diff options
| author | Alyssa Ross <hi@alyssa.is> | 2022-02-22 10:43:06 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2022-03-11 16:17:56 +0000 |
| commit | ca1aada113c0ebda1ab8667199f6453f8e01c4fc (patch) | |
| tree | 55e402280096f62eb0bc8bcad5ce6050c5a0aec7 /nixpkgs/pkgs/misc/arm-trusted-firmware | |
| parent | e4df5a52a6a6531f32626f57205356a773ac2975 (diff) | |
| parent | 93883402a445ad467320925a0a5dbe43a949f25b (diff) | |
| download | nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.gz nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.bz2 nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.lz nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.xz nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.zst nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.zip | |
Merge commit '93883402a445ad467320925a0a5dbe43a949f25b'
Conflicts: nixpkgs/nixos/modules/programs/ssh.nix nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix nixpkgs/pkgs/data/fonts/noto-fonts/default.nix nixpkgs/pkgs/development/go-modules/generic/default.nix nixpkgs/pkgs/development/interpreters/ruby/default.nix nixpkgs/pkgs/development/libraries/mesa/default.nix
Diffstat (limited to 'nixpkgs/pkgs/misc/arm-trusted-firmware')
| -rw-r--r-- | nixpkgs/pkgs/misc/arm-trusted-firmware/default.nix | 16 | ||||
| -rw-r--r-- | nixpkgs/pkgs/misc/arm-trusted-firmware/remove-hdcp-blob.patch | 47 |
2 files changed, 60 insertions, 3 deletions
diff --git a/nixpkgs/pkgs/misc/arm-trusted-firmware/default.nix b/nixpkgs/pkgs/misc/arm-trusted-firmware/default.nix index d079b3f61ca4..49fdc7a829c5 100644 --- a/nixpkgs/pkgs/misc/arm-trusted-firmware/default.nix +++ b/nixpkgs/pkgs/misc/arm-trusted-firmware/default.nix @@ -1,4 +1,9 @@ -{ lib, stdenv, fetchFromGitHub, openssl, pkgsCross, buildPackages }: +{ lib, stdenv, fetchFromGitHub, openssl, pkgsCross, buildPackages + +# Warning: this blob runs on the main CPU (not the GPU) at privilege +# level EL3, which is above both the kernel and the hypervisor. +, unfreeIncludeHDCPBlob ? true +}: let buildArmTrustedFirmware = { filesToInstall @@ -10,7 +15,7 @@ let , ... } @ args: stdenv.mkDerivation ({ - name = "arm-trusted-firmware${lib.optionalString (platform != null) "-${platform}"}-${version}"; + pname = "arm-trusted-firmware${lib.optionalString (platform != null) "-${platform}"}"; inherit version; src = fetchFromGitHub { @@ -20,6 +25,11 @@ let sha256 = "sha256-qT9DdTvMcUrvRzgmVf2qmKB+Rb1WOB4p1rM+fsewGcg="; }; + patches = lib.optionals (!unfreeIncludeHDCPBlob) [ + # this is a rebased version of https://gitlab.com/vicencb/kevinboot/-/blob/master/atf.patch + ./remove-hdcp-blob.patch + ]; + depsBuildBuild = [ buildPackages.stdenv.cc ]; # For Cortex-M0 firmware in RK3399 @@ -50,7 +60,7 @@ let meta = with lib; { homepage = "https://github.com/ARM-software/arm-trusted-firmware"; description = "A reference implementation of secure world software for ARMv8-A"; - license = licenses.bsd3; + license = (if unfreeIncludeHDCPBlob then [ licenses.unfreeRedistributable ] else []) ++ [ licenses.bsd3 ]; maintainers = with maintainers; [ lopsided98 ]; } // extraMeta; } // builtins.removeAttrs args [ "extraMeta" ]); diff --git a/nixpkgs/pkgs/misc/arm-trusted-firmware/remove-hdcp-blob.patch b/nixpkgs/pkgs/misc/arm-trusted-firmware/remove-hdcp-blob.patch new file mode 100644 index 000000000000..7f99fbdcabfd --- /dev/null +++ b/nixpkgs/pkgs/misc/arm-trusted-firmware/remove-hdcp-blob.patch @@ -0,0 +1,47 @@ +diff --git a/plat/rockchip/rk3399/drivers/dp/cdn_dp.c b/plat/rockchip/rk3399/drivers/dp/cdn_dp.c +index a8773f4f6..8e28c4830 100644 +--- a/plat/rockchip/rk3399/drivers/dp/cdn_dp.c ++++ b/plat/rockchip/rk3399/drivers/dp/cdn_dp.c +@@ -13,17 +13,6 @@ + + #include <cdn_dp.h> + +-__asm__( +- ".pushsection .text.hdcp_handler, \"ax\", %progbits\n" +- ".global hdcp_handler\n" +- ".balign 4\n" +- "hdcp_handler:\n" +- ".incbin \"" HDCPFW "\"\n" +- ".type hdcp_handler, %function\n" +- ".size hdcp_handler, .- hdcp_handler\n" +- ".popsection\n" +-); +- + static uint64_t *hdcp_key_pdata; + static struct cdn_dp_hdcp_key_1x key; + +@@ -38,7 +27,7 @@ uint64_t dp_hdcp_ctrl(uint64_t type) + return 0; + case HDCP_KEY_DATA_START_DECRYPT: + if (hdcp_key_pdata == (uint64_t *)(&key + 1)) +- return hdcp_handler(&key); ++ return PSCI_E_DISABLED; + else + return PSCI_E_INVALID_PARAMS; + assert(0); /* Unreachable */ +diff --git a/plat/rockchip/rk3399/platform.mk b/plat/rockchip/rk3399/platform.mk +index a658fb286..5edb6a25b 100644 +--- a/plat/rockchip/rk3399/platform.mk ++++ b/plat/rockchip/rk3399/platform.mk +@@ -88,11 +88,6 @@ $(eval $(call add_define_val,RK3399M0PMUFW,\"$(RK3399M0PMUFW)\")) + ifdef PLAT_RK_DP_HDCP + BL31_SOURCES += ${RK_PLAT_SOC}/drivers/dp/cdn_dp.c + +-HDCPFW=${RK_PLAT_SOC}/drivers/dp/hdcp.bin +-$(eval $(call add_define_val,HDCPFW,\"$(HDCPFW)\")) +- +-${BUILD_PLAT}/bl31/cdn_dp.o: CCACHE_EXTRAFILES=$(HDCPFW) +-${RK_PLAT_SOC}/drivers/dp/cdn_dp.c: $(HDCPFW) + endif + + # CCACHE_EXTRAFILES is needed because ccache doesn't handle .incbin |