commit c0dcc49d242daa954448cd4d80d0b252aa3aa30d · pyrox.dev/nixpkgs

+27 -8

nixos/modules/virtualisation/xen-boot-builder.sh

···

       3
       3
        
       

     

       4
       4
        
       export LC_ALL=C

     

       5
       5
        
       

     

       6
       6
       -
       # Handle input argument and exit if the flag is invalid. See virtualisation.xen.efi.bootBuilderVerbosity below.

     

       7
       7
       -
       [[ $# -ne 1 ]] && echo -e "\e[1;31merror:\e[0m xenBootBuilder must be called with exactly one verbosity argument. See the \e[1;34mvirtualisation.xen.efi.bootBuilderVerbosity\e[0m option." && exit 1

     

       6
       6
       +
       # Handle input argument and exit if the flag is invalid. See virtualisation.xen.boot.builderVerbosity below.

     

       7
       7
       +
       [[ $# -ne 1 ]] && echo -e "\e[1;31merror:\e[0m xenBootBuilder must be called with exactly one verbosity argument. See the \e[1;34mvirtualisation.xen.boot.builderVerbosity\e[0m option." && exit 1

     

       8
       8
       +
       

     

       8
       9
        
       case "$1" in

     

       9
       10
        
           "quiet") true ;;

     

       10
       11
        
           "default" | "info") echo -n "Installing Xen Project Hypervisor boot entries..." ;;

     

       11
       12
        
           "debug") echo -e "\e[1;34mxenBootBuilder:\e[0m called with the '$1' flag" ;;

     

       12
       13
        
           *)

     

       13
       13
       -
               echo -e "\e[1;31merror:\e[0m xenBootBuilder was called with an invalid argument. See the \e[1;34mvirtualisation.xen.efi.bootBuilderVerbosity\e[0m option."

     

       14
       14
       +
               echo -e "\e[1;31merror:\e[0m xenBootBuilder was called with an invalid argument. See the \e[1;34mvirtualisation.xen.boot.builderVerbosity\e[0m option."

     

       14
       15
        
               exit 2

     

       15
       16
        
               ;;

     

       16
       17
        
       esac

     
···

       46
       47
        
       

     

       47
       48
        
           # We do nothing if the Bootspec for the current $gen does not contain the Xen

     

       48
       49
        
           # extension, which is added as a configuration attribute below.

     

       50
       50
       +
           # We determine this by checking for the v1 or v2 bootspec extension,

     

       51
       51
       +
           # and setting the appropriate attributes based on version

     

       52
       52
       +
           xenSpecVer=""

     

       53
       53
       +
           xenParamVar=""

     

       54
       54
       +
           xenEfiPath=""

     

       49
       55
        
           if grep -sq '"org.xenproject.bootspec.v1"' "$bootspecFile"; then

     

       50
       50
       -
               [ "$1" = "debug" ] && echo -e "                \e[1;32msuccess:\e[0m found Xen entries in $gen."

     

       56
       56
       +
               xenSpecVer="v1"

     

       57
       57
       +
               xenParamVar="xenParams"

     

       58
       58
       +
               xenEfiPath="xen"

     

       59
       59
       +
           fi

     

       60
       60
       +
           # We prefer the v2 extension, so if both are present somehow,

     

       61
       61
       +
           # we will use the v2 attributes

     

       62
       62
       +
           if grep -sq '"org.xenproject.bootspec.v2"' "$bootspecFile"; then

     

       63
       63
       +
               xenSpecVer="v2"

     

       64
       64
       +
               xenParamVar="params"

     

       65
       65
       +
               xenEfiPath="efiPath"

     

       66
       66
       +
           fi

     

       67
       67
       +
           # Check for a valid Xen spec being detected

     

       68
       68
       +
           if [ -n "$xenSpecVer" ]; then

     

       69
       69
       +
               [ "$1" = "debug" ] && echo -e "                \e[1;32msuccess:\e[0m found $xenSpecVer Xen entries in $gen."

