From 98c5638e64946a44cc3ed773aea71142820d9a85 Mon Sep 17 00:00:00 2001
From: Adam Joseph <adam@westernsemico.com>
Date: Sun, 30 Jul 2023 13:50:29 -0700
Subject: [PATCH] src/userspace: merge back into initramfs

Previously ownerboot had separate `userspace` (the initramfs
contents without kernel modules) and `initramfs` (the complete
initramfs) expressions.  This was done in order to allow the use of
CONFIG_INITRAMFS_SOURCE, which links an initramfs image into the
kernel itself.

I did this because I was having a hard time getting coreboot to load
a separate initrd on rk3399.  I have since solved that problem, and
am now using coreboot to load an initramfs on all platforms.  There
is no longer any need for this unusual separation.
---
 doc/architecture.md            |  3 +-
 src/default.nix                |  1 -
 src/initramfs/default.nix      | 84 +++++++++++++++++++++++++++-------
 src/platform/kevin/default.nix |  2 -
 src/platform/kgpe/default.nix  | 10 ++--
 src/userspace/default.nix      | 59 ------------------------
 6 files changed, 73 insertions(+), 86 deletions(-)
 delete mode 100644 src/userspace/default.nix

diff --git a/doc/architecture.md b/doc/architecture.md
index e156fc0..8b50734 100644
--- a/doc/architecture.md
+++ b/doc/architecture.md
@@ -10,8 +10,7 @@ Ownerboot creates a second mutually-recursive package set containing all of the
 
 * `coreboot` -- a Nix package for coreboot, since it is not in nixpkgs
 * `kernel` -- the Linux kernel, using a custom (non-nixpkgs) expression
-* `userspace` -- the userspace for the linux initramfs
-* `initramfs` -- merges `userspace` with the boot-critical modules from `kernel` and wraps it in a properly-formatted `cpio` archive
+* `initramfs` -- the initramfs
 * `arm-trusted-firmware` -- the ARM EL3 privileged routines
 * `fit` -- generates a FIT payload
 * `iasl` -- the Intel ACPI compiler
diff --git a/src/default.nix b/src/default.nix
index b333fca..6f6fd76 100644
--- a/src/default.nix
+++ b/src/default.nix
@@ -29,7 +29,6 @@ let
       coreboot = final.callPackage ./coreboot { };
       image         = final.callPackage ./image { };
       kernel        = final.callPackage ./kernel { };
-      userspace     = final.callPackage ./userspace { };
       initramfs     = final.callPackage ./initramfs { };
       flashrom      = final.nixpkgsOnBuildForHost.callPackage ./util/flashrom { };
       main          = final.callPackage ./main { };
diff --git a/src/initramfs/default.nix b/src/initramfs/default.nix
index fd4c856..1b242b4 100644
--- a/src/initramfs/default.nix
+++ b/src/initramfs/default.nix
@@ -1,40 +1,90 @@
-# This takes the output of the `userspace` derivation, plus the
+# This constructs a minimal initramfs userspace containing `signify`,
+# `lvm`, `dmsetup`, `cryptsetup`, and `kexec`, plus the
 # modules from the `kernel` derivation, and creates an
 # initramfs-formatted `cpio` archive from their contents.
-{ nixpkgsOnBuildForHost
+{ lib
+, nixpkgsOnBuildForHost
 , nixpkgsOnBuildForBuild
-, lib
-, userspace
 , kernel
+, bootScript ? ../boot.sh   # symlinked to /init if non-null
 
 # a list of paths (relative to ${kernel}/lib/modules/*/kernel) to modules .ko
 # files which should be included in the initrd
 , modules ? [ ]
+
+, withBusybox ? true
+, withSignify ? true
+# Inclusion of these is temporarily disabled.  I had a bunch of
+# ugly space-saving hacks that were removed during the pre-release
+# cleanup, and it turns out that without those hacks there isn't enough
+# space for the large userspace tools.  Once I clean up and
+# reinstate those hacks I will reenable this.
+, withLvm ? false
+, withCryptsetup ? false
+, withKexec ? false
+, withNvramTool ? false # nixpkgsOnBuildForHost.stdenv.hostPlatform.isx86
 }:
 
