pkgs/tools/security/tboot/default.nix at 19.03

tjh.dev / nixpkgs

fork atom

nixpkgs mirror (for testing) github.com/NixOS/nixpkgs

nix

fork atom

nixpkgs / pkgs / tools / security / tboot / default.nix

at 19.03 36 lines 1.1 kB view raw

wrap content

 1{ stdenv, fetchurl, trousers, openssl, zlib }:
 2
 3stdenv.mkDerivation rec {
 4  name = "tboot-${version}";
 5  version = "1.9.6";
 6
 7  src = fetchurl {
 8    url = "mirror://sourceforge/tboot/${name}.tar.gz";
 9    sha256 = "0f9afz260xhycpd0x5zz6jn8ha14i8j98rck0fhb55l1rbbfwm8v";
10  };
11
12  patches = [ ./tboot-add-well-known-secret-option-to-lcp_writepol.patch ];
13
14  buildInputs = [ trousers openssl zlib ];
15
16  enableParallelBuilding = true;
17
18  hardeningDisable = [ "pic" "stackprotector" ];
19
20  configurePhase = ''
21    for a in lcptools utils tb_polgen; do
22      substituteInPlace $a/Makefile --replace /usr/sbin /sbin
23    done
24    substituteInPlace docs/Makefile --replace /usr/share /share
25  '';
26
27  installFlags = "DESTDIR=$(out)";
28
29  meta = with stdenv.lib; {
30    description = "A pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM";
31    homepage    = https://sourceforge.net/projects/tboot/;
32    license     = licenses.bsd3;
33    maintainers = with maintainers; [ ak ];
34    platforms   = [ "x86_64-linux" "i686-linux" ];
35  };
36}