systemd-stable

mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-07 17:17:44 +03:00

Author	SHA1	Message	Date
Yu Watanabe	f0373df1a7	Merge pull request #19507 from nabijaczleweli/bootctlpsko-lite bootctl: take --make-machine-id-directory=yes\|no\|auto and make/remove \$MACHINE_ID accordingly	2021-05-06 12:44:21 +09:00
наб	6a3fff75ba	bootctl: take --make-machine-id-directory=yes\|no\|auto and make/remove \$MACHINE_ID accordingly auto resolves to yes if /etc/machine-id resides on non-tmpfs This effectively reverts commit `31e57550b5`	2021-05-05 14:35:00 +02:00
Zbigniew Jędrzejewski-Szmek	7e92ab4eb8	meson: make one check shorter	2021-05-04 14:22:58 +02:00
Emil Renner Berthing	a00ff2e1b5	boot/efi: compile on riscv64 This makes systemd-boot compile against the latest gnu-efi which just added support for riscv64.	2021-04-22 14:37:25 +02:00
Frantisek Sumsal	437e889b18	src: shellcheck-ify shell scripts	2021-04-20 18:39:36 +02:00
Luca Boccassi	c2b2df604b	tree-wide: avoid uninitialized warning on _cleanup_ variables With some versions of the compiler, the _cleanup_ attr makes it think the variable might be freed/closed when uninitialized, even though it cannot happen. The added cost is small enough to be worth the benefit, and optimized builds will help reduce it even further.	2021-04-14 12:25:06 +01:00
Yu Watanabe	dcb6061e1c	meson: fix warning about comparison between different types Follow-up for `e39288193f`.	2021-03-22 14:40:46 +01:00
tpgxyz	e39288193f	systemd-boot: LLVM/lld does not support PE/COFF relocations. Bail out with an error message	2021-03-19 19:42:47 +00:00
Daan De Meyer	95ba433a5f	boot: Move console declarations to missing_efi.h These were added to eficonex.h in gnu-efi 3.0.13. Let's move them to missing_efi.h behind an appropriate guard to fix the build with recent versions of gnu-efi.	2021-03-13 13:13:54 +00:00
Yu Watanabe	4e5cbc4b17	efi: introduce UINT32_MAX and UINT64_MAX	2021-03-05 07:10:13 +09:00
Yu Watanabe	f5fbe71d95	tree-wide: use UINT64_MAX or friends	2021-03-05 07:10:13 +09:00
Lennart Poettering	312dff1760	util: add helpers for generating colored check mark glyphs from bools	2021-03-03 03:08:31 +09:00
Lennart Poettering	685097b9ca	efi stub: accept it if our loaded image has no FilePath field set The firmware spec doesn't really say whether FilePath of the LoadedImage protocol may be NULL or not. So far we assumed it to be non-NULL, but apparently the FreeBSD UEFI chainloader sets it to NULL. Handle this gracefully. (Noticed and tracked down by Alexander Schreiber) Fixes: #18733	2021-02-23 15:48:48 +01:00
Lennart Poettering	b2a220492b	bootctl: show whether the firmware has TPM2 support	2021-02-11 23:11:56 +01:00
Zbigniew Jędrzejewski-Szmek	2d93c20e5f	tree-wide: use -EINVAL for enum invalid values As suggested in https://github.com/systemd/systemd/pull/11484#issuecomment-775288617. This does not touch anything exposed in src/systemd. Changing the defines there would be a compatibility break. Note that tests are broken after this commit. They will be fixed in the next one.	2021-02-10 14:46:59 +01:00
Yu Watanabe	8087644a13	tree-wide: replace strverscmp() and str_verscmp() with strverscmp_improved()	2021-02-09 14:25:03 +09:00
Yu Watanabe	e5bc5f1f5a	fundamental: move several macros and functions into src/fundamental/ sd-boot has a copy of a subset of codes from libbasic. This makes sd-boot share the code with libbasic, and dedup the code. Note, startswith_no_case() is dropped from sd-boot, as - it is not used, - the previous implementation is not correct, - gnu-efi does not have StrniCmp() or so.	2021-02-09 14:22:54 +09:00
Daan De Meyer	bcea93326b	boot: Replace efivar_set() persistent argument with flags argument To add secure-boot enrolling support, we need to be able to specify the EFI_VARIABLE_APPEND_WRITE flag so let's make the efivar_set() methods more generic so we can set that flag.	2021-02-04 16:38:22 +01:00
Daan De Meyer	cb347d263d	boot: Add startswith() and endswith() functions with no_case variants Adapted from string-util	2021-02-02 22:53:31 +00:00
Daan De Meyer	fffd5e8ee3	boot: Drop unnecessary braces	2021-02-02 21:15:24 +00:00
Daan De Meyer	d47b7c5720	boot: Fix void pointer arithmetic warning	2021-02-02 21:15:24 +00:00
Daan De Meyer	c8af7dab21	boot: Replace raw efivar gets with typed variants	2021-02-02 21:15:21 +00:00
Daan De Meyer	987d0a1250	boot: Add efivar_get/set_uint64_le() functions These are implemented as bit-shifting functions that allow reading and writing UEFI variables stored as little endian 64-bit unsigned values.	2021-02-02 21:03:58 +00:00
