Received: (at submit) by debbugs.gnu.org; 6 Jan 2024 13:45:52 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jan 06 08:45:52 2024 Received: from localhost ([127.0.0.1]:58826 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1rM6zn-0004cR-Hf for submit <at> debbugs.gnu.org; Sat, 06 Jan 2024 08:45:52 -0500 Received: from lists.gnu.org ([2001:470:142::17]:50900) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1rM6zl-0004Gd-Cy for submit <at> debbugs.gnu.org; Sat, 06 Jan 2024 08:45:50 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1rM6zQ-0006sD-IY for bug-guix@HIDDEN; Sat, 06 Jan 2024 08:45:31 -0500 Received: from wolfsden.cz ([37.205.8.62]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1rM6zK-0007xi-CA for bug-guix@HIDDEN; Sat, 06 Jan 2024 08:45:28 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 417BA244B45; Sat, 6 Jan 2024 13:45:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1704548719; bh=lz59KcRfYS6ljarOo+vx92yh3CPT2QPz1GvUMykF2bo=; h=Date:From:To:Subject; b=WVSPnKAhfc7BJB9q5Pr4h9/+YFwqeyaMCfEvvaaS+tZx5I7abgY/Q8rweVHvVZ7RN aDgBKtgNM1FknZ/4kT52rQVwPgpu5d2U04ysuLD896s2CksiXzznweeoojnCflRaAG 7GBpNwbOlzuUPyz2YfTsJ1TUkkKu8Rk2P40rkjGxjEa0rG2pr3B5GXOPzBgAR/poRh Vq++kNOMiV2RL4gF3+C5YFVOcq4wmTwAdUhmnlgDeZz4XZkt+LK8pWRs33D0Jo+h0a THC0igk8FeM7w1NNG7WKpVivUOiBFUIuGuAk/kZc7odO3ra4OfNUbPMITEA9zYYBiZ YLX/NActGvvn8Vf62v9N7msd8Oqb9RtUF+J7/lWqHneNrZUHNAdFdxOwiBy4MIdMPH iWTaftlBX5omo7/qkaxxsUtC0i1x4+fkjiXNlIx8RzjcDB8oHkdT29GI5czceoZLIe sC6apVfCI9A5ZVZrpMltOk3t+h3vWSmyC4MCQd+E5Z0tGCmxkLu5whNcx0AZnDf3li EGYN/5ZIWIVB+GJ3OF8Q+3ifnuxqwBPfbCh2wmAVgxib8J3lXhJxfTdi6z6JrJrcds o0B8dEgEJlJafwagXC1Og9V1nDsMyyQLFzVnf8SiGmlUrd5v1JK60loY9FHpGmkOYD ckbU6X3h69lWGpIhNggS5ygg= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from localhost (unknown [193.32.127.155]) by wolfsden.cz (Postfix) with ESMTPSA id 3412D244648 for <bug-guix@HIDDEN>; Sat, 6 Jan 2024 13:45:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1704548718; bh=lz59KcRfYS6ljarOo+vx92yh3CPT2QPz1GvUMykF2bo=; h=Date:From:To:Subject; b=a7WkL+2cFSf/5+mJ9/xGvAXfpSDuuBlhcozx5ED9XepX6bdFuL1MiRw7lrjIF3ZPb udDjRSZ9CO0wO4+Sb82kOkcbrKcO+ZX0+yEWnwg+cmZjsZBG4ErWQVQDJwmotyDk0o wHjvNPjGH0EOwV9dbbkNw3mT/kOilCS/vq9znel1ZdVmwUgqt3XuuoYDBpxfuKbK8h +4GzRjvwR9c8LyAQoeSNFRVIZZ/q1c66aQzxhvVB7dj4HebgTJx3UJ8ywCGKwjqTja JgZwc8DjrKsWVB8r4+ju0KlYE6jxALLArIxijqobadKrMjKBoBJxfRomP6iXhIMXPd qa3iVMjz9UWoDrjfzEhODMKo7xM3wyl1C46tmS4qHh1ZP+6QUX6Ba4pnn4yi1+xFNr nvjL3pfv+qN2pCm169Yk7HMfcyTUSuRIaT9qpzhT7eQcUrFaK27OysL9T8tYIrVBYL h9ItA0tEyrWTcT5Mst7Y1AmbBh9qPuzzTx9U/cPu0OmraCKCNbxqpLVZiS9gUnVOA4 +W+BYSCSzTPLHJTwp8eD4N2tDogPnFnQKIWGUuv8cHiVsngWghUizlz9c4Rpt8o5C2 N0gxBV9acA/lt19G+Mqoc3llu/x9oMVscR5MXt6QctXqpaTWpC7ZKT3kD1fG/31mDP fnzC6sCgbDx6b+0oWyAogqlQ= Date: Sat, 6 Jan 2024 14:45:17 +0100 From: Tomas Volf <~@wolfsden.cz> To: bug-guix@HIDDEN Subject: ovmf does not contain secureboot firmware Message-ID: <ZZlZbUOr1BGtKJ0q@ws> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="zPvpMSyCK5JXjtjQ" Content-Disposition: inline Received-SPF: pass client-ip=37.205.8.62; envelope-from=~@wolfsden.cz; helo=wolfsden.cz