nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-19 11:23:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #292636 from RaitoBezarius/smm-works-for-something-else-than-x86-actually

Browse Source 
OVMF: remove invalid `assert` on SMM
This commit is contained in:
nikstur 2024-03-02 21:04:12 +01:00 committed by GitHub
commit b6401f808a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nixos/modules/virtualisation/qemu-vm.nix
View File

@ -877,11 +877,9 @@ in
type = types.package;
default = (pkgs.OVMF.override {
secureBoot = cfg.useSecureBoot;
systemManagementModeRequired = cfg.useSecureBoot;
}).fd;
defaultText = ''(pkgs.OVMF.override {
secureBoot = cfg.useSecureBoot;
systemManagementModeRequired = cfg.useSecureBoot;
}).fd'';
description =
lib.mdDoc "OVMF firmware package, defaults to OVMF configured with secure boot if needed.";
@ -1185,7 +1183,7 @@ in
"-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm"
"-device ${cfg.tpm.deviceModel},tpmdev=tpm_dev_0"
])
(mkIf (cfg.efi.OVMF.systemManagementModeRequired or false) [
(mkIf (pkgs.stdenv.hostPlatform.isx86 && cfg.efi.OVMF.systemManagementModeRequired) [
"-machine" "q35,smm=on"
"-global" "driver=cfi.pflash01,property=secure,value=on"
])

10
nixos/tests/systemd-boot.nix
View File

@ -115,15 +115,17 @@ in
virtualisation.useSecureBoot = true;
};
testScript = ''
testScript = let
efiArch = pkgs.stdenv.hostPlatform.efiArch;
in { nodes, ... }: ''
machine.start(allow_reboot=True)
machine.wait_for_unit("multi-user.target")
machine.succeed("sbctl create-keys")
machine.succeed("sbctl enroll-keys --yes-this-might-brick-my-machine")
machine.succeed('sbctl sign /boot/EFI/systemd/systemd-bootx64.efi')
machine.succeed('sbctl sign /boot/EFI/BOOT/BOOTX64.EFI')
machine.succeed('sbctl sign /boot/EFI/nixos/*bzImage.efi')
machine.succeed('sbctl sign /boot/EFI/systemd/systemd-boot${efiArch}.efi')
machine.succeed('sbctl sign /boot/EFI/BOOT/BOOT${toUpper efiArch}.EFI')
machine.succeed('sbctl sign /boot/EFI/nixos/*${nodes.machine.system.boot.loader.kernelFile}.efi')
machine.reboot()

1
pkgs/applications/virtualization/OVMF/default.nix
View File

@ -74,7 +74,6 @@ let
in
assert platformSpecific ? ${cpuName};
assert systemManagementModeRequired -> stdenv.hostPlatform.isx86;
assert msVarsTemplate -> fdSize4MB;
assert msVarsTemplate -> platformSpecific.${cpuName} ? msVarsArgs;