Merge pull request #235082 from ElvishJerricco/systemd-uefi-bug-chunked-reads

pyrox.dev / nixpkgs

fork atom

lol

fork atom

systemd-boot: Patch for firmwares that fail to load large files

authored by

Arian van Putten and committed by

GitHub 2 years ago 5a13c006 7849b5f9

+60

3 changed files

expand all

nixos

tests

systemd-boot-ovmf-broken-fat-driver.patch

systemd-boot.nix

pkgs

os-specific

linux

systemd

default.nix

+25

nixos/tests/systemd-boot-ovmf-broken-fat-driver.patch

··· 1 + From d87a7513c6f2f2824203032ef27caeb84892ed7e Mon Sep 17 00:00:00 2001 2 + From: Will Fancher <elvishjerricco@gmail.com> 3 + Date: Tue, 30 May 2023 16:53:20 -0400 4 + Subject: [PATCH] Intentionally break the fat driver 5 + 6 + --- 7 + FatPkg/EnhancedFatDxe/ReadWrite.c | 5 +++++ 8 + 1 file changed, 5 insertions(+) 9 + 10 + diff --git a/FatPkg/EnhancedFatDxe/ReadWrite.c b/FatPkg/EnhancedFatDxe/ReadWrite.c 11 + index 8f525044d1f1..32c62ff7817b 100644 12 + --- a/FatPkg/EnhancedFatDxe/ReadWrite.c 13 + +++ b/FatPkg/EnhancedFatDxe/ReadWrite.c 14 + @@ -216,6 +216,11 @@ FatIFileAccess ( 15 + Volume = OFile->Volume; 16 + Task = NULL; 17 + 18 + + if (*BufferSize > (10U * 1024U * 1024U)) { 19 + + IFile->Position += 10U * 1024U * 1024U; 20 + + return EFI_BAD_BUFFER_SIZE; 21 + + } 22 + + 23 + // 24 + // Write to a directory is unsupported 25 + //

+25

nixos/tests/systemd-boot.nix

··· 251 251 machine.succeed("test -e /boot/efi/nixos/.extra-files/efi/netbootxyz/netboot.xyz.efi") 252 252 ''; 253 253 }; 254 + 255 + # See: [Firmware file size bug] in systemd/default.nix 256 + uefiLargeFileWorkaround = makeTest { 257 + name = "uefi-large-file-workaround"; 258 + 259 + nodes.machine = { pkgs, ... }: { 260 + imports = [common]; 261 + virtualisation.efi.OVMF = pkgs.OVMF.overrideAttrs (old: { 262 + # This patch deliberately breaks the FAT driver in EDK2 to 263 + # exhibit (part of) the firmware bug that we are testing 264 + # for. Files greater than 10MiB will fail to be read in a 265 + # single Read() call, so systemd-boot will fail to load the 266 + # initrd without a workaround. The number 10MiB was chosen 267 + # because if it were smaller than the kernel size, even the 268 + # LoadImage call would fail, which is not the failure mode 269 + # we're testing for. It needs to be between the kernel size 270 + # and the initrd size. 271 + patches = old.patches or [] ++ [ ./systemd-boot-ovmf-broken-fat-driver.patch ]; 272 + }); 273 + }; 274 + 275 + testScript = '' 276 + machine.wait_for_unit("multi-user.target") 277 + ''; 278 + }; 254 279 }

+10

pkgs/os-specific/linux/systemd/default.nix

··· 190 190 ./0017-inherit-systemd-environment-when-calling-generators.patch 191 191 ./0018-core-don-t-taint-on-unmerged-usr.patch 192 192 ./0019-tpm2_context_init-fix-driver-name-checking.patch 193 + 194 + (fetchpatch { 195 + # https://github.com/systemd/systemd/pull/25948 196 + # 197 + # [Firmware file size bug]: Some UEFI firmwares fail on large 198 + # reads. Now that systemd-boot loads initrd itself, systems with 199 + # such firmware won't boot without this fix 200 + url = "https://github.com/systemd/systemd/commit/3ed1d966f00b002ed822ca9de116252bd91fe6c3.patch"; 201 + hash = "sha256-pwXrLTScqgnvfddlzUBZpwsoMrvRLcZPp6e4whMcyL4="; 202 + }) 193 203 ] ++ lib.optional stdenv.hostPlatform.isMusl ( 194 204 let 195 205 oe-core = fetchzip {