{pkgs}: let
python3 = pkgs.buildPackages.python3;
toolchain = pkgs.gcc9Stdenv.cc;
binutils = pkgs.gcc9Stdenv.cc.bintools.bintools_bin;
cpp = pkgs.gcc;
in
pkgs.stdenv.mkDerivation rec {
pname = "imx8mp-optee-os";
version = "lf-6.1.55-2.2.0";
nativeBuildInputs = [
python3
];
enableParallelBuilding = true;
propagatedBuildInputs = with python3.pkgs; [
pycryptodomex
pyelftools
cryptography
];
src = pkgs.fetchgit {
url = "https://github.com/nxp-imx/imx-optee-os.git";
rev = "a303fc80f7c4bd713315687a1fa1d6ed136e78ee";
sha256 = "sha256-OpyG812DX0c06bRZPKWB2cNu6gtZCOvewDhsKgrGB+s=";
};
postPatch = ''
substituteInPlace scripts/arm32_sysreg.py \
--replace '/usr/bin/env python3' '${python3}/bin/python'
substituteInPlace scripts/gen_tee_bin.py \
--replace '/usr/bin/env python3' '${python3}/bin/python'
substituteInPlace scripts/pem_to_pub_c.py \
--replace '/usr/bin/env python3' '${python3}/bin/python'
substituteInPlace ta/pkcs11/scripts/verify-helpers.sh \
--replace '/bin/bash' '${pkgs.bash}/bin/bash'
substituteInPlace mk/gcc.mk \
--replace "\$(CROSS_COMPILE_\$(sm))objcopy" ${binutils}/bin/${toolchain.targetPrefix}objcopy
substituteInPlace mk/gcc.mk \
--replace "\$(CROSS_COMPILE_\$(sm))objdump" ${binutils}/bin/${toolchain.targetPrefix}objdump
substituteInPlace mk/gcc.mk \
--replace "\$(CROSS_COMPILE_\$(sm))nm" ${binutils}/bin/${toolchain.targetPrefix}nm
substituteInPlace mk/gcc.mk \
--replace "\$(CROSS_COMPILE_\$(sm))readelf" ${binutils}/bin/${toolchain.targetPrefix}readelf
substituteInPlace mk/gcc.mk \
--replace "\$(CROSS_COMPILE_\$(sm))ar" ${binutils}/bin/${toolchain.targetPrefix}ar
substituteInPlace mk/gcc.mk \
--replace "\$(CROSS_COMPILE_\$(sm))cpp" ${cpp}/bin/cpp
'';
makeFlags = [
"PLATFORM=imx"
"PLATFORM_FLAVOR=mx8mpevk"
"CFG_ARM64_core=y"
"CFG_TEE_TA_LOG_LEVEL=0"
"CFG_TEE_CORE_LOG_LEVEL=0"
"CROSS_COMPILE=${toolchain}/bin/${toolchain.targetPrefix}"
"CROSS_COMPILE64=${toolchain}/bin/${toolchain.targetPrefix}"
];
installPhase = ''
mkdir -p $out
cp ./out/arm-plat-imx/core/tee-raw.bin $out/tee.bin
'';
}