||||
'';
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue