Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fwupd: do not wrap efi capsule #45719

Merged
merged 1 commit into from Aug 29, 2018
Merged

fwupd: do not wrap efi capsule #45719

merged 1 commit into from Aug 29, 2018

Conversation

jtojnar
Copy link
Contributor

@jtojnar jtojnar commented Aug 28, 2018

Motivation for this change

wrapGAppsHook is not able to skip efi capsules so we need to switch to manual wrapping.

Closes: #45715

cc @tadfisher @Moredread

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Fits CONTRIBUTING.md.

@jtojnar
fwupd: do not wrap efi capsule
267c2c9 
wrapGAppsHook is not able to skip efi capsules so we need to
switch to manual wrapping.

Closes: NixOS#45715
@GrahamcOfBorg
Copy link

No attempt on x86_64-darwin (full log)

The following builds were skipped because they don't evaluate on x86_64-darwin: fwupd

Partial log (click to expand)


a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowUnsupportedSystem = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowUnsupportedSystem = true; }
to ~/.config/nixpkgs/config.nix.

@GrahamcOfBorg
Copy link

No attempt on aarch64-linux (full log)

The following builds were skipped because they don't evaluate on aarch64-linux: fwupd

Partial log (click to expand)


a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowUnsupportedSystem = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowUnsupportedSystem = true; }
to ~/.config/nixpkgs/config.nix.

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: fwupd

Partial log (click to expand)

shrinking RPATHs of ELF executables and libraries in /nix/store/jab3zjh6420gbxdycfwv4lkf9394a4fz-fwupd-1.1.1-installedTests
strip is /nix/store/h0lbngpv6ln56hjj59i6l77vxq25flbz-binutils-2.30/bin/strip
patching script interpreter paths in /nix/store/jab3zjh6420gbxdycfwv4lkf9394a4fz-fwupd-1.1.1-installedTests
checking for references to /build in /nix/store/jab3zjh6420gbxdycfwv4lkf9394a4fz-fwupd-1.1.1-installedTests...
Wrapping program /nix/store/fqvpcp0jfpn6f18jh9dlligd3j7rgjhy-fwupd-1.1.1/bin/fwupdmgr
Wrapping program /nix/store/fqvpcp0jfpn6f18jh9dlligd3j7rgjhy-fwupd-1.1.1/bin/dfu-tool
Wrapping program /nix/store/fqvpcp0jfpn6f18jh9dlligd3j7rgjhy-fwupd-1.1.1/libexec/fwupd/fwupdate
Wrapping program /nix/store/fqvpcp0jfpn6f18jh9dlligd3j7rgjhy-fwupd-1.1.1/libexec/fwupd/fwupd
Wrapping program /nix/store/fqvpcp0jfpn6f18jh9dlligd3j7rgjhy-fwupd-1.1.1/libexec/fwupd/fwupdtool
/nix/store/fqvpcp0jfpn6f18jh9dlligd3j7rgjhy-fwupd-1.1.1

@xeji xeji merged commit b0d4c25 into NixOS:master Aug 29, 2018
@symphorien
Copy link
Member

too late, but a simpler alternative would have to remove the executable bit from the capsule before the fixup phase:

diff --git a/pkgs/os-specific/linux/firmware/fwupd/default.nix b/pkgs/os-specific/linux/firmware/fwupd/default.nix
index f018b5c2a7d..d2610dfc8fd 100644
--- a/pkgs/os-specific/linux/firmware/fwupd/default.nix
+++ b/pkgs/os-specific/linux/firmware/fwupd/default.nix
@@ -52,6 +52,8 @@ in stdenv.mkDerivation {
   # doCheck = true;
 
   preFixup = ''
+    chmod -x $out/libexec/fwupd/efi/fwupdx64.efi
     gappsWrapperArgs+=(--prefix XDG_DATA_DIRS : "${shared-mime-info}/share")
   '';

If this bit is really necessary, then it can be readded in postfixup.

@jtojnar jtojnar deleted the fwupd-no-efi-wrap branch August 29, 2018 09:41
@jtojnar
Copy link
Contributor Author

jtojnar commented Aug 29, 2018

If I recall correctly, EFI uses FAT or something so executable bit probably should not be needed. Maybe @superm1 will know for sure.

@superm1
Copy link

superm1 commented Aug 29, 2018

If you follow the strict specifications yes ESP needs to be vfat.
Some manufacturers may add support for other filesystems however. This is rare though and none of the Linux installers will allow it unless you reuse an existing esp.

I think removing executable bit is fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
10.rebuild-darwin: 0 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@jtojnar @GrahamcOfBorg @symphorien @superm1 @xeji