parent
217ff2d4a8
commit
3aacf80380
5 changed files with 9340 additions and 18 deletions
|
@ -1,5 +1,6 @@
|
|||
{
|
||||
lib,
|
||||
stdenv,
|
||||
pkgs,
|
||||
version,
|
||||
runCommand,
|
||||
|
@ -16,6 +17,10 @@ runCommand pname {
|
|||
mcode = lib.optionalString (microcode == "amd") "--microcode ${pkgs.microcode-amd}/amd-ucode.img"
|
||||
+ lib.optionalString (microcode == "intel") "--microcode ${pkgs.microcode-intel}/intel-ucode.img";
|
||||
|
||||
# aarch64 doesn't support compressed kernel images
|
||||
kernelImage = lib.optionalString (stdenv.hostPlatform.isAarch64 == true) "Image"
|
||||
+ lib.optionalString (stdenv.hostPlatform.isx86_64 == true) "bzImage";
|
||||
|
||||
nativeBuildInputs = with pkgs; [
|
||||
erofs-utils
|
||||
dosfstools
|
||||
|
@ -32,6 +37,8 @@ runCommand pname {
|
|||
kernelCmdLine = "systemd.journald.forward_to_console=1 console=ttyS0 patos.secureboot=${secureBoot}";
|
||||
}
|
||||
''
|
||||
set -ex -o pipefail
|
||||
|
||||
mkdir -p $out/init.repart.d $out/final.repart.d
|
||||
pushd $out
|
||||
|
||||
|
@ -182,7 +189,7 @@ ln -sf patos_$version.verity.raw patos_${version}_$verityUuid.verity
|
|||
ln -sf patos_$version.root.raw patos_${version}_$rootUuid.root
|
||||
|
||||
${pkgs.patos.systemd}/usr/bin/ukify build \
|
||||
--linux ${pkgs.patos.kernel}/bzImage \
|
||||
--linux ${pkgs.patos.kernel}/$kernelImage \
|
||||
--initrd ${pkgs.patos.initrd}/initrd.xz \
|
||||
$mcode \
|
||||
--os-release @rootfs/etc/os-release \
|
||||
|
@ -218,8 +225,8 @@ cat <<EOF > final.repart.d/10-esp.conf
|
|||
[Partition]
|
||||
Type=esp
|
||||
Format=vfat
|
||||
SizeMinBytes=128M
|
||||
SizeMaxBytes=128M
|
||||
SizeMinBytes=256M
|
||||
SizeMaxBytes=256M
|
||||
CopyFiles=$out/rootfs/boot:/
|
||||
EOF
|
||||
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
{ pkgs }:
|
||||
{ pkgs, lib, stdenv }:
|
||||
let
|
||||
version = "6.15.2";
|
||||
hash = "sha256-NFjNamxQjhYdvFQG5yuZ1dvfkp+vcEpn25ukbQdRSFg=";
|
||||
arch = lib.optionalString (stdenv.hostPlatform.isAarch64 == true) "arm64"
|
||||
+ lib.optionalString (stdenv.hostPlatform.isx86_64 == true) "x86_64";
|
||||
in
|
||||
(pkgs.callPackage ./manual-config.nix { }) {
|
||||
version = "${version}-patos1";
|
||||
|
@ -10,6 +12,6 @@ in
|
|||
url = "https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-${version}.tar.xz";
|
||||
hash = hash;
|
||||
};
|
||||
configfile = ./generic.config;
|
||||
configfile = ./generic-${arch}.config;
|
||||
allowImportFromDerivation = true;
|
||||
}
|
||||
|
|
9315
pkgs/kernel/generic-arm64.config
Normal file
9315
pkgs/kernel/generic-arm64.config
Normal file
File diff suppressed because it is too large
Load diff
|
@ -11,12 +11,6 @@ pkgs.writeShellApplication {
|
|||
];
|
||||
|
||||
text =
|
||||
let
|
||||
tpmOVMF = pkgs.OVMF.override {
|
||||
tpmSupport = true;
|
||||
secureBoot = true;
|
||||
};
|
||||
in
|
||||
''
|
||||
set -ex
|
||||
state="/tmp/patos-qemu-$USER"
|
||||
|
@ -28,10 +22,10 @@ pkgs.writeShellApplication {
|
|||
cp "$OVMF_FD/AAVMF/vars-template-pflash.raw" "$state/vars-pflash.raw"
|
||||
chmod u+w "$state/vars-pflash.raw"
|
||||
|
||||
# swtpm socket -d --tpmstate dir="$state" \
|
||||
# --ctrl type=unixio,path="$state/swtpm-sock" \
|
||||
# --tpm2 \
|
||||
# --log file="$state/swtpm.log",level=20
|
||||
swtpm socket -d --tpmstate dir="$state" \
|
||||
--ctrl type=unixio,path="$state/swtpm-sock" \
|
||||
--tpm2 \
|
||||
--log file="$state/swtpm.log",level=20
|
||||
|
||||
qemu-system-aarch64 \
|
||||
-machine virt,gic-version=max \
|
||||
|
@ -39,16 +33,20 @@ pkgs.writeShellApplication {
|
|||
-smp 8 \
|
||||
-m 4G \
|
||||
-display none \
|
||||
-serial stdio \
|
||||
-chardev "stdio,id=char0,mux=on,logfile=$state/console.log,signal=off" \
|
||||
-serial chardev:char0 \
|
||||
-mon chardev=char0 \
|
||||
-chardev socket,id=chrtpm,path="$state/swtpm-sock" \
|
||||
-tpmdev emulator,id=tpm0,chardev=chrtpm \
|
||||
-device tpm-tis-device,tpmdev=tpm0 \
|
||||
-drive "if=pflash,format=raw,unit=0,readonly=on,file=$OVMF_FD/AAVMF/QEMU_EFI-pflash.raw" \
|
||||
-drive "if=pflash,format=raw,unit=1,file=$state/vars-pflash.raw" \
|
||||
-device virtio-scsi-pci \
|
||||
-device virtio-gpu-pci \
|
||||
-device virtio-net-pci,netdev=wan \
|
||||
-netdev user,id=wan \
|
||||
-device virtio-rng-pci,rng=rng0 \
|
||||
-object rng-random,filename=/dev/urandom,id=rng0 \
|
||||
-device virtio-serial-pci \
|
||||
-drive "format=qcow2,file=$state/disk.qcow2"
|
||||
-drive "format=qcow2,if=virtio,file=$state/disk.qcow2"
|
||||
'';
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue