From 75e08f26f1c4ef2502b9427bbd87131aee657957 Mon Sep 17 00:00:00 2001 From: Daniel Schaefer Date: Thu, 27 Dec 2018 20:28:59 +0100 Subject: chipsec: init at 1.3.6 --- pkgs/tools/security/chipsec/default.nix | 42 +++++++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 8 +++++++ 2 files changed, 50 insertions(+) create mode 100644 pkgs/tools/security/chipsec/default.nix (limited to 'pkgs') diff --git a/pkgs/tools/security/chipsec/default.nix b/pkgs/tools/security/chipsec/default.nix new file mode 100644 index 00000000000..5e9e818711f --- /dev/null +++ b/pkgs/tools/security/chipsec/default.nix @@ -0,0 +1,42 @@ +{ stdenv, lib, fetchFromGitHub, python27Packages, nasm, libelf +, kernel ? null, withDriver ? false }: +python27Packages.buildPythonApplication rec { + name = "chipsec-${version}"; + version = "1.3.6"; + + src = fetchFromGitHub { + owner = "chipsec"; + repo = "chipsec"; + rev = "v${version}"; + sha256 = "18iwbh74j4igrvfx9cc2bfk014ha0b40mvwnn05yabij22kl9l49"; + }; + + buildInputs = [ + nasm libelf + ]; + + setupPyBuildFlags = lib.optional (!withDriver) "--skip-driver"; + + checkPhase = "python setup.py build " + + lib.optionalString (!withDriver) "--skip-driver " + + "test"; + + KERNEL_SRC_DIR = lib.optionalString withDriver "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; + + meta = with stdenv.lib; { + description = "Platform Security Assessment Framework"; + longDescription = '' + CHIPSEC is a framework for analyzing the security of PC platforms + including hardware, system firmware (BIOS/UEFI), and platform components. + It includes a security test suite, tools for accessing various low level + interfaces, and forensic capabilities. It can be run on Windows, Linux, + Mac OS X and UEFI shell. + ''; + license = licenses.gpl2; + homepage = https://github.com/chipsec/chipsec; + maintainers = with maintainers; [ johnazoidberg ]; + # This package description is currently only able to build the Linux driver. + # But the other functionality should work on all platforms. + platforms = platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 2653ad8ae41..9a650a249f1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -684,6 +684,9 @@ in chezmoi = callPackage ../tools/misc/chezmoi { }; + # Without kernel driver, should build and work on non-linux as well + chipsec = callPackage ../tools/security/chipsec { }; + clair = callPackage ../tools/admin/clair { }; cloud-sql-proxy = callPackage ../tools/misc/cloud-sql-proxy { }; @@ -14938,6 +14941,11 @@ in blcr = callPackage ../os-specific/linux/blcr { }; + chipsec = callPackage ../tools/security/chipsec { + inherit kernel; + withDriver = true; + }; + cryptodev = callPackage ../os-specific/linux/cryptodev { }; cpupower = callPackage ../os-specific/linux/cpupower { }; -- cgit 1.4.1 From 18a71fbdd4a216d337a95a1aa397a2596c7c614b Mon Sep 17 00:00:00 2001 From: Daniel Schaefer Date: Sun, 24 Mar 2019 13:44:59 +0100 Subject: chipsec: 1.3.6 -> 1.3.7 --- pkgs/tools/security/chipsec/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'pkgs') diff --git a/pkgs/tools/security/chipsec/default.nix b/pkgs/tools/security/chipsec/default.nix index 5e9e818711f..f543479ff18 100644 --- a/pkgs/tools/security/chipsec/default.nix +++ b/pkgs/tools/security/chipsec/default.nix @@ -2,16 +2,16 @@ , kernel ? null, withDriver ? false }: python27Packages.buildPythonApplication rec { name = "chipsec-${version}"; - version = "1.3.6"; + version = "1.3.7"; src = fetchFromGitHub { owner = "chipsec"; repo = "chipsec"; - rev = "v${version}"; - sha256 = "18iwbh74j4igrvfx9cc2bfk014ha0b40mvwnn05yabij22kl9l49"; + rev = if (version == "1.3.7") then version else "v${version}"; + sha256 = "00hwhi5f24y429zazhm77l1pp31q7fmx7ks3sfm6d16v89zbcp9a"; }; - buildInputs = [ + nativeBuildInputs = [ nasm libelf ]; -- cgit 1.4.1 From 1636f11f12e0a6aac43fb524f5a030e1c421714c Mon Sep 17 00:00:00 2001 From: Daniel Schaefer Date: Sat, 20 Apr 2019 22:55:45 +0200 Subject: chipsec: Kernel driver only works on x86_64-linux See: https://github.com/chipsec/chipsec/issues/461 Noticed that when ofBorg failed to build the kernel driver on ARM. --- pkgs/tools/security/chipsec/default.nix | 6 ++---- pkgs/top-level/all-packages.nix | 6 ++++-- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'pkgs') diff --git a/pkgs/tools/security/chipsec/default.nix b/pkgs/tools/security/chipsec/default.nix index f543479ff18..a32752f8b23 100644 --- a/pkgs/tools/security/chipsec/default.nix +++ b/pkgs/tools/security/chipsec/default.nix @@ -7,7 +7,7 @@ python27Packages.buildPythonApplication rec { src = fetchFromGitHub { owner = "chipsec"; repo = "chipsec"; - rev = if (version == "1.3.7") then version else "v${version}"; + rev = version; sha256 = "00hwhi5f24y429zazhm77l1pp31q7fmx7ks3sfm6d16v89zbcp9a"; }; @@ -35,8 +35,6 @@ python27Packages.buildPythonApplication rec { license = licenses.gpl2; homepage = https://github.com/chipsec/chipsec; maintainers = with maintainers; [ johnazoidberg ]; - # This package description is currently only able to build the Linux driver. - # But the other functionality should work on all platforms. - platforms = platforms.all; + platforms = if withDriver then [ "x86_64-linux" ] else platforms.all; }; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 9a650a249f1..15ca1f810f9 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -684,8 +684,10 @@ in chezmoi = callPackage ../tools/misc/chezmoi { }; - # Without kernel driver, should build and work on non-linux as well - chipsec = callPackage ../tools/security/chipsec { }; + chipsec = callPackage ../tools/security/chipsec { + kernel = null; + withDriver = false; + }; clair = callPackage ../tools/admin/clair { }; -- cgit 1.4.1