Toggle diff (288 lines)
diff --git a/gnu/build/vm.scm b/gnu/build/vm.scm
index 372cf63c68..6d770d5057 100644
--- a/gnu/build/vm.scm
+++ b/gnu/build/vm.scm
@@ -422,7 +422,8 @@ SYSTEM-DIRECTORY is the name of the directory of the 'system' derivation."
;; Graft the configuration file onto the image.
(string-append "boot/grub/grub.cfg=" config-file))))
-(define* (make-iso9660-image grub config-file os-drv target
+(define* (make-iso9660-image xorriso grub-mkrescue-environment
+ grub config-file os-drv target
#:key (volume-id "Guix_image") (volume-uuid #f)
register-closures? (closures '()))
"Given a GRUB package, creates an iso image as TARGET, using CONFIG-FILE as
@@ -430,6 +431,9 @@ GRUB configuration and OS-DRV as the stuff in it."
(define grub-mkrescue
(string-append grub "/bin/grub-mkrescue"))
+ (define grub-mkrescue-sed.sh
+ (string-append xorriso "/bin/grub-mkrescue-sed.sh"))
+
(define target-store
(string-append "/tmp/root" (%store-directory)))
@@ -482,9 +486,19 @@ GRUB configuration and OS-DRV as the stuff in it."
#x77777777)
16))
+ (setenv "MKRESCUE_SED_MODE" "original")
+ (setenv "MKRESCUE_SED_XORRISO" (string-append xorriso
+ "/bin/xorriso"))
+ (setenv "MKRESCUE_SED_IN_EFI_NO_PT" "yes")
+ (for-each (match-lambda
+ ((name . value) (setenv name value)))
+ grub-mkrescue-environment)
+
(let ((pipe
(apply open-pipe* OPEN_WRITE
- grub-mkrescue "-o" target
+ grub-mkrescue
+ (string-append "--xorriso=" grub-mkrescue-sed.sh)
+ "-o" target
(string-append "boot/grub/grub.cfg=" config-file)
"etc=/tmp/root/etc"
"var=/tmp/root/var"
diff --git a/gnu/local.mk b/gnu/local.mk
index 18427de8c7..149803f691 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1370,7 +1370,9 @@ dist_patch_DATA = \
%D%/packages/patches/xfce4-session-fix-xflock4.patch \
%D%/packages/patches/xfce4-settings-defaults.patch \
%D%/packages/patches/xinetd-fix-fd-leak.patch \
- %D%/packages/patches/xinetd-CVE-2013-4342.patch
+ %D%/packages/patches/xinetd-CVE-2013-4342.patch \
+ %D%/packages/patches/xorriso-no-partition-table-in-inner-efi.patch \
+ %D%/packages/patches/xorriso-no-mbr-in-inner-efi.patch
MISC_DISTRO_FILES = \
%D%/packages/ld-wrapper.in
diff --git a/gnu/packages/cdrom.scm b/gnu/packages/cdrom.scm
index 2193a94f86..5128f7ce4f 100644
--- a/gnu/packages/cdrom.scm
+++ b/gnu/packages/cdrom.scm
@@ -162,8 +162,20 @@ libcdio.")
version ".tar.gz"))
(sha256
(base32
- "0aq6lvlwlkxz56l5sbvgycr6j5c82ch2bv6zrnc2345ibfpafgx9"))))
+ "0aq6lvlwlkxz56l5sbvgycr6j5c82ch2bv6zrnc2345ibfpafgx9"))
+ (patches
+ (search-patches "xorriso-no-partition-table-in-inner-efi.patch"
+ "xorriso-no-mbr-in-inner-efi.patch"))))
(build-system gnu-build-system)
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'install-frontends
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (out-bin (string-append out "/bin")))
+ (install-file "frontend/grub-mkrescue-sed.sh" out-bin)
+ #t))))))
(inputs
`(("acl" ,acl)
("readline" ,readline)
diff --git a/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch b/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch
new file mode 100644
index 0000000000..a43889d2c6
--- /dev/null
+++ b/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch
@@ -0,0 +1,47 @@
+https://dev.lovelyhq.com/libburnia/libisoburn/commit/1eb51f44dadb8b6c5f87533ca357186cdc1ac625
+diff --git a/frontend/grub-mkrescue-sed.sh b/frontend/grub-mkrescue-sed.sh
+index b3948c99..dcd9d696 100755
+--- a/frontend/grub-mkrescue-sed.sh
++++ b/frontend/grub-mkrescue-sed.sh
+@@ -120,6 +120,7 @@ fi
+ # "yes" overwrites the MBR partition table area in the EFI boot image by zeros.
