@@ -4,8 +4,12 @@
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix git-download)
+ #:use-module (guix utils)
#:use-module (gnu packages)
+ #:use-module (gnu packages admin)
#:use-module (gnu packages algebra)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
#:use-module (gnu packages bash)
#:use-module (gnu packages compression)
#:use-module (gnu packages flex)
@@ -13,8 +17,11 @@
#:use-module (gnu packages elf)
#:use-module (gnu packages m4)
#:use-module (gnu packages curl)
+ #:use-module (gnu packages linux)
#:use-module (gnu packages multiprecision)
+ #:use-module (gnu packages python)
#:use-module (gnu packages cpio)
+ #:use-module (gnu packages file)
#:use-module (gnu packages perl)
#:use-module (gnu packages version-control)
#:use-module (gnu packages virtualization))
@@ -122,3 +129,374 @@ done
(synopsis "Musl-cross gcc 5 toolchain")
(description "Musl-cross toolchain: binutils, gcc 5 and musl.")
(license license:isc))))
+
+(define-public heads
+ (let ((revision "1")
+ (commit "b7f2249b665705939dc4eca67d11553c72164f4b"))
+ (package
+ (name "heads")
+ (version (git-version "0.1" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/osresearch/heads.git")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0sgyqm4ss88hfp8miz40mw40kj7qp2khr7jcvscwv87bd5g9nwnx"))
+ (patches (search-patches "heads-build-environment.patch"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("bash" ,bash)
+ ("git" ,git)
+ ("perl" ,perl)
+ ("cpio" ,cpio)
+ ("m4" ,m4)
+ ("bison" ,bison)
+ ("flex" ,flex)
+ ("curl" ,curl) ; FIXME: Remove.
+ ("zlibx" ,zlib)
+ ("musl-cross" ,musl-cross)
+ ("elfutils" ,elfutils)
+ ("bc" ,bc)
+ ("findutils" ,findutils)
+ ("flashtools"
+ ,(origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/osresearch/flashtools.git")
+ (commit "9acce09aeb635c5bef01843e495b95e75e8da135")))
+ (file-name "flashtools-checkout")
+ (sha256
+ (base32 "0r4gj3nzr67ycd39k1vjzxfzkp90yacrdgxhc1z5jfvxfq4x91c1"))))
+ ("tpmtotp"
+ ,(origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/osresearch/tpmtotp.git")
+ (commit "18b860fdcf5a55537c8395b891f2b2a5c24fc00a")))
+ (file-name "tpmtotp-checkout")
+ (sha256
+ (base32 "112p5afkrbipr0d8x9r9mrxrr3xyf97s2y3f32p41vs951sksqnv"))))
+ ("msrtools"
+ ,(origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/osresearch/msr-tools.git")
+ (commit "572ef8a2b873eda15a322daa48861140a078b92c")))
+ (file-name "msr-tools-checkout")
+ (sha256
+ (base32 "0an1ypj5pin9l413vn4gxzi3x6ir1rba9jv6n5gk6s9dq803lb6p"))))
+ ("coreboot-blobs"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.coreboot.org/releases/coreboot-blobs-4.8.1.tar.xz")
+ (sha256
+ (base32 "15g222xj1zdn8i8qz0pw2jf28h66dljb1q5isw2ml05gwfd51ahq"))))
+ ("coreboot"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.coreboot.org/releases/coreboot-4.8.1.tar.xz")
+ (sha256
+ (base32 "08xdd5drk8yd37a3z5hc81qmgsybv6201i28hcggxh980vdz9pgh"))))
+ ("linux"
+ ,(origin
+ (method url-fetch)
+ (uri "https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.14.62.tar.xz")
+ (sha256
+ (base32 "1ar29ikway5im17iw9ag1fxivr7sbj8nhxxw347xqmp1irz4vjji"))))
