diff --git a/.gitignore b/.gitignore index 08acf41..6833589 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,8 @@ .task /result /target +/out +/initrd.gz .*.swp .*.swo .nixos-test-history diff --git a/flake.nix b/flake.nix index 6a4e60f..866ed43 100644 --- a/flake.nix +++ b/flake.nix @@ -21,11 +21,160 @@ packages = { default = self.packages.${system}.image; image = pkgs.writeShellScriptBin "image" '' - echo "make image here..." + echo "make UKI..." + echo ${self.packages.${system}.kernel.kernel}/bzImage + ${self.packages.${system}.systemd.out}/usr/bin/ukify build \ + --linux ${self.packages.${system}.kernel.kernel}/bzImage \ + --initrd ./initrd.gz \ + --cmdline "console=ttyS0" \ + -o patos.efi ''; kernel = pkgs.callPackage ./kernel { }; + glibc = pkgs.callPackage ./glibc { }; systemd = pkgs.callPackage ./systemd { }; + + mkinitrd = pkgs.writeShellScriptBin "mkinitrd" '' + echo "make initrd..." + mkdir -p out + + # copy systemd + cp -Pr ${self.packages.${system}.systemd.out}/* out/ + pushd out + + find . -type d -exec chmod 755 {} \; + + # Copy kernel modules + cp -Pr ${self.packages.${system}.kernel.kernel}/lib/modules ./usr/lib/ + find usr/lib/modules -type d -exec chmod 755 {} \; + + mkdir -p dev proc sys tmp root + ln -sf usr/bin bin + ln -sf usr/bin sbin + ln -sf usr/lib lib + ln -sf usr/lib lib64 + + ln -sf ../proc/self/mounts etc/mtab + ln -sf ../usr/lib/systemd/systemd init + + echo patos > ./etc/hostname + cat < ./etc/os-release + NAME="PatOS" + PRETTY_NAME="PatOS Platform" + ID=patos + EOF + + cat < ./etc/passwd + root::0:0:root:/root:/bin/sh + bin:x:1:1:bin:/bin:/usr/bin/nologin + daemon:x:2:2:daemon:/:/usr/bin/nologin + mail:x:8:12:mail:/var/spool/mail:/usr/bin/nologin + ftp:x:14:11:ftp:/srv/ftp:/usr/bin/nologin + http:x:33:33:http:/srv/http:/usr/bin/nologin + uuidd:x:68:68:uuidd:/:/usr/bin/nologin + dbus:x:81:81:dbus:/:/usr/bin/nologin + nobody:x:99:99:nobody:/:/usr/bin/nologin + EOF + chmod 644 ./etc/passwd + + cat < ./etc/group + root:x:0:root + bin:x:1:root,bin,daemon + daemon:x:2:root,bin,daemon + sys:x:3:root,bin + adm:x:4:root,daemon + tty:x:5: + disk:x:6:root + lp:x:7:daemon + mem:x:8: + kmem:x:9: + wheel:x:10:root + ftp:x:11: + mail:x:12: + uucp:x:14: + log:x:19:root + utmp:x:20: + locate:x:21: + rfkill:x:24: + smmsp:x:25: + proc:x:26: + http:x:33: + games:x:50: + lock:x:54: + uuidd:x:68: + dbus:x:81: + network:x:90: + video:x:91: + audio:x:92: + optical:x:93: + floppy:x:94: + storage:x:95: + scanner:x:96: + input:x:97: + power:x:98: + nobody:x:99: + EOF + chmod 644 ./etc/group + + # FIXME: remove this + cat < usr/lib/systemd/system/demo.service + [Unit] + Description=Debug Shell (/bin/sulogin) + Conflicts=shutdown.target + Before=shutdown.target + + [Service] + Environment=HOME=/root + WorkingDirectory=/root + ExecStart=/bin/sulogin + Type=idle + StandardInput=tty-force + StandardOutput=inherit + StandardError=inherit + KillMode=process + IgnoreSIGPIPE=no + SendSIGHUP=yes + Restart=always + + [Install] + WantedBy=basic.target + EOF + mkdir usr/lib/systemd/system/basic.target.wants + ln -sf ../demo.service usr/lib/systemd/system/basic.target.wants/demo.service + + # set default target + ln -sf basic.target usr/lib/systemd/system/default.target + # remove first boot + rm -f usr/lib/systemd/system/sysinit.target.wants/systemd-firstboot.service + # remove vconsole setup + rm -f usr/lib/udev/rules.d/90-vconsole.rules + + # install busybox + cp ${pkgs.busybox.out}/bin/busybox usr/bin/ + usr/bin/busybox --list | xargs -I {} ln -sf busybox usr/bin/{} + + # install lib kmod + cp -P ${pkgs.kmod.lib}/lib/* ./usr/lib + cp -P ${pkgs.kmod.out}/bin/* ./usr/bin + cp -P ${pkgs.libbpf.out}/lib/libbpf* ./usr/lib + + # get shared libs + find . -type f -executable | xargs ldd 2> /dev/null | awk '{print $3}' | grep -v systemd | sort -u | xargs cp -t usr/lib + find . -type f -executable | xargs chmod 755 + + # FIXME: hacky(?) ELF patching. Is there a better way???????? + find . -type f -executable -print | xargs -I {} ${pkgs.lib.getExe pkgs.patchelf} --set-rpath /lib:/usr/lib:/usr/lib/systemd {} 2> /dev/null + find . -type f -executable -print | xargs -I {} ${pkgs.lib.getExe pkgs.patchelf} --set-interpreter /lib/ld-linux-x86-64.so.2 {} 2> /dev/null + cp ${ + self.packages.${system}.glibc.out + }/lib/ld-linux-x86-64.so.2 lib/ && ${pkgs.lib.getExe pkgs.patchelf} --remove-rpath lib/ld-linux-x86-64.so.2 + + # strip binaries + find . -type f -executable | xargs strip 2> /dev/null + + # gen initrd + find . -print0 | ${pkgs.lib.getExe pkgs.cpio} --null --owner=root:root -o --format=newc | ${pkgs.lib.getExe pkgs.gzip} -9 > ../initrd.gz + ''; }; checks = { diff --git a/glibc/default.nix b/glibc/default.nix new file mode 100644 index 0000000..65bebc3 --- /dev/null +++ b/glibc/default.nix @@ -0,0 +1,57 @@ +{ + fetchurl, + pkgs, + stdenv, + + ... +}: +let + version = "2.40"; + pname = "glibcStandalone"; +in +stdenv.mkDerivation (finalAttrs: { + inherit version; + + pname = pname; + + src = fetchurl { + url = "mirror://gnu/glibc/glibc-${version}.tar.xz"; + sha256 = "sha256-GaiQF16SY9dI9ieZPeb0sa+c0h4D8IDkv7Oh+sECBaI="; + }; + + enableParallelBuilding = true; + + configureFlags = [ + "--prefix=/" + "--libdir=/lib" + "--bindir=/bin" + "--sysconfdir=/etc" + ]; + + preConfigure = + '' + export PWD_P=$(type -tP pwd) + for i in configure io/ftwtest-sh; do + sed -i "$i" -e "s^/bin/pwd^$PWD_P^g" + done + + mkdir ../build + cd ../build + + configureScript="`pwd`/../$sourceRoot/configure" + ''; + + nativeBuildInputs = with pkgs; [ + bison + python3Minimal + ]; + + outputs = [ + "out" + ]; + + preInstall = '' + export DESTDIR=${placeholder "out"} + ''; + +}) diff --git