Ada support keeps breaking due to gnat being in a somewhat poor state
in nixpkgs. As Ada support is only necessary for some Intel drivers
and these are generally not required for using coreboot in a VM, make
Ada support optional.
This commit exposes a bug in the coreboot-toolchain expression; if you
nix-build that expression at this commit and do not use subsituters,
you will get a failure like this:
error: output '/nix/store/nvswbzyl39ifpwswfvx132j2mys80ifr-coreboot' is not allowed to refer to the following paths:
/nix/store/8ngciqnw8jzvyvbx00arkp05gvn5q6sq-libunistring-1.0
/nix/store/p2r9ynirymj47x5m6y9pnq0lpssn4ahm-bash-5.1-p16
/nix/store/rflgyvwcnmrql5wf8kchynmmq7raggvj-libidn2-2.3.2
/nix/store/rszg7d581z3v3fwrak68ba2wv5lrckx7-glibc-2.34-115
The root cause of the bug is this line in
tools/misc/coreboot-toolchain/default.nix:
sha256 = "073n8yid3v0l9wgwnrdqrlgzaj9mnhs33a007dgr7xq3z0iw3i52"
This hash covers the result of the fetchgit operation, including the
postFetch block. The postFetch block runs patchShebangs, which writes
the store-path of ${stdenv.shell} into $out/util/crossgcc/buildgcc
*before* computing its hash.
The next commit after this one fixes the bug by moving patchShebangs
out of the postFetch block, so it happens *after* the hash is
computed.
Note that even without allowedRequisites=[], the state of the code
prior to this commit is problematic. Because it hardcodes the
store-path of stdenv, the expression will break in these situations:
* Building on a platform other than x86_64-linux, since those
platforms will have a different boostrap-files store-path and
therefore a different stdenv store-path.
* Building with an overlay which adds -march= or other compiler flag
customizations to stdenv.
* Future nixpkgs users if nixpkgs commits any change which influences
the store-path of stdenv.
So we should fix the problem in any event. The `allowedRequisites=[]`
added by this commit ensures that the problem will be noticed
immediately if it recurs in the future.
coreboot-toolchain is a package set now and contains the toolchains for
various platforms. Thus, fix the update script by renaming the package
name to `coreboot-toolchain.i386`.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Previously we were unable to override individual attributes within the
coreboot-toolchain packageset. By using callPackage on each of the
attributes individually we retain the ability to call the override
function to inject custom dependencies into the build.
For reproducibility, the toolchain build system appends a specific
version string to the usual version string of the tools. Before 4.15,
the build system used git for that at runtime and since the .git
directory is removed by the NixOS build system, the version string was
empty and resulted in `v_`.
Now, the toolchain build system prefers using the environment variable
`CROSSGCC_VERSION` if set. Thus, extract the version string in the
postFetch phase and set `CROSSGCC_VERSION` in the build phase.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Rework update script so that it needs to be run from the root directory
of nixpkgs and get rid of relative paths. Also, move the resulting file
`sources.nix` into the package directory.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Add and adjust update script from
https://git.petabyte.dev/petabyteboy/corenix.
The script is meant to be run from the package directory of the
coreboot-toolchain. The script generates a sources.nix files, which
contains all sources used for the coreboot toolchain and some other
tools. Thus, it needs to be stripped down to the necessary sources.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
