1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
{ lib, stdenv, fetchFromGitHub, fetchpatch, openssl, pkgsCross, buildPackages }:
let
buildArmTrustedFirmware = { filesToInstall
, installDir ? "$out"
, platform ? null
, extraMakeFlags ? []
, extraMeta ? {}
, version ? "2.1"
, ... } @ args:
stdenv.mkDerivation ({
name = "arm-trusted-firmware${lib.optionalString (platform != null) "-${platform}"}-${version}";
inherit version;
src = fetchFromGitHub {
owner = "ARM-software";
repo = "arm-trusted-firmware";
rev = "refs/tags/v${version}";
sha256 = "1gy5qskrjy8n3kxdcm1dx8b45l5b75n0pm8pq80wl6xic1ycy24r";
};
depsBuildBuild = [ buildPackages.stdenv.cc ];
# For Cortex-M0 firmware in RK3399
nativeBuildInputs = [ pkgsCross.arm-embedded.stdenv.cc ];
buildInputs = [ openssl ];
makeFlags = [
"CROSS_COMPILE=${stdenv.cc.targetPrefix}"
] ++ (lib.optional (platform != null) "PLAT=${platform}")
++ extraMakeFlags;
installPhase = ''
runHook preInstall
mkdir -p ${installDir}
cp ${lib.concatStringsSep " " filesToInstall} ${installDir}
runHook postInstall
'';
hardeningDisable = [ "all" ];
dontStrip = true;
# Fatal error: can't create build/sun50iw1p1/release/bl31/sunxi_clocks.o: No such file or directory
enableParallelBuilding = false;
meta = with lib; {
homepage = https://github.com/ARM-software/arm-trusted-firmware;
description = "A reference implementation of secure world software for ARMv8-A";
license = licenses.bsd3;
maintainers = [ maintainers.lopsided98 ];
} // extraMeta;
} // builtins.removeAttrs args [ "extraMeta" ]);
in {
inherit buildArmTrustedFirmware;
armTrustedFirmwareTools = buildArmTrustedFirmware rec {
extraMakeFlags = [
"HOSTCC=${stdenv.cc.targetPrefix}gcc"
"fiptool" "certtool" "sptool"
];
filesToInstall = [
"tools/fiptool/fiptool"
"tools/cert_create/cert_create"
"tools/sptool/sptool"
];
postInstall = ''
mkdir -p "$out/bin"
find "$out" -type f -executable -exec mv -t "$out/bin" {} +
'';
};
armTrustedFirmwareAllwinner = buildArmTrustedFirmware rec {
platform = "sun50i_a64";
extraMeta.platforms = ["aarch64-linux"];
filesToInstall = ["build/${platform}/release/bl31.bin"];
};
armTrustedFirmwareQemu = buildArmTrustedFirmware rec {
platform = "qemu";
extraMeta.platforms = ["aarch64-linux"];
filesToInstall = [
"build/${platform}/release/bl1.bin"
"build/${platform}/release/bl2.bin"
"build/${platform}/release/bl31.bin"
];
};
armTrustedFirmwareRK3328 = buildArmTrustedFirmware rec {
extraMakeFlags = [ "bl31" ];
platform = "rk3328";
extraMeta.platforms = ["aarch64-linux"];
filesToInstall = [ "build/${platform}/release/bl31/bl31.elf"];
};
armTrustedFirmwareRK3399 = buildArmTrustedFirmware rec {
extraMakeFlags = [ "bl31" ];
platform = "rk3399";
extraMeta.platforms = ["aarch64-linux"];
filesToInstall = [ "build/${platform}/release/bl31/bl31.elf"];
};
armTrustedFirmwareS905 = buildArmTrustedFirmware rec {
extraMakeFlags = [ "bl31" ];
platform = "gxbb";
extraMeta.platforms = ["aarch64-linux"];
filesToInstall = [ "build/${platform}/release/bl31.bin"];
};
}
|