1 files changed, 108 insertions, 0 deletions

diff --git a/modules/freya/packages/bootloaders.scm b/modules/freya/packages/bootloaders.scm
new file mode 100644
index 0000000..55a4210
--- /dev/null
+++ b/modules/freya/packages/bootloaders.scm
@@ -0,0 +1,108 @@
+(define-module (freya packages bootloaders)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (gnu packages efi)
+  #:use-module (gnu packages base)
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages gperf)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages python-xyz)
+  #:use-module (gnu packages python-crypto)
+  #:use-module (gnu packages pkg-config)
+  #:use-module (guix gexp)
+  #:use-module (guix utils)
+  #:use-module (guix modules)
+  #:use-module (guix packages)
+  #:use-module (guix git-download)
+  #:use-module (guix build-system gnu)
+  #:use-module (guix build-system meson)
+  #:use-module (guix build-system python))
+
+(define systemd-version "255")
+(define systemd-source
+  (origin
+    (method git-fetch)
+    (uri (git-reference
+           (url "https://github.com/systemd/systemd")
+           (commit (string-append "v" systemd-version))))
+    (file-name (git-file-name "systemd" systemd-version))
+    (sha256
+      (base32
+        "1qdyw9g3jgvsbc1aryr11gpc3075w5pg00mqv4pyf3hwixxkwaq6"))))
+
+(define-public (systemd-stub-name)
+  (let ((arch (cond ((target-x86-32?) "ia32")
+                ((target-x86-64?) "x64")
+                ((target-arm32?) "arm")
+                ((target-aarch64?) "aa64")
+                ((target-riscv64?) "riscv64"))))
+    (string-append "linux" arch ".efi.stub")))
+
+(define-public systemd-stub
+  (package
+    (name "systemd-stub")
+    (version systemd-version)
+    (source systemd-source)
+    (build-system meson-build-system)
+    (arguments
+      (list
+        #:configure-flags
+        `(list "-Defi=true" "-Dsbat-distro=guix"
+               "-Dsbat-distro-generation=1" ; package revision!
+               "-Dsbat-distro-summary=Guix System"
+               "-Dsbat-distro-url=https://guix.gnu.org"
+               ,(string-append "-Dsbat-distro-pkgname=" name)
+               ,(string-append "-Dsbat-distro-version=" version))
+        #:phases
+        #~(let ((stub #$(string-append "src/boot/efi/" (systemd-stub-name))))
+            (modify-phases %standard-phases
+              (replace 'build
+                (lambda* (#:key parallel-build? #:allow-other-keys)
+                  (invoke "ninja" stub
+                    "-j" (if parallel-build?
+                           (number->string (parallel-job-count)) "1"))))
+              (replace 'install
+                (lambda _
+                  (install-file stub (string-append #$output "/libexec"))))
+              (delete 'check)))))
+    (inputs (list libcap python-pyelftools `(,util-linux "lib")))
+    (native-inputs (list gperf pkg-config python-3 python-jinja2))
+    (home-page "https://systemd.io")
+    (synopsis "Unified kernel image UEFI stub")
+    (description "Simple UEFi boot stub that loads a conjoined kernel image and
+supporting data to their proper locations, before chainloading to the kernel.
+Supports measured and/or verified boot environments.")
+    (license license:lgpl2.1+)))
+
+(define-public ukify
+  (package
+    (name "ukify")
+    (version systemd-version)
+    (source systemd-source)
+    (build-system python-build-system)
+    (arguments
+      (list #:phases
+            #~(modify-phases %standard-phases
+                (replace 'build
+                  (lambda _
+                    (substitute* "src/ukify/ukify.py" ; added in python 3.11
+                      (("datetime\\.UTC") "datetime.timezone.utc"))))
+                (delete 'check)
+                (replace 'install
+                  (lambda* (#:key inputs #:allow-other-keys)
+                    (let* ((bin (string-append #$output "/bin"))
+                           (file (string-append bin "/ukify"))
+                           (binutils (assoc-ref inputs "binutils"))
+                           (sbsign (assoc-ref inputs "sbsigntools")))
+                      (mkdir-p bin)
+                      (copy-file "src/ukify/ukify.py" file)
+                      (wrap-program file
+                        `("PATH" ":" prefix
+                          (,(string-append binutils "/bin")
+                           ,(string-append sbsign "/bin"))))))))))
+    (inputs (list binutils python-cryptography python-pefile sbsigntools))
+    (home-page "https://systemd.io")
+    (synopsis "Unified kernel image UEFI tool")
+    (description "@command{ukify} joins together a UKI stub, linux kernel, initrd,
+kernel arguments, and optional secure boot signatures into a single, UEFI-bootable
+image.")
+    (license license:lgpl2.1+)))