+ # Some EFI implementations get stuck when seeing in the EFI partition a
+ # partition table entry which begins at LBA 0.
++# "extra" not only zeros the partition table but also the MBR signature.
+ efi_zero_inner_pt=no
+ if test -n "$MKRESCUE_SED_IN_EFI_NO_PT"
+ then
+@@ -192,24 +193,31 @@ then
+ find "$dir"
+ fi
+
+-if test "$efi_zero_inner_pt" = yes
++if test "$efi_zero_inner_pt" = yes -o "$efi_zero_inner_pt" = extra
+ then
+ did_dd=0
+ if test -e "$dir"/efi.img
+ then
++ # Look for 0x55 0xAA in bytes 510 and 511
+ magic=$(dd bs=1 skip=510 count=2 if="$dir"/efi.img 2>/dev/null | \
+ od -c | head -1 | awk '{print $2 " " $3}')
+ if test "$magic" = "U 252"
+ then
++ echo "Performing actions for MKRESCUE_SED_IN_EFI_NO_PT=$efi_zero_inner_pt" >&2
+ dd if=/dev/zero bs=1 seek=446 count=64 conv=notrunc of="$dir"/efi.img
+ did_dd=1
++ if test "$efi_zero_inner_pt" = extra
++ then
++ dd if=/dev/zero bs=1 seek=510 count=2 conv=notrunc of="$dir"/efi.img
++ fi
++ echo >&2
+ fi
+ fi
+ if test "$did_dd" = 0
+ then
+ echo >&2
+ echo "$0 : NOTE : No EFI image found or no MBR signature in it." >&2
+- echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=yes" >&2
++ echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=$efi_zero_inner_pt" >&2
+ echo >&2
+ fi
+ fi
diff --git a/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch b/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch
new file mode 100644
index 0000000000..a719ca1f89
--- /dev/null
+++ b/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch
@@ -0,0 +1,107 @@
+https://dev.lovelyhq.com/libburnia/libisoburn/commit/3a2a3ba737a06162c22ace0ae09d33ba97aa2673
+diff --git a/frontend/grub-mkrescue-sed.sh b/frontend/grub-mkrescue-sed.sh
+index d772ff22..b3948c99 100755
+--- a/frontend/grub-mkrescue-sed.sh
++++ b/frontend/grub-mkrescue-sed.sh
+@@ -1,6 +1,6 @@
+ #!/bin/sh
+
+-# Copyright (C) 2015 - 2016
++# Copyright (C) 2015 - 2019
+ # Thomas Schmitt <scdbackup@gmx.net>, libburnia-project.org
+ # Provided under BSD license: Use, modify, and distribute as you like.
+
+@@ -117,6 +117,15 @@ fi
+ # command line.)
+ # Each argument must be a single word. No whitespace. No quotation marks.
+
++# "yes" overwrites the MBR partition table area in the EFI boot image by zeros.
++# Some EFI implementations get stuck when seeing in the EFI partition a
++# partition table entry which begins at LBA 0.
