1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
{ stdenv, nixosTests, lib, edk2, util-linux, nasm, acpica-tools, llvmPackages
, csmSupport ? false, seabios ? null
, secureBoot ? false
, httpSupport ? false
, tpmSupport ? false
}:
assert csmSupport -> seabios != null;
let
projectDscPath = if stdenv.isi686 then
"OvmfPkg/OvmfPkgIa32.dsc"
else if stdenv.isx86_64 then
"OvmfPkg/OvmfPkgX64.dsc"
else if stdenv.hostPlatform.isAarch then
"ArmVirtPkg/ArmVirtQemu.dsc"
else
throw "Unsupported architecture";
version = lib.getVersion edk2;
suffixes = {
i686 = "FV/OVMF";
x86_64 = "FV/OVMF";
aarch64 = "FV/AAVMF";
};
in
edk2.mkDerivation projectDscPath (finalAttrs: {
pname = "OVMF";
inherit version;
outputs = [ "out" "fd" ];
nativeBuildInputs = [ util-linux nasm acpica-tools ]
++ lib.optionals stdenv.cc.isClang [ llvmPackages.bintools llvmPackages.llvm ];
strictDeps = true;
hardeningDisable = [ "format" "stackprotector" "pic" "fortify" ];
buildFlags =
lib.optionals secureBoot [ "-D SECURE_BOOT_ENABLE=TRUE" ]
++ lib.optionals csmSupport [ "-D CSM_ENABLE" "-D FD_SIZE_2MB" ]
++ lib.optionals httpSupport [ "-D NETWORK_HTTP_ENABLE=TRUE" "-D NETWORK_HTTP_BOOT_ENABLE=TRUE" ]
++ lib.optionals tpmSupport [ "-D TPM_ENABLE" "-D TPM2_ENABLE" "-D TPM2_CONFIG_ENABLE"];
NIX_CFLAGS_COMPILE = lib.optional stdenv.cc.isClang "-Qunused-arguments";
postPatch = lib.optionalString csmSupport ''
cp ${seabios}/Csm16.bin OvmfPkg/Csm/Csm16/Csm16.bin
'';
postFixup = if stdenv.hostPlatform.isAarch then ''
mkdir -vp $fd/FV
mkdir -vp $fd/AAVMF
mv -v $out/FV/QEMU_{EFI,VARS}.fd $fd/FV
# Use Debian dir layout: https://salsa.debian.org/qemu-team/edk2/blob/debian/debian/rules
dd of=$fd/FV/AAVMF_CODE.fd if=/dev/zero bs=1M count=64
dd of=$fd/FV/AAVMF_CODE.fd if=$fd/FV/QEMU_EFI.fd conv=notrunc
dd of=$fd/FV/AAVMF_VARS.fd if=/dev/zero bs=1M count=64
# Also add symlinks for Fedora dir layout: https://src.fedoraproject.org/cgit/rpms/edk2.git/tree/edk2.spec
ln -s $fd/FV/AAVMF_CODE.fd $fd/AAVMF/QEMU_EFI-pflash.raw
ln -s $fd/FV/AAVMF_VARS.fd $fd/AAVMF/vars-template-pflash.raw
'' else ''
mkdir -vp $fd/FV
mv -v $out/FV/OVMF{,_CODE,_VARS}.fd $fd/FV
'';
dontPatchELF = true;
passthru =
let
cpuName = stdenv.hostPlatform.parsed.cpu.name;
suffix = suffixes."${cpuName}" or (throw "Host cpu name `${cpuName}` is not supported in this OVMF derivation!");
prefix = "${finalAttrs.finalPackage.fd}/${suffix}";
in {
firmware = "${prefix}_CODE.fd";
variables = "${prefix}_VARS.fd";
# This will test the EFI firmware for the host platform as part of the NixOS Tests setup.
tests.basic-systemd-boot = nixosTests.systemd-boot.basic;
};
meta = {
description = "Sample UEFI firmware for QEMU and KVM";
homepage = "https://github.com/tianocore/tianocore.github.io/wiki/OVMF";
license = lib.licenses.bsd2;
inherit (edk2.meta) platforms;
maintainers = [ lib.maintainers.raitobezarius ];
};
})
|