nikstur
7ecafb2947
stub: add fat variant
...
A compile time feature is introduced that allows to build "fat" stubs
that can be used to build "fat" UKIs. "fat" here means that the actual
kernel and initrd are embedded in the PE binary, not only the file path
and hash. This brings us one step closer to feature partiy with
systemd-stub and thus one step closer to replacing it fully. Such a
"fat" or "real" UKI is also interesting for image-based deployments of
NixOS.
2023-05-24 22:09:28 +02:00
Ryan Lahfa
f9681e3e23
Merge pull request #178 from nix-community/update/uefi-rs
...
deps: update to uefi-rs 0.21.0
2023-05-20 23:05:27 +02:00
Raito Bezarius
c96299ea46
deps: update to uefi-rs 0.21.0
...
It simplifies our filesystem handling.
2023-05-20 23:05:15 +02:00
nikstur
3fb74cfb53
Merge pull request #179 from nix-community/update/bootspec
...
tool(bootspec): remove boilerplate with newest bootspec
2023-05-20 22:01:55 +02:00
Raito Bezarius
77f1279406
tool(bootspec): remove boilerplate with newest bootspec
2023-05-20 19:41:31 +02:00
nikstur
7ed294c84d
Merge pull request #180 from nix-community/sync-packages-ver
...
chore: sync our crates version to latest tag
2023-05-19 00:36:31 +02:00
Ryan Lahfa
3a5e15f4ac
Merge pull request #167 from nix-community/sd-stub-tpm2
...
feat: minimal poc for TPM measurements à la sd-stub
2023-05-18 19:16:30 +02:00
Raito Bezarius
f603e0c134
tests: support TPM2 + SecureBoot tests
...
Test that our measurements exposes a TPM PCR index in the userspace
through efivarfs.
2023-05-18 19:06:32 +02:00
Raito Bezarius
606b9e8bab
stub(tpm): Measure "UKI" (i.e. all unified sections in our stub)
2023-05-18 19:05:53 +02:00
Raito Bezarius
ad28b4cd01
stub: bump crate to 0.3.0
2023-05-18 19:03:42 +02:00
Raito Bezarius
39cda9e457
tool: bump crate to 0.3.0
2023-05-18 19:03:37 +02:00
Raito Bezarius
cc428efc86
flake: add cargo-release
2023-05-18 19:02:43 +02:00
Ryan Lahfa
354ec6f451
Merge pull request #177 from nix-community/rustfmt
...
Add rustfmt checks
2023-05-18 18:46:52 +02:00
nikstur
c17650dafc
flake: add rustfmt checks
2023-05-17 21:40:31 +02:00
nikstur
65dbe44999
stub: format with rustfmt
2023-05-17 21:40:03 +02:00
nikstur
e37bf51ed3
stub: format with rustfmt
2023-05-17 21:39:40 +02:00
Julian Stecklina
d93eebb9c6
Merge pull request #176 from nix-community/flake/update
...
flake.lock: Update
2023-05-17 14:44:39 +02:00
Raito Bezarius
3f80a7416f
flake.lock: Update
2023-05-15 00:47:50 +02:00
Julian Stecklina
39e61a0efe
Merge pull request #175 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-05-08 11:15:16 +02:00
renovate[bot]
7378e06257
fix(deps): update all dependencies
2023-05-08 01:30:03 +00:00
nikstur
ae49611bd6
Merge pull request #166 from nix-community/sd-stub-efi-variables
...
feat: minimal poc for exporting UEFI variables à la sd-boot
2023-05-05 21:32:50 +02:00
Raito Bezarius
a5372db91f
hotfix(stub): rust_version -> rust-version in Cargo.toml
2023-05-05 20:11:55 +02:00
Raito Bezarius
9dd9116b1e
stub: export boot loader interface efivars
2023-05-05 20:11:55 +02:00
nikstur
adc01887d9
Merge pull request #172 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-05-01 23:48:56 +02:00
renovate[bot]
008e7a65fd
fix(deps): update all dependencies
2023-05-01 02:39:28 +00:00
Ryan Lahfa
64b903ca87
Merge pull request #163 from nix-community/synthesis
...
feat: enable synthesis support
2023-04-29 23:07:03 +02:00
Raito Bezarius
4ef6957f88
feat: enable synthesis support
...
Bootspec has a mechanism called synthesis where you can synthesize
bootspecs if they are not present based on the generation link only.
This is useful for "vanilla bootspec" which does not contain any
extensions, as this is what we do right now.