Daan De Meyer	a7308a266b	boot: Rename efivar_get/set_int() to efivar_get/set_uint_string() Let's clearly indicate that these are used to set/get uints that are stored as strings.	2021-02-02 21:03:47 +00:00
Daan De Meyer	258f0970f9	boot: Tighten scope of variables used in loops	2021-02-02 21:03:35 +00:00
Daan De Meyer	2a7c16753b	boot: Add efivar_get_boolean_u8()	2021-02-02 21:03:33 +00:00
Daan De Meyer	5e1f0e6fca	boot: Make all efivar util functions take the guid as an argument Let's make these functions a little more generic so we can have them work on more than one GUID. More specifically, this allows using them with the global guid which will be used a bit more to extend the secure boot support.	2021-01-31 21:46:05 +00:00
Daan De Meyer	7d2ebb6f85	boot: Turn all guid constants into C99 compound initializers Avoids having to use the address operator all the time and avoids having to cast or do other unintuitive stuff.	2021-01-31 21:46:05 +00:00
Daan De Meyer	5021222842	boot: Enable C99 Instead of using -nostdinc, we use -nostdlib. This is necessary to allow moving to C99 as efibind.h includes stdint.h when C99 is enabled. It isn't necessarily problematic to use some standard library headers as long as they don't contain functions defined in libc or another system library (or in other words, header only headers are fine to use in sd-boot).	2021-01-31 21:46:05 +00:00
Daan De Meyer	ce0f078f4d	boot: Move Secure Boot logic to new file	2021-01-31 21:46:05 +00:00
Daan De Meyer	47381f8f64	sd-boot: Add missing includes Let's make all headers self-sufficient by including the necessary EFI headers in the headers themselves.	2021-01-31 10:38:59 +00:00
Daan De Meyer	9a383acadd	sd-boot: Make internal functions static	2021-01-31 10:38:59 +00:00
Daan De Meyer	bc556335b1	tree-wide: Drop custom formatting for print() help messages I think this formatting was originally used because it simplified adding new options to the help messages. However, these days, most tools their help message end with "\nSee the %s for details.\n" so the final line almost never has to be edited which eliminates the benefit of the custom formatting used for printf() help messages. Let's make things more consistent and use the same formatting for printf() help messages that we use everywhere else. Prompted by https://github.com/systemd/systemd/pull/18355#discussion_r567241580	2021-01-31 13:14:02 +09:00
Zbigniew Jędrzejewski-Szmek	9ee03516df	tree-wide: add spdx header on all scripts and helpers Even though many of those scripts are very simple, it is easier to include the header than to try to say whether each of those files is trivial enough not to require one.	2021-01-28 09:55:35 +01:00
Yu Watanabe	ecb3e9fba3	boot: at least one of os_name_pretty or os_name exists in this block Closes CID#1438933.	2021-01-12 20:43:06 +09:00
Endre Szabo	9e516e4c05	A typo fix in bootctl.c (#18106 )	2020-12-30 12:10:24 +09:00
Andrew Balmos	361f41645c	efi: Only use arm flags if supported Support gcc 8 on arm	2020-12-15 12:06:52 +09:00
Yu Watanabe	db9ecf0501	license: LGPL-2.1+ -> LGPL-2.1-or-later	2020-11-09 13:23:58 +09:00
Zbigniew Jędrzejewski-Szmek	c062cd9dde	headers: use custom LicenseRef- spdx tag for various "public domain" files There is no spdx tag defined for those versions of "public domain", but we can add a custom tag, see https://spdx.github.io/spdx-spec/6-other-licensing-information-detected/. crc32.h is updated to match crc32.c.	2020-10-29 11:41:27 +01:00
Zbigniew Jędrzejewski-Szmek	448e7440c2	headers: add spdx tags to imported files with a known license I added the header in the cases where the license text is present and it is easy to find the appropriate SPDX header. For "public domain" stuff: SDPX treats each "public domain" license as unique [1], but luckily the one in siphash24.c is one of the identified variants. There are some other cases which specify "public domain" but there doesn't seem to be a SPDX identifier. [1] https://wiki.spdx.org/view/Legal_Team/Decisions/Dealing_with_Public_Domain_within_SPDX_Files gunicode.[ch] are imported from glib, which is licensed as LGPL2.1+, see https://gitlab.gnome.org/GNOME/glib/-/blob/master/glib/gunicode.h.	2020-10-29 11:32:24 +01:00
Zbigniew Jędrzejewski-Szmek	4368277c74	tree-wide: use the usual SPDX header for our own files	2020-10-29 10:47:20 +01:00
Дамјан Георгиевски	c4b843473a	bootctl: add @current/@oneshot/@default targets to set-default/set-oneshot Using `bootctl set-default @current` will set the default loader entry to the currently booted entry as read from the `LoaderEntrySelected` EFI variable. Also `bootctl set-oneshot @current` will set the oneshot loader entry to the current booted entry. Correspondingly `@default` and `@oneshot` can be used to read from the LoaderEntryDefault and LoaderEntryOneshot EFI variables.	2020-10-20 15:02:58 +02:00