+ ("musl" ; useless
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.musl-libc.org/releases/musl-1.1.15.tar.gz")
+ (sha256
+ (base32 "1ymhxkskivzph0q34zadwfglc5gyahqajm7chqqn2zraxv3lgr4p"))))
+ ("busybox"
+ ,(origin
+ (method url-fetch)
+ (uri "https://busybox.net/downloads/busybox-1.28.0.tar.bz2")
+ (sha256
+ (base32 "1701carjf02y7r3djm1yvyd5kzrcxm4szinp7agfv7fmvfvm6ib0"))))
+ ("zlib"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.zlib.net/zlib-1.2.11.tar.gz")
+ (sha256
+ (base32 "18dighcs333gsvajvvgqp8l4cx7h1x7yx9gd5xacnk80spyykrf3"))))
+ ("mbedtls"
+ ,(origin
+ (method url-fetch)
+ (uri "https://tls.mbed.org/download/mbedtls-2.4.2-gpl.tgz")
+ (sha256
+ (base32 "17r9qs585gqghcf5yavb1cnvsigl0f8r0k8rklr5a855hrajs7yh"))))
+ ("kexec-tools"
+ ,(origin
+ (method url-fetch)
+ (uri "https://kernel.org/pub/linux/utils/kernel/kexec/kexec-tools-2.0.16.tar.gz")
+ (sha256
+ (base32 "0fkg5y3wxvkqrjii90iz1i59qd6hhq7ar27f0sgv7jbppyczq5yg"))))
+ ("qrencode"
+ ,(origin
+ (method url-fetch)
+ (uri "https://fukuchi.org/works/qrencode/qrencode-3.4.4.tar.gz")
+ (sha256
+ (base32 "0wiagx7i8p9zal53smf5abrnh9lr31mv0p36wg017401jrmf5577"))))
+ ("pciutils"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.kernel.org/pub/software/utils/pciutils/pciutils-3.5.4.tar.xz")
+ (sha256
+ (base32 "0rpy7kkb2y89wmbcbfjjjxsk2x89v5xxhxib4vpl131ip5m3qab4"))))
+ ("util-linux"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.kernel.org/pub/linux/utils/util-linux/v2.29/util-linux-2.29.2.tar.xz")
+ (sha256
+ (base32 "1qz81w8vzrmy8xn9yx7ls4amkbgwx6vr62pl6kv9g7r0g3ba9kmc"))))
+ ("flashrom"
+ ,(origin
+ (method url-fetch)
+ (uri "https://download.flashrom.org/releases/flashrom-1.0.tar.bz2")
+ (sha256
+ (base32 "0r7fkpfc8w51n8ffbhclj4wa3kwrk0ijv1acwpw5myx5bchzl0ip"))))
+ ("popt"
+ ,(origin
+ (method url-fetch)
+ (uri "https://launchpad.net/popt/head/1.16/+download/popt-1.16.tar.gz")
+ (sha256
+ (base32 "1j2c61nn2n351nhj4d25mnf3vpiddcykq005w2h6kw79dwlysa77"))))
+ ("lvm2"
+ ,(origin
+ (method url-fetch)
+ (uri "https://mirrors.kernel.org/sourceware/lvm2/LVM2.2.02.168.tgz")
+ (sha256
+ (base32 "03b62hcsj9z37ckd8c21wwpm07s9zblq7grfh58yzcs1vp6x38r3"))))
+ ("cryptsetup"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-1.7.3.tar.xz")
+ (sha256
+ (base32 "00nwd96m9yq4k3cayc04i5y7iakkzana35zxky6hpx2w8zl08axg"))))
+ ("libgpg-error"
+ ,(origin
+ (method url-fetch)
+ (uri "https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.32.tar.bz2")
+ (sha256
+ (base32 "1jj08ns4sh1hmafqp1giskvdicdz18la516va26jycy27kkwaif3"))))
+ ("libgcrypt"
+ ,(origin
+ (method url-fetch)
+ (uri "https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.3.tar.bz2")
+ (sha256
+ (base32 "0z5gs1khzyknyfjr19k8gk4q148s6q987ya85cpn0iv70fz91v36"))))
+ ("libksba"
+ ,(origin
+ (method url-fetch)
+ (uri "https://gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2")
+ (sha256
+ (base32 "0h53q4sns1jz1pkmhcz5wp9qrfn9f5g9i3vjv6dafwzzlvblyi21"))))
+ ("libassuan"
+ ,(origin
+ (method url-fetch)
+ (uri "https://gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.1.tar.bz2")
