From da2bac1683a3f0f6a4f70d920d6e0e5611b8c4f7 Mon Sep 17 00:00:00 2001 From: nikstur Date: Sat, 30 Dec 2023 03:35:08 +0100 Subject: [PATCH 1/3] systemdUkify: init --- pkgs/top-level/all-packages.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 7b9608b5dac9..b0de28261fb0 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -28750,6 +28750,11 @@ with pkgs; pname = "systemd-minimal-libs"; buildLibsOnly = true; }; + # We do not want to include ukify in the normal systemd attribute as it + # relies on Python at runtime. + systemdUkify = systemd.override { + withUkify = true; + }; udev = if (with stdenv.hostPlatform; isLinux && isStatic) then libudev-zero From 985bafa5fc9e3ad846a54a68a71c06235c4aaaae Mon Sep 17 00:00:00 2001 From: nikstur Date: Sat, 30 Dec 2023 03:36:36 +0100 Subject: [PATCH 2/3] nixos/uki: init --- nixos/modules/module-list.nix | 1 + nixos/modules/system/boot/uki.nix | 85 +++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) create mode 100644 nixos/modules/system/boot/uki.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index e6fffd4716de..356569644e63 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -1466,6 +1466,7 @@ ./system/boot/stratisroot.nix ./system/boot/modprobe.nix ./system/boot/networkd.nix + ./system/boot/uki.nix ./system/boot/unl0kr.nix ./system/boot/plymouth.nix ./system/boot/resolved.nix diff --git a/nixos/modules/system/boot/uki.nix b/nixos/modules/system/boot/uki.nix new file mode 100644 index 000000000000..63c4e0c0e391 --- /dev/null +++ b/nixos/modules/system/boot/uki.nix @@ -0,0 +1,85 @@ +{ config, lib, pkgs, ... }: + +let + + cfg = config.boot.uki; + + inherit (pkgs.stdenv.hostPlatform) efiArch; + + format = pkgs.formats.ini { }; + ukifyConfig = format.generate "ukify.conf" cfg.settings; + +in + +{ + options = { + + boot.uki = { + name = lib.mkOption { + type = lib.types.str; + description = lib.mdDoc "Name of the UKI"; + }; + + version = lib.mkOption { + type = lib.types.nullOr lib.types.str; + default = config.system.image.version; + defaultText = lib.literalExpression "config.system.image.version"; + description = lib.mdDoc "Version of the image or generation the UKI belongs to"; + }; + + settings = lib.mkOption { + type = format.type; + description = lib.mdDoc '' + The configuration settings for ukify. These control what the UKI + contains and how it is built. + ''; + }; + }; + + system.boot.loader.ukiFile = lib.mkOption { + type = lib.types.str; + internal = true; + description = lib.mdDoc "Name of the UKI file"; + }; + + }; + + config = { + + boot.uki.name = lib.mkOptionDefault (if config.system.image.id != null then + config.system.image.id + else + "nixos"); + + boot.uki.settings = lib.mkOptionDefault { + UKI = { + Linux = "${config.boot.kernelPackages.kernel}/${config.system.boot.loader.kernelFile}"; + Initrd = "${config.system.build.initialRamdisk}/${config.system.boot.loader.initrdFile}"; + Cmdline = "init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams}"; + Stub = "${pkgs.systemd}/lib/systemd/boot/efi/linux${efiArch}.efi.stub"; + Uname = "${config.boot.kernelPackages.kernel.modDirVersion}"; + OSRelease = "@${config.system.build.etc}/etc/os-release"; + # This is needed for cross compiling. + EFIArch = efiArch; + }; + }; + + system.boot.loader.ukiFile = + let + name = config.boot.uki.name; + version = config.boot.uki.version; + versionInfix = if version != null then "_${version}" else ""; + in + name + versionInfix + ".efi"; + + system.build.uki = pkgs.runCommand config.system.boot.loader.ukiFile { } '' + mkdir -p $out + ${pkgs.buildPackages.systemdUkify}/lib/systemd/ukify build \ + --config=${ukifyConfig} \ + --output="$out/${config.system.boot.loader.ukiFile}" + ''; + + meta.maintainers = with lib.maintainers; [ nikstur ]; + + }; +} From ed2431905c1efe409d28ba89bc5cc337d538b27c Mon Sep 17 00:00:00 2001 From: nikstur Date: Sat, 30 Dec 2023 04:16:38 +0100 Subject: [PATCH 3/3] nixos/tests/appliance-repart-image: use UKIs --- nixos/tests/appliance-repart-image.nix | 23 +++-------------------- 1 file changed, 3 insertions(+), 20 deletions(-) diff --git a/nixos/tests/appliance-repart-image.nix b/nixos/tests/appliance-repart-image.nix index 1c4495baba13..b18968d3b963 100644 --- a/nixos/tests/appliance-repart-image.nix +++ b/nixos/tests/appliance-repart-image.nix @@ -10,10 +10,6 @@ let imageId = "nixos-appliance"; imageVersion = "1-rc1"; - - bootLoaderConfigPath = "/loader/entries/nixos.conf"; - kernelPath = "/EFI/nixos/kernel.efi"; - initrdPath = "/EFI/nixos/initrd.efi"; in { name = "appliance-gpt-image"; @@ -54,19 +50,8 @@ in "/EFI/BOOT/BOOT${lib.toUpper efiArch}.EFI".source = "${pkgs.systemd}/lib/systemd/boot/efi/systemd-boot${efiArch}.efi"; - # TODO: create an abstraction for Boot Loader Specification (BLS) entries. - "${bootLoaderConfigPath}".source = pkgs.writeText "nixos.conf" '' - title NixOS - linux ${kernelPath} - initrd ${initrdPath} - options init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} - ''; - - "${kernelPath}".source = - "${config.boot.kernelPackages.kernel}/${config.system.boot.loader.kernelFile}"; - - "${initrdPath}".source = - "${config.system.build.initialRamdisk}/${config.system.boot.loader.initrdFile}"; + "/EFI/Linux/${config.system.boot.loader.ukiFile}".source = + "${config.system.build.uki}/${config.system.boot.loader.ukiFile}"; }; repartConfig = { Type = "esp"; @@ -119,8 +104,6 @@ in assert 'IMAGE_VERSION="${imageVersion}"' in os_release bootctl_status = machine.succeed("bootctl status") - assert "${bootLoaderConfigPath}" in bootctl_status - assert "${kernelPath}" in bootctl_status - assert "${initrdPath}" in bootctl_status + assert "Boot Loader Specification Type #2 (.efi)" in bootctl_status ''; }