Lennart Poettering	64a7fcc5cd	bootctl: separate boot loader specific commands in man and --help bootctl implements three types of operation: those that work with an EFI boot loader, those which work with any EFI boot loader that implements the boot loader spec + interface, and finally those specific to sd-boot. Previously the --help text and the man page mixed them all up. Let's put them clearly in three separate sections however, to communicate clearly what is supposed to work everywhere, and what is specific to systemd-boot or boot loaders implementing the two specs. This adjusts wording here and there, but is mostly just about re-ordering existing docs, and putting them under new sections.	2020-10-14 19:40:39 +02:00
Marco Wang	ee85122987	boot/efi: Explicitly specify void in parameter list Functions that accept no arguments should be explicitly declared a void parameter in their parameter list. Signed-off-by: Marco Wang <m.aesophor@gmail.com>	2020-10-06 22:29:57 +02:00
Lennart Poettering	ad0b610b0c	bootctl: handle if LoaderSystemToken is invalid for some reason This points to some firmware issue, but we should still be able to correct things if this happens. Hence log about this and fix it. Fixes: #17041	2020-09-14 21:33:31 +02:00
Lennart Poettering	c1b9708c10	bootctl: don't accidentally propagate errors in "bootctl status" Fixes: #16989	2020-09-10 12:45:54 +02:00
fangxiuning	c53aafb7b5	tree-wide: drop pointless zero initialization (#16884 ) tree-wide: drop pointless zero initialization	2020-08-28 17:45:54 +02:00
Zbigniew Jędrzejewski-Szmek	f9536e6793	Merge pull request #16687 from DaanDeMeyer/bootloader-machine-id Allow bootctl and kernel-install to be called without /etc/machine-id present	2020-08-18 15:05:26 +02:00
Daan De Meyer	31e57550b5	bootctl: Remove dependency on machine-id. The machine-id is used to create a few directories and setup a default loader entry in loader.conf. Having bootctl create the directories itself is not particularly useful as it does not put anything in them and bootctl install is not guaranteed to be called before an initramfs tool like kernel-install so other programs will always need to have logic to create the directories themselves if they happen to be called before bootctl install is called. On top of this, when using unified kernel images, these are installed to $BOOT/EFI/Linux which removes the need to have the directories created by bootctl at all. This further indicates that these directories should be created by the program that puts something in them rather than by bootctl. Removing the machine-id dependency allows bootctl install to be called even when there's no machine-id in the image. This is useful for image builders such as mkosi which don't have a machine-id when installing systemd-boot (via bootctl) because it should only be generated by systemd when the final image is booted. The default entry in loader.conf based on the machine-id in loader.conf is also removed which shouldn't be a massive loss in usability overall. This commit reverts commit `341890d`.	2020-08-10 19:55:57 +01:00
Zbigniew Jędrzejewski-Szmek	ddd8e23dc9	bless-boot: add missing verb to --help There is also "help" verb which duplicates the --help option. I don't think we should advertise it.	2020-08-05 12:16:03 +02:00
Paul Cercueil	3a712fda86	sd-boot: Add small comments after device-specific key macros The key macros added in commit `6fe95d3020` look strange at first sight. Add a comment with just the tablet name after each line, so that it's obvious that these lines address device-specific issues of the EFI firmware, and not broken/old code. Signed-off-by: Paul Cercueil <paul@crapouillou.net>	2020-06-18 15:57:11 +02:00
Paul Cercueil	6fe95d3020	sd-boot: Work around malformed CR key code When a key is pressed, the EFI firmware gives us a 64-bit word that contains the modifier key code in the upper 32 bits, the scan code in the middle 16 bits, and a unicode character in the low 16 bits. Some bogus EFI firmwares will put the unicode character in the scan code area, for instance on the EZpad mini 4s tablet. Others will even put the unicode character in both the scan code and unicode areas. This is the case for instance on the Teclast X98+ II tablet. Add workarounds for these corner cases, only for the carriage return key right now. Some more workarounds may be needed, e.g. for volume keys, but I cannot test it. Partially fixes #8466. Signed-off-by: Paul Cercueil <paul@crapouillou.net>	2020-06-15 08:05:57 +02:00
