|
|
@ -1,3 +1,6 @@
|
|
|
|
|
|
|
|
let
|
|
|
|
|
|
|
|
update_microcode = true;
|
|
|
|
|
|
|
|
in
|
|
|
|
{
|
|
|
|
{
|
|
|
|
hostPlatform = (import <nixpkgs/lib>).systems.examples.gnu64;
|
|
|
|
hostPlatform = (import <nixpkgs/lib>).systems.examples.gnu64;
|
|
|
|
|
|
|
|
|
|
|
@ -15,13 +18,43 @@
|
|
|
|
'';
|
|
|
|
'';
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
coreboot = final.lib.makeOverridable (prev.coreboot.override {
|
|
|
|
coreboot = let
|
|
|
|
|
|
|
|
# does include spectre mitigations (performance hit)
|
|
|
|
|
|
|
|
#linux-firmware = final.nixpkgsOnBuildForBuild.linux-firmware;
|
|
|
|
|
|
|
|
#path-within-linux-firmware = "lib/firmware/amd-ucode/microcode_amd_fam15h.bin";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# does *not* include spectre mitigations (no performance hit)
|
|
|
|
|
|
|
|
linux-firmware = final.nixpkgsOnBuildForBuild.fetchgit {
|
|
|
|
|
|
|
|
# most recent update that does *not* include spectre
|
|
|
|
|
|
|
|
# mitigations; needed for 63xx processors due to an exploitable
|
|
|
|
|
|
|
|
# NMI defect in that sieres (only)
|
|
|
|
|
|
|
|
url = "https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git";
|
|
|
|
|
|
|
|
rev = "5f8ca0c1db6106a2d6d7e85eee778917ff03c3de";
|
|
|
|
|
|
|
|
branchName = "main";
|
|
|
|
|
|
|
|
#sparseCheckout = path-within-linux-firmware;
|
|
|
|
|
|
|
|
hash = "sha256-uwzz0z2+uPke8AVKb80Cy620efdRBSuwjfoIrQhepc8=";
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
path-within-linux-firmware = "amd-ucode/microcode_amd_fam15h.bin";
|
|
|
|
|
|
|
|
in
|
|
|
|
|
|
|
|
final.lib.makeOverridable (prev.coreboot.override {
|
|
|
|
iasl = final.iasl_20180531;
|
|
|
|
iasl = final.iasl_20180531;
|
|
|
|
payload = "${final.kernel}/bzImage";
|
|
|
|
payload = "${final.kernel}/bzImage";
|
|
|
|
fmap = ./custom.fmap;
|
|
|
|
fmap = ./custom.fmap;
|
|
|
|
config = ./coreboot.config;
|
|
|
|
config = ./coreboot.config;
|
|
|
|
coreboot-toolchain = with final.coreboot-toolchain; [ x64 i386 ];
|
|
|
|
coreboot-toolchain = with final.coreboot-toolchain; [ x64 i386 ];
|
|
|
|
}).overrideAttrs (a: {
|
|
|
|
}).overrideAttrs (a: {
|
|
|
|
|
|
|
|
postConfigure = if update_microcode then ''
|
|
|
|
|
|
|
|
echo CONFIG_CPU_MICROCODE_MULTIPLE_FILES=y >> .config
|
|
|
|
|
|
|
|
'' else ''
|
|
|
|
|
|
|
|
echo CONFIG_CPU_MICROCODE_CBFS_NONE=y >> .config
|
|
|
|
|
|
|
|
'';
|
|
|
|
|
|
|
|
preBuild = final.lib.optionalString update_microcode ''
|
|
|
|
|
|
|
|
mkdir -p 3rdparty/blobs/cpu/amd/family_15h/
|
|
|
|
|
|
|
|
ln -sfT ${linux-firmware}/${path-within-linux-firmware} \
|
|
|
|
|
|
|
|
3rdparty/blobs/cpu/amd/family_15h/microcode_amd_fam15h.bin
|
|
|
|
|
|
|
|
mkdir -p 3rdparty/blobs/cpu/amd/family_10h-family_14h/
|
|
|
|
|
|
|
|
touch 3rdparty/blobs/cpu/amd/family_10h-family_14h/microcode_amd.bin
|
|
|
|
|
|
|
|
'';
|
|
|
|
postInstall = (a.postInstall or "") + ''
|
|
|
|
postInstall = (a.postInstall or "") + ''
|
|
|
|
cp src/mainboard/asus/kgpe-d16/cmos.layout $out/
|
|
|
|
cp src/mainboard/asus/kgpe-d16/cmos.layout $out/
|
|
|
|
cp src/mainboard/asus/kgpe-d16/cmos.default $out/
|
|
|
|
cp src/mainboard/asus/kgpe-d16/cmos.default $out/
|
|
|
|