diff --git a/.circleci/config.yml b/.circleci/config.yml index 3fd260dcd..2ff6ed117 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -45,7 +45,7 @@ commands: jobs: prep_env: docker: - - image: tlaurion/heads-dev-env:v0.1.4 + - image: tlaurion/heads-dev-env:v0.1.6 resource_class: large working_directory: ~/heads steps: @@ -111,7 +111,7 @@ jobs: build_and_persist: docker: - - image: tlaurion/heads-dev-env:v0.1.4 + - image: tlaurion/heads-dev-env:v0.1.6 resource_class: large working_directory: ~/heads parameters: @@ -139,7 +139,7 @@ jobs: build: docker: - - image: tlaurion/heads-dev-env:v0.1.4 + - image: tlaurion/heads-dev-env:v0.1.6 resource_class: large working_directory: ~/heads parameters: @@ -160,7 +160,7 @@ jobs: save_cache: docker: - - image: tlaurion/heads-dev-env:v0.1.4 + - image: tlaurion/heads-dev-env:v0.1.6 resource_class: large working_directory: ~/heads steps: diff --git a/flake.nix b/flake.nix index 94c947f63..87683c33c 100644 --- a/flake.nix +++ b/flake.nix @@ -69,23 +69,21 @@ zlib zlib.dev ] ++ [ - # Packages for qemu support with Canokey integration. + # Below are overrides to make canokey-qemu library available to qemu built derivative through a qemu override, which qemu is used for other derivatives + canokey-qemu # Canokey lib for qemu build-time compilation. + (qemu.override { + canokeySupport = true; # This override enables Canokey support in QEMU, resulting in -device canokey being available. + }) + # Packages for qemu support with Canokey integration from previous override #qemu_full #Heavier but contains qemu-img, kvm and everything else needed to do development cycles under docker qemu # To test make BOARD=qemu-coreboot-* boards and then call make BOARD=qemu-coreboot-* with inject_gpg statement, and then run statement. qemu_kvm # kvm additional support for qemu without all the qemu-img and everything else under qemu_full - # - # TODO: make work qemu-canokey not existing in caches: - # Below are overrides to make canokey-qemu library availabe to qemu built derivative through override) - #canokey doesn't work still even if compiled in, so no reason to add 1Gb of stuff in the image (qemu -device canokey not exposed even if configured in) - #canokey-qemu # Canokey lib for qemu build-time compilation. - #(qemu.override { - # canokeySupport = true; # This override enables Canokey support in QEMU, resulting in -device canokey being available. - #}) ] ++ [ # Additional tools for debugging/editing/testing. vim # Mostly used amongst us, sorry if you'd like something else, open issue. swtpm # QEMU requirement to emulate tpm1/tpm2. dosfstools # QEMU requirement to produce valid fs to store exported public key to be fused through inject_key on qemu (so qemu flashrom emulated SPI support). + #diffoscope #should we include it? Massive:11 GB uncompressed. Wow?!?! ] ++ [ # Tools for handling binary blobs in their compressed state. (blobs/xx30/vbios_[tw]530.sh) bundler diff --git a/targets/qemu.mk b/targets/qemu.mk index 051361229..23cdb7e24 100644 --- a/targets/qemu.mk +++ b/targets/qemu.mk @@ -26,6 +26,7 @@ endif #borrowed from https://github.com/orangecms/webboot/blob/boot-via-qemu/run-webboot.sh TPMDIR=$(build)/$(BOARD)/vtpm +CANOKEY_DIR=$(build)/$(BOARD) $(TPMDIR)/.manufacture: mkdir -p "$(TPMDIR)" $(SWTPM_PRESETUP) @@ -74,6 +75,10 @@ else ifeq "$(USB_TOKEN)" "LibremKey" QEMU_USB_TOKEN_DEV := -device usb-host,vendorid=12653,productid=19531 else ifneq "$(USB_TOKEN)" "" QEMU_USB_TOKEN_DEV := -device "usb-host,$(USB_TOKEN)" +# If no USB token is specified, support canokey by default +else +# official instruction -usb -device canokey,file=$HOME/.canokey-file -device canokey +QEMU_USB_TOKEN_DEV := -usb -device canokey,file=$(CANOKEY_DIR)/.canokey-file endif run: $(TPMDIR)/.manufacture $(ROOT_DISK_IMG) $(MEMORY_SIZE_FILE) $(USB_FD_IMG) @@ -106,4 +111,4 @@ run: $(TPMDIR)/.manufacture $(ROOT_DISK_IMG) $(MEMORY_SIZE_FILE) $(USB_FD_IMG) $(QEMU_USB_TOKEN_DEV) \ stty sane - @echo + @echo \ No newline at end of file