Lennart Poettering	002914e688	bootctl: add simple, low-level reboot-to-firmware verb for controlling the flag	2020-05-29 15:41:50 +02:00
Lennart Poettering	8a96369e0b	bootctl: show reboot-to-firmware info, too	2020-05-29 15:41:46 +02:00
Lennart Poettering	d4bd786d69	efi: cache LoaderEntries EFI variable Based-on: https://github.com/systemd/systemd/issues/14828#issuecomment-634202054	2020-05-29 15:40:01 +02:00
Daniel Fullmer	e6190e2882	sd-boot: fix menu ordering with boot counting systemd-boot selects the last valid entry by default, not the first. Fixes: #15256	2020-05-26 19:27:59 +02:00
Zbigniew Jędrzejewski-Szmek	6b8664cb5b	tree-wide: fix bad errno checks	2020-05-20 18:10:58 +02:00
Frantisek Sumsal	86b52a3958	tree-wide: fix spelling errors Based on a report from Fossies.org using Codespell. Followup to #15436	2020-04-21 23:21:08 +02:00
Zbigniew Jędrzejewski-Szmek	162392b75a	tree-wide: spellcheck using codespell Fixes #15436.	2020-04-16 18:00:40 +02:00
Jan Janssen	904ebcb200	sd-boot: Add → as alternative to boot selected entry This is sometimes slightly more convenient to use and is also what GRUB supports.	2020-04-15 21:29:41 +01:00
Zbigniew Jędrzejewski-Szmek	38cd55b007	Remove unneded {}s $ perl -i -0pe 's\|\s+{\n([^\n];)\n\s+}\n\|\n\1\n\|gms' /.c Inspired by `ea7cbf5bdd`.	2020-04-13 09:31:49 +02:00
Lennart Poettering	c46db6c0a2	bootctl: fix assert issue Follow-up for `b46c3e4913`	2020-04-09 11:22:40 -07:00
Vito Caputo	b46c3e4913	*: use _cleanup_close_ with fdopen() where trivial Also convert these to use take_fdopen().	2020-03-31 06:48:03 -07:00
James T. Lee	1ad6056239	boot: Ensure ARM UEFI binary does not contain FP/SIMD instructions ARM toolchains will sometimes optimize otherwise floating-point-free code with floating point and SIMD instructions. This was happening with systemd-bootarm.efi and it was causing U-Boot to crash and reset the CPU. U-Boot does not support the ARM VFP floating point coprocessor, which is an optional piece of hardware anyway [1]. Ensure the compiler does not generate FP/SIMD instructions by supplying the `-mgeneral-regs-only` option when building for ARM [2]. The other option you often see to solve these problems is `-msoft-float`, but that changes the ABI and prevents linking with libgnuefi. [1] https://lists.denx.de/pipermail/u-boot/2011-February/087736.html [2] https://gcc.gnu.org/onlinedocs/gcc/ARM-Options.html#index-mgeneral-regs-only-1	2020-03-08 15:21:00 +09:00
Zbigniew Jędrzejewski-Szmek	ce4121c6ff	meson: update efi path detection to gnu-efi-3.0.11 Fixes systemd build in Fedora rawhide. The old ldsdir option is not useful, because both the directory and the file name changed. Let's remove the option and try to autodetect the file name. If this turns out to be not enough, a new option to simply specify the full path to the file can be added. F31: efi arch: x86_64 EFI machine type: x64 EFI CC ccache cc EFI lds: /usr/lib64/gnuefi/elf_x64_efi.lds EFI crt0: /usr/lib64/gnuefi/crt0-efi-x64.o EFI include directory: /usr/include/efi F32: efi arch: x86_64 EFI machine type: x64 EFI CC ccache cc EFI lds: /usr/lib/gnuefi/x64/efi.lds EFI crt0: /usr/lib/gnuefi/x64/crt0.o EFI include directory: /usr/include/efi	2020-02-04 23:43:21 +09:00
Yu Watanabe	efda8aebcb	sd-boot: fix -Wpointer-sign warning	2020-01-31 19:59:34 +09:00
Yu Watanabe	a614aa1985	sd-boot: fix warning about comparison is always true	2020-01-31 19:20:34 +09:00
Lennart Poettering	8615bec7a0	Merge pull request #14667 from yuwata/boot-random-seed-mode boot: parse random-seed-mode	2020-01-28 15:42:10 +01:00
Susant Sahani	8bdda551da	efi: fix build. ``` ninja -C build ninja: Entering directory `build' [29/101] Generating systemd_boot.so with a custom command. FAILED: src/boot/efi/systemd_boot.so /usr/bin/ld -o src/boot/efi/systemd_boot.so -T /usr/lib64/gnuefi/elf_x64_efi.lds -shared -Bsymbolic -nostdlib -znocombreloc -L /usr/lib64 /usr/lib64/gnuefi/crt0-efi-x64.o src/boot/efi/disk.c.o src/boot/efi/graphics.c.o src/boot/efi/measure.c.o src/boot/efi/pe.c.o src/boot/efi/util.c.o src/boot/efi/boot.c.o src/boot/efi/console.c.o src/boot/efi/crc32.c.o src/boot/efi/random-seed.c.o src/boot/efi/sha256.c.o src/boot/efi/shim.c.o -lefi -lgnuefi /usr/lib/gcc/x86_64-redhat-linux/10/libgcc.a /usr/bin/ld: src/boot/efi/graphics.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/pe.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/util.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/boot.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/console.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/random-seed.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/shim.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here [31/101] Generating stub.c.o with a custom command. ninja: build stopped: subcommand failed. make: *** [Makefile:2: all] Error 1 ```	2020-01-27 16:13:28 +09:00
