b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #228348 from NixOS/ovmf-improvements

Browse source 
ovmf: various improvements (IPv6, TLS, debugging)
This commit is contained in:
Ryan Lahfa 2023-05-05 17:29:39 +02:00 committed by GitHub
parent 8c33c57638 c449133f88
commit 73a69f152c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
pkgs/applications/virtualization/OVMF/default.nix
View file

@ -3,6 +3,9 @@
, secureBoot ? false
, httpSupport ? false
, tpmSupport ? false
, tlsSupport ? false
, debug ? false
, sourceDebug ? debug
}:
assert csmSupport -> seabios != null;
@ -41,11 +44,17 @@ edk2.mkDerivation projectDscPath (finalAttrs: {
hardeningDisable = [ "format" "stackprotector" "pic" "fortify" ];
buildFlags =
lib.optionals secureBoot [ "-D SECURE_BOOT_ENABLE=TRUE" ]
# IPv6 has no reason to be disabled.
[ "-D NETWORK_IP6_ENABLE=TRUE" ]
++ lib.optionals debug [ "-D DEBUG_ON_SERIAL_PORT=TRUE" ]
++ lib.optionals sourceDebug [ "-D SOURCE_DEBUG_ENABLE=TRUE" ]
++ lib.optionals secureBoot [ "-D SECURE_BOOT_ENABLE=TRUE" ]
++ lib.optionals csmSupport [ "-D CSM_ENABLE" "-D FD_SIZE_2MB" ]
++ lib.optionals httpSupport [ "-D NETWORK_HTTP_ENABLE=TRUE" "-D NETWORK_HTTP_BOOT_ENABLE=TRUE" ]
++ lib.optionals tlsSupport [ "-D NETWORK_TLS_ENABLE=TRUE" ]
++ lib.optionals tpmSupport [ "-D TPM_ENABLE" "-D TPM2_ENABLE" "-D TPM2_CONFIG_ENABLE"];
buildConfig = if debug then "DEBUG" else "RELEASE";
env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.cc.isClang "-Qunused-arguments";
env.PYTHON_COMMAND = "python3";

2
pkgs/development/compilers/edk2/default.nix
View file

@ -116,7 +116,7 @@ edk2 = buildStdenv.mkDerivation {
buildPhase = ''
runHook preBuild
build -a ${targetArch} -b RELEASE -t ${buildType} -p ${projectDscPath} -n $NIX_BUILD_CORES $buildFlags
build -a ${targetArch} -b ${attrs.buildConfig or "RELEASE"} -t ${buildType} -p ${projectDscPath} -n $NIX_BUILD_CORES $buildFlags
runHook postBuild
'';