-nixpkgsOnBuildForHost.stdenv.mkDerivation {
+let
+  inherit (nixpkgsOnBuildForBuild) findutils cpio;
+  inherit (nixpkgsOnBuildForHost.pkgsStatic) stdenv busybox signify lvm2 cryptsetup kexec-tools;
+  nvramtool = nixpkgsOnBuildForHost.pkgsStatic.nvramtool.overrideAttrs(a: {
+    NIX_CFLAGS_COMPILE = "-D__GLIBC__";
+  });
+in stdenv.mkDerivation {
   name = "initramfs.cpio";
-  nativeBuildInputs = with nixpkgsOnBuildForBuild; [ findutils cpio ];
-  srcs = [ ];
   dontUnpack = true;
+  dontFixup = true;
+
   modulesList = (lib.concatMapStringsSep "\n" (m: "${kernel.version}/kernel/" + m) modules)+"\n";
   passAsFile = [ "modulesList" ];
+
   buildPhase = ''
     mkdir build
-    mkdir -p build/lib/modules
-    BUILD=$(pwd)/build
+    build=$(pwd)/build
+
+    runHook preBuild
+
+    mkdir -p $build/lib/modules
     pushd ${kernel}/lib/modules/
-      cat $modulesListPath | cpio -p -d $BUILD/lib/modules
+      cat $modulesListPath | ${cpio}/bin/cpio -p -d $build/lib/modules
       popd
-    pushd ${userspace}
-      find . | cpio -p -d $BUILD/
-      popd
-    chmod -R u+w $BUILD
-    pushd $BUILD
-      find . | cpio --create -H newc -R +0:+0 > $out
+
+    mkdir -p $build/usr
+    ln -s bin $build/sbin
+    ln -s ../bin $build/usr/bin
+    ln -s ../sbin $build/usr/sbin
+  '' + lib.optionalString withBusybox ''
+    cp -r ${busybox}/bin              $build/bin
+    chmod -R u+w $build/bin
+  '' + lib.optionalString (bootScript != null) ''
+    cp    ${bootScript} $build/boot.sh
+    chmod +x $build/boot.sh
+    ln -s boot.sh $build/init
+    chmod +x $build/sbin/init
+  '' + lib.optionalString withSignify ''
+    cp    ${signify}/bin/signify      $build/bin/
+  '' + lib.optionalString withLvm ''
+    cp ${lib.getBin lvm2}/bin/lvm $build/bin/
+    cp ${lib.getBin lvm2}/bin/dmsetup $build/bin/
+  '' + lib.optionalString withCryptsetup ''
+    cp ${cryptsetup}/bin/cryptsetup $build/bin/
+  '' + lib.optionalString withKexec ''
+    cp ${kexec-tools}/bin/kexec $build/bin/
+  '' + lib.optionalString withNvramTool ''
+    cp ${nvramtool}/bin/nvramtool $build/bin/
+  '' + ''
+    runHook postBuild
+  '';
+
+  installPhase = ''
+    runHook preInstall
+    chmod -R u+w $build
+    pushd $build
+      ${findutils}/bin/find . | ${cpio}/bin/cpio --create -H newc -R +0:+0 > $out
       popd
+    runHook postInstall
   '';
-  dontInstall = true;
 
   passthru = {
     inherit modules;
diff --git a/src/platform/kevin/default.nix b/src/platform/kevin/default.nix
index 56b23fc..e9a7d43 100644
--- a/src/platform/kevin/default.nix
+++ b/src/platform/kevin/default.nix
@@ -53,8 +53,6 @@ in {
       });
 
     inherit modules_insmod;
-    userspace = prev.userspace.override {
-    };
 
     initramfs = prev.initramfs.override {
       modules = modules_insmod ++ modules_noinsmod;
diff --git a/src/platform/kgpe/default.nix b/src/platform/kgpe/default.nix
index df56223..8b0d921 100644
--- a/src/platform/kgpe/default.nix
+++ b/src/platform/kgpe/default.nix
@@ -17,11 +17,11 @@
         '';
       });
 