Yu Watanabe	a14c18ba7b	sd-boot: fix typo Fixes #14657.	2020-01-26 13:20:21 +09:00
Lennart Poettering	4353974d75	boot: fix osrel parser let's check VERSION instead of VERSION_ID where appropriate. Fixes: #14493	2020-01-07 19:32:14 +00:00
Lennart Poettering	3b5cd25f4d	Merge pull request #14196 from keszybz/gpt-auto-generator-debugging gpt-auto-generator debugging	2019-12-16 09:24:02 +01:00
Zbigniew Jędrzejewski-Szmek	41ab3b7a85	Merge pull request #13953 from SpencerMichaels/systemd-boot-efistub-id-fix boot: Fix default/oneshot selection for EFISTUB entries	2019-12-04 13:30:52 +01:00
Leonid Bloch	26601a2a17	sd-boot: Add a 0.1 second delay before key-probing for showing menu If there is no boot menu timeout, pressing a key during boot should get the boot menu displayed. However, on some systems the keyboard is not initialized right away, which causes the menu to be inaccessible if no timeout is specified. To resolve this, if the error is "not ready" after the initial attempt of detection, wait for 0.1 second and retry. This solves the problem described above on all the tested systems. The reason for just a single retry, and not retrying while "not ready", is that some firmwares continue to return the "not ready" error on every probe attempt if no key is pressed. Signed-off-by: Leonid Bloch <lb.workbox@gmail.com>	2019-12-04 10:52:28 +01:00
Zbigniew Jędrzejewski-Szmek	607ebf2bd2	bootlctl: show LoaderDevicePartUUID information in status	2019-11-30 17:42:13 +01:00
Lennart Poettering	351de38e4b	bootctl: make 'random-seed' handle inability to write system token EFI variable gracefully Apparently some firmwares don't allow us to write this token, and refuse it with EINVAL. We should normally consider that a fatal error, but not really in the case of "bootctl random-seed" when called from the systemd-boot-system-token.service since it's called as "best effort" service after boot on various systems, and hence we shouldn't fail loudly. Similar, when we cannot find the ESP don't fail either, since there are systems (arch install ISOs) that carry a boot loader capable of the random seed logic but don't mount it after boot. Fixes: #13603	2019-11-21 19:55:17 +01:00
Spencer Michaels	10d0024a07	boot: Improve EFISTUB name and version detection. Make two minor cosmetic changes to how config_entry_add_linux() extracts OS information from the embedded /etc/os-release in EFISTUB binaries. This increases the detail of information available to the user for EFISTUB entries. * entry->version, which was previously always null, is now set to the value of VERSION, or VERSION_ID, or BUILD_ID (preferred in that order). * entry->title, which was previously set to the value of PRETTY_NAME, can now fall back to NAME or ID if PRETTY_NAME is not present. In that case, NAME is preferred over ID.	2019-11-18 22:59:51 -08:00
Spencer Michaels	6cd12ebcfe	boot: Retain ".conf" suffix for loader config IDs. Change config_entry_add_from_file() so that it does not remove the `.conf` ending from the filename that it uses for entry->id. This is necessary because otherwise an EFISTUB binary and a loader config entry might end up with the same ID, as the loader config IDs previously didn't include the config filename's .conf extension (see boot.c:1435). Consider, for instance, an EFISTUB /EFI/Linux/linux.efi and a loader config /loader/entries/linux.efi.conf; both would have the ID linux.efi. In addition, update a comment that previously stated that IDs are non-unique (which is no longer the case, as of this commit).	2019-11-18 22:59:51 -08:00
Spencer Michaels	65901c0fd1	boot: Ignore EFISTUB binaries starting with "auto-". To further increase similarity with loader configs and provide global uniqueness, ignore filenames starting with auto- (see boot.c:1512).	2019-11-18 22:59:51 -08:00
Spencer Michaels	7fa23ab646	boot: Make EFISTUB IDs use binaries' filenames. Change config_entry_add_linux() so that Linux EFISTUB entries' ids are simply the binaries' filenames, as is already the case with loader configs. This guarantees that EFISTUB binaries' IDs are mutually unique.	2019-11-18 22:59:44 -08:00
Zbigniew Jędrzejewski-Szmek	2536752dda	Rename "system-options" to "systemd-efi-options" This makes the naming more consistent: we now have bootctl systemd-efi-options, $SYSTEMD_EFI_OPTIONS and the SystemdOptions EFI variable. (SystemdEFIOptions would be redundant, because it is only used in the context of efivars, and users don't interact with that name directly.) bootctl is adjusted to use 2sp indentation, similarly to systemctl and other programs. Remove the prefix with the old name from 'bootctl systemd-efi-options' output, since it's redundant and we don't want the old name anyway.	2019-11-18 20:20:58 +01:00
