From 2894de6b457342e760c669b20462c017620b5f90 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Fri, 28 Mar 2025 18:58:21 +0100
Subject: [PATCH 01/11] WIP: feat(linux-firmware): initial packaging of linux
firmware
---
flake.nix | 151 ++++++++++++++++++++++------
foo.sh | 22 ++++
pkgs/linux-firmware/default.nix | 38 +++++++
pkgs/linux-firmware/post-install.sh | 59 +++++++++++
4 files changed, 241 insertions(+), 29 deletions(-)
create mode 100755 foo.sh
create mode 100644 pkgs/linux-firmware/default.nix
create mode 100755 pkgs/linux-firmware/post-install.sh
diff --git a/flake.nix b/flake.nix
index 99fce5b..15a9152 100644
--- a/flake.nix
+++ b/flake.nix
@@ -25,10 +25,19 @@
{
packages = {
default = patosPkgs.image;
- image = pkgs.callPackage ./pkgs/image { inherit patosPkgs version updateUrl cpuArch secureBoot; };
+ image = pkgs.callPackage ./pkgs/image {
+ inherit
+ patosPkgs
+ version
+ updateUrl
+ cpuArch
+ secureBoot
+ ;
+ };
rootfs = pkgs.callPackage ./pkgs/rootfs/mkrootfs.nix { inherit patosPkgs version; };
initrd = pkgs.callPackage ./pkgs/rootfs/mkinitrd.nix { inherit patosPkgs version; };
kernel = pkgs.callPackage ./pkgs/kernel { };
+ linux-firmware = pkgs.callPackage ./pkgs/linux-firmware { };
glibc = pkgs.callPackage ./pkgs/glibc { };
busybox = pkgs.callPackage ./pkgs/busybox { };
openssl = pkgs.callPackage ./pkgs/openssl { };
@@ -46,38 +55,122 @@
name = "debug-tools";
version = "0.0.1";
packages = [
- { drv = pkgs.curl; path = "bin/curl"; }
- { drv = pkgs.bash; path = "bin/bash"; }
- { drv = patosPkgs.glibc; path = "bin/ldd"; }
- { drv = pkgs.keyutils; path = "bin/keyctl"; }
- { drv = pkgs.gnutar; path = "bin/tar"; }
- { drv = pkgs.binutils-unwrapped; path = "bin/strings"; }
- { drv = pkgs.strace; path = "bin/strace"; }
- { drv = patosPkgs.tpm2-tools; path = "bin/tpm2"; }
- { drv = patosPkgs.openssl; path = "bin/openssl"; }
- { drv = pkgs.cryptsetup; path = "bin/cryptsetup"; }
- { drv = pkgs.cryptsetup; path = "bin/veritysetup"; }
- { drv = pkgs.erofs-utils; path = "bin/mkfs.erofs"; }
+ {
+ drv = pkgs.curl;
+ path = "bin/curl";
+ }
+ {
+ drv = pkgs.bash;
+ path = "bin/bash";
+ }
+ {
+ drv = patosPkgs.glibc;
+ path = "bin/ldd";
+ }
+ {
+ drv = pkgs.keyutils;
+ path = "bin/keyctl";
+ }
+ {
+ drv = pkgs.gnutar;
+ path = "bin/tar";
+ }
+ {
+ drv = pkgs.binutils-unwrapped;
+ path = "bin/strings";
+ }
+ {
+ drv = pkgs.strace;
+ path = "bin/strace";
+ }
+ {
+ drv = patosPkgs.tpm2-tools;
+ path = "bin/tpm2";
+ }
+ {
+ drv = patosPkgs.openssl;
+ path = "bin/openssl";
+ }
+ {
+ drv = pkgs.cryptsetup;
+ path = "bin/cryptsetup";
+ }
+ {
+ drv = pkgs.cryptsetup;
+ path = "bin/veritysetup";
+ }
+ {
+ drv = pkgs.erofs-utils;
+ path = "bin/mkfs.erofs";
+ }
# shared lib required for cryptsetup
- { drv = pkgs.popt; path = "lib/libpopt.so.0.0.2"; }
- { drv = pkgs.popt; path = "lib/libpopt.so.0"; }
- { drv = pkgs.popt; path = "lib/libpopt.so"; }
