pkgs/os-specific/linux/isgx/default.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / os-specific / linux / isgx / default.nix
at master 1.6 kB view raw
 1{
 2  stdenv,
 3  lib,
 4  fetchFromGitHub,
 5  kernel,
 6}:
 7
 8stdenv.mkDerivation rec {
 9  name = "isgx-${version}-${kernel.version}";
10  version = "2.14";
11
12  src = fetchFromGitHub {
13    owner = "intel";
14    repo = "linux-sgx-driver";
15    rev = "sgx_diver_${version}"; # Typo is upstream's.
16    sha256 = "0kbbf2inaywp44lm8ig26mkb36jq3smsln0yp6kmrirdwc3c53mi";
17  };
18
19  hardeningDisable = [ "pic" ];
20
21  nativeBuildInputs = kernel.moduleBuildDependencies;
22
23  makeFlags = [
24    "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
25  ];
26
27  installPhase = ''
28    runHook preInstall
29    install -D isgx.ko -t $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/intel/sgx
30    runHook postInstall
31  '';
32
33  enableParallelBuilding = true;
34
35  meta = with lib; {
36    description = "Intel SGX Linux Driver";
37    longDescription = ''
38      The linux-sgx-driver project (isgx) hosts an out-of-tree driver
39      for the Linux* Intel(R) SGX software stack, which would be used
40      until the driver upstreaming process is complete (before 5.11.0).
41
42      It is used to support Enhanced Privacy Identification (EPID)
43      based attestation on the platforms without Flexible Launch Control.
44    '';
45    homepage = "https://github.com/intel/linux-sgx-driver";
46    license = with licenses; [
47      bsd3 # OR
48      gpl2Only
49    ];
50    maintainers = [ ];
51    platforms = [ "x86_64-linux" ];
52    # This kernel module is now in mainline so newer kernels should
53    # use that rather than this out-of-tree version (officially
54    # deprecated by Intel)
55    broken = kernel.kernelAtLeast "6.4";
56  };
57}