-    userspace = prev.userspace.overrideAttrs (a: {
-      postInstall = (a.postInstall or "") + ''
-        mkdir -p $out/etc
-        cp ${final.image.src}/src/mainboard/asus/kgpe-d16/cmos.layout $out/etc/
-        cp ${final.image.src}/src/mainboard/asus/kgpe-d16/cmos.default $out/etc/
+    initramfs = prev.initramfs.overrideAttrs (a: {
+      postBuild = (a.postBuild or "") + ''
+        mkdir -p $build/etc
+        cp ${final.image.src}/src/mainboard/asus/kgpe-d16/cmos.layout $build/etc/
+        cp ${final.image.src}/src/mainboard/asus/kgpe-d16/cmos.default $build/etc/
       '';
     });
 
diff --git a/src/userspace/default.nix b/src/userspace/default.nix
deleted file mode 100644
index be5cdd4..0000000
--- a/src/userspace/default.nix
+++ /dev/null
@@ -1,59 +0,0 @@
-# This constructs a minimal initramfs userspace containing `signify`,
-# `lvm`, `dmsetup`, `cryptsetup`, and `kexec`.
-{ lib
-, nixpkgsOnBuildForHost
-, kernel
-, bootScript ? ../boot.sh   # symlinked to /init if non-null
-
-, withBusybox ? true
-, withSignify ? true
-# Inclusion of these is temporarily disabled.  I had a bunch of
-# ugly space-saving hacks that were removed during the pre-release
-# cleanup, and it turns out that without those hacks there isn't enough
-# space for the large userspace tools.  Once I clean up and
-# reinstate those hacks I will reenable this.
-, withLvm ? false
-, withCryptsetup ? false
-, withKexec ? false
-, withNvramTool ? false # nixpkgsOnBuildForHost.stdenv.hostPlatform.isx86
-}:
-
-let
-  inherit (nixpkgsOnBuildForHost.pkgsStatic) stdenv busybox signify lvm2 cryptsetup kexec-tools findutils cpio;
-  nvramtool = nixpkgsOnBuildForHost.pkgsStatic.nvramtool.overrideAttrs(a: {
-    NIX_CFLAGS_COMPILE = "-D__GLIBC__";
-  });
-in stdenv.mkDerivation {
-  name = "ownerboot-initramfs-userspace";
-  dontUnpack = true;
-  dontFixup = true;
-
-  installPhase = ''
-    runHook preInstall
-    mkdir -p $out/usr
-    ln -s bin $out/sbin
-    ln -s ../bin $out/usr/bin
-    ln -s ../sbin $out/usr/sbin
-  '' + lib.optionalString withBusybox ''
-    cp -r ${busybox}/bin              $out/bin
-    chmod -R u+w $out/bin
-  '' + lib.optionalString (bootScript != null) ''
-    cp    ${bootScript} $out/boot.sh
-    chmod +x $out/boot.sh
-    ln -s boot.sh $out/init
-    chmod +x $out/sbin/init
-  '' + lib.optionalString withSignify ''
-    cp    ${signify}/bin/signify      $out/bin/
-  '' + lib.optionalString withLvm ''
-    cp ${lib.getBin lvm2}/bin/lvm $out/bin/
-    cp ${lib.getBin lvm2}/bin/dmsetup $out/bin/
-  '' + lib.optionalString withCryptsetup ''
-    cp ${cryptsetup}/bin/cryptsetup $out/bin/
-  '' + lib.optionalString withKexec ''
-    cp ${kexec-tools}/bin/kexec $out/bin/
-  '' + lib.optionalString withNvramTool ''
-    cp ${nvramtool}/bin/nvramtool $out/bin/
-  '' + ''
-    runHook postInstall
-  '';
-}