+ {
+ drv = pkgs.popt;
+ path = "lib/libpopt.so.0.0.2";
+ }
+ {
+ drv = pkgs.popt;
+ path = "lib/libpopt.so.0";
+ }
+ {
+ drv = pkgs.popt;
+ path = "lib/libpopt.so";
+ }
# shared lib required for mkfs.erofs
- { drv = pkgs.lz4.lib; path = "lib/liblz4.so.1.10.0"; }
- { drv = pkgs.lz4.lib; path = "lib/liblz4.so.1"; }
- { drv = pkgs.lz4.lib; path = "lib/liblz4.so"; }
+ {
+ drv = pkgs.lz4.lib;
+ path = "lib/liblz4.so.1.10.0";
+ }
+ {
+ drv = pkgs.lz4.lib;
+ path = "lib/liblz4.so.1";
+ }
+ {
+ drv = pkgs.lz4.lib;
+ path = "lib/liblz4.so";
+ }
# shared lib required for binutils
- { drv = pkgs.binutils-unwrapped.lib; path = "lib/libsframe.so.1.0.0"; }
- { drv = pkgs.binutils-unwrapped.lib; path = "lib/libsframe.so.1"; }
- { drv = pkgs.binutils-unwrapped.lib; path = "lib/libbfd-2.43.1.so"; }
- { drv = pkgs.binutils-unwrapped.lib; path = "lib/libbfd.so"; }
+ {
+ drv = pkgs.binutils-unwrapped.lib;
+ path = "lib/libsframe.so.1.0.0";
+ }
+ {
+ drv = pkgs.binutils-unwrapped.lib;
+ path = "lib/libsframe.so.1";
+ }
+ {
+ drv = pkgs.binutils-unwrapped.lib;
+ path = "lib/libbfd-2.43.1.so";
+ }
+ {
+ drv = pkgs.binutils-unwrapped.lib;
+ path = "lib/libbfd.so";
+ }
# shared lib required for strace
- { drv = pkgs.elfutils.out; path = "lib/libdw-0.192.so"; }
- { drv = pkgs.elfutils.out; path = "lib/libdw.so.1"; }
- { drv = pkgs.elfutils.out; path = "lib/libdw.so"; }
- { drv = pkgs.elfutils.out; path = "lib/libelf-0.192.so"; }
- { drv = pkgs.elfutils.out; path = "lib/libelf.so.1"; }
- { drv = pkgs.elfutils.out; path = "lib/libelf.so"; }
+ {
+ drv = pkgs.elfutils.out;
+ path = "lib/libdw-0.192.so";
+ }
+ {
+ drv = pkgs.elfutils.out;
+ path = "lib/libdw.so.1";
+ }
+ {
+ drv = pkgs.elfutils.out;
+ path = "lib/libdw.so";
+ }
+ {
+ drv = pkgs.elfutils.out;
+ path = "lib/libelf-0.192.so";
+ }
+ {
+ drv = pkgs.elfutils.out;
+ path = "lib/libelf.so.1";
+ }
+ {
+ drv = pkgs.elfutils.out;
+ path = "lib/libelf.so";
+ }
];
};
};
diff --git a/foo.sh b/foo.sh
new file mode 100755
index 0000000..aefb5d5
--- /dev/null
+++ b/foo.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+out=/tmp/build
+_pick() {
+ local p="$1" f d; shift
+ for f; do
+ d="$out/$p/${f#$out/}"
+ echo mkdir -p "$(dirname "$d")"
+ echo mv "$f" "$d"
+ echo rm -rf "$f"
+
+ echo mkfs.erofs --all-root -Efragments,dedupe,ztailpacking $out/$p.raw $p
+ echo veritysetup format --root-hash-file $out/$p.roothash $out/$p.raw $out/$p.verity
+ done
+}
+
+# _pick amd-ucode usr/lib/firmware/amd-ucode
+
+# _pick linux-firmware-nfp usr/lib/firmware/netronome
+# _pick linux-firmware-marvell usr/lib/firmware/{libertas,mwl8k,mwlwifi,mrvl}
+_pick linux-firmware-qlogic usr/lib/firmware/{qlogic,qed,ql2???_*,c{b,t,t2}fw-*}
+
+# _pick linux-firmware-base usr/lib/firmware
diff --git a/pkgs/linux-firmware/default.nix b/pkgs/linux-firmware/default.nix
new file mode 100644
index 0000000..161b2e4
--- /dev/null