++efi_zero_inner_pt=no
++if test -n "$MKRESCUE_SED_IN_EFI_NO_PT"
++then
++ efi_zero_inner_pt="$MKRESCUE_SED_IN_EFI_NO_PT"
++fi
++
+
+ #
+ # Do the work
+@@ -183,12 +192,48 @@ then
+ find "$dir"
+ fi
+
++if test "$efi_zero_inner_pt" = yes
++then
++ did_dd=0
++ if test -e "$dir"/efi.img
++ then
++ magic=$(dd bs=1 skip=510 count=2 if="$dir"/efi.img 2>/dev/null | \
++ od -c | head -1 | awk '{print $2 " " $3}')
++ if test "$magic" = "U 252"
++ then
++ dd if=/dev/zero bs=1 seek=446 count=64 conv=notrunc of="$dir"/efi.img
++ did_dd=1
++ fi
++ fi
++ if test "$did_dd" = 0
++ then
++ echo >&2
++ echo "$0 : NOTE : No EFI image found or no MBR signature in it." >&2
++ echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=yes" >&2
++ echo >&2
++ fi
++fi
++
+ efi_tmp_name=
++if test x"$mode" = xmjg \
++ -o x"$mode" = xmbr_only \
++ -o x"$mode" = xgpt_appended \
++ -o x"$mode" = xmbr_hfs
++then
++ # Move EFI partition image file out of the "$dir" tree, i.e. out of the ISO
++ efi_tmp_name=grub-mkrescue-sed-efi-img.$$
++ if test -e "$dir"/efi.img
++ then
++ mv "$dir"/efi.img /tmp/$efi_tmp_name
++ elif test -e /tmp/$efi_tmp_name
++ then
++ rm /tmp/$efi_tmp_name
++ fi
++fi
++
+ if test x"$mode" = xmjg
+ then
+ # Exchange arguments for the experimental GRUB2 mjg layout
+- efi_tmp_name=grub-mkrescue-sed-efi-img.$$
+- mv "$dir"/efi.img /tmp/$efi_tmp_name
+ x=$(echo " $*" | sed \
+ -e "s/-efi-boot-part --efi-boot-image/-no-pad -append_partition $partno 0xef \/tmp\/$efi_tmp_name/" \
+ -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_${partno}:all:: -no-emul-boot -isohybrid-gpt-basdat/" \
+@@ -207,8 +252,6 @@ then
+ elif test x"$mode" = xmbr_only
+ then
+ # Exchange arguments for no-HFS MBR-only layout
+- efi_tmp_name=grub-mkrescue-sed-efi-img.$$
+- mv "$dir"/efi.img /tmp/$efi_tmp_name
+ x=$(echo " $*" | sed \
+ -e "s/-efi-boot-part --efi-boot-image/$iso_mbr_part_type -no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name/" \
+ -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \
+@@ -228,8 +271,6 @@ then
+ elif test x"$mode" = xmbr_hfs
+ then
+ # Exchange arguments for MBR and HFS+ layout
+- efi_tmp_name=grub-mkrescue-sed-efi-img.$$
+- mv "$dir"/efi.img /tmp/$efi_tmp_name
+ x=$(echo " $*" | sed \
+ -e "s/-efi-boot-part --efi-boot-image/$iso_mbr_part_type -no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name/" \
+ -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \
+@@ -247,8 +288,6 @@ then
+ elif test x"$mode" = xgpt_appended
+ then
+ # Exchange arguments for no-HFS MBR-only layout
+- efi_tmp_name=grub-mkrescue-sed-efi-img.$$
+- mv "$dir"/efi.img /tmp/$efi_tmp_name
+ x=$(echo " $*" | sed \
+ -e "s/-efi-boot-part --efi-boot-image/-no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name -appended_part_as_gpt -partition_offset 16/" \
+ -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 92b03b01ad..acfea12926 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -259,7 +259,8 @@ made available under the /xchg CIFS share."
bootcfg-drv
bootloader
register-closures?
- (inputs '()))
+ (inputs '())
+ (grub-mkrescue-environment '()))
"Return a bootable, stand-alone iso9660 image.
INPUTS is a list of inputs (as for packages)."
@@ -301,7 +302,9 @@ INPUTS is a list of inputs (as for packages)."
inputs)))
(set-path-environment-variable "PATH" '("bin" "sbin") inputs)
- (make-iso9660-image #$(bootloader-package bootloader)
+ (make-iso9660-image #$xorriso
+ '#$grub-mkrescue-environment
+ #$(bootloader-package bootloader)
#$bootcfg-drv
#$os
"/xchg/guixsd.iso"
@@ -673,7 +676,9 @@ to USB sticks meant to be read-only."
#:bootloader (bootloader-configuration-bootloader
(operating-system-bootloader os))
#:inputs `(("system" ,os)
- ("bootcfg" ,bootcfg)))
+ ("bootcfg" ,bootcfg))
+ #:grub-mkrescue-environment
+ '(("MKRESCUE_SED_MODE" . "mbr_hfs")))
(qemu-image #:name name
#:os os
#:bootcfg-drv bootcfg