@@ -46,11 +46,13 @@ (define-module (gnu packages bootloaders)
#:use-module (gnu packages compression)
#:use-module (gnu packages cross-base)
#:use-module (gnu packages disk)
+ #:use-module (gnu packages efi)
#:use-module (gnu packages firmware)
#:use-module (gnu packages flex)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages gcc)
#:use-module (gnu packages gettext)
+ #:use-module (gnu packages gperf)
#:use-module (gnu packages linux)
#:use-module (gnu packages man)
#:use-module (gnu packages mtools)
@@ -71,11 +73,13 @@ (define-module (gnu packages bootloaders)
#:use-module (gnu packages valgrind)
#:use-module (gnu packages virtualization)
#:use-module (gnu packages xorg)
+ #:use-module (gnu packages python-crypto)
#:use-module (gnu packages python-web)
#:use-module (gnu packages python-xyz)
#:use-module (guix build-system gnu)
#:use-module (guix build-system meson)
#:use-module (guix build-system pyproject)
+ #:use-module (guix build-system python)
#:use-module (guix build-system trivial)
#:use-module (guix download)
#:use-module (guix gexp)
@@ -632,6 +636,96 @@ (define-public syslinux
;; Also contains:
license:expat license:isc license:zlib)))))
+(define systemd-version "255")
+(define systemd-source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/systemd/systemd")
+ (commit (string-append "v" systemd-version))))
+ (file-name (git-file-name "systemd" systemd-version))
+ (sha256
+ (base32
+ "1qdyw9g3jgvsbc1aryr11gpc3075w5pg00mqv4pyf3hwixxkwaq6"))))
+
+(define-public (systemd-stub-name)
+ (let ((arch (cond ((target-x86-32?) "ia32")
+ ((target-x86-64?) "x64")
+ ((target-arm32?) "arm")
+ ((target-aarch64?) "aa64")
+ ((target-riscv64?) "riscv64"))))
+ (string-append "linux" arch ".efi.stub")))
+
+(define-public systemd-stub
+ (package
+ (name "systemd-stub")
+ (version systemd-version)
+ (source systemd-source)
+ (build-system meson-build-system)
+ (arguments
+ (list
+ #:configure-flags
+ `(list "-Defi=true" "-Dsbat-distro=guix"
+ "-Dsbat-distro-generation=1" ; package revision!
+ "-Dsbat-distro-summary=Guix System"
+ "-Dsbat-distro-url=https://guix.gnu.org"
+ ,(string-append "-Dsbat-distro-pkgname=" name)
+ ,(string-append "-Dsbat-distro-version=" version))
+ #:phases
+ #~(let ((stub #$(string-append "src/boot/efi/" (systemd-stub-name))))
+ (modify-phases %standard-phases
+ (replace 'build
+ (lambda* (#:key parallel-build? #:allow-other-keys)
+ (invoke "ninja" stub
+ "-j" (if parallel-build?
+ (number->string (parallel-job-count)) "1"))))
+ (replace 'install
+ (lambda _
+ (install-file stub (string-append #$output "/libexec"))))
+ (delete 'check)))))
+ (inputs (list libcap python-pyelftools `(,util-linux "lib")))
+ (native-inputs (list gperf pkg-config python-3 python-jinja2))
+ (home-page "https://systemd.io")
+ (synopsis "Unified kernel image UEFI stub")
+ (description "Simple UEFi boot stub that loads a conjoined kernel image and
+supporting data to their proper locations, before chainloading to the kernel.
+Supports measured and/or verified boot environments.")
+ (license license:lgpl2.1+)))
+
+(define-public ukify
+ (package
+ (name "ukify")
+ (version systemd-version)
+ (source systemd-source)
+ (build-system python-build-system)
+ (arguments
+ (list #:phases
+ #~(modify-phases %standard-phases
+ (replace 'build
+ (lambda _
+ (substitute* "src/ukify/ukify.py" ; added in python 3.11
+ (("datetime\\.UTC") "datetime.timezone.utc"))))
+ (delete 'check)
+ (replace 'install
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((bin (string-append #$output "/bin"))
+ (file (string-append bin "/ukify"))
+ (binutils (assoc-ref inputs "binutils"))
+ (sbsign (assoc-ref inputs "sbsigntools")))
+ (mkdir-p bin)
+ (copy-file "src/ukify/ukify.py" file)
+ (wrap-program file
+ `("PATH" ":" prefix
+ (,(string-append binutils "/bin")
+ ,(string-append sbsign "/bin"))))))))))
+ (inputs (list binutils python-cryptography python-pefile sbsigntools))
+ (home-page "https://systemd.io")
+ (synopsis "Unified kernel image UEFI tool")
+ (description "@command{ukify} joins together a UKI stub, linux kernel, initrd,
+kernel arguments, and optional secure boot signatures into a single, UEFI-bootable
+image.")
+ (license license:lgpl2.1+)))
+
(define-public dtc
(package
(name "dtc")