pkgs/os-specific/linux/broadcom-sta/default.nix at devShellTools-shell · tjh.dev/nixpkgs

tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
nixpkgs / pkgs / os-specific / linux / broadcom-sta / default.nix
at devShellTools-shell 125 lines 4.8 kB view raw
  1{
  2  lib,
  3  stdenv,
  4  fetchurl,
  5  fetchFromGitHub,
  6  kernel,
  7}:
  8
  9let
 10  version = "6.30.223.271";
 11  # Patchset release number from rpmfusion, to more easily differentiate
 12  # versions and updates. See `wl-kmod.spec` file:
 13  # https://github.com/rpmfusion/wl-kmod/blob/master/wl-kmod.spec#L19
 14  release = "57";
 15  hashes = {
 16    i686-linux = "sha256-T4twspOsjMXHDlca1dGHjQ8p0TOkb+eGmGjZwZtQWM0=";
 17    x86_64-linux = "sha256-X3l3TVvuyPdja1nA+wegMQju8eP9MkVjiyCFjHFBRL4=";
 18  };
 19
 20  arch = lib.optionalString (stdenv.hostPlatform.system == "x86_64-linux") "_64";
 21  tarballVersion = lib.replaceStrings [ "." ] [ "_" ] version;
 22  tarball = "hybrid-v35${arch}-nodebug-pcoem-${tarballVersion}.tar.gz";
 23
 24  rpmFusionPatches = fetchFromGitHub {
 25    owner = "rpmfusion";
 26    repo = "wl-kmod";
 27    rev = "b0d19578ebd0daae9c5b7f9e9511a6d73ac4d957";
 28    hash = "sha256-v7mZ2S/eVfGTEXrxpdiemHhrC+P3/sPOZqTBhRtins4=";
 29  };
 30  patchset = [
 31    "wl-kmod-001_wext_workaround.patch"
 32    "wl-kmod-002_kernel_3.18_null_pointer.patch"
 33    "wl-kmod-003_gcc_4.9_remove_TIME_DATE_macros.patch"
 34    "wl-kmod-004_kernel_4.3_rdtscl_to_rdtsc.patch"
 35    "wl-kmod-005_kernel_4.7_IEEE80211_BAND_to_NL80211_BAND.patch"
 36    "wl-kmod-006_gcc_6_fix_indentation_warnings.patch"
 37    "wl-kmod-007_kernel_4.8_add_cfg80211_scan_info_struct.patch"
 38    "wl-kmod-008_fix_kernel_warnings.patch"
 39    "wl-kmod-009_kernel_4.11_remove_last_rx_in_net_device_struct.patch"
 40    "wl-kmod-010_kernel_4.12_add_cfg80211_roam_info_struct.patch"
 41    "wl-kmod-011_kernel_4.14_new_kernel_read_function_prototype.patch"
 42    "wl-kmod-012_kernel_4.15_new_timer.patch"
 43    "wl-kmod-013_gcc8_fix_bounds_check_warnings.patch"
 44    "wl-kmod-014_kernel_read_pos_increment_fix.patch"
 45    "wl-kmod-015_kernel_5.1_get_ds_removed.patch"
 46    "wl-kmod-016_fix_unsupported_mesh_point.patch"
 47    "wl-kmod-017_fix_gcc_fallthrough_warning.patch"
 48    "wl-kmod-018_kernel_5.6_adaptations.patch"
 49    "wl-kmod-019_kernel_5.9_segment_eq_removed.patch"
 50    "wl-kmod-020_kernel_5.10_get_set_fs_removed.patch"
 51    "wl-kmod-021_kernel_5.17_adaptation.patch"
 52    "wl-kmod-022_kernel_5.18_adaptation.patch"
 53    "wl-kmod-023_kernel_6.0_adaptation.patch"
 54    "wl-kmod-024_kernel_6.1_adaptation.patch"
 55    "wl-kmod-025_kernel_6.5_adaptation.patch"
 56    "wl-kmod-026_kernel_6.10_fix_empty_body_in_if_warning.patch"
 57    "wl-kmod-027_wpa_supplicant-2.11_add_max_scan_ie_len.patch"
 58    "wl-kmod-028_kernel_6.12_adaptation.patch"
 59    "wl-kmod-029_kernel_6.13_adaptation.patch"
 60    "wl-kmod-030_kernel_6.14_adaptation.patch"
 61    "wl-kmod-031_replace_EXTRA_CFLAGS_EXTRA_LDFLAGS_with_ccflags-y_ldflags-y.patch"
 62    "wl-kmod-032_add_MODULE_DESCRIPTION_macro.patch"
 63    "wl-kmod-033_disable_objtool_add_warning_unmaintained.patch"
 64    "wl-kmod-034_kernel_6.15_adaptation_replace_del_timer_with_timer_delete.patch"
 65  ];
 66in
 67stdenv.mkDerivation {
 68  name = "broadcom-sta-${version}-${release}-${kernel.version}";
 69
 70  src = fetchurl {
 71    url = "https://docs.broadcom.com/docs-and-downloads/docs/linux_sta/${tarball}";
 72    hash =
 73      hashes.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
 74  };
 75
 76  hardeningDisable = [ "pic" ];
 77
 78  nativeBuildInputs = kernel.moduleBuildDependencies;
 79
 80  patches = map (patch: "${rpmFusionPatches}/${patch}") patchset;
 81
 82  makeFlags = [ "KBASE=${kernel.dev}/lib/modules/${kernel.modDirVersion}" ];
 83
 84  unpackPhase = ''
 85    runHook preUnpack
 86    sourceRoot=broadcom-sta
 87    mkdir "$sourceRoot"
 88    tar xvf "$src" -C "$sourceRoot"
 89    runHook postUnpack
 90  '';
 91
 92  installPhase = ''
 93    runHook preInstall
 94    binDir="$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/"
 95    docDir="$out/share/doc/broadcom-sta/"
 96    mkdir -p "$binDir" "$docDir"
 97    cp wl.ko "$binDir"
 98    cp lib/LICENSE.txt "$docDir"
 99    runHook postInstall
100  '';
101
102  meta = {
103    description = "Kernel module driver for some Broadcom's wireless cards";
104    homepage = "https://www.broadcom.com/support/download-search?pg=Legacy%20Products&pf=Legacy%20Wireless&pn&pa&po&dk&pl";
105    license = lib.licenses.unfreeRedistributable;
106    maintainers = with lib.maintainers; [
107      j0hax
108      nullcube
109    ];
110    platforms = [
111      "i686-linux"
112      "x86_64-linux"
113    ];
114    knownVulnerabilities = [
115      "CVE-2019-9501: heap buffer overflow, potentially allowing remote code execution by sending specially-crafted WiFi packets"
116      "CVE-2019-9502: heap buffer overflow, potentially allowing remote code execution by sending specially-crafted WiFi packets"
117      (
118        "The Broadcom STA wireless driver is not maintained "
119        + "and is incompatible with Linux kernel security mitigations. "
120        + "It is heavily recommended to replace the hardware and remove the driver. "
121        + "Proceed at your own risk!"
122      )
123    ];
124  };
125}