min
/
lanzaboote
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
485 Commits 1 Branch 0 Tags 958 KiB
Commit Graph

485 Commits

Author SHA1 Message Date
Raito Bezarius 609c11f26d tool(systemd-boot): install it once instead of checking for each generation 
systemd-boot is now installed once for many generations rather than multiple times.

This means it is not really possible to manage different system in the same "machine", which is a very
obscure usecase, theoretically possible, but not yet encountered.
 2023-09-14 16:35:53 +02:00
Raito Bezarius e5c1d74e3f tool: introduce --target-system to choose target architecture 
We will hard fail in case of encountering different architectures in bootspec.
This should still be compatible with cross-compiling systems in the future.
 2023-09-14 16:35:53 +02:00
Raito Bezarius acc4c2e0a1 tool(tests): use library to use the "target architecture" properly in tests 2023-09-14 16:35:53 +02:00
Raito Bezarius 7a6c9945b8 tool: introduce a library 2023-09-14 16:35:53 +02:00
Raito Bezarius 9af0e56527 tool(esp): add systemd stub filenames mapping for systems 2023-09-14 16:35:53 +02:00
Raito Bezarius 7acb1b218a tool: implement general architecture support - for aarch64, x86 for now 2023-09-14 16:35:53 +02:00
Raito Bezarius 4521ae21fc platform: clean up flake.nix for aarch64 support 2023-09-14 16:35:53 +02:00
Raito Bezarius 18771d30f4 lanzaboote: add aarch64-unknown-efi target 2023-09-14 16:35:53 +02:00
Ryan Lahfa 7f92dd1e7b
Merge pull request #224 from nix-community/stub-remove-tpm1 
stub: remove TPM 1 support
 2023-09-14 13:26:25 +00:00
nikstur 3dab5531b1 stub: remove TPM 1 support 
TPM 1 will not be supported by newer systemd versions and is not widely
available anyways.
 2023-09-14 15:04:53 +02:00
Ryan Lahfa 1255f8fc49
Merge pull request #223 from nix-community/flake-remove-substituters 
flake: remove nixConfig
 2023-09-14 11:10:07 +00:00
nikstur 8c6ef1f190 flake: remove nixConfig 
nixConfig is not a nice abstraction because it imperatively changes your
system. However this also does not work correctly without extra changes
to your system (i.e. your NixOS configuration). Thus it is removed.
 2023-09-14 12:55:12 +02:00
nikstur 45b529ca58
Merge pull request #206 from nix-community/generic-lzbt 
lzbt: abstraction for multiple backends
 2023-09-14 10:45:27 +00:00
nikstur ff442cd032 tool: introduce some more whitespace 2023-09-14 12:38:40 +02:00
nikstur 143a000f36 tool: separates use statements correctly with whitespace 2023-09-14 12:36:02 +02:00
nikstur baf2f5f6bb tool: use workspace values in Cargo.toml 2023-09-14 12:35:42 +02:00
nikstur efd8c50214 tool: remove superfluous lock file 2023-09-14 12:29:54 +02:00
Raito Bezarius 726524d2d7 readme: update about lzbt 
Explains what is the backend.
 2023-09-14 11:57:48 +02:00
Raito Bezarius f9cb4257c7 flake: fix lanzaboote-tool → lzbt-systemd 
As we moved to abstraction for backends, we have to update our flake code
 2023-09-14 11:55:09 +02:00
Raito Bezarius eba963b6f1 tool/shared: make clippy happy 
- implements a trivial Default for Roots
- implements a FromStr for OsRelease
 2023-09-14 11:55:09 +02:00
Raito Bezarius fd188a0e32 tool/shared: make constraints less concrete and drop lockfile 
In a library, a lockfile is not really needed per se
and we should avoid creating duplicate dependencies
as much as possible.
 2023-09-14 11:55:09 +02:00
Raito Bezarius 923567d08a systemd-tool: make integration test pass 2023-09-14 11:55:09 +02:00
Raito Bezarius 8029449cba tool: split systemd into a new crate and make tool into a lib-only crate 
This is necessary to make integration testing specific to the backend.
 2023-09-14 11:55:09 +02:00
Raito Bezarius efe7b40f5c lzbt: abstraction for multiple backends 
This generates `lzbt-systemd` binary instead of `lzbt`
which is using a special systemd-specific entrypoint.

This is part of the effort to enable multiple backends.
 2023-09-14 11:55:09 +02:00
nikstur 7ef2b13780
Merge pull request #222 from nix-community/fix-flake-description 
flake: use an appropriate description
 2023-09-14 09:24:04 +00:00
nikstur 0c7606cd18 flake: use an appropriate description 2023-09-14 11:22:22 +02:00
nikstur 07c78bd84f
Merge pull request #214 from tuxiqae/patch-1 
docs: Add hyperlinks to lzbt, stub file locations instead of static paths
 2023-09-14 11:10:10 +02:00
Sagi Sarussi e766f36441 Fix lzbt, stub path links 2023-09-14 11:08:45 +02:00
Ryan Lahfa 3dc8778c32
Merge pull request #215 from nix-community/linux-bootloader-crate 
stub: split up into a linux-bootloader crate
 2023-09-13 16:43:16 +00:00
nikstur 83f4376929 uefi: move uefi code to separate workspace 2023-09-13 17:46:05 +02:00
Raito Bezarius 64f1760944 flake: add cargo-machete to machete the unused crates in our Cargo.toml 
Useful for the previous split up.
 2023-09-13 17:43:35 +02:00
Raito Bezarius 51d9c1dff8 stub: split up into a linux-bootloader crate 
We introduce `linux-bootloader` a crate made to build Rust-based Linux-oriented bootloaders.

