From 435a72e46910ae7536e824fd0fa9fb1becdeefec Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Mon, 23 Dec 2024 11:10:28 +0100 Subject: [PATCH] nixos/grub: generate BLS entries --- .../modules/system/boot/loader/grub/grub.nix | 14 ++++ .../system/boot/loader/grub/install-grub.pl | 77 ++++++++++++++++++- 2 files changed, 89 insertions(+), 2 deletions(-) diff --git a/nixos/modules/system/boot/loader/grub/grub.nix b/nixos/modules/system/boot/loader/grub/grub.nix index 72e8e4c0d081..febd059033dd 100644 --- a/nixos/modules/system/boot/loader/grub/grub.nix +++ b/nixos/modules/system/boot/loader/grub/grub.nix @@ -50,6 +50,10 @@ let then realGrub.override { efiSupport = cfg.efiSupport; } else null; + bootPath = if cfg.mirroredBoots != [ ] + then (builtins.head cfg.mirroredBoots).path + else "/boot"; + f = x: optionalString (x != null) ("" + x); grubConfig = args: @@ -756,6 +760,16 @@ in environment.systemPackages = mkIf (grub != null) [ grub ]; + # Link /boot under /run/boot-loder-entries to make + # systemd happy even on non-EFI system + systemd.mounts = lib.optional (!cfg.efiSupport) { + what = bootPath; + where = "/run/boot-loader-entries"; + type = "none"; + options = "bind"; + requiredBy = [ "local-fs.target" ]; + }; + boot.loader.grub.extraPrepareConfig = concatStrings (mapAttrsToList (n: v: '' ${pkgs.coreutils}/bin/install -Dp "${v}" "${efi.efiSysMountPoint}/"${escapeShellArg n} diff --git a/nixos/modules/system/boot/loader/grub/install-grub.pl b/nixos/modules/system/boot/loader/grub/install-grub.pl index f5ae844da21f..99b2a766a5d0 100644 --- a/nixos/modules/system/boot/loader/grub/install-grub.pl +++ b/nixos/modules/system/boot/loader/grub/install-grub.pl @@ -99,7 +99,15 @@ $ENV{'PATH'} = get("path"); print STDERR "updating GRUB 2 menu...\n"; -make_path("$bootPath/grub", { mode => 0700 }); +# Make GRUB directory +make_path("$bootPath/grub", { mode => 0700 }); + +# Make BLS entries directory, see addBLSEntry +make_path("$bootPath/loader/entries", { mode => 0700 }); +writeFile("$bootPath/loader/entries.srel", "type1"); + +# and a temporary one for new entries +make_path("$bootPath/loader/entries.tmp", { mode => 0700 }); # Discover whether the bootPath is on the same filesystem as / and # /nix/store. If not, then all kernels and initrds must be copied to @@ -460,6 +468,7 @@ sub copyToKernelsDir { } sub addEntry { + # Creates a Grub menu entry for a given system my ($name, $path, $options, $current) = @_; return unless -e "$path/kernel" && -e "$path/initrd"; @@ -521,6 +530,58 @@ sub addEntry { $conf .= "}\n\n"; } +sub addBLSEntry { + # Creates a Boot Loader Specification[1] entry for a given system. + # The information contained in the entry mirrors a boot entry in GRUB menu. + # + # [1]: https://uapi-group.org/specifications/specs/boot_loader_specification + my ($prof, $spec, $gen, $link) = @_; + + # collect data from system + my %bootspec = %{decode_json(readFile("$link/boot.json"))->{"org.nixos.bootspec.v1"}}; + my $date = strftime("%F", localtime(lstat($link)->mtime)); + my $kernel = $bootspec{kernel} =~ s@$storePath/@@r =~ s@/@-@r; + my $initrd = $bootspec{initrd} =~ s@$storePath/@@r =~ s@/@-@r; + my $kernelParams = readFile("$link/kernel-params"); + my $machineId = readFile("/etc/machine-id"); + + if ($grubEfi eq "" && !$copyKernels) { + # workaround for https://github.com/systemd/systemd/issues/35729 + make_path("$bootPath/kernels", { mode => 0755 }); + symlink($bootspec{kernel}, "$bootPath/kernels/$kernel"); + symlink($bootspec{initrd}, "$bootPath/kernels/$initrd"); + $copied{"$bootPath/kernels/$kernel"} = 1; + $copied{"$bootPath/kernels/$initrd"} = 1; + } + + # fill in the entry + my $extras = join(' ', $prof = $prof ne "system" ? " [$prof] " : "", + $spec = $spec ne "" ? " ($spec) " : ""); + my $entry = <<~END; + title @distroName@$extras + sort-key nixos + version Generation $gen $bootspec{label}, built on $date + linux kernels/$kernel + initrd kernels/$initrd + options init=$bootspec{init} $kernelParams + END + $entry .= "machine-id $machineId" if defined $machineId; + + # entry file basename + my $name = join("-", grep { length $_ > 0 } + "nixos", $prof ne "system" ? $prof : "", + "generation", $gen, + $spec ? "specialisation-$spec" : ""); + + # write entry to the temp directory + writeFile("$bootPath/loader/entries.tmp/$name.conf", $entry); + + # mark the default entry + if (readlink($link) eq $defaultConfig) { + writeFile("$bootPath/loader/loader.conf", "default $name.conf"); + } +} + sub addGeneration { my ($name, $nameSuffix, $path, $options, $current) = @_; @@ -592,12 +653,18 @@ sub addProfile { warn "skipping corrupt system profile entry ‘$link’\n"; next; } + my $gen = nrFromGen($link); my $date = strftime("%F", localtime(lstat($link)->mtime)); my $version = -e "$link/nixos-version" ? readFile("$link/nixos-version") : basename((glob(dirname(Cwd::abs_path("$link/kernel")) . "/lib/modules/*"))[0]); - addGeneration("@distroName@ - Configuration " . nrFromGen($link), " ($date - $version)", $link, $subEntryOptions, 0); + addGeneration("@distroName@ - Configuration " . $gen, " ($date - $version)", $link, $subEntryOptions, 0); + + addBLSEntry(basename($profile), "", $gen, $link); + foreach my $spec (glob "$link/specialisation/*") { + addBLSEntry(basename($profile), $spec, $gen, $spec); + } } $conf .= "}\n"; @@ -611,6 +678,12 @@ for my $profile (glob "/nix/var/nix/profiles/system-profiles/*") { addProfile $profile, "@distroName@ - Profile '$name'"; } +# Atomically replace the BLS entries directory +my $entriesDir = "$bootPath/loader/entries"; +rename $entriesDir, "$entriesDir.bak" or die "cannot rename $entriesDir to $entriesDir.bak: $!\n"; +rename "$entriesDir.tmp", $entriesDir or die "cannot rename $entriesDir.tmp to $entriesDir: $!\n"; +rmtree "$entriesDir.bak" or die "cannot remove $entriesDir.bak: $!\n"; + # extraPrepareConfig could refer to @bootPath@, which we have to substitute $extraPrepareConfig =~ s/\@bootPath\@/$bootPath/g;