- Move openssl to nativeBuildInputs in ATF build for proper cross-compilation
- Add explicit SILICON validation with clear error messages in firmware build
- Fix fragile wildcard patterns in firmware DDR file copying
- Replace mutable branch URLs with pinned commit hashes for patch stability
- Add U-Boot config merge step (make olddefconfig) after extra config
- Fix cross-compilation toolchain coherence (cpp in optee-os)
- Standardize license format (single value instead of single-element list)
- Update maintainer references with inline name/email format
- Fix typos and grammar in documentation and comments
Fixed parameter name collision in ucm-imx95-firmware.nix where the
'silicon' parameter conflicted with the nixpkgs silicon package, causing
the wrong AHAB container to be selected. Renamed to 'siliconRev'.
Updated imx-mkimage from lf-6.6.36 to lf-6.6.52-2.2.1 to match the
firmware version expectations (v202409 instead of v202311).
Fetch AHAB container, M7 firmware, and DDR PHY firmware binaries
from the NXP release packages. The derivation extracts the correct
LPDDR5 PHY images and selects the appropriate AHAB container for
A0 or B0 silicon revisions.
Signed-off-by: Govind Singh <govind.singh@tii.ae>
The broadcom-sta driver package is marked as insecure due to CVE-2019-9501
and CVE-2019-9502 (heap buffer overflow vulnerabilities allowing remote code
execution). The driver is also unmaintained and incompatible with modern
Linux kernel security mitigations.
Removed broadcom_sta from extraModulePackages and the corresponding "wl" kernel module.
This resolves test failures where Nixpkgs refuses to evaluate configurations
containing this insecure package.
Upstream changes broke the checks that we had.
By now we have 6.12 as the LTS, and 24.05 went out of support, so I
think we don't need to support this anymore.
Anyone still on such old kernel versions, can apply the patch manually
if needed.
This refactoring reduces code duplication across i.MX93, i.MX8MP, and
i.MX8MQ platforms by extracting common build logic into parameterized
shared builders. This makes it easier to maintain and add new i.MX
platforms while ensuring consistency across all platforms.
The i.MX93 EVK provides a platform for comprehensive evaluation
of the i.MX93 application processors. This change adds support
in NixOS hardware to provide a template for customized i.MX93-based
platforms.
Signed-off-by: Govind Singh <govind.singh@tii.ae>
Adds hardware profile for Lenovo ThinkPad P14s Intel Gen 2 with:
- Intel Tiger Lake CPU support
- NVIDIA Turing GPU with PRIME configuration
- Suspend-to-RAM S3 sleep state configuration
