From be006eab1f3df27c405a02897d735768f180260f Mon Sep 17 00:00:00 2001 From: Arnout Engelen Date: Mon, 25 Nov 2019 18:33:33 +0100 Subject: [PATCH] make-iso9660-image: produce stable GPT disk GUID By generating a version-5 GUID based on $out (which contains the derivation hash) and preventing isohybrid from overwriting the GPT table (which already is populated correctly by xorriso). Tested by: * booting from USB disk on a UEFI system * booting from USB disk on a non-UEFI system * booting from CD on a UEFI system * booting from CD on a non-UEFI system * booting from CD on an OSX system Also tested that "nix-build ./nixos/release-combined.nix -A nixos.iso_minimal.x86_64-linux -I nixpkgs=~/nixpkgs-r13y --check" now succeeds. Fixes #74047 --- nixos/lib/make-iso9660-image.nix | 4 ++-- nixos/lib/make-iso9660-image.sh | 14 +++++--------- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/nixos/lib/make-iso9660-image.nix b/nixos/lib/make-iso9660-image.nix index 12a6cf649966..6a0e0e7c635a 100644 --- a/nixos/lib/make-iso9660-image.nix +++ b/nixos/lib/make-iso9660-image.nix @@ -1,4 +1,4 @@ -{ stdenv, closureInfo, xorriso, syslinux +{ stdenv, closureInfo, xorriso, syslinux, libossp_uuid , # The file name of the resulting ISO image. isoName ? "cd.iso" @@ -48,7 +48,7 @@ assert usbBootable -> isohybridMbrImage != ""; stdenv.mkDerivation { name = isoName; builder = ./make-iso9660-image.sh; - buildInputs = [ xorriso syslinux zstd ]; + buildInputs = [ xorriso syslinux zstd libossp_uuid ]; inherit isoName bootable bootImage compressImage volumeID efiBootImage efiBootable isohybridMbrImage usbBootable; diff --git a/nixos/lib/make-iso9660-image.sh b/nixos/lib/make-iso9660-image.sh index d64fe9a365e7..4740b05f9557 100644 --- a/nixos/lib/make-iso9660-image.sh +++ b/nixos/lib/make-iso9660-image.sh @@ -99,7 +99,12 @@ done mkdir -p $out/iso +# daed2280-b91e-42c0-aed6-82c825ca41f3 is an arbitrary namespace, to prevent +# independent applications from generating the same UUID for the same value. +# (the chance of that being problematic seem pretty slim here, but that's how +# version-5 UUID's work) xorriso="xorriso + -boot_image any gpt_disk_guid=$(uuid -v 5 daed2280-b91e-42c0-aed6-82c825ca41f3 $out | tr -d -) -as mkisofs -iso-level 3 -volid ${volumeID} @@ -118,15 +123,6 @@ xorriso="xorriso $xorriso -output $out/iso/$isoName -if test -n "$usbBootable"; then - echo "Making image hybrid..." - if test -n "$efiBootable"; then - isohybrid --uefi $out/iso/$isoName - else - isohybrid $out/iso/$isoName - fi -fi - if test -n "$compressImage"; then echo "Compressing image..." zstd -T$NIX_BUILD_CORES --rm $out/iso/$isoName