X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.0 (/) --zPvpMSyCK5JXjtjQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, looking at the ovmf package, is seems that it does not contain files required for secureboot. When I compare what Archlinux ships: usr/share/edk2/ia32/OVMF.4m.fd usr/share/edk2/ia32/OVMF.fd usr/share/edk2/ia32/OVMF_CODE.4m.fd usr/share/edk2/ia32/OVMF_CODE.csm.4m.fd usr/share/edk2/ia32/OVMF_CODE.csm.fd usr/share/edk2/ia32/OVMF_CODE.fd usr/share/edk2/ia32/OVMF_CODE.secboot.4m.fd usr/share/edk2/ia32/OVMF_CODE.secboot.fd usr/share/edk2/ia32/OVMF_VARS.4m.fd usr/share/edk2/ia32/OVMF_VARS.fd usr/share/edk2/x64/ usr/share/edk2/x64/MICROVM.4m.fd usr/share/edk2/x64/MICROVM.fd usr/share/edk2/x64/OVMF.4m.fd usr/share/edk2/x64/OVMF.fd usr/share/edk2/x64/OVMF_CODE.4m.fd usr/share/edk2/x64/OVMF_CODE.csm.4m.fd usr/share/edk2/x64/OVMF_CODE.csm.fd usr/share/edk2/x64/OVMF_CODE.fd usr/share/edk2/x64/OVMF_CODE.secboot.4m.fd usr/share/edk2/x64/OVMF_CODE.secboot.fd usr/share/edk2/x64/OVMF_VARS.4m.fd usr/share/edk2/x64/OVMF_VARS.fd with what we do: /gnu/store/nqv29p1kz1lwc6g3rifyi5mrapcx97wf-ovmf-202308/share/firmware/ovmf_code_ia32.bin /gnu/store/nqv29p1kz1lwc6g3rifyi5mrapcx97wf-ovmf-202308/share/firmware/ovmf_code_x64.bin /gnu/store/nqv29p1kz1lwc6g3rifyi5mrapcx97wf-ovmf-202308/share/firmware/ovmf_ia32.bin /gnu/store/nqv29p1kz1lwc6g3rifyi5mrapcx97wf-ovmf-202308/share/firmware/ovmf_vars_ia32.bin /gnu/store/nqv29p1kz1lwc6g3rifyi5mrapcx97wf-ovmf-202308/share/firmware/ovmf_vars_x64.bin /gnu/store/nqv29p1kz1lwc6g3rifyi5mrapcx97wf-ovmf-202308/share/firmware/ovmf_x64.bin There seem to be some files missing. The secboot would be useful, but the csm might be as well. I tried to make a patch to build multiple firmwares, however due to how other packages inherit from it, it was quite messy. I wonder if having just a single ovmf package would simplify things. The size bloat from merging them seems... negligible. At least for the QEMU use case. Have a nice day, Tomas Volf -- There are only two hard things in Computer Science: cache invalidation, naming things and off-by-one errors. --zPvpMSyCK5JXjtjQ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmWZWW0ACgkQL7/ufbZ/ wamBTg/9GU5OHRT+tx+Eb6LKgsdWJtZYQ/N/5+UkKCUgQ7CLEbEkmEGnDVdXZUjo 2QnMTEgqnCVVDk2ipFjVEeJS9ln+X32rKdmSeIwMHhvjIAejpRg7rchaW0ZMiloz vLSw3CEc23vc3kCzfhPrSI8JAB+oVhGzeMpzk46voPHJ58zr01FCtKRmWUA0NYFz NOY9oj0Iyzd8CUZtBQwPZXRYR32iM/PFR8hBuSGygHf7YEk6SS8SK2p4cSqJtJet eqH4kw9oEftHirdDrUaVvmQAzZsOpLSe6m6hkbR2OBcH3glx9NBVUYyGsQ09Uj4F j+7R31fywBaAxW4zz4lDySQ59bukdCMsmnCeDlR4ggjLU0S7sUl6E40BGgodwC7H k0Mp3e5ZIAf5GJl0a41L80UdgqywyUiVjrofSORvk4Kg95y83YxADVZe351pxRed g96lfTtwhk2/x65dlmtQlLmJts0UitsxNKQe+faeyBR26XsaDdCzAl+v2mThQyLu 6lNzBLNDW5HM9mZ+8eipQYWUJG6ziQpbl5D/3EogApRpGn5sApcNRw27wZcakxpf N4JjTcziv4MgXaqtsKn+7PHRBUVgI0syLbpnqZ57XDYbEI4US4us3xjjOWRcb1Is HzfD7QHqciS+CSQA3Zk4NXwRGY1h/GSf6085Ar633n0REiOxyFU= =w+3B -----END PGP SIGNATURE----- --zPvpMSyCK5JXjtjQ--
Tomas Volf <~@wolfsden.cz>
:bug-guix@HIDDEN
.
Full text available.bug-guix@HIDDEN
:bug#68286
; Package guix
.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.