Raito Bezarius
b77ef07cec
project: perform clippy/rustfmt checking via a higher order derivation transformer
...
Instead of patching the derivation in-place via flags, we just have
a higher order function that takes the Rust package derivation and override it
into a Rustfmt / Clippy oriented derivation: it turns off checks and adds its
required dependencies.
2023-06-10 18:08:35 +02:00
Raito Bezarius
63bbfe35d8
feat(stub): throw compile error in case of enabling fat and thin features
...
This is more helpful than a weird compilation error on borrow checking rules!
2023-06-10 18:06:50 +02:00
Raito Bezarius
5b22893473
project: move to nixpkgs Rust infrastructure
...
This builds the stub and tool using `rustPlatform.buildRustPackage`
which features a stable Rust compiler, recent enough to support UEFI
targets.
In the future, it will rely on properly defined targets for UEFI in
nixpkgs.
2023-06-10 18:03:58 +02:00
Julian Stecklina
45d04a45d3
Merge pull request #193 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-06-05 10:31:02 +02:00
renovate[bot]
3cae2f1c63
fix(deps): update all dependencies
2023-06-05 02:00:30 +00:00
nikstur
e422970c1b
Merge pull request #192 from nix-community/upgrade/uefi
...
stub: upgrade to uefi-rs 0.22.0
2023-06-02 14:33:17 +02:00
Raito Bezarius
88aeb61d85
stub: upgrade to uefi-rs 0.22.0
...
This upgrade is necessary to avoid borking boot on bad UEFI implementations.
2023-06-02 13:16:44 +02:00
nikstur
da24357977
Merge pull request #182 from nix-community/fat-uki
...
stub: add fat variant
2023-06-01 22:43:53 +02:00
Julian Stecklina
2e62c11bab
Merge pull request #191 from nix-community/renovate/all
...
fix(deps): update rust crate log to 0.4.18
2023-05-29 10:45:26 +02:00
renovate[bot]
f1d199d0b4
fix(deps): update rust crate log to 0.4.18
2023-05-29 01:38:08 +00:00
nikstur
e9003f12e6
Merge pull request #189 from nix-community/update-state-of-upstreaming
...
docs: fixup stray ```
2023-05-28 00:52:36 +02:00
Raito Bezarius
72b66bfc69
docs: fixup stray ```
2023-05-28 00:43:51 +02:00
Ryan Lahfa
e5bced9852
Merge pull request #188 from nix-community/update-state-of-upstreaming
...
docs: update upstreaming state
2023-05-28 00:43:04 +02:00
Raito Bezarius
de80330ec4
docs: update upstreaming state
...
We now have bootspec enabled by default for 23.05+.
2023-05-28 00:39:31 +02:00
Julian Stecklina
f641dcfc8b
Merge pull request #186 from erdnaxe/docs_update
...
docs: add precision about dbx and OptionROMs
2023-05-27 12:14:02 +02:00
Alexandre Iooss
b673e1b71f
docs: add precision about dbx and OptionROMs
2023-05-25 08:57:33 +02:00
nikstur
7ecafb2947
stub: add fat variant
...
A compile time feature is introduced that allows to build "fat" stubs
that can be used to build "fat" UKIs. "fat" here means that the actual
kernel and initrd are embedded in the PE binary, not only the file path
and hash. This brings us one step closer to feature partiy with
systemd-stub and thus one step closer to replacing it fully. Such a
"fat" or "real" UKI is also interesting for image-based deployments of
NixOS.
2023-05-24 22:09:28 +02:00
nikstur
dc52f0352d
Merge pull request #185 from nix-community/cleanup-flake
...
Cleanup flake
2023-05-24 10:32:41 +02:00
nikstur
740f7f9314
flake: checkInputs -> nativeCheckInputs
...
Use nativeCheckInputs instead of checkInputs because it is more
semantically correct even if checkInputs works with Crane.
2023-05-24 01:08:58 +02:00
nikstur
8e4de7892a
flake: add proper description
2023-05-24 01:08:32 +02:00
nikstur
1f542a1eba
Merge pull request #184 from nix-community/improve-subprocess-errors
...
tool: improve command error messages
2023-05-24 00:44:36 +02:00
nikstur
30ddfcd2ce
tool: improve command error messages
2023-05-24 00:17:11 +02:00
nikstur
36adaf5a9e
Merge pull request #181 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-05-22 10:11:11 +02:00
renovate[bot]
5ecd73cdac
fix(deps): update all dependencies
2023-05-22 02:56:28 +00:00
Ryan Lahfa
f9681e3e23
Merge pull request #178 from nix-community/update/uefi-rs
...
deps: update to uefi-rs 0.21.0
2023-05-20 23:05:27 +02:00
Raito Bezarius
c96299ea46
deps: update to uefi-rs 0.21.0
...