     

       51
       70
        
       

     

       52
       71
        
               # TODO: Support DeviceTree booting. Xen has some special handling for DeviceTree

     

       53
       72
        
               # attributes, which will need to be translated in a boot script similar to this

     
···

       63
       82
        
               # the corresponding nixos generation, substituting `nixos` with `xen`:

     

       64
       83
        
               # `xen-$profile-generation-$number-specialisation-$specialisation.{cfg,conf}`

     

       65
       84
        
               xenGen=$(echo "$gen" | sed 's_/loader/entries/nixos_/loader/entries/xen_g;s_^.*/xen_xen_g;s_.conf$__g')

     

       66
       66
       -
               bootParams=$(jq -re '."org.xenproject.bootspec.v1".xenParams | join(" ")' "$bootspecFile")

     

       85
       85
       +
               bootParams=$(jq -re ".\"org.xenproject.bootspec.$xenSpecVer\".$xenParamVar | join(\" \")" "$bootspecFile")

     

       67
       86
        
               kernel=$(jq -re '."org.nixos.bootspec.v1".kernel | sub("^/nix/store/"; "") | sub("/bzImage"; "-bzImage.efi")' "$bootspecFile")

     

       68
       87
        
               kernelParams=$(jq -re '."org.nixos.bootspec.v1".kernelParams | join(" ")' "$bootspecFile")

     

       69
       88
        
               initrd=$(jq -re '."org.nixos.bootspec.v1".initrd | sub("^/nix/store/"; "") | sub("/initrd"; "-initrd.efi")' "$bootspecFile")

     
···

       90
       109
        
               # Create Xen UKI for $generation. Most of this is lifted from

     

       91
       110
        
               # https://xenbits.xenproject.org/docs/unstable/misc/efi.html.

     

       92
       111
        
               [ "$1" = "debug" ] && echo -e "\e[1;34mxenBootBuilder:\e[0m making Xen UKI..."

     

       93
       93
       -
               xenEfi=$(jq -re '."org.xenproject.bootspec.v1".xen' "$bootspecFile")

     

       112
       112
       +
               xenEfi=$(jq -re ".\"org.xenproject.bootspec.$xenSpecVer\".$xenEfiPath" "$bootspecFile")

     

       94
       113
        
               finalSection=$(objdump --header --wide "$xenEfi" | tail -n +6 | sort --key="4,4" | tail -n 1 | grep -Eo '\.[a-z]*')

     

       95
       114
        
               padding=$(objdump --header --section="$finalSection" "$xenEfi" | awk -v section="$finalSection" '$0 ~ section { printf("0x%016x\n", and(strtonum("0x"$3) + strtonum("0x"$4) + 0xfff, compl(0xfff)))};')

     

       96
       115
        
               [ "$1" = "debug" ] && echo "               - padding: $padding"

     
···

       133
       152
        
       # any hypervisor boot entries.

     

       134
       153
        
       if ((${#postGenerations[@]} == 0)); then

     

       135
       154
        
           case "$1" in

     

       136
       136
       -
               "default" | "info") echo "none found." && echo -e "If you believe this is an error, set the \e[1;34mvirtualisation.xen.efi.bootBuilderVerbosity\e[0m option to \e[1;34m\"debug\"\e[0m and rebuild to print debug logs." ;;

     

       137
       137
       -
               "debug") echo -e "\e[1;34mxenBootBuilder:\e[0m wrote \e[1;31mno generations\e[0m. Most likely, there were no generations with a valid \e[1;34morg.xenproject.bootspec.v1\e[0m entry." ;;

     

       155
       155
       +
               "default" | "info") echo "none found." && echo -e "If you believe this is an error, set the \e[1;34mvirtualisation.xen.boot.builderVerbosity\e[0m option to \e[1;34m\"debug\"\e[0m and rebuild to print debug logs." ;;

     

       156
       156
       +
               "debug") echo -e "\e[1;34mxenBootBuilder:\e[0m wrote \e[1;31mno generations\e[0m. Most likely, there were no generations with a valid \e[1;34morg.xenproject.bootspec.v1\e[0m or \e[1;34morg.xenproject.bootspec.v2\e[0m entry." ;;

     

       138
       157
        
           esac

     

       139
       158
        
       

     

