depot/third_party/nixpkgs/pkgs/tools/misc/shim/default.nix

54 lines
1.4 KiB
Nix
Raw Normal View History

{ stdenv, fetchFromGitHub, lib, elfutils, vendorCertFile ? null
, defaultLoader ? null }:
let
inherit (stdenv.hostPlatform) system;
throwSystem = throw "Unsupported system: ${system}";
target = {
x86_64-linux = "shimx64.efi";
aarch64-linux = "shimaa64.efi";
}.${system} or throwSystem;
in stdenv.mkDerivation rec {
pname = "shim";
version = "15.7";
src = fetchFromGitHub {
owner = "rhboot";
repo = pname;
rev = version;
hash = "sha256-CfUuq0anbXlCVo9r9NIb76oJzDqaPMIhL9cmXK1iqXo=";
fetchSubmodules = true;
};
buildInputs = [ elfutils ];
env.NIX_CFLAGS_COMPILE = toString [ "-I${toString elfutils.dev}/include" ];
makeFlags =
lib.optional (vendorCertFile != null) "VENDOR_CERT_FILE=${vendorCertFile}"
++ lib.optional (defaultLoader != null) "DEFAULT_LOADER=${defaultLoader}"
++ [ target ];
installPhase = ''
mkdir -p $out/share/shim
install -m 644 ${target} $out/share/shim/
'';
passthru = {
# Expose the target file name so that consumers
# (e.g. infrastructure for signing this shim) don't need to
# duplicate the logic from here
inherit target;
};
meta = with lib; {
description = "UEFI shim loader";
homepage = "https://github.com/rhboot/shim";
license = licenses.bsd1;
platforms = [ "x86_64-linux" "aarch64-linux" ];
maintainers = with maintainers; [ baloo raitobezarius ];
};
}