Zbigniew Jędrzejewski-Szmek	b289de2b06	bootctl: update --help text	2019-11-18 20:20:58 +01:00
Lennart Poettering	353b2baa20	tree-wide: clean up --help texts a bit This cleans up and unifies the outut of --help texts a bit: 1. Highlight the human friendly description string, not the command line via ANSI sequences. Previously both this description string and the brief command line summary was marked with the same ANSI highlight sequence, but given we auto-page to less and less does not honour multi-line highlights only the command line summary was affectively highlighted. Rationale: for highlighting the description instead of the command line: the command line summary is relatively boring, and mostly the same for out tools, the description on the other hand is pregnant, important and captions the whole thing and hence deserves highlighting. 2. Always suffix "Options" with ":" in the help text 3. Rename "Flags" → "Options" in one case 4. Move commands to the top in a few cases 5. add coloring to many more help pages 6. Unify on COMMAND instead of {COMMAND} in the command line summary. Some tools did it one way, others the other way. I am not sure what precisely {} is supposed to mean, that uppercasing doesn't, hence let's simplify and stick to the {}-less syntax And minor other tweaks.	2019-11-18 15:14:43 +01:00
Dimitri John Ledkov	07d5ed536e	boot: Add ARM64 support to the EFI stub	2019-11-14 10:03:08 +01:00
Dimitri John Ledkov	53a2045521	boot: Load LoadOptions cmdline, if none is available. Fixes #13694	2019-11-14 10:01:20 +01:00
Lennart Poettering	a4a55e9ace	bootctl: create leading dirs when "bootctl random-seed" is called if needed Prompted by: #13603	2019-11-04 14:26:53 +01:00
Zbigniew Jędrzejewski-Szmek	a859abf062	Merge pull request #13906 from yuwata/drop-missing-take2 tree-wide: drop xxx.h when xxx-util.h is included	2019-11-04 13:41:37 +01:00
Jan Janssen	f9f1d01cbd	sd-boot: Skip adding boot entries when the loader does not exist	2019-11-04 13:39:20 +01:00
Yu Watanabe	1405cb653a	tree-wide: drop stdio.h when stdio-util.h is included	2019-11-04 00:30:32 +09:00
Yu Watanabe	e30e8b5073	tree-wide: drop stat.h or statfs.h when stat-util.h is included	2019-11-04 00:30:32 +09:00
Yu Watanabe	adb29d588e	tree-wide: drop blkid.h when blkid-util.h is included	2019-11-04 00:30:32 +09:00
Yu Watanabe	996f7e1cd0	tree-wide: drop dirent.h when dirent-util.h is included	2019-11-04 00:30:32 +09:00
Yu Watanabe	455fa9610c	tree-wide: drop string.h when string-util.h or friends are included	2019-11-04 00:30:32 +09:00
Jan Janssen	d9690d8fe9	sd-boot: Silence compiler warning when building with -O2	2019-10-30 17:47:55 +01:00
Jan Janssen	391719682b	sd-boot: Don't loudly complain if RNG protocol isn't available Fixes #13503	2019-10-30 17:47:50 +01:00
Jan Janssen	9ea4d81c12	sd-boot: Only disable optimization on debug builds	2019-10-30 17:34:12 +01:00
Zbigniew Jędrzejewski-Szmek	e1fac8a68a	Move the Commands section above Options section For executables which take a verb, we should list the verbs first, and then options which modify those verbs second. The general layout of the man page is from general description to specific details, usually Overview, Commands, Options, Return Value, Examples, References.	2019-10-08 18:21:26 +02:00
Zbigniew Jędrzejewski-Szmek	4e5aa79185	bootctl: add "system-options" verb	2019-09-16 18:08:54 +02:00
Zbigniew Jędrzejewski-Szmek	0bb2f0f10e	util-lib: split shared/efivars into basic/efivars and shared/efi-loader I want to use efivars.[ch] in proc-cmdline.c, but most of the efivars stuff is not needed in basic/. Move the file from shared/ to basic/, but then move back most of the higher-level functions to the new shared/efi-loader.c file.	2019-09-16 18:08:53 +02:00
Dan Streetman	4d6c1fce0e	src/boot/efi/meson.build: if meson --werror is true, set gcc -Werror This part of the build does not use the normal meson parameters, so we need to explicitly check for the meson --werror parameter, and if it's true, set the gcc -Werror parameter for this subdir's build.	2019-08-15 17:46:58 -04:00
Dan Streetman	4287d0832c	src/boot/efi/linux: elide __attribute__((regparm(0))) on non-i386 This attribute is x86_32-only, so when building on non-intel archs it generates a compiler warning. When building with -Werror this turns into an error, so only include the attribute on i386 arch builds.	2019-08-15 16:36:10 -04:00
