guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#68524] [PATCH 2/2] gnu: bootloaders: Add uefi-uki-bootloader.

From: Herman Rimm
Subject: [bug#68524] [PATCH 2/2] gnu: bootloaders: Add uefi-uki-bootloader.
Date: Thu, 25 Jan 2024 11:03:57 +0100 
Hello,

On Tue, Jan 16, 2024 at 10:48:11PM -0600, Lilah Tascheter wrote:
> * doc/guix.texi (Bootloader Configuration)[bootloader,targets]: Document
>   uefi-uki-bootloader and uefi-uki-signed-bootloader.
> * gnu/bootloader/uki.scm: New file.
Remember to note your copyright and register new files in gnu/local.mk.

> +(define* (uefi-uki-configuration-file #:optional cert privkey)
> +  (lambda* (config entries #:key (old-entires '()) #:allow-other-keys)
old-entries got mistyped as old-entires.
> +    (define (menu-entry->uki e)
> +      (define stub (file-append systemd-stub "/libexec/" 
> (systemd-stub-name)))
Can you have systemd-stub be an argument of uefi-uki-configuration-file?

> +            (when (file-exists? schema)
> +              (call-with-input-file schema
> +                (lambda (port)
> +                  (for-each (lambda (l)
> +                              (unless (string-null? l)
> +                                (system* efibootmgr "-B" "-L" l)))
You can make this quiet.

> +                              (invoke efibootmgr "-c" "-L" label "-d" disk 
> "-l"
Maybe this too?

> +(define install-uefi-uki
> +  #~(lambda (bootloader target mount-point)
Get systemd-stub from bootloader with bootloader-package.
> +      (invoke (string-append mount-point "/boot/install-uki.scm")
> +              (string-append mount-point target))))
The way GRUB does it, if mount-point/boot/efi does not exist, try
install to /boot/efi in case the ESP got mounted there. Personally, I
think it's okay to only try install to mount-point/boot/efi.

> +(define-public uefi-uki-bootloader (make-uefi-uki-bootloader))
> +;; use ukify genkey to generate cert and privkey. DO NOT include in store.
> +(define-public (uefi-uki-signed-bootloader cert privkey)
> +  (make-uefi-uki-bootloader cert privkey))
Can you use define instead and export the bootloaders in define-module?
I expect define-public procedures in package modules which would have to
use an export procedure with many arguments otherwise.

The install-uki.scm config file is a nice idea. It can be used to
regenerate the UKI and corresponding UEFI boot entry. Now that I think
about it, can that be included as an example? Like:

  uefi-uki-bootloader installs install-uki.scm to /boot, you can use it
  to (re)create the UKI manually: sudo ./install-uki.scm /boot/efi/. If
  you need to chroot to an existing system on /mnt, mount efivars first:
  mount --bind /sys/firmware/efi/efivars /mnt/sys/firmware/efi/efivars.
  This is required for efibootmgr to (re)install the UEFI entry for the
  corresponding UKI.

This bootloader has been very useful to me. I could easily chainload the
UKI from an install image GRUB, whenever I messed up the UEFI boot entry
for the EFI stub bootloader I'm working on.

Thank you,
Herman
reply via email to
[Prev in Thread] Current Thread [Next in Thread]