+ (sha256
+ (base32 "0jb4nb4nrjr949gd3lw8lh4v5d6qigxaq6xwy24w5apjnhvnrya7"))))
+ ("npth"
+ ,(origin
+ (method url-fetch)
+ (uri "https://gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2")
+ (sha256
+ (base32 "1lg2lkdd3z1s3rpyf88786l243adrzyk9p4q8z9n41ygmpcsp4qk"))))
+ ("libusb"
+ ,(origin
+ (method url-fetch)
+ (uri "https://downloads.sourceforge.net/project/libusb/libusb-1.0/libusb-1.0.21/libusb-1.0.21.tar.bz2")
+ (sha256
+ (base32 "0jw2n5kdnrqvp7zh792fd6mypzzfap6jp4gfcmq4n6c1kb79rkkx"))))
+ ("libusb-compat"
+ ,(origin
+ (method url-fetch)
+ (uri "https://downloads.sourceforge.net/project/libusb/libusb-compat-0.1/libusb-compat-0.1.5/libusb-compat-0.1.5.tar.bz2")
+ (sha256
+ (base32 "0nn5icrfm9lkhzw1xjvaks9bq3w6mjg86ggv3fn7kgi4nfvg8kj0"))))
+ ("dropbear"
+ ,(origin
+ (method url-fetch)
+ (uri "https://matt.ucc.asn.au/dropbear/releases/dropbear-2016.74.tar.bz2")
+ (sha256
+ (base32 "14c8f4gzixf0j9fkx68jgl85q7b05852kk0vf09gi6h0xmafl817"))))
+ ("pinentry"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2")
+ (sha256
+ (base32 "0w35ypl960pczg5kp6km3dyr000m1hf0vpwwlh72jjkjza36c1v8"))))
+ ("gnupg"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.10.tar.bz2")
+ (sha256
+ (base32 "05f9804g72pffdxgvxjmjzkfcpjg1x221g9rwcr8fi51hrxd77br"))))
+ ("slang"
+ ,(origin
+ (method url-fetch)
+ (uri "https://www.jedsoft.org/releases/slang/slang-2.3.1a.tar.bz2")
+ (sha256
+ (base32 "0dlcy0hn0j6cj9qj5x6hpb0axifnvzzmv5jqq0wq14fygw0c7w2l"))))
+ ("newt"
+ ,(origin
+ (method url-fetch)
+ (uri "https://releases.pagure.org/newt/newt-0.52.20.tar.gz")
+ (sha256
+ (base32 "1g3dpfnvaw7vljbr7nzq1rl88d6r8cmrvvng9inphgzwxxmvlrld"))))
+
+ ;;; coreboot cross; FIXME: Extract.
+
+ ("gmp"
+ ,(origin
+ (method url-fetch)
+ (uri "https://ftpmirror.gnu.org/gmp/gmp-6.1.2.tar.xz")
+ (sha256
+ (base32 "04hrwahdxyqdik559604r7wrj9ffklwvipgfxgj4ys4skbl6bdc7"))))
+ ("mpfr"
+ ,(origin
+ (method url-fetch)
+ (uri "https://ftpmirror.gnu.org/mpfr/mpfr-3.1.5.tar.xz")
+ (sha256
+ (base32 "1g32l2fg8f62lcyzzh88y3fsh6rk539qc6ahhdgvx7wpnf1dwpq1"))))
+ ("mpc"
+ ,(origin
+ (method url-fetch)
+ (uri "https://ftpmirror.gnu.org/mpc/mpc-1.0.3.tar.gz")
+ (sha256
+ (base32 "1hzci2zrrd7v3g1jk35qindq05hbl0bhjcyyisq9z209xb3fqzb1"))))
+ ("binutils-2.30"
+ ,(origin
+ (method url-fetch)
+ (uri "https://ftpmirror.gnu.org/binutils/binutils-2.30.tar.xz")
+ (sha256
+ (base32 "1rhshw4m5m2pjz8g15hpiwhp52kn0pj0b5dxy0v7lwigmspbhikf"))))
+ ("gcc-8"
+ ,(origin
+ (method url-fetch)
+ (uri "https://ftpmirror.gnu.org/gcc/gcc-8.1.0/gcc-8.1.0.tar.xz")
+ (sha256
+ (base32 "0lxil8x0jjx7zbf90cy1rli650akaa6hpk8wk8s62vk2jbwnc60x"))))))
+ (arguments
+ `(#:tests? #f ; Toplevel makefile has no tests.
+ #:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; For edk2.
+ (setenv "BUILD_CC" "gcc") ; FIXME: musl *musl-cross*/x86_64-linux-musl/bin/x86_64-linux-musl-gcc || ./x86_64-linux-musl/x86_64-linux-musl/bin/musl-gcc.
+ ;; busybox needs the original values (for VERY few tools, but more than 0).
+ ;; Disable wget.
+ (setenv "WGET" "true")
+ ;; Work around mcheck.h problem (in glibc!?)
