Skip to content

Commit

Permalink
Add option for changing boot order
Browse files Browse the repository at this point in the history 
This change adds a nixos option for changing the default boot order.
Possible values were obtained from
https://github.com/NVIDIA/edk2-nvidia/blob/71fc2f6de48f3e9f01214b4e9464dd03620b876b/Silicon/NVIDIA/Library/PlatformBootOrderLib/PlatformBootOrderLib.c#L26.
  • Loading branch information
@jmbaur @danielfullmer
jmbaur authored and danielfullmer committed Oct 10, 2023
1 parent 70579a8 commit 790019e
Show file tree
Hide file tree
Showing 2 changed files with 52 additions and 9 deletions.
33 changes: 24 additions & 9 deletions modules/flash-script.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,13 @@ in
firmware = {
autoUpdate = lib.mkEnableOption "automatic updates for Jetson firmware";

bootOrder = mkOption {
# https://github.com/NVIDIA/edk2-nvidia/blob/71fc2f6de48f3e9f01214b4e9464dd03620b876b/Silicon/NVIDIA/Library/PlatformBootOrderLib/PlatformBootOrderLib.c#L26
type = types.nullOr (types.listOf (types.enum [ "scsi" "usb" "sata" "pxev4" "httpv4" "pxev6" "httpv6" "nvme" "ufs" "sd" "emmc" "cdrom" "boot.img" "virtual" "shell" ]));
default = null;
description = "The default boot order";
};

uefi = {
logo = mkOption {
type = types.nullOr types.path;
Expand Down Expand Up @@ -285,15 +292,23 @@ in
[ cfg.flashScriptOverrides.configFileName "mmcblk0p1" ]
);

hardware.nvidia-jetpack.flashScriptOverrides.additionalDtbOverlays = let
uefiDefaultKeysDtbo = pkgs.runCommand "UefiDefaultSecurityKeys.dtbo" { nativeBuildInputs = with pkgs.buildPackages; [ dtc ]; } ''
export pkDefault=$(od -t x1 -An "${cfg.firmware.uefi.secureBoot.defaultPkEslFile}")
export kekDefault=$(od -t x1 -An "${cfg.firmware.uefi.secureBoot.defaultKekEslFile}")
export dbDefault=$(od -t x1 -An "${cfg.firmware.uefi.secureBoot.defaultDbEslFile}")
substituteAll ${./uefi-default-keys.dts} keys.dts
dtc -I dts -O dtb keys.dts -o $out
'';
in lib.optional cfg.firmware.uefi.secureBoot.enrollDefaultKeys uefiDefaultKeysDtbo;
hardware.nvidia-jetpack.flashScriptOverrides.additionalDtbOverlays =
let
bootOrder = pkgs.runCommand "DefaultBootOrder.dtbo" { nativeBuildInputs = with pkgs.buildPackages; [ dtc ]; } ''
export bootOrder=${lib.concatStringsSep "," cfg.firmware.bootOrder}
substituteAll ${./uefi-boot-order.dts} keys.dts
dtc -I dts -O dtb keys.dts -o $out
'';
uefiDefaultKeysDtbo = pkgs.runCommand "UefiDefaultSecurityKeys.dtbo" { nativeBuildInputs = with pkgs.buildPackages; [ dtc ]; } ''
export pkDefault=$(od -t x1 -An "${cfg.firmware.uefi.secureBoot.defaultPkEslFile}")
export kekDefault=$(od -t x1 -An "${cfg.firmware.uefi.secureBoot.defaultKekEslFile}")
export dbDefault=$(od -t x1 -An "${cfg.firmware.uefi.secureBoot.defaultDbEslFile}")
substituteAll ${./uefi-default-keys.dts} keys.dts
dtc -I dts -O dtb keys.dts -o $out
'';
in
(lib.optional (cfg.firmware.bootOrder != null) bootOrder) ++
(lib.optional cfg.firmware.uefi.secureBoot.enrollDefaultKeys uefiDefaultKeysDtbo);

hardware.nvidia-jetpack.flashScriptOverrides.fuseArgs = lib.mkAfter [ cfg.flashScriptOverrides.configFileName ];

Expand Down
28 changes: 28 additions & 0 deletions modules/uefi-boot-order.dts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
/dts-v1/;
/plugin/;

/ {
overlay-name = "UEFI Boot order";

fragment@0 {
target-path = "/";
board_config {
sw-modules = "uefi";
};

__overlay__ {
firmware {
uefi {
variables {
gNVIDIATokenSpaceGuid {
DefaultBootPriority {
data = "@bootOrder@";
locked;
};
};
};
};
};
};
};
};

0 comments on commit 790019e

Please sign in to comment.