+++ b/pkgs/linux-firmware/default.nix
@@ -0,0 +1,38 @@
+{
+ stdenv,
+ pkgs,
+}:
+
+stdenv.mkDerivation {
+ pname = pkgs.linux-firmware.name;
+ version = pkgs.linux-firmware.version;
+ src = pkgs.linux-firmware.src;
+
+ buildInputs = with pkgs; [
+ erofs-utils
+ cryptsetup
+ ];
+
+ nativeBuildInputs = with pkgs; [
+ python3
+ rdfind
+ which
+ zstd
+ ];
+
+ noBrokenSymlinks = true;
+
+ installTargets = [
+ "install-zst"
+ "dedup"
+ ];
+
+ # inspo: https://gitlab.archlinux.org/archlinux/packaging/packages/linux-firmware/-/blob/main/PKGBUILD?ref_type=heads#L93
+ makeFlags = [
+ "DESTDIR=$(out)"
+ "ZSTD_CLEVEL=19"
+ "FIRMWAREDIR=/usr/lib/firmware"
+ ];
+
+ postInstall = ./post-install.sh;
+}
diff --git a/pkgs/linux-firmware/post-install.sh b/pkgs/linux-firmware/post-install.sh
new file mode 100755
index 0000000..2dbe3ca
--- /dev/null
+++ b/pkgs/linux-firmware/post-install.sh
@@ -0,0 +1,59 @@
+set -ex -uo pipefail
+
+_pick() {
+ local p="$1" f d; shift
+ for f; do
+ d="$out/$p/${f#$out/}"
+ mkdir -p "$(dirname "$d")"
+ mv $out/"$f" "$d"
+ rm -rf $out/"$f"
+ done
+}
+
+_package() {
+ local p="$1"
+ mkdir -p $out/$p/usr/lib/extension-release.d
+ cat << EOF > $out/$p/usr/lib/extension-release.d/extension-release.$p
+ID=patos
+IMAGE_ID=$p
+IMAGE_VERSION=$version
+VERSION_ID=patos
+EOF
+
+ mkfs.erofs --all-root -Efragments,dedupe,ztailpacking $out/$p.raw $out/$p
+ veritysetup format --root-hash-file $out/$p.roothash $out/$p.raw $out/$p.verity
+}
+
+# remove arm64 firmware https://bugs.archlinux.org/task/76583
+rm $out/usr/lib/firmware/mrvl/prestera/mvsw_prestera_fw_arm64-v4.1.img.zst
+
+_pick amd-ucode usr/lib/firmware/amd-ucode
+_package amd-ucode
+
+_pick linux-firmware-nfp usr/lib/firmware/netronome
+_package linux-firmware-nfp
+
+_pick linux-firmware-mellanox usr/lib/firmware/mellanox
+_package linux-firmware-mellanox
+
+_pick linux-firmware-marvell usr/lib/firmware/{libertas,mwl8k,mwlwifi,mrvl}
+_package linux-firmware-marvell
+
+_pick linux-firmware-qcom usr/lib/firmware/qcom
+_package linux-firmware-qcom
+
+_pick linux-firmware-liquidio usr/lib/firmware/liquidio
+_package linux-firmware-liquidio
+
+# _pick linux-firmware-qlogic usr/lib/firmware/{qlogic,qed,ql2???_*,c{b,t,t2}fw-*}
+# _package linux-firmware-qlogic
+
+# _pick linux-firmware-bnx2x usr/lib/firmware/bnx2x*
+# _package linux-firmware-bnx2x
+
+# and the rest is base firmware
+_pick linux-firmware usr/lib/firmware
+_package linux-firmware
+
+# clean up
+# rm -rf $out/usr
From 58861e6de6c80d6b93609185048f2a98e515b444 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Thu, 17 Apr 2025 19:06:37 +0200
Subject: [PATCH 02/11] chore: upgrade systemd
---
pkgs/systemd/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/systemd/default.nix b/pkgs/systemd/default.nix
index a1cb314..a93fd76 100644
--- a/pkgs/systemd/default.nix
+++ b/pkgs/systemd/default.nix
@@ -7,7 +7,7 @@
...
