patches and low-level development discussion
 help / color / mirror / code / Atom feed
blob b144c4e270e8aa874b38c0aec69b6d99393a14b9 706 bytes (raw)
name: host/verity.nix 	 # note: path name is non-authoritative(*)
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

 
# SPDX-License-Identifier: EUPL-1.2+
# SPDX-FileCopyrightText: 2021-2024 Alyssa Ross <hi@alyssa.is>
# SPDX-FileCopyrightText: 2025 Demi Marie Obenour <demiobenour@gmail.com>

import ../lib/call-package.nix ({ cryptsetup, runCommand, rootfs }:
runCommand "spectrum-verity" {
  nativeBuildInputs = [ cryptsetup ];
  __structuredAttrs = true;
  unsafeDiscardReferences = { out = true; };
  dontFixup = true;
  env = { ROOTFS = rootfs; };
} ''
  mkdir -- "$out"
  veritysetup format "--root-hash-file=$out/rootfs.verity.roothash" \
    -- "$ROOTFS" "$out/rootfs.verity.superblock"
  # veritysetup doesn't append a newline, so the shell read command fails
  echo >> "$out/rootfs.verity.roothash"
  ''
) (_: {})

debug log:

solving b144c4e270e8aa874b38c0aec69b6d99393a14b9 ...
found b144c4e270e8aa874b38c0aec69b6d99393a14b9 in https://inbox.spectrum-os.org/spectrum-devel/20251105-refactor-verity-v1-1-b8ba27dfdf06@gmail.com/

applying [1/1] https://inbox.spectrum-os.org/spectrum-devel/20251105-refactor-verity-v1-1-b8ba27dfdf06@gmail.com/
diff --git a/host/verity.nix b/host/verity.nix
new file mode 100644
index 0000000000000000000000000000000000000000..b144c4e270e8aa874b38c0aec69b6d99393a14b9

Checking patch host/verity.nix...
Applied patch host/verity.nix cleanly.

index at:
100644 b144c4e270e8aa874b38c0aec69b6d99393a14b9	host/verity.nix

(*) Git path names are given by the tree(s) the blob belongs to.
    Blobs themselves have no identifier aside from the hash of its contents.^
Code repositories for project(s) associated with this public inbox

	https://spectrum-os.org/git/crosvm
	https://spectrum-os.org/git/doc
	https://spectrum-os.org/git/mktuntap
	https://spectrum-os.org/git/nixpkgs
	https://spectrum-os.org/git/spectrum
	https://spectrum-os.org/git/ucspi-vsock
	https://spectrum-os.org/git/www

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).