summary refs log tree commit diff
path: root/pkgs/os-specific/linux/isgx
diff options
context:
space:
mode:
authoroxalica <oxalicc@pm.me>2021-04-01 07:33:38 +0800
committerGitHub <noreply@github.com>2021-04-01 01:33:38 +0200
commit72e1e3177364cab322746760738350301eb64788 (patch)
treea80d4934d7ba82d6ba5fb368a6e63a72d2927fb7 /pkgs/os-specific/linux/isgx
parent5481589204cc2fb732d2c758879032118a371981 (diff)
downloadnixpkgs-72e1e3177364cab322746760738350301eb64788.tar
nixpkgs-72e1e3177364cab322746760738350301eb64788.tar.gz
nixpkgs-72e1e3177364cab322746760738350301eb64788.tar.bz2
nixpkgs-72e1e3177364cab322746760738350301eb64788.tar.lz
nixpkgs-72e1e3177364cab322746760738350301eb64788.tar.xz
nixpkgs-72e1e3177364cab322746760738350301eb64788.tar.zst
nixpkgs-72e1e3177364cab322746760738350301eb64788.zip
linuxPackages.isgx: init at 2.11 (#109013)
* linuxPackages.isgx: init at 2.11

* isgx: simplify

* isgx: fix meta and mark as broken for kernel >= 5.11.0
Diffstat (limited to 'pkgs/os-specific/linux/isgx')
-rw-r--r--pkgs/os-specific/linux/isgx/default.nix53
1 files changed, 53 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/isgx/default.nix b/pkgs/os-specific/linux/isgx/default.nix
new file mode 100644
index 00000000000..1806916b14d
--- /dev/null
+++ b/pkgs/os-specific/linux/isgx/default.nix
@@ -0,0 +1,53 @@
+{ stdenv, lib, fetchFromGitHub, fetchpatch, kernel, kernelAtLeast }:
+
+stdenv.mkDerivation rec {
+  name = "isgx-${version}-${kernel.version}";
+  version = "2.11";
+
+  src = fetchFromGitHub {
+    owner = "intel";
+    repo = "linux-sgx-driver";
+    rev = "sgx_driver_${version}";
+    hash = "sha256-zZ0FgCx63LCNmvQ909O27v/o4+93gefhgEE/oDr/bHw=";
+  };
+
+  patches = [
+    # Fixes build with kernel >= 5.8
+    (fetchpatch {
+      url = "https://github.com/intel/linux-sgx-driver/commit/276c5c6a064d22358542f5e0aa96b1c0ace5d695.patch";
+      sha256 = "sha256-PmchqYENIbnJ51G/tkdap/g20LUrJEoQ4rDtqy6hj24=";
+    })
+  ];
+
+  hardeningDisable = [ "pic" ];
+
+  nativeBuildInputs = kernel.moduleBuildDependencies;
+
+  makeFlags = [
+    "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
+  ];
+
+  installPhase = ''
+    runHook preInstall
+    install -D isgx.ko -t $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/intel/sgx
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "Intel SGX Linux Driver";
+    longDescription = ''
+      The linux-sgx-driver project (isgx) hosts an out-of-tree driver
+      for the Linux* Intel(R) SGX software stack, which would be used
+      until the driver upstreaming process is complete (before 5.11.0).
+
+      It is used to support Enhanced Privacy Identification (EPID)
+      based attestation on the platforms without Flexible Launch Control.
+    '';
+    homepage = "https://github.com/intel/linux-sgx-driver";
+    license = with licenses; [ bsd3 /* OR */ gpl2Only ];
+    maintainers = with maintainers; [ oxalica ];
+    platforms = platforms.linux;
+    # The driver is already in kernel >= 5.11.0.
+    broken = kernelAtLeast "5.11.0";
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-08 13:02:40 +0000