Loading nixos/modules/virtualisation/qemu-vm.nix +1 −3 Original line number Diff line number Diff line Loading @@ -877,11 +877,9 @@ in type = types.package; default = (pkgs.OVMF.override { secureBoot = cfg.useSecureBoot; systemManagementModeRequired = cfg.useSecureBoot; }).fd; defaultText = ''(pkgs.OVMF.override { secureBoot = cfg.useSecureBoot; systemManagementModeRequired = cfg.useSecureBoot; }).fd''; description = lib.mdDoc "OVMF firmware package, defaults to OVMF configured with secure boot if needed."; Loading Loading @@ -1185,7 +1183,7 @@ in "-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm" "-device ${cfg.tpm.deviceModel},tpmdev=tpm_dev_0" ]) (mkIf (cfg.efi.OVMF.systemManagementModeRequired or false) [ (mkIf (pkgs.stdenv.hostPlatform.isx86 && cfg.efi.OVMF.systemManagementModeRequired) [ "-machine" "q35,smm=on" "-global" "driver=cfi.pflash01,property=secure,value=on" ]) Loading nixos/tests/systemd-boot.nix +6 −4 Original line number Diff line number Diff line Loading @@ -115,15 +115,17 @@ in virtualisation.useSecureBoot = true; }; testScript = '' testScript = let efiArch = pkgs.stdenv.hostPlatform.efiArch; in { nodes, ... }: '' machine.start(allow_reboot=True) machine.wait_for_unit("multi-user.target") machine.succeed("sbctl create-keys") machine.succeed("sbctl enroll-keys --yes-this-might-brick-my-machine") machine.succeed('sbctl sign /boot/EFI/systemd/systemd-bootx64.efi') machine.succeed('sbctl sign /boot/EFI/BOOT/BOOTX64.EFI') machine.succeed('sbctl sign /boot/EFI/nixos/*bzImage.efi') machine.succeed('sbctl sign /boot/EFI/systemd/systemd-boot${efiArch}.efi') machine.succeed('sbctl sign /boot/EFI/BOOT/BOOT${toUpper efiArch}.EFI') machine.succeed('sbctl sign /boot/EFI/nixos/*${nodes.machine.system.boot.loader.kernelFile}.efi') machine.reboot() Loading pkgs/applications/virtualization/OVMF/default.nix +0 −1 Original line number Diff line number Diff line Loading @@ -74,7 +74,6 @@ let in assert platformSpecific ? ${cpuName}; assert systemManagementModeRequired -> stdenv.hostPlatform.isx86; assert msVarsTemplate -> fdSize4MB; assert msVarsTemplate -> platformSpecific.${cpuName} ? msVarsArgs; Loading Loading
nixos/modules/virtualisation/qemu-vm.nix +1 −3 Original line number Diff line number Diff line Loading @@ -877,11 +877,9 @@ in type = types.package; default = (pkgs.OVMF.override { secureBoot = cfg.useSecureBoot; systemManagementModeRequired = cfg.useSecureBoot; }).fd; defaultText = ''(pkgs.OVMF.override { secureBoot = cfg.useSecureBoot; systemManagementModeRequired = cfg.useSecureBoot; }).fd''; description = lib.mdDoc "OVMF firmware package, defaults to OVMF configured with secure boot if needed."; Loading Loading @@ -1185,7 +1183,7 @@ in "-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm" "-device ${cfg.tpm.deviceModel},tpmdev=tpm_dev_0" ]) (mkIf (cfg.efi.OVMF.systemManagementModeRequired or false) [ (mkIf (pkgs.stdenv.hostPlatform.isx86 && cfg.efi.OVMF.systemManagementModeRequired) [ "-machine" "q35,smm=on" "-global" "driver=cfi.pflash01,property=secure,value=on" ]) Loading
nixos/tests/systemd-boot.nix +6 −4 Original line number Diff line number Diff line Loading @@ -115,15 +115,17 @@ in virtualisation.useSecureBoot = true; }; testScript = '' testScript = let efiArch = pkgs.stdenv.hostPlatform.efiArch; in { nodes, ... }: '' machine.start(allow_reboot=True) machine.wait_for_unit("multi-user.target") machine.succeed("sbctl create-keys") machine.succeed("sbctl enroll-keys --yes-this-might-brick-my-machine") machine.succeed('sbctl sign /boot/EFI/systemd/systemd-bootx64.efi') machine.succeed('sbctl sign /boot/EFI/BOOT/BOOTX64.EFI') machine.succeed('sbctl sign /boot/EFI/nixos/*bzImage.efi') machine.succeed('sbctl sign /boot/EFI/systemd/systemd-boot${efiArch}.efi') machine.succeed('sbctl sign /boot/EFI/BOOT/BOOT${toUpper efiArch}.EFI') machine.succeed('sbctl sign /boot/EFI/nixos/*${nodes.machine.system.boot.loader.kernelFile}.efi') machine.reboot() Loading
pkgs/applications/virtualization/OVMF/default.nix +0 −1 Original line number Diff line number Diff line Loading @@ -74,7 +74,6 @@ let in assert platformSpecific ? ${cpuName}; assert systemManagementModeRequired -> stdenv.hostPlatform.isx86; assert msVarsTemplate -> fdSize4MB; assert msVarsTemplate -> platformSpecific.${cpuName} ? msVarsArgs; Loading