}:
let
- version = "257.4";
+ version = "257.5";
# Use the command below to update `releaseTimestamp` on every (major) version
# change. More details in the commentary at mesonFlags.
From 92c204231b7cfaa9f3b880e8d3b27af2ad6474d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Sat, 19 Apr 2025 22:56:00 +0200
Subject: [PATCH 03/11] chore: nix flake update
---
flake.lock | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/flake.lock b/flake.lock
index 2272d3d..3725da4 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1742669843,
- "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=",
+ "lastModified": 1744932701,
+ "narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "1e5b653dff12029333a6546c11e108ede13052eb",
+ "rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef",
"type": "github"
},
"original": {
From 15227256ecf0e8aea67d3ebb21e2122a7b6a0f46 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Sat, 19 Apr 2025 23:06:44 +0200
Subject: [PATCH 04/11] chore: kernel upgrade
---
pkgs/kernel/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/kernel/default.nix b/pkgs/kernel/default.nix
index 51a05bf..1297825 100644
--- a/pkgs/kernel/default.nix
+++ b/pkgs/kernel/default.nix
@@ -1,7 +1,7 @@
{ pkgs }:
let
- version = "6.13.8";
- hash = "sha256-JZr6Wdc9Z2vsKuib6s2UngjVTT9wp/iwp0IxUJV1Grs=";
+ version = "6.14.2";
+ hash = "sha256-xcaCo1TqMZATk1elfTSnnlw3IhrOgjqTjhARa1d6Lhs=";
in
(pkgs.callPackage ./manual-config.nix { }) {
version = "${version}-patos1";
From b7e526454b66c1aca7875fcab107cc3fbb780099 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Tue, 6 May 2025 18:12:03 +0200
Subject: [PATCH 05/11] chore: nix update
---
flake.lock | 6 +++---
pkgs/kernel/default.nix | 4 ++--
pkgs/systemd/default.nix | 2 +-
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/flake.lock b/flake.lock
index 3725da4..bb33fd6 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1744932701,
- "narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=",
+ "lastModified": 1746328495,
+ "narHash": "sha256-uKCfuDs7ZM3QpCE/jnfubTg459CnKnJG/LwqEVEdEiw=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef",
+ "rev": "979daf34c8cacebcd917d540070b52a3c2b9b16e",
"type": "github"
},
"original": {
diff --git a/pkgs/kernel/default.nix b/pkgs/kernel/default.nix
index 1297825..dcd382d 100644
--- a/pkgs/kernel/default.nix
+++ b/pkgs/kernel/default.nix
@@ -1,7 +1,7 @@
{ pkgs }:
let
- version = "6.14.2";
- hash = "sha256-xcaCo1TqMZATk1elfTSnnlw3IhrOgjqTjhARa1d6Lhs=";
+ version = "6.14.4";
+ hash = "sha256-lFLyjXoAUfukiGcSOVtITEx/z5+FlEpi/T2X3JI/Uzk=";
in
(pkgs.callPackage ./manual-config.nix { }) {
version = "${version}-patos1";
diff --git a/pkgs/systemd/default.nix b/pkgs/systemd/default.nix
index a93fd76..db0b64c 100644
--- a/pkgs/systemd/default.nix
+++ b/pkgs/systemd/default.nix
@@ -27,7 +27,7 @@ stdenv.mkDerivation (finalAttrs: {
owner = "systemd";
repo = "systemd";
rev = "v${version}";
- hash = "sha256-6rxJUYRq785U6aik5VhQRqG+Ss67lBB6T3eQF+tkyhk=";
+ hash = "sha256-mn/JB/nrOz2TOobu2d+XBH2dVH3vn/HPvWN4Zz6s+SM=";
};
patches = [ ./skip-verify-esp.patch ];
From af2a063ff2dfed7b8270f72e1d4c6f856b8be7ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Wed, 7 May 2025 06:26:16 +0200
Subject: [PATCH 06/11] chore: kernel upgrade
---
pkgs/kernel/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/kernel/default.nix b/pkgs/kernel/default.nix
index dcd382d..703b612 100644
--- a/pkgs/kernel/default.nix
+++ b/pkgs/kernel/default.nix
@@ -1,7 +1,7 @@
{ pkgs }:
let
- version = "6.14.4";