+ (substitute* "modules/popt"
+ (("[.]/configure") "CFLAGS=\"-D__END_DECLS -D__BEGIN_DECLS -D__THROW\" ./configure"))
+ #t))
+ (add-after 'unpack 'unpack-heads-packages
+ (lambda* (#:key inputs #:allow-other-keys)
+ (define (install-file* source-key destination-directory destination-suffix)
+ (let* ((source-file (assoc-ref inputs source-key))
+ (source-basename (basename source-file))
+ (source-parts (string-split source-basename #\-))
+ (drop (@ (srfi srfi-1) drop))
+ (destination-file
+ (string-join (drop source-parts 1) "-")))
+ (copy-file source-file
+ (string-append destination-directory "/"
+ destination-file destination-suffix))
+ ;(invoke "tar" "-xf" source-file "-C" "build")
+))
+ (mkdir-p "packages")
+ (setenv "GUIX_C_INCLUDE_PATH" (getenv "C_INCLUDE_PATH"))
+ (setenv "GUIX_CPLUS_INCLUDE_PATH" (getenv "CPLUS_INCLUDE_PATH"))
+ (setenv "GUIX_LIBRARY_PATH" (getenv "LIBRARY_PATH"))
+ (setenv "GUIX_CPATH" (getenv "CPATH"))
+ (for-each (lambda (name)
+ (install-file* name "packages" ".tmp"))
+ '("linux" "coreboot-blobs" "coreboot" "busybox" "zlib" "mbedtls" "kexec-tools" "qrencode" "pciutils" "util-linux" "flashrom" "popt" "lvm2" "cryptsetup" "libgpg-error" "libgcrypt" "libksba" "libassuan" "npth" "libusb" "libusb-compat" "dropbear" "pinentry" "gnupg" "slang" "newt" "musl"))
+ (mkdir-p "build")
+ (mkdir-p "build/musl-cross-git/tarballs")
+ (mkdir-p "build/coreboot-4.8.1/util/crossgcc/tarballs")
+ (for-each (lambda (name)
+ (install-file* name "build/coreboot-4.8.1/util/crossgcc/tarballs" ""))
+ '("gmp" "mpfr" "mpc" "binutils-2.30" "gcc-8"))
+ (copy-recursively (assoc-ref inputs "musl-cross") "build/musl-cross-git")
+ (copy-recursively (assoc-ref inputs "tpmtotp") "build/tpmtotp-git")
+ (copy-recursively (assoc-ref inputs "flashtools") "build/flashtools-0.0.1")
+ (copy-recursively (assoc-ref inputs "msrtools") "build/msrtools-git")
+
+ (setenv "MUSL_DIR" (assoc-ref inputs "musl-cross"))
+ (setenv "CROSS" (string-append (getenv "MUSL_DIR") "/crossgcc/x86_64-linux-musl/bin/x86_64-musl-linux-")) ; Note: Useless
+ (substitute* "Makefile"
+ ;; Disable our non-cross toolchain environment.
+ (("CROSS_TOOLS_NOCC := ")
+ ; CPP=" (getenv "CROSS") "cpp CXXCPP=" (getenv "CROSS") "cpp "
+ (string-append "CROSS_TOOLS_NOCC := C_INCLUDE_PATH= CPLUS_INCLUDE_PATH= LIBRARY_PATH= CPATH= "))
+ ;; Disable git.
+ (("git submodule update --init")
+ "true submodule update --init")
+ ;; Re-enable our non-cross toolchain environment selectively.
+ (("^WGET.*")
+ (string-append "HOSTCC =" ; for busybox
+ " C_INCLUDE_PATH=" (or (getenv "GUIX_C_INCLUDE_PATH") "")
+ " CPLUS_INCLUDE_PATH=" (or (getenv "GUIX_CPLUS_INCLUDE_PATH") "")
+ " CPATH=" (or (getenv "GUIX_CPATH") "")
+ " LIBRARY_PATH=" (or (getenv "GUIX_LIBRARY_PATH") "")
+ " gcc\n"
+ "CC_FOR_BUILD = $(HOSTCC)\n" ; for libgpg-error
+ "BUILD_CC = $(HOSTCC)\n")) ; for kexec-tools
+ ;; Disable git, patch shebangs, and selectively re-enable host compiler.
