feat: add ARM kernel config

This commit is contained in:
Lars Sjöström 2025-06-13 10:55:49 +02:00
parent 217ff2d4a8
commit 3aacf80380
No known key found for this signature in database
5 changed files with 9340 additions and 18 deletions

View file

@ -1,5 +1,6 @@
{
lib,
stdenv,
pkgs,
version,
runCommand,
@ -16,6 +17,10 @@ runCommand pname {
mcode = lib.optionalString (microcode == "amd") "--microcode ${pkgs.microcode-amd}/amd-ucode.img"
+ lib.optionalString (microcode == "intel") "--microcode ${pkgs.microcode-intel}/intel-ucode.img";
# aarch64 doesn't support compressed kernel images
kernelImage = lib.optionalString (stdenv.hostPlatform.isAarch64 == true) "Image"
+ lib.optionalString (stdenv.hostPlatform.isx86_64 == true) "bzImage";
nativeBuildInputs = with pkgs; [
erofs-utils
dosfstools
@ -32,6 +37,8 @@ runCommand pname {
kernelCmdLine = "systemd.journald.forward_to_console=1 console=ttyS0 patos.secureboot=${secureBoot}";
}
''
set -ex -o pipefail
mkdir -p $out/init.repart.d $out/final.repart.d
pushd $out
@ -182,7 +189,7 @@ ln -sf patos_$version.verity.raw patos_${version}_$verityUuid.verity
ln -sf patos_$version.root.raw patos_${version}_$rootUuid.root
${pkgs.patos.systemd}/usr/bin/ukify build \
--linux ${pkgs.patos.kernel}/bzImage \
--linux ${pkgs.patos.kernel}/$kernelImage \
--initrd ${pkgs.patos.initrd}/initrd.xz \
$mcode \
--os-release @rootfs/etc/os-release \
@ -218,8 +225,8 @@ cat <<EOF > final.repart.d/10-esp.conf
[Partition]
Type=esp
Format=vfat
SizeMinBytes=128M
SizeMaxBytes=128M
SizeMinBytes=256M
SizeMaxBytes=256M
CopyFiles=$out/rootfs/boot:/
EOF

View file

@ -1,7 +1,9 @@
{ pkgs }:
{ pkgs, lib, stdenv }:
let
version = "6.15.2";
hash = "sha256-NFjNamxQjhYdvFQG5yuZ1dvfkp+vcEpn25ukbQdRSFg=";
arch = lib.optionalString (stdenv.hostPlatform.isAarch64 == true) "arm64"
+ lib.optionalString (stdenv.hostPlatform.isx86_64 == true) "x86_64";
in
(pkgs.callPackage ./manual-config.nix { }) {
version = "${version}-patos1";
@ -10,6 +12,6 @@ in
url = "https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-${version}.tar.xz";
hash = hash;
};
configfile = ./generic.config;
configfile = ./generic-${arch}.config;
allowImportFromDerivation = true;
}

File diff suppressed because it is too large Load diff

View file

@ -11,12 +11,6 @@ pkgs.writeShellApplication {
];
text =
let
tpmOVMF = pkgs.OVMF.override {
tpmSupport = true;
secureBoot = true;
};
in
''
set -ex
state="/tmp/patos-qemu-$USER"
@ -28,10 +22,10 @@ pkgs.writeShellApplication {
cp "$OVMF_FD/AAVMF/vars-template-pflash.raw" "$state/vars-pflash.raw"
chmod u+w "$state/vars-pflash.raw"
# swtpm socket -d --tpmstate dir="$state" \
# --ctrl type=unixio,path="$state/swtpm-sock" \
# --tpm2 \
# --log file="$state/swtpm.log",level=20
swtpm socket -d --tpmstate dir="$state" \
--ctrl type=unixio,path="$state/swtpm-sock" \
--tpm2 \
--log file="$state/swtpm.log",level=20
qemu-system-aarch64 \
-machine virt,gic-version=max \
@ -39,16 +33,20 @@ pkgs.writeShellApplication {
-smp 8 \
-m 4G \
-display none \
-serial stdio \
-chardev "stdio,id=char0,mux=on,logfile=$state/console.log,signal=off" \
-serial chardev:char0 \
-mon chardev=char0 \
-chardev socket,id=chrtpm,path="$state/swtpm-sock" \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis-device,tpmdev=tpm0 \
-drive "if=pflash,format=raw,unit=0,readonly=on,file=$OVMF_FD/AAVMF/QEMU_EFI-pflash.raw" \
-drive "if=pflash,format=raw,unit=1,file=$state/vars-pflash.raw" \
-device virtio-scsi-pci \
-device virtio-gpu-pci \
-device virtio-net-pci,netdev=wan \
-netdev user,id=wan \
-device virtio-rng-pci,rng=rng0 \
-object rng-random,filename=/dev/urandom,id=rng0 \
-device virtio-serial-pci \
-drive "format=qcow2,file=$state/disk.qcow2"
-drive "format=qcow2,if=virtio,file=$state/disk.qcow2"
'';
}