- hash = "sha256-lFLyjXoAUfukiGcSOVtITEx/z5+FlEpi/T2X3JI/Uzk=";
+ version = "6.14.5";
+ hash = "sha256-KCB+xSu+qjUHAQrv+UT0QvfZ8isoa3nK9F7G3xsk9Ak=";
in
(pkgs.callPackage ./manual-config.nix { }) {
version = "${version}-patos1";
From 8ee40679fc722db4cce24f7f0eb4a1bb159c2a0f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Mon, 12 May 2025 19:40:51 +0200
Subject: [PATCH 07/11] chore: os update
---
flake.lock | 6 +++---
pkgs/kernel/default.nix | 4 ++--
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/flake.lock b/flake.lock
index bb33fd6..affeabc 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1746328495,
- "narHash": "sha256-uKCfuDs7ZM3QpCE/jnfubTg459CnKnJG/LwqEVEdEiw=",
+ "lastModified": 1746904237,
+ "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "979daf34c8cacebcd917d540070b52a3c2b9b16e",
+ "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956",
"type": "github"
},
"original": {
diff --git a/pkgs/kernel/default.nix b/pkgs/kernel/default.nix
index 703b612..6b8bb21 100644
--- a/pkgs/kernel/default.nix
+++ b/pkgs/kernel/default.nix
@@ -1,7 +1,7 @@
{ pkgs }:
let
- version = "6.14.5";
- hash = "sha256-KCB+xSu+qjUHAQrv+UT0QvfZ8isoa3nK9F7G3xsk9Ak=";
+ version = "6.14.6";
+ hash = "sha256-IYF/GZjiIw+B9+T2Bfpv3LBA4U+ifZnCfdsWznSXl6k=";
in
(pkgs.callPackage ./manual-config.nix { }) {
version = "${version}-patos1";
From 7c0d0a099dda8d253b0cefc031a6774fa3877301 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Tue, 20 May 2025 21:05:10 +0200
Subject: [PATCH 08/11] chore: nix flake update
---
flake.lock | 6 +++---
pkgs/kernel/default.nix | 4 ++--
pkgs/kexec-tools/default.nix | 4 ++--
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/flake.lock b/flake.lock
index affeabc..bac1c51 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1746904237,
- "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=",
+ "lastModified": 1747542820,
+ "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956",
+ "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043",
"type": "github"
},
"original": {
diff --git a/pkgs/kernel/default.nix b/pkgs/kernel/default.nix
index 6b8bb21..fcc8066 100644
--- a/pkgs/kernel/default.nix
+++ b/pkgs/kernel/default.nix
@@ -1,7 +1,7 @@
{ pkgs }:
let
- version = "6.14.6";
- hash = "sha256-IYF/GZjiIw+B9+T2Bfpv3LBA4U+ifZnCfdsWznSXl6k=";
+ version = "6.14.7";
+ hash = "sha256-gRIgK8JtCGlXqU0hCabc1EeMW6GNDwpeHF3+6gH1SXI=";
in
(pkgs.callPackage ./manual-config.nix { }) {
version = "${version}-patos1";
diff --git a/pkgs/kexec-tools/default.nix b/pkgs/kexec-tools/default.nix
index 4ba15ba..7454821 100644
--- a/pkgs/kexec-tools/default.nix
+++ b/pkgs/kexec-tools/default.nix
@@ -14,8 +14,8 @@ stdenv.mkDerivation {
src = fetchFromGitHub {
owner = "horms";
repo = "kexec-tools";
- rev = "a7fcd424c4c80dea5a2fd5ffa274ffeb8129c790";
- hash = "sha256-QKE+KCkueA21zNunTMidP9OuZaw0IG5tFDF4UJITTTQ=";
+ rev = "v2.0.31";
+ hash = "sha256-Tgmc8mFlmzzRj7tEaBes7Udw4fRl6cSfe76iPNa3Ffs=";
};
dontPatchShebangs = true;
From d42406c6dc611a0618c3eb5089ed72c1dfd94a63 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Wed, 21 May 2025 12:43:41 +0200
Subject: [PATCH 09/11] fix: sysupdate wont work with out systemd.volatile set
to overlay
---
flake.nix | 9 ++++++++-
pkgs/image/default.nix | 2 +-
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/flake.nix b/flake.nix
index 99fce5b..3567477 100644
--- a/flake.nix
+++ b/flake.nix
@@ -49,6 +49,13 @@
{ drv = pkgs.curl; path = "bin/curl"; }
{ drv = pkgs.bash; path = "bin/bash"; }
{ drv = patosPkgs.glibc; path = "bin/ldd"; }
