Merge pull request #252983 from RaitoBezarius/update/edk2

pkgs/development/compilers/edk2/default.nix

@@ -2,6 +2,7 @@
 , clangStdenv
 , fetchFromGitHub
 , fetchpatch
+, runCommand
 , libuuid
 , python3
 , bc
@@ -28,9 +29,9 @@ buildType = if stdenv.isDarwin then
   else
     "GCC5";
 
-edk2 = stdenv.mkDerivation {
+edk2 = stdenv.mkDerivation rec {
   pname = "edk2";
-  version = "202305";
+  version = "202308";
 
   patches = [
     # pass targetPrefix as an env var
@@ -40,15 +41,24 @@ edk2 = stdenv.mkDerivation {
     })
   ];
 
-  # submodules
-  src = fetchFromGitHub {
+  srcWithVendoring = fetchFromGitHub {
     owner = "tianocore";
     repo = "edk2";
     rev = "edk2-stable${edk2.version}";
     fetchSubmodules = true;
-    hash = "sha256-htOvV43Hw5K05g0SF3po69HncLyma3BtgpqYSdzRG4s=";
+    hash = "sha256-Eoi1xf/hw/Knr7n0f0rgVof7wTgrHkmvV4eJjJV1NhM=";
   };
 
+  # We don't want EDK2 to keep track of OpenSSL,
+  # they're frankly bad at it.
+  src = runCommand "edk2-unvendored-src" { } ''
+    cp --no-preserve=mode -r ${srcWithVendoring} $out
+    rm -rf $out/CryptoPkg/Library/OpensslLib/openssl
+    mkdir -p $out/CryptoPkg/Library/OpensslLib/openssl
+    tar --strip-components=1 -xf ${buildPackages.openssl.src} -C $out/CryptoPkg/Library/OpensslLib/openssl
+    chmod -R +w $out/
+  '';
+
   nativeBuildInputs = [ pythonEnv ];
   depsBuildBuild = [ buildPackages.stdenv.cc buildPackages.util-linux buildPackages.bash ];
   strictDeps = true;
@@ -69,6 +79,7 @@ edk2 = stdenv.mkDerivation {
     # patchShebangs fails to see these when cross compiling
     for i in $out/BaseTools/BinWrappers/PosixLike/*; do
       substituteInPlace $i --replace '/usr/bin/env bash' ${buildPackages.bash}/bin/bash
+      chmod +x "$i"
     done
   '';