tjh.dev
1{ lib
2, stdenv
3, fetchFromGitHub
4, fetchurl
5, flex
6, bison
7, bc
8, cpio
9, perl
10, elfutils
11, python3
12, sevVariant ? false
13}:
14
15stdenv.mkDerivation (finalAttrs: {
16 pname = "libkrunfw";
17 version = "4.2.0";
18
19 src = fetchFromGitHub {
20 owner = "containers";
21 repo = "libkrunfw";
22 rev = "refs/tags/v${finalAttrs.version}";
23 hash = "sha256-LaIyPk9QkxPFP169r6PqyBMpFujbQBlX77z63OqKGYc=";
24 };
25
26 kernelSrc = fetchurl {
27 url = "https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.6.32.tar.xz";
28 hash = "sha256-qqgk6vB/YZEdIrdf8JCkA8PdC9c+I5M+C7qLWXFDbOE=";
29 };
30
31 postPatch = ''
32 substituteInPlace Makefile \
33 --replace 'curl $(KERNEL_REMOTE) -o $(KERNEL_TARBALL)' 'ln -s $(kernelSrc) $(KERNEL_TARBALL)'
34 '';
35
36 nativeBuildInputs = [
37 flex
38 bison
39 bc
40 cpio
41 perl
42 python3
43 python3.pkgs.pyelftools
44 ];
45
46 buildInputs = [
47 elfutils
48 ];
49
50 makeFlags = [
51 "PREFIX=${placeholder "out"}"
52 ] ++ lib.optionals sevVariant [
53 "SEV=1"
54 ];
55
56 # Fixes https://github.com/containers/libkrunfw/issues/55
57 NIX_CFLAGS_COMPILE = lib.optionalString stdenv.targetPlatform.isAarch64 "-march=armv8-a+crypto";
58
59 enableParallelBuilding = true;
60
61 meta = with lib; {
62 description = "Dynamic library bundling the guest payload consumed by libkrun";
63 homepage = "https://github.com/containers/libkrunfw";
64 license = with licenses; [ lgpl2Only lgpl21Only ];
65 maintainers = with maintainers; [ nickcao RossComputerGuy ];
66 platforms = [ "x86_64-linux" "aarch64-linux" ];
67 };
68})