It simplifies our filesystem handling.
2023-05-20 23:05:15 +02:00
nikstur
3fb74cfb53
Merge pull request #179 from nix-community/update/bootspec
...
tool(bootspec): remove boilerplate with newest bootspec
2023-05-20 22:01:55 +02:00
Raito Bezarius
77f1279406
tool(bootspec): remove boilerplate with newest bootspec
2023-05-20 19:41:31 +02:00
nikstur
7ed294c84d
Merge pull request #180 from nix-community/sync-packages-ver
...
chore: sync our crates version to latest tag
2023-05-19 00:36:31 +02:00
Ryan Lahfa
3a5e15f4ac
Merge pull request #167 from nix-community/sd-stub-tpm2
...
feat: minimal poc for TPM measurements à la sd-stub
2023-05-18 19:16:30 +02:00
Raito Bezarius
f603e0c134
tests: support TPM2 + SecureBoot tests
...
Test that our measurements exposes a TPM PCR index in the userspace
through efivarfs.
2023-05-18 19:06:32 +02:00
Raito Bezarius
606b9e8bab
stub(tpm): Measure "UKI" (i.e. all unified sections in our stub)
2023-05-18 19:05:53 +02:00
Raito Bezarius
ad28b4cd01
stub: bump crate to 0.3.0
2023-05-18 19:03:42 +02:00
Raito Bezarius
39cda9e457
tool: bump crate to 0.3.0
2023-05-18 19:03:37 +02:00
Raito Bezarius
cc428efc86
flake: add cargo-release
2023-05-18 19:02:43 +02:00
Ryan Lahfa
354ec6f451
Merge pull request #177 from nix-community/rustfmt
...
Add rustfmt checks
2023-05-18 18:46:52 +02:00
nikstur
c17650dafc
flake: add rustfmt checks
2023-05-17 21:40:31 +02:00
nikstur
65dbe44999
stub: format with rustfmt
2023-05-17 21:40:03 +02:00
nikstur
e37bf51ed3
stub: format with rustfmt
2023-05-17 21:39:40 +02:00
Julian Stecklina
d93eebb9c6
Merge pull request #176 from nix-community/flake/update
...
flake.lock: Update
2023-05-17 14:44:39 +02:00
Raito Bezarius
3f80a7416f
flake.lock: Update
2023-05-15 00:47:50 +02:00
Julian Stecklina
39e61a0efe
Merge pull request #175 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-05-08 11:15:16 +02:00
renovate[bot]
7378e06257
fix(deps): update all dependencies
2023-05-08 01:30:03 +00:00
nikstur
ae49611bd6
Merge pull request #166 from nix-community/sd-stub-efi-variables
...
feat: minimal poc for exporting UEFI variables à la sd-boot
2023-05-05 21:32:50 +02:00
Raito Bezarius
a5372db91f
hotfix(stub): rust_version -> rust-version in Cargo.toml
2023-05-05 20:11:55 +02:00
Raito Bezarius
9dd9116b1e
stub: export boot loader interface efivars
2023-05-05 20:11:55 +02:00
nikstur
adc01887d9
Merge pull request #172 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-05-01 23:48:56 +02:00
renovate[bot]
008e7a65fd
fix(deps): update all dependencies
2023-05-01 02:39:28 +00:00
Ryan Lahfa
64b903ca87
Merge pull request #163 from nix-community/synthesis
...
feat: enable synthesis support
2023-04-29 23:07:03 +02:00
Raito Bezarius
4ef6957f88
feat: enable synthesis support
...
Bootspec has a mechanism called synthesis where you can synthesize
bootspecs if they are not present based on the generation link only.
This is useful for "vanilla bootspec" which does not contain any
extensions, as this is what we do right now.
If we need extensions, we can also implement our synthesis mechanism on
the top of it.
Enabling synthesis gives us the superpower to support non-bootspec
users. :-)
2023-04-29 22:55:39 +02:00