From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1iMYhl-0001fl-Pw
	for mharc-grub-devel@gnu.org; Mon, 21 Oct 2019 10:30:43 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:48483)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <rosen644835@gmail.com>) id 1iMYhd-0001en-Nc
 for grub-devel@gnu.org; Mon, 21 Oct 2019 10:30:35 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rosen644835@gmail.com>) id 1iMYha-0002M2-C7
 for grub-devel@gnu.org; Mon, 21 Oct 2019 10:30:33 -0400
Received: from mail-wm1-x333.google.com ([2a00:1450:4864:20::333]:33402)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <rosen644835@gmail.com>)
 id 1iMYhW-0002HJ-V9; Mon, 21 Oct 2019 10:30:27 -0400
Received: by mail-wm1-x333.google.com with SMTP id 6so1503964wmf.0;
 Mon, 21 Oct 2019 07:30:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=date:from:to:cc:subject:message-id:mime-version
 :content-transfer-encoding;
 bh=pp8oDdcPsEo12jd5hJcBoCOzsRk3giDDeCtXxnDV2V4=;
 b=eLbGRpH/pqAA4L6t47MstSfoUelYMLNHR+1Foilg43cmSOoNGD/8Hgecyb4IBF24F9
 5uQdV7KEYyqripMPyBVGyk4wS6EJsKpoyxaoCWScelnOMNo7pT6xmXu8MxbKm3p9HqJz
 kGE+JrV63imn0QCh/K+8MXHQyygHCwQHh48grlGmaNaFJ8cczk3r0EnabUqLmmoeDRe5
 ROklr3vSHpep00/f3sNIT040lXcGHH5tNGsqvm4NCCvyDEL/i5bcp1bZMUapK6fwOlQS
 hszU2jphb0e2sMWRVgMAWzaUbUVmvEIkqZ+Hls8KO1PxUwTNMVhB7yrkGwC20H9Bl29V
 XBHw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version
 :content-transfer-encoding;
 bh=pp8oDdcPsEo12jd5hJcBoCOzsRk3giDDeCtXxnDV2V4=;
 b=NNDG6udEfJFiyHThQ6x5XiHLmAMgEV2QqkFSazgyiM22zzwjDF3vZ4U2dkUmxW6tCa
 V4oRftJyV5OTQH3NP29F9i7989mFSp4JSWeSzNOHKxpbx+G64t/t/+YIJ6G2zVE9YzOh
 2C9MFKsNExorN8/a845+g+RxnKliW39zw/bc6AUq1RiSFY1zC3BuesjgQCUM8w4Wv1Gq
 aY0HNcgfTwlfNPWdhjnyDDLKs2WB8W5o61iSAFuFMIRn6dJbgjcSZDS+RuGwSoM3Yb8r
 G8SyPP5pRXWVJcJ+OEm7cIILY0C9geoVG67d/3IDlypZK1tn+lG9aCenOqwRCKbh6JjP
 Oq7w==
X-Gm-Message-State: APjAAAUs3sqSUHgXZmYWsY8Vko7BVpPuh21GgCQCpYppMdj8O8jNx6xW
 dWVPDXq0gdleM8O+DsiRFEJu5CgP
X-Google-Smtp-Source: APXvYqwCgGYOaaF2KrVWndtyU3a1wrapB3QekwQ24Q3of6Zy82hMC1sJMre0GymY/rwoejhgCC3sbg==
X-Received: by 2002:a1c:a791:: with SMTP id q139mr5925747wme.155.1571668225100; 
 Mon, 21 Oct 2019 07:30:25 -0700 (PDT)
Received: from localhost (115.201.218.87.dynamic.jazztel.es. [87.218.201.115])
 by smtp.gmail.com with ESMTPSA id
 t16sm14744123wrq.52.2019.10.21.07.30.24
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 21 Oct 2019 07:30:24 -0700 (PDT)
Date: Mon, 21 Oct 2019 16:30:21 +0200
From: Miguel Arruga Vivas <rosen644835@gmail.com>
To: guix-devel@gnu.org
Cc: grub-devel@gnu.org
Subject: Reproducible grub-install
Message-ID: <20191021163021.1a3ca543@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-Received-From: 2a00:1450:4864:20::333
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Oct 2019 14:30:37 -0000

Hi, everybody!

After taking a deeper look into our (guix's) grub installation
procedure, I have the thought that it could be a neat idea to make the
boot directory an actual derivation instead something of the global
status.

=46rom what I currently understand:

  - boot.img/core.img and load.cfg: The written images must be replaced
    on each installation.  This is one task performed by grub-install.

  - /boot/grub/*: The contents of these folders should be reproducible,
    such as the modules or the localization binaries, as currently
    grub.cfg is.  This is the other task performed by grub-install.

  - /boot/grub/grubenv: IIUC, this file must be writable by grub.  This
    should not be on the store, and not sharing the path may be the
    main problem right now to implement this.

AFAIK, the grubenv problem requires a modification of the grub code if
we try to use a different path for this kind-of-modifiable file, so this
would require modify grub to being able to lookup for that file
somewhere else.  This way the global state can be made explicit.

The image installation into the device is a separate issue from the
binaries installation, that could be separated into two separate
binaries, or two steps/flags for grub-install, one for binaries
installation into ${boot-directory}/grub and the other one for load.cfg
generation and core/boot.img installation.

To everyone: Are you aware of any other way to achieve this?  What do
you think?

To grub-devel: I'd be able to send patches for the latter if you think
it is a good idea without help, but I guess that the first kind of
modification would need some and deeper study of grub code.

To guix-devel: Even though the procedure I have in mind needs
changes in grub, there are alternative ways to achieve this with the
current tools, as copying the files and using the installation as an
"implicit" guix-challenge, but they are not as neat an clean as the
split between reproducible binaries installation and global state,
which includes the disk preparation for the load of the bootloader.

Happy hacking to all!
Miguel