Commit Graph

448 Commits

Author SHA1 Message Date
nikstur 7ed294c84d
Merge pull request #180 from nix-community/sync-packages-ver
chore: sync our crates version to latest tag
2023-05-19 00:36:31 +02:00
Ryan Lahfa 3a5e15f4ac
Merge pull request #167 from nix-community/sd-stub-tpm2
feat: minimal poc for TPM measurements à la sd-stub
2023-05-18 19:16:30 +02:00
Raito Bezarius f603e0c134 tests: support TPM2 + SecureBoot tests
Test that our measurements exposes a TPM PCR index in the userspace
through efivarfs.
2023-05-18 19:06:32 +02:00
Raito Bezarius 606b9e8bab stub(tpm): Measure "UKI" (i.e. all unified sections in our stub) 2023-05-18 19:05:53 +02:00
Raito Bezarius ad28b4cd01 stub: bump crate to 0.3.0 2023-05-18 19:03:42 +02:00
Raito Bezarius 39cda9e457 tool: bump crate to 0.3.0 2023-05-18 19:03:37 +02:00
Raito Bezarius cc428efc86 flake: add cargo-release 2023-05-18 19:02:43 +02:00
Ryan Lahfa 354ec6f451
Merge pull request #177 from nix-community/rustfmt
Add rustfmt checks
2023-05-18 18:46:52 +02:00
nikstur c17650dafc flake: add rustfmt checks 2023-05-17 21:40:31 +02:00
nikstur 65dbe44999 stub: format with rustfmt 2023-05-17 21:40:03 +02:00
nikstur e37bf51ed3 stub: format with rustfmt 2023-05-17 21:39:40 +02:00
Julian Stecklina d93eebb9c6
Merge pull request #176 from nix-community/flake/update
flake.lock: Update
2023-05-17 14:44:39 +02:00
Raito Bezarius 3f80a7416f flake.lock: Update 2023-05-15 00:47:50 +02:00
Julian Stecklina 39e61a0efe
Merge pull request #175 from nix-community/renovate/all
fix(deps): update all dependencies
2023-05-08 11:15:16 +02:00
renovate[bot] 7378e06257
fix(deps): update all dependencies 2023-05-08 01:30:03 +00:00
nikstur ae49611bd6
Merge pull request #166 from nix-community/sd-stub-efi-variables
feat: minimal poc for exporting UEFI variables à la sd-boot
2023-05-05 21:32:50 +02:00
Raito Bezarius a5372db91f hotfix(stub): rust_version -> rust-version in Cargo.toml 2023-05-05 20:11:55 +02:00
Raito Bezarius 9dd9116b1e stub: export boot loader interface efivars 2023-05-05 20:11:55 +02:00
nikstur adc01887d9
Merge pull request #172 from nix-community/renovate/all
fix(deps): update all dependencies
2023-05-01 23:48:56 +02:00
renovate[bot] 008e7a65fd
fix(deps): update all dependencies 2023-05-01 02:39:28 +00:00
Ryan Lahfa 64b903ca87
Merge pull request #163 from nix-community/synthesis
feat: enable synthesis support
2023-04-29 23:07:03 +02:00
Raito Bezarius 4ef6957f88 feat: enable synthesis support
Bootspec has a mechanism called synthesis where you can synthesize
bootspecs if they are not present based on the generation link only.

This is useful for "vanilla bootspec" which does not contain any
extensions, as this is what we do right now.

If we need extensions, we can also implement our synthesis mechanism on
the top of it.

