Coreboot: Difference between revisions
imported>Flokli remove hardening edit / https://github.com/NixOS/nixpkgs/pull/107435 |
Make the shell cross compatible |
||
(20 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
== Building == | == Building as Nix Derivation == | ||
There is a commented example of building Coreboot as Nix derivation at [https://github.com/blitz/nix-coreboot blitz/nix-coreboot] on Github. | |||
== Building in nix-shell == | |||
Note: the following was tested and working on NixOS 21.11 (Porcupine) while compiling the QEMU target for Coreboot v4.15 as well as Coreboot master (7b168c92f6). | |||
To build your own coreboot bios: | To build your own coreboot bios: | ||
<syntaxHighlight lang= | Create a <code>shell.nix</code>, and run <code>nix-shell</code> | ||
<syntaxhighlight lang="nix"> | |||
{ | |||
pkgs ? import <nixpkgs> { }, | |||
$ | }: | ||
# NOTE we need mkShellNoCC | |||
# mkShell would add the regular gcc, which has no ada (gnat) | |||
# https://github.com/NixOS/nixpkgs/issues/142943 | |||
pkgs.callPackage ( | |||
{ | |||
mkShellNoCC, | |||
qemu, | |||
pkg-config, | |||
gnat11, | |||
m4, | |||
flex, | |||
bison, | |||
zlib, | |||
ncurses, | |||
}: | |||
mkShellNoCC { | |||
strictDeps = true; | |||
# host/target agnostic programs | |||
depsBuildBuild = [ | |||
qemu # override and change `hostCpuTargets` if cross-compiling | |||
]; | |||
# compilers & linkers & dependecy finding programs | |||
nativeBuildInputs = [ | |||
pkg-config | |||
gnat11 # gcc with ada | |||
m4 | |||
flex | |||
bison # Generate flashmap descriptor parser | |||
]; | |||
# libraries | |||
buildInputs = [ | |||
zlib | |||
ncurses # make menuconfig | |||
]; | |||
} | |||
) { } | |||
</syntaxhighlight> | |||
Now we can build coreboot: | |||
<syntaxHighlight lang=bash> | |||
# clone coreboot git repository (latest master) | |||
git clone https://review.coreboot.org/coreboot.git --depth 1 | |||
# or for a specific coreboot version (I.E. version 4.15) | |||
git clone --branch 4.15 https://review.coreboot.org/coreboot.git --depth 1 | |||
# get 3rd party submodules in coreboot repository | |||
cd coreboot | |||
du -sh . # ~200 MByte | |||
git submodule update --init --checkout --depth 1 | |||
du -sh . # ~700 MByte | |||
# configure | |||
# set mainboard model, chip size, ... | |||
make menuconfig MENUCONFIG_COLOR=blackbg # blackbg = dark mode | |||
# build toolchain for a x86 target | |||
# Note: the i386 toolchain is used for all x86 platforms including x86_64. | |||
# See https://doc.coreboot.org/tutorial/part1.html | |||
# to list all targets: make help | |||
make crossgcc-i386 CPUS=$(nproc) | |||
# build firmware | |||
make CPUS=$(nproc) | |||
# test firmware | |||
qemu-system-x86_64 -bios build/coreboot.rom -serial stdio | |||
</syntaxHighlight> | </syntaxHighlight> | ||
== Skip building toolchain == | |||
We can use our system toolchain to build coreboot firmware, but this is not recommended per [https://doc.coreboot.org/tutorial/part1.html coreboot docs]: | |||
<blockquote> | |||
you can possibly use your system toolchain, but the results are not reproducible, and may have issues, so this is not recommended | |||
</blockquote> | |||
To use the system toolchain, in <code>make menuconfig</code>, enable <code>General Setup > Allow building with any toolchain</code> | |||
== Building as derivation == | |||
coreboot is pretty picky about the toolchain it is built with and thus using the toolchain it comes with is the easiest path to success. There are commented Nix expressions that build coreboot [https://github.com/blitz/nix-coreboot here]. | |||
== See also == | |||
* https://doc.coreboot.org/tutorial/part1.html | |||
* https://www.coreboot.org/Build_HOWTO | |||
* https://www.coreboot.org/Lesson1 | |||
* https://wiki.gentoo.org/wiki/Coreboot | |||
* flashing the new bios image | |||
** https://doc.coreboot.org/tutorial/flashing_firmware/index.html | |||
** https://libreboot.org/docs/install/spi.html | |||
[[Category:Booting]] |
Latest revision as of 18:30, 29 October 2024
Building as Nix Derivation
There is a commented example of building Coreboot as Nix derivation at blitz/nix-coreboot on Github.
Building in nix-shell
Note: the following was tested and working on NixOS 21.11 (Porcupine) while compiling the QEMU target for Coreboot v4.15 as well as Coreboot master (7b168c92f6).
To build your own coreboot bios:
Create a shell.nix
, and run nix-shell
{
pkgs ? import <nixpkgs> { },
}:
# NOTE we need mkShellNoCC
# mkShell would add the regular gcc, which has no ada (gnat)
# https://github.com/NixOS/nixpkgs/issues/142943
pkgs.callPackage (
{
mkShellNoCC,
qemu,
pkg-config,
gnat11,
m4,
flex,
bison,
zlib,
ncurses,
}:
mkShellNoCC {
strictDeps = true;
# host/target agnostic programs
depsBuildBuild = [
qemu # override and change `hostCpuTargets` if cross-compiling
];
# compilers & linkers & dependecy finding programs
nativeBuildInputs = [
pkg-config
gnat11 # gcc with ada
m4
flex
bison # Generate flashmap descriptor parser
];
# libraries
buildInputs = [
zlib
ncurses # make menuconfig
];
}
) { }
Now we can build coreboot:
# clone coreboot git repository (latest master)
git clone https://review.coreboot.org/coreboot.git --depth 1
# or for a specific coreboot version (I.E. version 4.15)
git clone --branch 4.15 https://review.coreboot.org/coreboot.git --depth 1
# get 3rd party submodules in coreboot repository
cd coreboot
du -sh . # ~200 MByte
git submodule update --init --checkout --depth 1
du -sh . # ~700 MByte
# configure
# set mainboard model, chip size, ...
make menuconfig MENUCONFIG_COLOR=blackbg # blackbg = dark mode
# build toolchain for a x86 target
# Note: the i386 toolchain is used for all x86 platforms including x86_64.
# See https://doc.coreboot.org/tutorial/part1.html
# to list all targets: make help
make crossgcc-i386 CPUS=$(nproc)
# build firmware
make CPUS=$(nproc)
# test firmware
qemu-system-x86_64 -bios build/coreboot.rom -serial stdio
Skip building toolchain
We can use our system toolchain to build coreboot firmware, but this is not recommended per coreboot docs:
you can possibly use your system toolchain, but the results are not reproducible, and may have issues, so this is not recommended
To use the system toolchain, in make menuconfig
, enable General Setup > Allow building with any toolchain
Building as derivation
coreboot is pretty picky about the toolchain it is built with and thus using the toolchain it comes with is the easiest path to success. There are commented Nix expressions that build coreboot here.