       140
       159
        
       # If the script is successful, change the default boot, say "done.", write a

+108 -41

nixos/modules/virtualisation/xen-dom0.nix

···

       51
       51
        
               gnused

     

       52
       52
        
               jq

     

       53
       53
        
             ])

     

       54
       54
       -
             ++ optionals (cfg.efi.bootBuilderVerbosity == "info") (

     

       54
       54
       +
             ++ optionals (cfg.boot.builderVerbosity == "info") (

     

       55
       55
        
               with pkgs;

     

       56
       56
        
               [

     

       57
       57
        
                 bat

     
···

       146
       146
        
               "path"

     

       147
       147
        
             ]

     

       148
       148
        
           )

     

       149
       149
       +
           (mkRenamedOptionModule

     

       150
       150
       +
             [

     

       151
       151
       +
               "virtualisation"

     

       152
       152
       +
               "xen"

     

       153
       153
       +
               "efi"

     

       154
       154
       +
               "bootBuilderVerbosity"

     

       155
       155
       +
             ]

     

       156
       156
       +
             [

     

       157
       157
       +
               "virtualisation"

     

       158
       158
       +
               "xen"

     

       159
       159
       +
               "boot"

     

       160
       160
       +
               "builderVerbosity"

     

       161
       161
       +
             ]

     

       162
       162
       +
           )

     

       163
       163
       +
           (mkRenamedOptionModule

     

       164
       164
       +
             [

     

       165
       165
       +
               "virtualisation"

     

       166
       166
       +
               "xen"

     

       167
       167
       +
               "bootParams"

     

       168
       168
       +
             ]

     

       169
       169
       +
             [

     

       170
       170
       +
               "virtualisation"

     

       171
       171
       +
               "xen"

     

       172
       172
       +
               "boot"

     

       173
       173
       +
               "params"

     

       174
       174
       +
             ]

     

       175
       175
       +
           )

     

       176
       176
       +
           (mkRenamedOptionModule

     

       177
       177
       +
             [

     

       178
       178
       +
               "virtualisation"

     

       179
       179
       +
               "xen"

     

       180
       180
       +
               "efi"

     

       181
       181
       +
               "path"

     

       182
       182
       +
             ]

     

       183
       183
       +
             [

     

       184
       184
       +
               "virtualisation"

     

       185
       185
       +
               "xen"

     

       186
       186
       +
               "boot"

     

       187
       187
       +
               "efi"

     

       188
       188
       +
               "path"

     

       189
       189
       +
             ]

     

       190
       190
       +
           )

     

       149
       191
        
         ];

     

       150
       192
        
       

     

       151
       193
        
         ## Interface ##

     
···

       178
       220
        
             };

     

       179
       221
        
           };

     

       180
       222
        
       

     

       181
       181
       -
           bootParams = mkOption {

     

       182
       182
       -
             default = [ ];

     

       183
       183
       -
             example = ''

     

       184
       184
       -
               [

     

       185
       185
       -
                 "iommu=force:true,qinval:true,debug:true"

     

       186
       186
       -
                 "noreboot=true"

     

       187
       187
       -
                 "vga=ask"

     

       188
       188
       -
               ]

     

       189
       189
       -
             '';

     

       190
       190
       -
             type = listOf str;

     

       191
       191
       -
             description = ''

     

       192
       192
       -
               Xen Command Line parameters passed to Domain 0 at boot time.

     

       193
       193
       -
               Note: these are different from `boot.kernelParams`. See

     

       194
       194
       -
               the [Xen documentation](https://xenbits.xenproject.org/docs/unstable/misc/xen-command-line.html) for more information.

     

       195
       195
       -
             '';

     

       196
       196
       -
           };

     

       197
       197
       -
       

     

       198
       198
       -
           efi = {

     

       199
       199
       -
             bootBuilderVerbosity = mkOption {

     

       223
       223
       +
           boot = {

     

       224
       224
       +
             params = mkOption {

     

       225
       225
       +
               default = [ ];

     

       226
       226
       +
               example = ''

     

       227
       227
       +
                 [

     

       228
       228
       +
                   "iommu=force:true,qinval:true,debug:true"

     

       229
       229
       +
                   "noreboot=true"

     

       230
       230
       +
                   "vga=ask"

     

       231
       231
       +
                 ]

     

       232
       232
       +
               '';

     

       233
       233
       +
               type = listOf str;

     

       234
       234
       +
               description = ''

     

       235
       235
       +
                 Xen Command Line parameters passed to Domain 0 at boot time.

     

       236
       236
       +
                 Note: these are different from `boot.kernelParams`. See

     

       237
       237
       +
                 the [Xen documentation](https://xenbits.xenproject.org/docs/unstable/misc/xen-command-line.html) for more information.

     

       238
       238
       +
               '';

     

       239
       239
       +
             };

     

       240
       240
       +
             builderVerbosity = mkOption {

     

       200
       241
        
               type = enum [

     

       201
       242
        
                 "default"

     

       202
       243
        
                 "info"

     
···

       206
       247
        
               default = "default";

     

       207
       248
        
               example = "info";

     

       208
       249
        
               description = ''

     

       209
       209
       -
                 The EFI boot entry builder script should be called with exactly one of the following arguments in order to specify its verbosity:

     

       250
       250
       +
                 The boot entry builder script should be called with exactly one of the following arguments in order to specify its verbosity:

     

       210
       251
        
       

     

       211
       252
        
                 - `quiet` supresses all messages.

     

       212
       253
        
       

     
···

       220
       261
        
                 This option does not alter the actual functionality of the script, just the number of messages printed when rebuilding the system.

     

       221
       262
        
               '';

     

       222
       263
        
             };

     

       223
       223
       -
       

     

       224
       224
       -
             path = mkOption {

     

       225
       225
       -
               type = path;

     

       226
       226
       -
               default = "${cfg.package.boot}/${cfg.package.efi}";

     

       227
       227
       -
               defaultText = literalExpression "\${config.virtualisation.xen.package.boot}/\${config.virtualisation.xen.package.efi}";

     

       228
       228
       -
               example = literalExpression "\${config.virtualisation.xen.package}/boot/efi/efi/nixos/xen-\${config.virtualisation.xen.package.version}.efi";

     

       229
       229
       -
               description = ''

     

       230
       230
       -
                 Path to xen.efi. `pkgs.xen` is patched to install the xen.efi file

     

       231
       231
       -
                 on `$boot/boot/xen.efi`, but an unpatched Xen build may install it

     

       232
       232
       -
                 somewhere else, such as `$out/boot/efi/efi/nixos/xen.efi`. Unless

     

       233
       233
       -
                 you're building your own Xen derivation, you should leave this

     

       234
       234
       -
                 option as the default value.

     

       235
       235
       -
               '';

     

       264
       264
       +
             bios = {

     

       265
       265
       +
               path = mkOption {

     

       266
       266
       +
                 type = path;

     

       267
       267
       +
                 default = "${cfg.package.boot}/${cfg.package.multiboot}";

     

       268
       268
       +
                 defaultText = literalExpression "\${config.virtualisation.xen.package.boot}/\${config.virtualisation.xen.package.multiboot}";

     

       269
       269
       +
                 example = literalExpression "\${config.virtualisation.xen.package}/boot/xen-\${config.virtualisation.xen.package.version}";

     

       270
       270
       +
                 description = ''

     

       271
       271
       +
                   Path to the Xen `multiboot` binary used for BIOS booting.

     

       272
       272
       +
                   Unless you're building your own Xen derivation, you should leave this

     

       273
       273
       +
                   option as the default value.

     

       274
       274
       +
                 '';

     

       275
       275
       +
               };

     

       276
       276
       +
             };

     

       277
       277
       +
             efi = {

     

       278
       278
       +
               path = mkOption {

     

       279
       279
       +
                 type = path;

     

       280
       280
       +
                 default = "${cfg.package.boot}/${cfg.package.efi}";

     

       281
       281
       +
                 defaultText = literalExpression "\${config.virtualisation.xen.package.boot}/\${config.virtualisation.xen.package.efi}";

     

       282
       282
       +
                 example = literalExpression "\${config.virtualisation.xen.package}/boot/efi/efi/nixos/xen-\${config.virtualisation.xen.package.version}.efi";

     

       283
       283
       +
                 description = ''

     

       284
       284
       +
                   Path to xen.efi. `pkgs.xen` is patched to install the xen.efi file

     

       285
       285
       +
                   on `$boot/boot/xen.efi`, but an unpatched Xen build may install it

     

       286
       286
       +
                   somewhere else, such as `$out/boot/efi/efi/nixos/xen.efi`. Unless

     

       287
       287
       +
                   you're building your own Xen derivation, you should leave this

     

       288
       288
       +
                   option as the default value.

