Patagia/patos
Patagia/patos
1
1
Code Issues4 Pull requests6 Activity

WIP: feat(linux-firmware): initial packaging of linux firmware #20

Draft
lsjostro wants to merge 1 commit from lsjostro/push-rnnuotszkyzm into main
Conversation 0 Commits 1 Files changed 4 +241 -29
4 changed files with 241 additions and 29 deletions
Showing only changes of commit 2894de6b45 - Show all commits

151
flake.nix
View file

@ -25,10 +25,19 @@
{
packages = {
default = patosPkgs.image;
image = pkgs.callPackage ./pkgs/image { inherit patosPkgs version updateUrl cpuArch secureBoot; };
image = pkgs.callPackage ./pkgs/image {
inherit
patosPkgs
version
updateUrl
cpuArch
secureBoot
;
};
rootfs = pkgs.callPackage ./pkgs/rootfs/mkrootfs.nix { inherit patosPkgs version; };
initrd = pkgs.callPackage ./pkgs/rootfs/mkinitrd.nix { inherit patosPkgs version; };
kernel = pkgs.callPackage ./pkgs/kernel { };
linux-firmware = pkgs.callPackage ./pkgs/linux-firmware { };
glibc = pkgs.callPackage ./pkgs/glibc { };
busybox = pkgs.callPackage ./pkgs/busybox { };
openssl = pkgs.callPackage ./pkgs/openssl { };
@ -46,38 +55,122 @@
name = "debug-tools";
version = "0.0.1";
packages = [
{ drv = pkgs.curl; path = "bin/curl"; }
{ drv = pkgs.bash; path = "bin/bash"; }
{ drv = patosPkgs.glibc; path = "bin/ldd"; }
{ drv = pkgs.keyutils; path = "bin/keyctl"; }
{ drv = pkgs.gnutar; path = "bin/tar"; }
{ drv = pkgs.binutils-unwrapped; path = "bin/strings"; }
{ drv = pkgs.strace; path = "bin/strace"; }
{ drv = patosPkgs.tpm2-tools; path = "bin/tpm2"; }
{ drv = patosPkgs.openssl; path = "bin/openssl"; }
{ drv = pkgs.cryptsetup; path = "bin/cryptsetup"; }
{ drv = pkgs.cryptsetup; path = "bin/veritysetup"; }
{ drv = pkgs.erofs-utils; path = "bin/mkfs.erofs"; }
{
drv = pkgs.curl;
path = "bin/curl";
}
{
drv = pkgs.bash;
path = "bin/bash";
}
{
drv = patosPkgs.glibc;
path = "bin/ldd";
}
{
drv = pkgs.keyutils;
path = "bin/keyctl";
}
{
drv = pkgs.gnutar;
path = "bin/tar";
}
{
drv = pkgs.binutils-unwrapped;
path = "bin/strings";
}
{
drv = pkgs.strace;
path = "bin/strace";
}
{
drv = patosPkgs.tpm2-tools;
path = "bin/tpm2";
}
{
drv = patosPkgs.openssl;
path = "bin/openssl";
}
{
drv = pkgs.cryptsetup;
path = "bin/cryptsetup";
}
{
drv = pkgs.cryptsetup;
path = "bin/veritysetup";
}
{
drv = pkgs.erofs-utils;
path = "bin/mkfs.erofs";
}
# shared lib required for cryptsetup
{ drv = pkgs.popt; path = "lib/libpopt.so.0.0.2"; }
{ drv = pkgs.popt; path = "lib/libpopt.so.0"; }
{ drv = pkgs.popt; path = "lib/libpopt.so"; }
{
drv = pkgs.popt;
path = "lib/libpopt.so.0.0.2";
}
{
drv = pkgs.popt;
path = "lib/libpopt.so.0";
}
{
drv = pkgs.popt;
path = "lib/libpopt.so";
}
# shared lib required for mkfs.erofs
{ drv = pkgs.lz4.lib; path = "lib/liblz4.so.1.10.0"; }
{ drv = pkgs.lz4.lib; path = "lib/liblz4.so.1"; }
{ drv = pkgs.lz4.lib; path = "lib/liblz4.so"; }
{
drv = pkgs.lz4.lib;
path = "lib/liblz4.so.1.10.0";
}
{
drv = pkgs.lz4.lib;
path = "lib/liblz4.so.1";
}
{
drv = pkgs.lz4.lib;
path = "lib/liblz4.so";
}
# shared lib required for binutils
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/libsframe.so.1.0.0"; }
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/libsframe.so.1"; }
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/libbfd-2.43.1.so"; }
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/libbfd.so"; }
{
drv = pkgs.binutils-unwrapped.lib;
path = "lib/libsframe.so.1.0.0";
}
{
drv = pkgs.binutils-unwrapped.lib;
path = "lib/libsframe.so.1";
}
{
drv = pkgs.binutils-unwrapped.lib;
path = "lib/libbfd-2.43.1.so";
}
{
drv = pkgs.binutils-unwrapped.lib;
path = "lib/libbfd.so";
}
# shared lib required for strace
{ drv = pkgs.elfutils.out; path = "lib/libdw-0.192.so"; }
{ drv = pkgs.elfutils.out; path = "lib/libdw.so.1"; }
{ drv = pkgs.elfutils.out; path = "lib/libdw.so"; }
{ drv = pkgs.elfutils.out; path = "lib/libelf-0.192.so"; }
{ drv = pkgs.elfutils.out; path = "lib/libelf.so.1"; }
{ drv = pkgs.elfutils.out; path = "lib/libelf.so"; }
{
drv = pkgs.elfutils.out;
path = "lib/libdw-0.192.so";
}
{
drv = pkgs.elfutils.out;
path = "lib/libdw.so.1";
}
{
drv = pkgs.elfutils.out;
path = "lib/libdw.so";
}
{
drv = pkgs.elfutils.out;
path = "lib/libelf-0.192.so";
}
{
drv = pkgs.elfutils.out;
path = "lib/libelf.so.1";
}
{
drv = pkgs.elfutils.out;
path = "lib/libelf.so";
}
];
};
};