+ { drv = pkgs.util-linux; path = "bin/sfdisk"; }
+ { drv = pkgs.readline.out; path = "lib/libreadline.so.8.2"; }
+ { drv = pkgs.readline.out; path = "lib/libreadline.so.8"; }
+ { drv = pkgs.readline.out; path = "lib/libhistory.so.8.2"; }
+ { drv = pkgs.readline.out; path = "lib/libhistory.so.8"; }
+ { drv = pkgs.ncurses.out; path = "/lib/libncursesw.so.6.5"; }
+ { drv = pkgs.ncurses.out; path = "/lib/libncursesw.so.6"; }
{ drv = pkgs.keyutils; path = "bin/keyctl"; }
{ drv = pkgs.gnutar; path = "bin/tar"; }
{ drv = pkgs.binutils-unwrapped; path = "bin/strings"; }
@@ -69,7 +76,7 @@
# shared lib required for binutils
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/libsframe.so.1.0.0"; }
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/libsframe.so.1"; }
- { drv = pkgs.binutils-unwrapped.lib; path = "lib/libbfd-2.43.1.so"; }
+ { drv = pkgs.binutils-unwrapped.lib; path = "lib/libbfd-2.44.so"; }
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/libbfd.so"; }
# shared lib required for strace
{ drv = pkgs.elfutils.out; path = "lib/libdw-0.192.so"; }
diff --git a/pkgs/image/default.nix b/pkgs/image/default.nix
index 05d9c72..f42e95d 100644
--- a/pkgs/image/default.nix
+++ b/pkgs/image/default.nix
@@ -30,7 +30,7 @@ runCommand pname {
SYSTEMD_REPART_MKFS_OPTIONS_EROFS = "--all-root -zlz4hc,12 -C1048576 -Efragments,dedupe,ztailpacking";
};
- kernelCmdLine = "console=ttyS0 patos.secureboot=${secureBoot}";
+ kernelCmdLine = "console=ttyS0 systemd.volatile=overlay patos.secureboot=${secureBoot}";
}
''
mkdir -p $out/init.repart.d $out/final.repart.d
From c883ff1cb2da53be1bc99ccd95021fd2b28e4e52 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Fri, 23 May 2025 13:14:12 +0200
Subject: [PATCH 10/11] Revert sysupdate fix due to a bug in systemd.
sysext need to be unmerged before sysupdate can be used.
https://github.com/systemd/systemd/pull/36617/
fix in main but not backported to stable yet.
---
pkgs/image/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/image/default.nix b/pkgs/image/default.nix
index f42e95d..05d9c72 100644
--- a/pkgs/image/default.nix
+++ b/pkgs/image/default.nix
@@ -30,7 +30,7 @@ runCommand pname {
SYSTEMD_REPART_MKFS_OPTIONS_EROFS = "--all-root -zlz4hc,12 -C1048576 -Efragments,dedupe,ztailpacking";
};
- kernelCmdLine = "console=ttyS0 systemd.volatile=overlay patos.secureboot=${secureBoot}";
+ kernelCmdLine = "console=ttyS0 patos.secureboot=${secureBoot}";
}
''
mkdir -p $out/init.repart.d $out/final.repart.d
From df4c60d87c5c3860556a9f51db4073541aeb689f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Sat, 24 May 2025 19:19:12 +0200
Subject: [PATCH 11/11] chore: kernel and systemd update
---
pkgs/kernel/default.nix | 4 ++--
pkgs/systemd/default.nix | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/kernel/default.nix b/pkgs/kernel/default.nix
index fcc8066..27e4055 100644
--- a/pkgs/kernel/default.nix
+++ b/pkgs/kernel/default.nix
@@ -1,7 +1,7 @@
{ pkgs }:
let
- version = "6.14.7";
- hash = "sha256-gRIgK8JtCGlXqU0hCabc1EeMW6GNDwpeHF3+6gH1SXI=";
+ version = "6.14.8";
+ hash = "sha256-YrEuzTB1o1frMgk1ZX3oTgFVKANxfa04P6fMOqSqKQU=";
in
(pkgs.callPackage ./manual-config.nix { }) {
version = "${version}-patos1";
diff --git a/pkgs/systemd/default.nix b/pkgs/systemd/default.nix
index db0b64c..fea417a 100644
--- a/pkgs/systemd/default.nix
+++ b/pkgs/systemd/default.nix
@@ -7,7 +7,7 @@
...
}:
let
- version = "257.5";
+ version = "257.6";
# Use the command below to update `releaseTimestamp` on every (major) version
# change. More details in the commentary at mesonFlags.