It follows systemd/UAPI group and semantics as much as possible, e.g. BLS/loader capabilities/stub capabilities.
 2023-09-13 17:43:35 +02:00
Ryan Lahfa 9a9b09628b
Merge pull request #219 from tilpner/syncfs 
tool: only sync ESP filesystem
 2023-09-13 14:58:58 +00:00
Ryan Lahfa 6d6cdf59b9
Merge pull request #218 from nix-community/get-crane-back 2023-08-25 16:14:52 +02:00
tilpner 3895c94eb5
tool: only sync ESP filesystem 2023-08-17 21:23:33 +02:00
nikstur 0109e357aa Revert "Merge pull request #147 from nix-community/nixpkgs-infrastructure" 
This reverts commit 59e3ebb19f, reversing
changes made to 9f97a908e4.
 2023-08-12 02:41:54 +02:00
Julian Stecklina f13848606f
Merge pull request #217 from SuperSandro2000/cargo-auditable 
Fix lzbt build with recent nixos-unstable
 2023-08-11 15:47:01 +02:00
Sandro Jäckel 4a1b07d0a9
Fix lzbt build with recent nixos-unstable 
This fixes the following error:
....
cargo-auditable>    Doc-tests auditable-extract
cargo-auditable> error: doctest failed, to rerun pass `-p auditable-extract --doc`
cargo-auditable>
cargo-auditable> Caused by:
cargo-auditable>   could not execute process `rustdoc --edition=2018 --crate-type lib --crate-name auditable_extract --test /build/source/auditable-extract/src/lib.rs --target x86_64-unknown-linux-gnu -L dependency=/build/source/target/x86_64-unknown-linux-gnu/release/deps -L dependency=/build/source/target/release/deps --test-args --test-threads=96 --extern auditable_extract=/build/source/target/x86_64-unknown-linux-gnu/release/deps/libauditable_extract-dd1904617e4b78db.rlib --extern binfarce=/build/source/target/x86_64-unknown-linux-gnu/release/deps/libbinfarce-2ba09d21aed0de1a.rlib -C embed-bitcode=no --error-format human` (never executed)
cargo-auditable>
cargo-auditable> Caused by:
cargo-auditable>   No such file or directory (os error 2)
 2023-08-10 01:55:21 +02:00
nikstur e7246c6bce
Merge pull request #212 from nix-community/update-flake-inputs 
flake.lock: Update
 2023-07-20 23:42:57 +02:00
nikstur ec210ff40d stub: fix typo 2023-07-20 22:49:45 +02:00
nikstur 2a109c0121 flake.lock: Update 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/006c75898cf814ef9497252b022e91c946ba8e17' (2023-05-08)
  → 'github:hercules-ci/flake-parts/8e8d955c22df93dbe24f19ea04f47a74adbdc5ec' (2023-07-04)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/cfacdce06f30d2b68473a46042957675eebb3401' (2023-04-11)
  → 'github:numtide/flake-utils/919d646de7be200f3bf08cb76ae1f09402b6f9b4' (2023-07-11)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/794a24afefde85c3e9b533443c4c73cd871f9e3a' (2023-05-26)
  → 'github:NixOS/nixpkgs/17dd4c92ee12de80a1fe86ea30be723e4e06cd00' (2023-07-20)
• Updated input 'pre-commit-hooks-nix':
    'github:cachix/pre-commit-hooks.nix/61e567d6497bc9556f391faebe5e410e6623217f' (2023-05-23)
  → 'github:cachix/pre-commit-hooks.nix/eb433bff05b285258be76513add6f6c57b441775' (2023-07-18)
• Updated input 'pre-commit-hooks-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8' (2023-03-15)
  → 'github:NixOS/nixpkgs/c37ca420157f4abc31e26f436c1145f8951ff373' (2023-06-03)
 2023-07-20 22:42:22 +02:00
nikstur bf82f823e1
Merge pull request #211 from nix-community/docs-flake 
docs: suggest to use 0.3.0 tagged release of lanzaboote rather than master
 2023-07-20 11:30:16 +02:00
Raito Bezarius aa2cb467da docs: suggest to use 0.3.0 tagged release of lanzaboote rather than master 
This is to avoid people relying on dangerous development branches.

Retake of #207…
 2023-07-20 10:48:02 +02:00
nikstur 85420159e7
Merge pull request #210 from nix-community/revert-207-update/docs 
Revert "docs: suggest to track released versions rather than master "
 2023-07-20 10:35:10 +02:00
nikstur 0dbcd0ec1a
Revert "docs: suggest to track released versions rather than master " 2023-07-20 10:34:20 +02:00
nikstur 78f00a288f
Merge pull request #209 from nix-community/update-all-but-goblin 
Update all dependencies besides goblin
 2023-07-20 01:41:52 +02:00
renovate[bot] 9cceec4008 fix(deps): update all dependencies 2023-07-20 01:27:43 +02:00
nikstur bfc8826663
Merge pull request #208 from nix-community/flake/cache 
flake: offer nix-community cache as a suggested substituter
 2023-07-19 21:49:42 +02:00
nikstur 4dc0c2464d
Merge pull request #207 from nix-community/update/docs 
docs: suggest to track released versions rather than master
 2023-07-19 21:47:50 +02:00
Raito Bezarius 434ee97ab3 flake: offer nix-community cache as a suggested substituter 
As we use Hercules CI with nix-community builder, our CI sends the stuff there
all the time.

Now, let's make everyone benefit from it.
 2023-07-19 21:42:27 +02:00