+ (("(git clone.*)." _ tar)
+ (format #f "(~a) && (cd $(build)/$($1_base_dir) && for s in Makefile Makefile.in configure lib/configure config.sub config.guess tools/install.sh tools/scripts/Makefile.include tools/power/cpupower/Makefile Makefile.rules scripts/* applets/usage_compressed po/Makefile.in.in po/Makefile.in po/Makefile make.tmpl.in *-config.in src/*-config.in applets/install.sh applets/busybox.mkll tests/pkits/* tests/openpgp/* tests/fake-pinentries/fake-pinentry.sh tests/*/Makefile tests/inittests tests/runtests tests/Makefile.in tests/runtest ; do if [ -f \"$$$$s\" ] ; then sed -i -e 's;/bin/sh\\>;~a/bin/sh;' -e 's;/bin/pwd\\>;pwd;' -e 's;/usr/bin/file\\>;file;' -e 's;/bin/false\\>;false;' -e 's;/bin/bash\\>;~a/bin/bash;' -e 's;git clone;true clone;' -e 's;^HOSTCC.*$$$$;HOSTCC=C_INCLUDE_PATH=\"$(GUIX_C_INCLUDE_PATH)\" CPLUS_INCLUDE_PATH=\"$(GUIX_CPLUS_INCLUDE_PATH)\" CPATH=\"$(GUIX_CPATH)\" LIBRARY_PATH=\"$(GUIX_LIBRARY_PATH)\" gcc;' \"$$$$s\" ; fi ; done)
+" "true" (assoc-ref inputs "bash") (assoc-ref inputs "bash")))
+ (("(tar -xf.*)." _ tar)
+ (format #f "(~a) && (cd $(build)/$($1_base_dir) && for s in Makefile Makefile.in configure lib/configure config.sub config.guess tools/install.sh tools/scripts/Makefile.include tools/power/cpupower/Makefile Makefile.rules scripts/* applets/usage_compressed po/Makefile.in.in po/Makefile.in po/Makefile make.tmpl.in *-config.in src/*-config.in applets/install.sh applets/busybox.mkll tests/pkits/* tests/openpgp/* tests/fake-pinentries/fake-pinentry.sh tests/*/Makefile tests/inittests tests/runtests tests/Makefile.in tests/runtest ; do if [ -f \"$$$$s\" ] ; then sed -i -e 's;/bin/sh\\>;~a/bin/sh;' -e 's;/bin/pwd\\>;pwd;' -e 's;/usr/bin/file\\>;file;' -e 's;/bin/false\\>;false;' -e 's;/bin/bash\\>;~a/bin/bash;' -e 's;git clone;true clone;' -e 's;^HOSTCC.*$$$$;HOSTCC=C_INCLUDE_PATH=\"$(GUIX_C_INCLUDE_PATH)\" CPLUS_INCLUDE_PATH=\"$(GUIX_CPLUS_INCLUDE_PATH)\" CPATH=\"$(GUIX_CPATH)\" LIBRARY_PATH=\"$(GUIX_LIBRARY_PATH)\" gcc;' \"$$$$s\" ; fi ; done)
+" tar (assoc-ref inputs "bash") (assoc-ref inputs "bash"))))
+ ;(substitute* "modules/musl-cross"
+ ; (("/bin/echo") "echo"))
+ (call-with-output-file "patches/coreboot-4.8.1/9999-shell.patch"
+ (lambda (port)
+ (format port "--- coreboot-4.8.1/util/crossgcc/buildgcc.orig 2019-09-13 14:45:12.463998974 +0200
++++ coreboot-4.8.1/util/crossgcc/buildgcc 2019-09-13 14:46:49.808268216 +0200
+@@ -462,6 +462,13 @@
+ }
+ done
+ touch \"${dir}/.unpack_success\"
++ for s in \"${dir}/Makefile\" \"${dir}/configure\" \"${dir}/config.sub\" \"${dir}/config.guess\"
++ do
++ if [ -f \"${s}\" ]
++ then
++ sed -i -e 's;/bin/sh\\>;~a/bin/sh;' \"${s}\"
++ fi
++ done
+ )
+ }
+
+" (assoc-ref inputs "bash"))))
+ #t))
+ (add-after 'install 'install-images
+ (lambda* (#:key outputs make-flags #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (make-flags-assoc (map (lambda (x)
+ (string-split x #\=))
+ make-flags))
+ (BOARD (car (assoc-ref make-flags-assoc "BOARD")))
+ (out-images (string-append out "/libexec/heads/" BOARD "/images")))
+ (mkdir -p out-images)
+ (copy-recursively (string-append "build/" BOARD) out-images)
+ ;; Contains timestamp.
+ (delete-file (string-append out-images "/hashes.txt"))
+ #t))))))
+ (home-page "https://github.com/osresearch/heads")
+ (synopsis "Heads: coreboot/LinuxBoot payload")
+ (description "A minimal Linux that runs as a coreboot or LinuxBoot ROM
+payload to provide a secure, flexible boot environment for laptops and
+servers.")
+ (license license:gpl2+))))