diff options
| author | Vladimír Čunát <v@cunat.cz> | 2023-06-02 11:45:08 +0200 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2023-06-02 11:45:08 +0200 |
| commit | 8699d2cf1ae821915739427adac3981b61a88097 (patch) | |
| tree | cba6d9f2bf99ed8b7f1b019f64035e698992b2df /nixos | |
| parent | b2750f9ba031b57a9fa65558c97a52546bb04c82 (diff) | |
| parent | 52df2ba6b0efbe931b6cfb57692307ab9fa7936b (diff) | |
Merge branch 'staging' into staging-next
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/config/no-x-libs.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/apparmor.nix | 10 | ||||
| -rw-r--r-- | nixos/tests/systemd-boot-ovmf-broken-fat-driver.patch | 25 | ||||
| -rw-r--r-- | nixos/tests/systemd-boot.nix | 25 |
4 files changed, 59 insertions, 2 deletions
diff --git a/nixos/modules/config/no-x-libs.nix b/nixos/modules/config/no-x-libs.nix index dac09bdf468a9..0dce3b918458a 100644 --- a/nixos/modules/config/no-x-libs.nix +++ b/nixos/modules/config/no-x-libs.nix @@ -38,6 +38,7 @@ with lib; gpsd = super.gpsd.override { guiSupport = false; }; graphviz = super.graphviz-nox; gst_all_1 = super.gst_all_1 // { + gst-plugins-bad = super.gst_all_1.gst-plugins-bad.override { guiSupport = false; }; gst-plugins-base = super.gst_all_1.gst-plugins-base.override { enableX11 = false; }; }; imagemagick = super.imagemagick.override { libX11Support = false; libXtSupport = false; }; diff --git a/nixos/tests/apparmor.nix b/nixos/tests/apparmor.nix index 99a5cd558eb02..be91e9632849c 100644 --- a/nixos/tests/apparmor.nix +++ b/nixos/tests/apparmor.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix ({ pkgs, ... } : { +import ./make-test-python.nix ({ pkgs, lib, ... } : { name = "apparmor"; meta.maintainers = with lib.maintainers; [ julm ]; @@ -27,7 +27,7 @@ import ./make-test-python.nix ({ pkgs, ... } : { # 4. Using `diff` against the expected output. with subtest("apparmorRulesFromClosure"): machine.succeed( - "${pkgs.diffutils}/bin/diff ${pkgs.writeText "expected.rules" '' + "${pkgs.diffutils}/bin/diff -u ${pkgs.writeText "expected.rules" '' mr ${pkgs.bash}/lib/**.so*, r ${pkgs.bash}, r ${pkgs.bash}/etc/**, @@ -64,6 +64,12 @@ import ./make-test-python.nix ({ pkgs, ... } : { r ${pkgs.libunistring}/lib/**, r ${pkgs.libunistring}/share/**, x ${pkgs.libunistring}/foo/**, + mr ${pkgs.glibc.libgcc}/lib/**.so*, + r ${pkgs.glibc.libgcc}, + r ${pkgs.glibc.libgcc}/etc/**, + r ${pkgs.glibc.libgcc}/lib/**, + r ${pkgs.glibc.libgcc}/share/**, + x ${pkgs.glibc.libgcc}/foo/**, ''} ${pkgs.runCommand "actual.rules" { preferLocalBuild = true; } '' ${pkgs.gnused}/bin/sed -e 's:^[^ ]* ${builtins.storeDir}/[^,/-]*-\([^/,]*\):\1 \0:' ${ pkgs.apparmorRulesFromClosure { diff --git a/nixos/tests/systemd-boot-ovmf-broken-fat-driver.patch b/nixos/tests/systemd-boot-ovmf-broken-fat-driver.patch new file mode 100644 index 0000000000000..ef547c02f9187 --- /dev/null +++ b/nixos/tests/systemd-boot-ovmf-broken-fat-driver.patch @@ -0,0 +1,25 @@ +From d87a7513c6f2f2824203032ef27caeb84892ed7e Mon Sep 17 00:00:00 2001 +From: Will Fancher <elvishjerricco@gmail.com> +Date: Tue, 30 May 2023 16:53:20 -0400 +Subject: [PATCH] Intentionally break the fat driver + +--- + FatPkg/EnhancedFatDxe/ReadWrite.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/FatPkg/EnhancedFatDxe/ReadWrite.c b/FatPkg/EnhancedFatDxe/ReadWrite.c +index 8f525044d1f1..32c62ff7817b 100644 +--- a/FatPkg/EnhancedFatDxe/ReadWrite.c ++++ b/FatPkg/EnhancedFatDxe/ReadWrite.c +@@ -216,6 +216,11 @@ FatIFileAccess ( + Volume = OFile->Volume; + Task = NULL; + ++ if (*BufferSize > (10U * 1024U * 1024U)) { ++ IFile->Position += 10U * 1024U * 1024U; ++ return EFI_BAD_BUFFER_SIZE; ++ } ++ + // + // Write to a directory is unsupported + // diff --git a/nixos/tests/systemd-boot.nix b/nixos/tests/systemd-boot.nix index 94e269ff37bb8..19034b299999b 100644 --- a/nixos/tests/systemd-boot.nix +++ b/nixos/tests/systemd-boot.nix @@ -251,4 +251,29 @@ in machine.succeed("test -e /boot/efi/nixos/.extra-files/efi/netbootxyz/netboot.xyz.efi") ''; }; + + # See: [Firmware file size bug] in systemd/default.nix + uefiLargeFileWorkaround = makeTest { + name = "uefi-large-file-workaround"; + + nodes.machine = { pkgs, ... }: { + imports = [common]; + virtualisation.efi.OVMF = pkgs.OVMF.overrideAttrs (old: { + # This patch deliberately breaks the FAT driver in EDK2 to + # exhibit (part of) the firmware bug that we are testing + # for. Files greater than 10MiB will fail to be read in a + # single Read() call, so systemd-boot will fail to load the + # initrd without a workaround. The number 10MiB was chosen + # because if it were smaller than the kernel size, even the + # LoadImage call would fail, which is not the failure mode + # we're testing for. It needs to be between the kernel size + # and the initrd size. + patches = old.patches or [] ++ [ ./systemd-boot-ovmf-broken-fat-driver.patch ]; + }); + }; + + testScript = '' + machine.wait_for_unit("multi-user.target") + ''; + }; } |