blob: 10f38d1dccdf41a74faea89526a1831c5e0f161c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
(define-module (ryan-packages bootloaders)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages efi)
#:use-module (gnu packages base)
#:use-module (gnu packages linux)
#:use-module (gnu packages gperf)
#:use-module (gnu packages crypto)
#:use-module (gnu packages python)
#:use-module (gnu packages python-xyz)
#:use-module (gnu packages python-crypto)
#:use-module (gnu packages pkg-config)
#:use-module (guix gexp)
#:use-module (guix utils)
#:use-module (guix modules)
#:use-module (guix packages)
#:use-module (guix git-download)
#:use-module (guix build-system gnu)
#:use-module (guix build-system meson)
#:use-module (guix build-system python))
(define systemd-version "255")
(define systemd-source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/systemd/systemd")
(commit (string-append "v" systemd-version))))
(file-name (git-file-name "systemd" systemd-version))
(sha256
(base32
"1qdyw9g3jgvsbc1aryr11gpc3075w5pg00mqv4pyf3hwixxkwaq6"))))
(define-public (systemd-stub-name)
(let ((arch (cond ((target-x86-32?) "ia32")
((target-x86-64?) "x64")
((target-arm32?) "arm")
((target-aarch64?) "aa64")
((target-riscv64?) "riscv64"))))
(string-append "linux" arch ".efi.stub")))
(define-public systemd-stub
(package
(name "systemd-stub")
(version systemd-version)
(source systemd-source)
(build-system meson-build-system)
(arguments
(list
#:configure-flags
`(list "-Defi=true" "-Dsbat-distro=guix"
"-Dsbat-distro-generation=1" ; package revision!
"-Dsbat-distro-summary=Guix System"
"-Dsbat-distro-url=https://guix.gnu.org"
,(string-append "-Dsbat-distro-pkgname=" name)
,(string-append "-Dsbat-distro-version=" version))
#:phases
#~(let ((stub #$(string-append "src/boot/efi/" (systemd-stub-name))))
(modify-phases %standard-phases
(replace 'build
(lambda* (#:key parallel-build? #:allow-other-keys)
(invoke "ninja" stub
"-j" (if parallel-build?
(number->string (parallel-job-count)) "1"))))
(replace 'install
(lambda _
(install-file stub (string-append #$output "/libexec"))))
(delete 'check)))))
(inputs (list libcap python-pyelftools `(,util-linux "lib")))
(native-inputs (list libxcrypt gperf pkg-config python-3 python-jinja2))
(home-page "https://systemd.io")
(synopsis "Unified kernel image UEFI stub")
(description "Simple UEFi boot stub that loads a conjoined kernel image and
supporting data to their proper locations, before chainloading to the kernel.
Supports measured and/or verified boot environments.")
(license license:lgpl2.1+)))
(define-public ukify
(package
(name "ukify")
(version systemd-version)
(source systemd-source)
(build-system python-build-system)
(arguments
(list #:phases
#~(modify-phases %standard-phases
(replace 'build
(lambda _
(substitute* "src/ukify/ukify.py" ; added in python 3.11
(("datetime\\.UTC") "datetime.timezone.utc"))))
(delete 'check)
(replace 'install
(lambda* (#:key inputs #:allow-other-keys)
(let* ((bin (string-append #$output "/bin"))
(file (string-append bin "/ukify"))
(binutils (assoc-ref inputs "binutils"))
(sbsign (assoc-ref inputs "sbsigntools")))
(mkdir-p bin)
(copy-file "src/ukify/ukify.py" file)
(wrap-program file
`("PATH" ":" prefix
(,(string-append binutils "/bin")
,(string-append sbsign "/bin"))))))))))
(inputs (list binutils python-cryptography python-pefile sbsigntools))
(home-page "https://systemd.io")
(synopsis "Unified kernel image UEFI tool")
(description "@command{ukify} joins together a UKI stub, linux kernel, initrd,
kernel arguments, and optional secure boot signatures into a single, UEFI-bootable
image.")
(license license:lgpl2.1+)))
|
