{ fetchFromGitHub, python2, stdenv, libuuid, bc, utillinux, nasm, iasl, seabios
}:

# we can not override the source in edk2, so we had to copy the entire thing

let
  src = fetchFromGitHub {
    owner = "MrChromebox";
    repo = "edk2";
    rev = "860a8d95c2ee89c9916d6e11230f246afa1cd629";
    sha256 = "1bykw3lzfjl6idca37i736mwpqv60haczp7davhgqlmlb3nw6y3s";
    fetchSubmodules = true;
  };

  version = "unstable";

  pythonEnv = python2.withPackages (ps: [ ps.tkinter ]);

  toolchain = stdenv.mkDerivation {
    pname = "edk2-coreboot";

    inherit version src;

    buildInputs = [ libuuid pythonEnv ];

    makeFlags = [ "-C BaseTools" ];

    NIX_CFLAGS_COMPILE = "-Wno-return-type -Wno-error=stringop-truncation";

    hardeningDisable = [ "format" "fortify" ];

    installPhase = ''
      mkdir -vp $out
      mv -v BaseTools $out
      mv -v edksetup.sh $out
    '';

    enableParallelBuilding = true;
  };

in stdenv.mkDerivation {
  pname = "coreboot-payload-tianocore";
  inherit version src;

  buildInputs = [ bc pythonEnv utillinux nasm iasl ];

  prePatch = ''
    rm -rf BaseTools
    ln -sv ${toolchain}/BaseTools BaseTools
  '';

  configurePhase = ''
    runHook preConfigure
    export WORKSPACE="$PWD"
    . ${toolchain}/edksetup.sh BaseTools
    runHook postConfigure
  '';

  buildPhase = ''
    runHook preBuild
    build -a X64 -a IA32 -b RELEASE -t GCC5 -p CorebootPayloadPkg/CorebootPayloadPkgIa32X64.dsc -n $NIX_BUILD_CORES -D CSM_ENABLE
    runHook postBuild
  '';

  installPhase = ''
    runHook preInstall
    mv -v Build/*/* $out
    runHook postInstall
  '';

  hardeningDisable = [ "format" "stackprotector" "pic" "fortify" ];

  postPatch = ''
    cp ${seabios}/Csm16.bin OvmfPkg/Csm/Csm16/Csm16.bin
  '';

  dontPatchELF = true;
}