Merge pull request #241 from nix-community/pin-edk2-202305

Pin EDK2 202305
This commit is contained in:
Julian Stecklina 2023-10-19 20:24:53 +00:00 committed by GitHub
commit 56bf9b942c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 50 additions and 39 deletions

View File

@ -2,25 +2,16 @@
"nodes": {
"crane": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": [
"rust-overlay"
]
},
"locked": {
"lastModified": 1688772518,
"narHash": "sha256-ol7gZxwvgLnxNSZwFTDJJ49xVY5teaSvF7lzlo3YQfM=",
"lastModified": 1697677553,
"narHash": "sha256-ozj7HFo/1iQdzZ2U6tHP4QBW59eUbDZ/5HI8lLe9wos=",
"owner": "ipetkov",
"repo": "crane",
"rev": "8b08e96c9af8c6e3a2b69af5a7fa168750fcf88e",
"rev": "bc5fa8cd53ef32b9b827f24b993c42a8c4dd913b",
"type": "github"
},
"original": {
@ -32,11 +23,11 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
@ -52,11 +43,11 @@
]
},
"locked": {
"lastModified": 1688466019,
"narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=",
"lastModified": 1696343447,
"narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec",
"rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4",
"type": "github"
},
"original": {
@ -70,11 +61,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1689068808,
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
@ -106,11 +97,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1695859332,
"narHash": "sha256-w2a7NW3VtI5FgFPUKslYRGAj5Qb7y4i0I2QO0S/lBMQ=",
"lastModified": 1697713104,
"narHash": "sha256-DN7YOyKMCpAVeZ44N42LrujtTkoerkS9+kTufQiuntY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "248a83fffc10b627da67fa6b25d2c13fc7542628",
"rev": "6be2c349a30fcb489a3153dd331e9df387ab6449",
"type": "github"
},
"original": {
@ -151,11 +142,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1689668210,
"narHash": "sha256-XAATwDkaUxH958yXLs1lcEOmU6pSEIkatY3qjqk8X0E=",
"lastModified": 1696846637,
"narHash": "sha256-0hv4kbXxci2+pxhuXlVgftj/Jq79VSmtAyvfabCCtYk=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "eb433bff05b285258be76513add6f6c57b441775",
"rev": "42e1b6095ef80a51f79595d9951eb38e91c4e6ca",
"type": "github"
},
"original": {
@ -185,11 +176,11 @@
]
},
"locked": {
"lastModified": 1694657451,
"narHash": "sha256-cRZa9ZmUi0EFKcmzpsOXLVhiMQD8XLrku8v+U1YiGm8=",
"lastModified": 1697681535,
"narHash": "sha256-vVkqg+qTgTQ/YEreZyi/eyxoj26yyowI4/5ffTGT90w=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "7c4f46f0b3597e3c4663285e6794194e55574879",
"rev": "d5977a020c216526144dbf08ab0825b6c1121593",
"type": "github"
},
"original": {

View File

@ -21,9 +21,6 @@
crane = {
url = "github:ipetkov/crane";
inputs.nixpkgs.follows = "nixpkgs";
inputs.rust-overlay.follows = "rust-overlay";
inputs.flake-utils.follows = "flake-utils";
inputs.flake-compat.follows = "flake-compat";
};
rust-overlay = {

View File

@ -86,8 +86,7 @@ let
${testScript}
'';
nodes.machine = { lib, ... }: {
nodes.machine = { pkgs, lib, ... }: {
imports = [
lanzabooteModule
machine
@ -97,11 +96,35 @@ let
useBootLoader = true;
useEFIBoot = true;
efi.OVMF = pkgs.OVMF.override {
secureBoot = useSecureBoot;
tpmSupport = useTPM2; # This is needed otherwise OVMF won't initialize the TPM2 protocol.
};
# We actually only want to enable features in OVMF, but at
# the moment edk2 202308 is also broken. So we downgrade it
# here as well. How painful!
#
# See #240.
efi.OVMF =
let
edk2Version = "202305";
edk2Src = pkgs.fetchFromGitHub {
owner = "tianocore";
repo = "edk2";
rev = "edk2-stable${edk2Version}";
fetchSubmodules = true;
hash = "sha256-htOvV43Hw5K05g0SF3po69HncLyma3BtgpqYSdzRG4s=";
};
edk2 = pkgs.edk2.overrideAttrs (old: rec {
version = edk2Version;
src = edk2Src;
});
in
(pkgs.OVMF.override {
secureBoot = useSecureBoot;
tpmSupport = useTPM2; # This is needed otherwise OVMF won't initialize the TPM2 protocol.
edk2 = edk2;
}).overrideAttrs (old: {
src = edk2Src;
});
qemu.options = lib.mkIf useTPM2 [
"-chardev socket,id=chrtpm,path=${tpmSocketPath}"