a/kernel/generic.config b/kernel/generic.config index 2073cdf..7e0325c 100644 --- a/kernel/generic.config +++ b/kernel/generic.config @@ -1397,14 +1397,6 @@ CONFIG_MMU=y CONFIG_MODPROBE_PATH="/sbin/modprobe" CONFIG_MODULE_COMPRESS_ZSTD=y CONFIG_MODULE_FORCE_UNLOAD=y -CONFIG_MODULE_SIG_ALL=y -CONFIG_MODULE_SIG_FORCE=y -CONFIG_MODULE_SIG_FORMAT=y -CONFIG_MODULE_SIG_HASH="sha512" -CONFIG_MODULE_SIG_KEY="certs/signing_key.pem" -CONFIG_MODULE_SIG_KEY_TYPE_RSA=y -CONFIG_MODULE_SIG_SHA512=y -CONFIG_MODULE_SIG=y CONFIG_MODULE_SRCVERSION_ALL=y CONFIG_MODULE_UNLOAD=y CONFIG_MODULES_TREE_LOOKUP=y diff --git a/systemd/default.nix b/systemd/default.nix index 99e4684..3174f0f 100644 --- a/systemd/default.nix +++ b/systemd/default.nix @@ -137,9 +137,6 @@ stdenv.mkDerivation (finalAttrs: { postPatch = '' - substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" - '' - + '' substituteInPlace meson.build \ --replace "find_program('clang'" "find_program('${stdenv.cc.targetPrefix}clang'" '' @@ -150,7 +147,7 @@ stdenv.mkDerivation (finalAttrs: { "'${targetPackages.stdenv.cc.bintools.targetPrefix}readelf'" \ --replace \ "/usr/lib/systemd/boot/efi" \ - "$out/lib/systemd/boot/efi" + "$out/usr/lib/systemd/boot/efi" '' # Finally, patch shebangs in scripts used at build time. This must not patch # scripts that will end up in the output, to avoid build platform references @@ -171,7 +168,7 @@ stdenv.mkDerivation (finalAttrs: { "--sysconfdir=/etc" "--localstatedir=/var" "--libdir=/usr/lib" - "--bindir=/bin" + "--bindir=/usr/bin" "--includedir=/usr/include" "--localedir=/usr/share/locale" @@ -190,7 +187,19 @@ stdenv.mkDerivation (finalAttrs: { (lib.mesonOption "mode" "release") (lib.mesonOption "tty-gid" "3") # tty in NixOS has gid 3 - (lib.mesonOption "kmod-path" "/bin/kmod") + (lib.mesonOption "kmod-path" "/usr/bin/kmod") + (lib.mesonOption "debug-shell" "/usr/bin/sh") + (lib.mesonOption "pamconfdir" "/etc/pam.d") + (lib.mesonOption "shellprofiledir" "/etc/profile.d") + (lib.mesonOption "dbuspolicydir" "/usr/share/dbus-1/system.d") + (lib.mesonOption "dbussessionservicedir" "/usr/share/dbus-1/services") + (lib.mesonOption "dbussystemservicedir" "/usr/share/dbus-1/system-services") + (lib.mesonOption "setfont-path" "/usr/bin/setfont") + (lib.mesonOption "loadkeys-path" "/usr/bin/loadkeys") + (lib.mesonOption "sulogin-path" "/usr/bin/sulogin") + (lib.mesonOption "nologin-path" "/usr/bin/nologin") + (lib.mesonOption "mount-path" "/usr/bin/mount") + (lib.mesonOption "umount-path" "/usr/bin/umount") # SBAT (lib.mesonOption "sbat-distro" "patos") @@ -281,7 +290,7 @@ stdenv.mkDerivation (finalAttrs: { (lib.mesonEnable "man" false) (lib.mesonBool "analyze" true) - (lib.mesonBool "logind" false) + (lib.mesonBool "logind" true) (lib.mesonBool "localed" false) (lib.mesonBool "hostnamed" true) (lib.mesonBool "machined" true)