If we need extensions, we can also implement our synthesis mechanism on
the top of it.
Enabling synthesis gives us the superpower to support non-bootspec
users. :-)
2023-04-29 22:55:39 +02:00
Ryan Lahfa
484b2c2fe4
Merge pull request #148 from nix-community/rfc0125-post-merge
...
bootspec: RFC-0125 final changes
2023-04-29 16:01:40 +02:00
Raito Bezarius
d0d0b7b3a1
flake.lock: Update
2023-04-29 15:21:38 +02:00
Raito Bezarius
9fe979d2d6
tests: adopt bootspec v1 format
2023-04-29 15:21:38 +02:00
Raito Bezarius
48ff4cb7c4
tool: adopt bootspec 0.1.0
2023-04-29 15:21:38 +02:00
Raito Bezarius
01f07c47e8
flake.lock: Update
2023-04-29 15:03:28 +02:00
nikstur
c60e039ee9
Merge pull request #164 from nix-community/improve-malformed-gen-log
...
tool: improve log message about malformed gens
2023-04-27 17:44:26 +02:00
nikstur
06edad2e83
tool: improve log message about malformed gens
...
Tells the user which generations are malformed and how to remove them.
2023-04-27 00:33:45 +02:00
nikstur
b21c4007af
Merge pull request #162 from nix-community/remove-nixpkgs-test
...
treewide: remove nixpkgs-test
2023-04-25 01:13:37 +02:00
nikstur
b1101610f8
Merge pull request #161 from nix-community/safeguard-gc
...
tool: disable gc in the presence of malformed gens
2023-04-25 01:13:26 +02:00
nikstur
a886416d69
treewide: remove nixpkgs-test
2023-04-24 22:25:57 +02:00
nikstur
09e12eb559
tool: disable gc in the presence of malformed gens
...
Disable GC if there are any malformed gens to avoid catastrophic failure
when there are upstream changes to NixOS that are not handled in lzbt.
2023-04-24 22:03:14 +02:00
nikstur
1b27ddd753
Merge pull request #159 from nix-community/renovate/all
...
fix(deps): update rust crate clap to 4.2.4
2023-04-24 14:03:04 +02:00
nikstur
9dedfbf66a
Merge pull request #160 from dasJ/fix/mtime-again
...
tool: Switch back to mtime
2023-04-24 13:03:19 +02:00
Janne Heß
c22352ca20
tool: Use mtime of the symlink rather than the target
...
When using the target, this will always result in a timestamp from 1970
because the symlink points to the store.
2023-04-24 11:57:34 +02:00
Janne Heß
979d25ee13
Revert "Merge pull request #139 from adtya/built_on_date"
...
This reverts commit d751d13b0a
, reversing
changes made to 7c55847aaf
.
2023-04-24 11:48:46 +02:00
renovate[bot]
2ecd951de1
fix(deps): update rust crate clap to 4.2.4
2023-04-24 01:08:24 +00:00
nikstur
efff933460
Merge pull request #158 from nix-community/revert-warnlevel-malformed-gen
...
tool: revert log level of malformed gens
2023-04-23 23:44:07 +02:00
nikstur
8efc061e1d
tool: add comment for log level of malformed gens
...
The message about malformed generatiosn should semantically be a
warning. However, since users might have hundres of old and thus
malformed generations and can do little about it, this should remain a
debug message. This way the user is not spammed with no-op warnings
while still enabling debugging.
2023-04-23 23:28:21 +02:00
nikstur
68d1928e3d
Revert "tool: don't silently ignore generations"
...
This reverts commit 4f182704e0
.
2023-04-23 23:27:32 +02:00
Julian Stecklina
9bf192bb79
Merge pull request #155 from nix-community/desaster-control
...
Avoid Unbootable System on Bootspec Changes
2023-04-23 15:29:18 +02:00
Julian Stecklina
4f182704e0
tool: don't silently ignore generations
2023-04-23 15:20:49 +02:00
Julian Stecklina
be458e3385
tool: avoid creating unbootable system
...
lzbt currently happily nukes all boot entries, if it can't parse any
bootspecs. With the upcoming incompatible bootspec change, this might
be a problem that's worth avoiding. :)
I changed lzbt to fail hard in case, it can't generate any boot
items.
2023-04-23 15:17:32 +02:00
Julian Stecklina
385eced09d
Merge pull request #157 from Mic92/flake-compat
...
flake: reduce number of dependencies
2023-04-23 15:10:06 +02:00