22
foo.sh Executable file
View file

@ -0,0 +1,22 @@
#!/usr/bin/env bash
out=/tmp/build
_pick() {
local p="$1" f d; shift
for f; do
d="$out/$p/${f#$out/}"
echo mkdir -p "$(dirname "$d")"
echo mv "$f" "$d"
echo rm -rf "$f"
echo mkfs.erofs --all-root -Efragments,dedupe,ztailpacking $out/$p.raw $p
echo veritysetup format --root-hash-file $out/$p.roothash $out/$p.raw $out/$p.verity
done
}
# _pick amd-ucode usr/lib/firmware/amd-ucode
# _pick linux-firmware-nfp usr/lib/firmware/netronome
# _pick linux-firmware-marvell usr/lib/firmware/{libertas,mwl8k,mwlwifi,mrvl}
_pick linux-firmware-qlogic usr/lib/firmware/{qlogic,qed,ql2???_*,c{b,t,t2}fw-*}
# _pick linux-firmware-base usr/lib/firmware

38
pkgs/linux-firmware/default.nix Normal file
View file

@ -0,0 +1,38 @@
{
stdenv,
pkgs,
}:
stdenv.mkDerivation {
pname = pkgs.linux-firmware.name;
version = pkgs.linux-firmware.version;
src = pkgs.linux-firmware.src;
buildInputs = with pkgs; [
erofs-utils
cryptsetup
];
nativeBuildInputs = with pkgs; [
python3
rdfind
which
zstd
];
noBrokenSymlinks = true;
installTargets = [
"install-zst"
"dedup"
];
# inspo: https://gitlab.archlinux.org/archlinux/packaging/packages/linux-firmware/-/blob/main/PKGBUILD?ref_type=heads#L93
makeFlags = [
"DESTDIR=$(out)"
"ZSTD_CLEVEL=19"
"FIRMWAREDIR=/usr/lib/firmware"
];
postInstall = ./post-install.sh;
}

59
pkgs/linux-firmware/post-install.sh Executable file
View file

@ -0,0 +1,59 @@
set -ex -uo pipefail
_pick() {
local p="$1" f d; shift
for f; do
d="$out/$p/${f#$out/}"
mkdir -p "$(dirname "$d")"
mv $out/"$f" "$d"
rm -rf $out/"$f"
done
}
_package() {
local p="$1"
mkdir -p $out/$p/usr/lib/extension-release.d
cat << EOF > $out/$p/usr/lib/extension-release.d/extension-release.$p
ID=patos
IMAGE_ID=$p
IMAGE_VERSION=$version
VERSION_ID=patos
EOF
mkfs.erofs --all-root -Efragments,dedupe,ztailpacking $out/$p.raw $out/$p
veritysetup format --root-hash-file $out/$p.roothash $out/$p.raw $out/$p.verity
}
# remove arm64 firmware https://bugs.archlinux.org/task/76583
rm $out/usr/lib/firmware/mrvl/prestera/mvsw_prestera_fw_arm64-v4.1.img.zst
_pick amd-ucode usr/lib/firmware/amd-ucode
_package amd-ucode
_pick linux-firmware-nfp usr/lib/firmware/netronome
_package linux-firmware-nfp
_pick linux-firmware-mellanox usr/lib/firmware/mellanox
_package linux-firmware-mellanox
_pick linux-firmware-marvell usr/lib/firmware/{libertas,mwl8k,mwlwifi,mrvl}
_package linux-firmware-marvell
_pick linux-firmware-qcom usr/lib/firmware/qcom
_package linux-firmware-qcom
_pick linux-firmware-liquidio usr/lib/firmware/liquidio
_package linux-firmware-liquidio
# _pick linux-firmware-qlogic usr/lib/firmware/{qlogic,qed,ql2???_*,c{b,t,t2}fw-*}
# _package linux-firmware-qlogic
# _pick linux-firmware-bnx2x usr/lib/firmware/bnx2x*
# _package linux-firmware-bnx2x
# and the rest is base firmware
_pick linux-firmware usr/lib/firmware
_package linux-firmware
# clean up
# rm -rf $out/usr