Dan Streetman	82a0fb328e	src/boot/efi/shim: elide __attribute__((sysv_abi)) on non-intel archs This attribute is x86-only, so when building on non-intel archs it generates a compiler warning. When building with -Werror this turns into an error, so only include the attribute on intel archs.	2019-08-15 16:36:10 -04:00
Yu Watanabe	f8a2b09a18	bootctl: arg_dolloar_boot_path() may return NULL	2019-08-12 16:14:07 +09:00
Yu Watanabe	a2ae0d4969	bootctl: clear arg_xbootldr_path when acquire_xbootldr() succeeds	2019-08-12 00:04:44 +09:00
Yu Watanabe	4c858c6fd5	boot: fix build with gnu-efi older than 3.0.5	2019-07-30 18:58:15 +02:00
Zbigniew Jędrzejewski-Szmek	a4d208018c	bootctl: log message tweaks Follow-up for `e44c3229f2`.	2019-07-26 15:05:18 +02:00
Zbigniew Jędrzejewski-Szmek	47685d9d4b	Merge pull request #13137 from poettering/efi-random beef up random seed logic, add boot loader entropy privisioning, improve docs about it	2019-07-26 12:43:32 +02:00
Zbigniew Jędrzejewski-Szmek	0a71e31c33	sd-boot: silence one warning about pointer cast It doesn't matter either way. Fixes #13174.	2019-07-26 10:37:56 +09:00
Lennart Poettering	a2aa605d22	bootctl: add is-installed verb Fixes: #9428	2019-07-25 18:31:20 +02:00
Lennart Poettering	d6e9a347a5	bootctl: show random seed state	2019-07-25 18:20:50 +02:00
Lennart Poettering	e44c3229f2	bootctl: add new verb for initializing a random seed in the ESP	2019-07-25 18:20:50 +02:00
Lennart Poettering	e4dcf7aa52	sd-boot: read random seed from ESP and pass it to OS	2019-07-25 18:16:46 +02:00
Lennart Poettering	073220bf36	efi: steal glibc sha256 implementation	2019-07-25 17:10:51 +02:00
Lennart Poettering	22c5ff5132	bootctl: add new feature flag for indicating random seed management support	2019-07-25 17:10:51 +02:00
Lennart Poettering	7c122dfef8	bootctl: shortcut configuration file parsing	2019-07-25 17:10:51 +02:00
Lennart Poettering	b461576de4	bootctl: drop const from non-pointer function argument	2019-07-25 17:10:51 +02:00
Lennart Poettering	5509f91261	bootctl: use the fact that startswith() returns the suffix	2019-07-25 17:10:51 +02:00
Lennart Poettering	b19fa8126d	efi: add log_oom() helper	2019-07-25 17:10:51 +02:00
Lennart Poettering	1aaabb17fd	efi: modernize file_read() a bit	2019-07-25 17:10:51 +02:00
Lennart Poettering	d90f2add54	bootctl: show correct error code	2019-07-24 08:56:54 +09:00
Lennart Poettering	b5fe7001ee	efi: drop unused define	2019-07-24 08:56:32 +09:00
Lennart Poettering	67633c078c	efi: remove trailing whitespace in string	2019-07-24 08:56:10 +09:00
Yu Watanabe	8cec0a5c32	tree-wide: drop duplicated blank lines ``` $ for i in /.[ch] //*.[ch]; do sed -e '/^$/ {N; s/\n$//g}' -i $i; done $ git checkout HEAD -- basic/linux shared/linux ```	2019-07-15 18:41:27 +02:00
Zbigniew Jędrzejewski-Szmek	3a76fbe01c	bootctl,sd-boot: define EFI_LOADER_FEATURE_XBOOTLDR It was added back in `fa2a3bbdd8`, but we forgot to add the feature define.	2019-07-10 15:02:33 +02:00
Zbigniew Jędrzejewski-Szmek	91b08bb00f	boot,shared: share the definitions of EFI_LOADER_FEATURE macros This means the the code needs to be kept compatible in the shared header, but I think that still nicer than having two places to declare the same things. I added src/boot to -I, so that efi/foo.h needs to be used. This reduces the potential for accidentally including the wrong header.	2019-07-10 14:59:48 +02:00
Lennart Poettering	05b2ace147	Merge pull request #12870 from yuwata/tree-wide-further-path-join-cleanups tree-wide: further path_join() and path_joina() cleanups	2019-06-25 09:27:01 +02:00
Zbigniew Jędrzejewski-Szmek	9dae4c8a26	bootctl: fix display of options with embedeed newlines I have an .efi image with embedded newlinews. Now I don't even remember if it was created for testing or by accident, but it doesn't really matter. We should display such files correctly. (This isn't a problem with normal BLS entries, because input is split into lines so newlines are consumed.)	2019-06-25 10:30:58 +09:00
Yu Watanabe	270384b2d4	tree-wide: replace strjoina() with prefix_roota()	2019-06-25 01:31:26 +09:00
Yu Watanabe	042526868a	Merge pull request #12508 from keszybz/no-root-checks Drop many root checks	2019-06-06 21:31:19 +09:00
