Message ID | cover.1706435500.git.lilah@lunabee.space |
---|---|
Headers | show |
Series | Support root encryption and secure boot. | expand |
Hi Lilah, On Sun, 28 Jan 2024 17:51:38 +0800, Lilah Tascheter via Guix-patches wrote: > > Thank you so much Herman, that motherfucking typo was what made my old-entries > testing not work. I reworked the majority of the install-uki.scm code, and now > uefi-uki-bootloader and uefi-uki-signed-bootloader support generation rollback! > Slightly jank, but it works. On install, we pretty much just cram as many > generations into the ESP as possible. ESPs are typically small, so we can't > assume that we can fit more than one UKI, so if we can't fit every extent > generation we just exit early. > > We also don't waste space on root by adding each UKI to the store anymore. > They're all generated at install time. Added slightly more documentation too. > > Otherwise, fixed everything Herman pointed out! > > Decided not to add a manual section on manually running /boot/install-uki.scm > though. It's more of a quirk of getting around guix's bootloader assumptions > than meant to be run that way; I don't know if it's a good idea to direct > attention to it. I mean it Works, but it's more of a quick hack. > > Lilah Tascheter (2): > gnu: bootloaders: Add uki packages. > gnu: bootloaders: Add uefi-uki-bootloader. > > doc/guix.texi | 45 ++++++++---- > gnu/bootloader/uki.scm | 129 +++++++++++++++++++++++++++++++++++ > gnu/local.mk | 1 + > gnu/packages/bootloaders.scm | 95 ++++++++++++++++++++++++++ > 4 files changed, 258 insertions(+), 12 deletions(-) > create mode 100644 gnu/bootloader/uki.scm > > > base-commit: 2823253484e49391c6ba3c653a2f9e9f5e5f38ae > -- > 2.41.0 Nicely done! I have tested ‘uefi-uki-bootloader’, and it works! But currently ‘uefi-uki-bootloader’ doesn't match generation switching well, and ‘uefi-uki-signed-bootloader’ as a procedure further breaks that, right? I think these issues have to be addressed to get the series merged. Reviews are coming later. Thanks