     

       289
       289
       +
                 '';

     

       290
       290
       +
               };

     

       236
       291
        
             };

     

       237
       292
        
           };

     

       238
       293
        
       

     
···

       612
       667
        
             {

     

       613
       668
        
               assertion =

     

       614
       669
        
                 config.boot.loader.systemd-boot.enable

     

       615
       615
       -
                 || (config.boot ? lanzaboote) && config.boot.lanzaboote.enable;

     

       616
       616
       -
               message = "Xen only supports booting on systemd-boot or Lanzaboote.";

     

       670
       670
       +
                 || (config.boot ? lanzaboote) && config.boot.lanzaboote.enable

     

       671
       671
       +
                 || config.boot.loader.limine.enable;

     

       672
       672
       +
               message = "Xen only supports booting on systemd-boot, Lanzaboote or Limine.";

     

       617
       673
        
             }

     

       618
       674
        
             {

     

       619
       675
        
               assertion = config.boot.initrd.systemd.enable;

     
···

       639
       695
        
             }

     

       640
       696
        
           ];

     

       641
       697
        
       

     

       642
       642
       -
           virtualisation.xen.bootParams =

     

       698
       698
       +
           virtualisation.xen.boot.params =

     

       643
       699
        
             optionals cfg.trace [

     

       644
       700
        
               "loglvl=all"

     

       645
       701
        
               "guest_loglvl=all"

     
···

       692
       748
        
             '';

     

       693
       749
        
       

     

       694
       750
        
             # Xen Bootspec extension. This extension allows NixOS bootloaders to

     

       695
       695
       -
             # fetch the `xen.efi` path and access the `cfg.bootParams` option.

     

       751
       751
       +
             # fetch the dom0 kernel paths and access the `cfg.boot.params` option.

     

       696
       752
        
             bootspec.extensions = {

     

       753
       753
       +
               # Bootspec extension v1 is deprecated, and will be removed in 26.05

     

       754
       754
       +
               # It is present for backwards compatibility

     

       697
       755
        
               "org.xenproject.bootspec.v1" = {

     

       698
       698
       -
                 xen = cfg.efi.path;

     

       699
       699
       -
                 xenParams = cfg.bootParams;

     

       756
       756
       +
                 xen = cfg.boot.efi.path;

     

       757
       757
       +
                 xenParams = cfg.boot.params;

     

       758
       758
       +
               };

     

       759
       759
       +
               # Bootspec extension v2 includes more detail,

     

       760
       760
       +
               # including supporting multiboot, and is the current supported

     

       761
       761
       +
               # bootspec extension

     

       762
       762
       +
               "org.xenproject.bootspec.v2" = {

     

       763
       763
       +
                 efiPath = cfg.boot.efi.path;

     

       764
       764
       +
                 multibootPath = cfg.boot.bios.path;

     

       765
       765
       +
                 version = cfg.package.version;

     

       766
       766
       +
                 params = cfg.boot.params;

     

       700
       767
        
               };

     

       701
       768
        
             };

     

       702
       769
        
       

     

       703
       770
        
             # See the `xenBootBuilder` script in the main `let...in` statement of this file.

     

       704
       771
        
             loader.systemd-boot.extraInstallCommands = ''

     

       705
       705
       -
               ${getExe xenBootBuilder} ${cfg.efi.bootBuilderVerbosity}

     

       772
       772
       +
               ${getExe xenBootBuilder} ${cfg.boot.builderVerbosity}

     

       706
       773
        
             '';

     

       707
       774
        
           };

     

       708
       775