Enabling synthesis gives us the superpower to support non-bootspec
users. :-)
2023-04-29 22:55:39 +02:00
Ryan Lahfa 484b2c2fe4
Merge pull request #148 from nix-community/rfc0125-post-merge
bootspec: RFC-0125 final changes
2023-04-29 16:01:40 +02:00
Raito Bezarius d0d0b7b3a1 flake.lock: Update 2023-04-29 15:21:38 +02:00
Raito Bezarius 9fe979d2d6 tests: adopt bootspec v1 format 2023-04-29 15:21:38 +02:00
Raito Bezarius 48ff4cb7c4 tool: adopt bootspec 0.1.0 2023-04-29 15:21:38 +02:00
Raito Bezarius 01f07c47e8 flake.lock: Update 2023-04-29 15:03:28 +02:00
nikstur c60e039ee9
Merge pull request #164 from nix-community/improve-malformed-gen-log
tool: improve log message about malformed gens
2023-04-27 17:44:26 +02:00
nikstur 06edad2e83 tool: improve log message about malformed gens
Tells the user which generations are malformed and how to remove them.
2023-04-27 00:33:45 +02:00
nikstur b21c4007af
Merge pull request #162 from nix-community/remove-nixpkgs-test
treewide: remove nixpkgs-test
2023-04-25 01:13:37 +02:00
nikstur b1101610f8
Merge pull request #161 from nix-community/safeguard-gc
tool: disable gc in the presence of malformed gens
2023-04-25 01:13:26 +02:00
nikstur a886416d69 treewide: remove nixpkgs-test 2023-04-24 22:25:57 +02:00
nikstur 09e12eb559 tool: disable gc in the presence of malformed gens
Disable GC if there are any malformed gens to avoid catastrophic failure
when there are upstream changes to NixOS that are not handled in lzbt.
2023-04-24 22:03:14 +02:00
nikstur 1b27ddd753
Merge pull request #159 from nix-community/renovate/all
fix(deps): update rust crate clap to 4.2.4
2023-04-24 14:03:04 +02:00
nikstur 9dedfbf66a
Merge pull request #160 from dasJ/fix/mtime-again
tool: Switch back to mtime
2023-04-24 13:03:19 +02:00
Janne Heß c22352ca20
tool: Use mtime of the symlink rather than the target
When using the target, this will always result in a timestamp from 1970
because the symlink points to the store.
2023-04-24 11:57:34 +02:00
Janne Heß 979d25ee13
Revert "Merge pull request #139 from adtya/built_on_date"
This reverts commit d751d13b0a, reversing
changes made to 7c55847aaf.
2023-04-24 11:48:46 +02:00
renovate[bot] 2ecd951de1
fix(deps): update rust crate clap to 4.2.4 2023-04-24 01:08:24 +00:00
nikstur efff933460
Merge pull request #158 from nix-community/revert-warnlevel-malformed-gen
tool: revert log level of malformed gens
2023-04-23 23:44:07 +02:00
nikstur 8efc061e1d tool: add comment for log level of malformed gens
The message about malformed generatiosn should semantically be a
warning. However, since users might have hundres of old and thus
malformed generations and can do little about it, this should remain a
debug message. This way the user is not spammed with no-op warnings
while still enabling debugging.
2023-04-23 23:28:21 +02:00
nikstur 68d1928e3d Revert "tool: don't silently ignore generations"
This reverts commit 4f182704e0.
2023-04-23 23:27:32 +02:00
Julian Stecklina 9bf192bb79
Merge pull request #155 from nix-community/desaster-control
Avoid Unbootable System on Bootspec Changes
2023-04-23 15:29:18 +02:00
Julian Stecklina 4f182704e0 tool: don't silently ignore generations 2023-04-23 15:20:49 +02:00
Julian Stecklina be458e3385 tool: avoid creating unbootable system
lzbt currently happily nukes all boot entries, if it can't parse any
bootspecs. With the upcoming incompatible bootspec change, this might
be a problem that's worth avoiding. :)

I changed lzbt to fail hard in case, it can't generate any boot
items.
2023-04-23 15:17:32 +02:00
Julian Stecklina 385eced09d
Merge pull request #157 from Mic92/flake-compat
flake: reduce number of dependencies
2023-04-23 15:10:06 +02:00
Julian Stecklina 00743d97ba
Merge pull request #156 from nix-community/update-rust-overlay
Bump Rust Overlay
2023-04-23 15:05:56 +02:00
Jörg Thalheim 0e68a1dd3e flake: reduce number of dependencies 2023-04-23 11:55:09 +02:00
Julian Stecklina 02f7e25888 flake.lock: Update
Flake lock file updates:

• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/45c2ed9dd1397526dad35fc867c43955d87f9f3f' (2023-04-10)
  → 'github:oxalica/rust-overlay/2c417c0460b788328220120c698630947547ee83' (2023-04-22)
2023-04-22 17:11:34 +02:00
Julian Stecklina ce0e72a578
Merge pull request #151 from alois31/icache
stub: implement `flush_instruction_cache` on i686 and AArch64
2023-04-21 18:39:13 +02:00
Julian Stecklina ddd22a8f67
Merge branch 'master' into icache 2023-04-21 18:34:33 +02:00