diff options
| author | Adam Joseph <adam@westernsemico.com> | 2022-02-08 01:44:21 -0800 |
|---|---|---|
| committer | Adam Joseph <adam@westernsemico.com> | 2022-02-08 01:44:21 -0800 |
| commit | a5b8650f8dffe71b66b987da9f6200e776626e17 (patch) | |
| tree | 09814b1478c9d911f315af9b56a50fc536e2e064 /pkgs/misc | |
| parent | bb0a925a767b247a473adcbf8ebcbf0262ccb5ee (diff) | |
| download | nixpkgs-a5b8650f8dffe71b66b987da9f6200e776626e17.tar nixpkgs-a5b8650f8dffe71b66b987da9f6200e776626e17.tar.gz nixpkgs-a5b8650f8dffe71b66b987da9f6200e776626e17.tar.bz2 nixpkgs-a5b8650f8dffe71b66b987da9f6200e776626e17.tar.lz nixpkgs-a5b8650f8dffe71b66b987da9f6200e776626e17.tar.xz nixpkgs-a5b8650f8dffe71b66b987da9f6200e776626e17.tar.zst nixpkgs-a5b8650f8dffe71b66b987da9f6200e776626e17.zip | |
arm-trusted-firmware: add unfreeIncludeHDCPBlob?true to control license and blob-removal patch
This change implements @lukegb's idea: https://github.gitop.top/NixOS/nixpkgs/issues/148890#issuecomment-1032002903 Specifically, it introduces a new parameter unfreeIncludeHDCPBlob (defaults to true): * If unfreeIncludeHDCPBlob==true then the license is changed to unfreeRedistributable, which will alert the user to the fact that the blob is being included (unless they set NIXPKGS_ALLOW_UNFREE=1). * If unfreeIncludeHDCPBlob==false then the license is kept as bsd3, but a patch is applied to remove the HDCP blob from the build.
Diffstat (limited to 'pkgs/misc')
| -rw-r--r-- | pkgs/misc/arm-trusted-firmware/default.nix | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/pkgs/misc/arm-trusted-firmware/default.nix b/pkgs/misc/arm-trusted-firmware/default.nix index 0c4ce33f4d8..8bf6d31937f 100644 --- a/pkgs/misc/arm-trusted-firmware/default.nix +++ b/pkgs/misc/arm-trusted-firmware/default.nix @@ -1,4 +1,9 @@ -{ lib, stdenv, fetchFromGitHub, openssl, pkgsCross, buildPackages }: +{ lib, stdenv, fetchFromGitHub, openssl, pkgsCross, buildPackages + +# Warning: this blob runs on the main CPU (not the GPU) at privilege +# level EL3, which is above both the kernel and the hypervisor. +, unfreeIncludeHDCPBlob ? true +}: let buildArmTrustedFirmware = { filesToInstall @@ -20,7 +25,10 @@ let sha256 = "sha256-qT9DdTvMcUrvRzgmVf2qmKB+Rb1WOB4p1rM+fsewGcg="; }; - patches = [ ./remove-hdcp-blob.patch ]; + patches = lib.optionals (!unfreeIncludeHDCPBlob) [ + # this is a rebased version of https://gitlab.com/vicencb/kevinboot/-/blob/master/atf.patch + ./remove-hdcp-blob.patch + ]; depsBuildBuild = [ buildPackages.stdenv.cc ]; @@ -52,7 +60,7 @@ let meta = with lib; { homepage = "https://github.com/ARM-software/arm-trusted-firmware"; description = "A reference implementation of secure world software for ARMv8-A"; - license = licenses.bsd3; + license = if unfreeIncludeHDCPBlob then licenses.unfreeRedistributable else licenses.bsd3; maintainers = with maintainers; [ lopsided98 ]; } // extraMeta; } // builtins.removeAttrs args [ "extraMeta" ]); |