Skip to content

gpt: add partition attributes #1069

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Sep 7, 2025
Merged

gpt: add partition attributes #1069

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4e3542c
gpt: add partition attributes
nvmd Sep 6, 2024
c56f45e
examples: gpt partition attributes
stepbrobd Sep 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions example/gpt-bios-compat.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
boot = {
size = "1M";
type = "EF02"; # for grub MBR
attributes = [ 0 ]; # partition attribute
};
root = {
size = "100%";
Expand Down
29 changes: 29 additions & 0 deletions lib/types/gpt.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,27 @@ in
or a fully specified GUID (see https://en.wikipedia.org/wiki/GUID_Partition_Table#Partition_type_GUIDs).
'';
};
attributes = lib.mkOption {
type = lib.types.listOf lib.types.int;
default = [ ];
description = ''
GPT partition entry attributes, according to UEFI specification
2.10 (see https://uefi.org/specs/UEFI/2.10_A/05_GUID_Partition_Table_Format.html#defined-gpt-partition-entry-attributes)
and `sgdisk`s man page:

- 0: Required Partition (`sgdisk`: system partition)
- 1: No Block IO Protocol (`sgdisk`: hide from EFI)
- 2: Legacy BIOS Bootable
- 3-47: Undefined and must be zero, reserved for future use
- 48-63: Reserved for GUID specific use. The use of these bits
will vary depending on the partition type

`sgdisk` describes some of the GUID-specific bits this way:
- 60: read only
- 62: hidden
- 63: do not automount
'';
};
Comment on lines +60 to +80
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Validate bit range (0–63) for partition.attributes.

Without bounds checks, an invalid bit (e.g., -1 or 128) will cause sgdisk failures. Enforce 0–63 at the type level.

Apply:

-              attributes = lib.mkOption {
-                type = lib.types.listOf lib.types.int;
+              attributes = lib.mkOption {
+                type = lib.types.listOf (lib.types.addCheck lib.types.int (x: x >= 0 && x <= 63));
                 default = [ ];
                 description = ''

Optionally also disallow 3–47 (reserved) via an additional addCheck, if you prefer stricter spec adherence.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
attributes = lib.mkOption {
type = lib.types.listOf lib.types.int;
default = [ ];
description = ''
GPT partition entry attributes, according to UEFI specification
2.10 (see https://uefi.org/specs/UEFI/2.10_A/05_GUID_Partition_Table_Format.html#defined-gpt-partition-entry-attributes)
and `sgdisk`s man page:
- 0: Required Partition (`sgdisk`: system partition)
- 1: No Block IO Protocol (`sgdisk`: hide from EFI)
- 2: Legacy BIOS Bootable
- 3-47: Undefined and must be zero, reserved for future use
- 48-63: Reserved for GUID specific use. The use of these bits
will vary depending on the partition type
`sgdisk` describes some of the GUID-specific bits this way:
- 60: read only
- 62: hidden
- 63: do not automount
'';
};
attributes = lib.mkOption {
type = lib.types.listOf (lib.types.addCheck lib.types.int (x: x >= 0 && x <= 63));
default = [ ];
description = ''
GPT partition entry attributes, according to UEFI specification
2.10 (see https://uefi.org/specs/UEFI/2.10_A/05_GUID_Partition_Table_Format.html#defined-gpt-partition-entry-attributes)
and `sgdisk`s man page:
- 0: Required Partition (`sgdisk`: system partition)
- 1: No Block IO Protocol (`sgdisk`: hide from EFI)
- 2: Legacy BIOS Bootable
- 3-47: Undefined and must be zero, reserved for future use
- 48-63: Reserved for GUID specific use. The use of these bits
will vary depending on the partition type
`sgdisk` describes some of the GUID-specific bits this way:
- 60: read only
- 62: hidden
- 63: do not automount
'';
};
🤖 Prompt for AI Agents 
In lib/types/gpt.nix around lines 60 to 80, the current attributes option lacks
bounds checking allowing invalid bit values (e.g., -1 or 128) that break sgdisk;
add a validation using addCheck on the option to ensure every integer in the
list is between 0 and 63 inclusive (and optionally add a second addCheck to
reject values in the reserved range 3–47 if you want stricter adherence),
returning a clear error message when any value is out of range.

device = lib.mkOption {
type = lib.types.str;
default =
Expand Down Expand Up @@ -268,6 +289,14 @@ in
}" \
--change-name="${toString partition._index}:${partition.label}" \
--typecode=${toString partition._index}:${partition.type} \
--attributes=${toString partition._index}:=:0 \
${
lib.concatStringsSep " \\\n" (
builtins.map (bitNumber: "--attributes=${toString partition._index}:set:${toString bitNumber}") (
lib.unique partition.attributes
)
)
} \
"${config.device}" \
'';
createArgs = ''
Expand Down