Joe Richey	f8e54bf319	sd-boot: Remove unnecessary call to GetEventLog This PR reverts #4302 and part of #7568, as the call to GetEventLog isn't necessary to get the logs from the OS runtime. This has already been reverted in shim, see: `fd7c3bd920` The reasoning for the change that added this is wrong, explained below: > According to TCG EFI Protocol Specification for TPM 2.0 family, > all events generated after the invocation of EFI_TCG2_GET_EVENT_LOG > shall be stored in an instance of an EFI_CONFIGURATION_TABLE aka > EFI TCG 2.0 final events table. This is correct and a valid reading of the TCG spec. > Hence, it is necessary to trigger the internal switch through calling > get_event_log() in order to allow to retrieve the logs from OS runtime. However, this reasoning is incorrect. The "EFI TCG 2.0 final events table" exists to allow the OS Runtime to get TCG events created during or after the call to ExitBootServices. If systemd-boot didn't call trigger_tcg2_final_events_table(), the call to HashLogExtendEvent will write the event to the normal events table (i.e. the same place the PCR 0 - 7 related events are written). Then the OS can obtain these systemd-boot events in the same way it obtains normal events, via a call to GetEventLog(). Tested on amd64 w/ TPM2 using the newest Linux kernel patches that get the TPM2 formatted log: https://www.lkml.org/lkml/2019/5/20/1590 I confirmed that this change still lets the OS runtime obtain the log entries created by systemd-boot. Signed-off-by: Joe Richey <joerichey@google.com>	2019-06-03 15:47:09 +02:00
Zbigniew Jędrzejewski-Szmek	aa467bcae1	bootctl: do not allow -x and -p to be used together -x already prints the path to ESP in some circumstances, and allowing both to be printed seems confusing.	2019-05-19 12:01:32 +02:00
Zbigniew Jędrzejewski-Szmek	fba4e94506	bootctl: add -x shortcut for --print-boot-path It's a quite useful option, let's match -p.	2019-05-19 11:55:36 +02:00
Zbigniew Jędrzejewski-Szmek	405b104df6	bootclt: add missing column This got broken somehow in `44e6a5ef82`.	2019-05-19 11:31:19 +02:00
Zbigniew Jędrzejewski-Szmek	7c3ce8b5a9	bootctl: drop must_be_root() checks The reasoning is the same as in previous cases. We get an error like "Failed to update EFI variable: Operation not permitted" anyway, so the check is not very useful.	2019-05-08 11:51:51 +02:00
Zbigniew Jędrzejewski-Szmek	ded3a40301	bless-boot: drop must_be_root() checks If we lack permissions, we will fail anyway. But by not doing the artifial check, we get more information. For example, on my machine, I see $ build/systemd-bless-boot good Not booted with boot counting in effect. while "Need to be root" is actually untrue, because being root doesn't change the outcome in any way. Letting the operation fail on the actual error makes it easier to do test runs: we know the command will fail, but we want to see what the first step would be. Not doing the articial check makes it also easier to do create alternative security arrangements, for example where the directories are mounted with special ownership mode and an otherwise unprivileged user can perform certain operations.	2019-05-08 11:51:51 +02:00
Ben Boeckel	5238e95759	codespell: fix spelling errors	2019-04-29 16:47:18 +02:00
Zbigniew Jędrzejewski-Szmek	cc5549ca12	scripts: use 4 space indentation We had all kinds of indentation: 2 sp, 3 sp, 4 sp, 8 sp, and mixed. 4 sp was the most common, in particular the majority of scripts under test/ used that. Let's standarize on 4 sp, because many commandlines are long and there's a lot of nesting, and with 8sp indentation less stuff fits. 4 sp also seems to be the default indentation, so this will make it less likely that people will mess up if they don't load the editor config. (I think people often use vi, and vi has no support to load project-wide configuration automatically. We distribute a .vimrc file, but it is not loaded by default, and even the instructions in it seem to discourage its use for security reasons.) Also remove the few vim config lines that were left. We should either have them on all files, or none. Also remove some strange stuff like '#!/bin/env bash', yikes.	2019-04-12 08:30:31 +02:00
Zbigniew Jędrzejewski-Szmek	cce9457c70	bootctl: urlify .conf files Just because we can ;)	2019-04-05 14:01:35 +02:00
Zbigniew Jędrzejewski-Szmek	d3eb60722d	bootctl: emit extra warning if the default boot entry is broken Let's make it more obvious for the user if something is badly borked. It does the job, but I'm not too happy with this.	2019-04-05 13:51:30 +02:00
Zbigniew Jędrzejewski-Szmek	44e6a5ef82	bootctl: check if files specified by boot entry exist, and warn if not Example output: title: Fedora 30 (Workstation Edition) (5.0.5-300.fc30.x86_64) id: 08a5690a2eed47cf92ac0a5d2e3cf6b0-5.0.5-bad-300.fc30.x86_64 source: /boot/efi/loader/entries/08a5690a2eed47cf92ac0a5d2e3cf6b0-5.0.5-bad-300.fc30.x86_64.conf version: 5.0.5-300.fc30.x86_64 machine-id: 08a5690a2eed47cf92ac0a5d2e3cf6b0 linux: /08a5690a2eed47cf92ac0a/5.0.5-300.fc30.x86_64/linux (No such file or directory) initrd: /08a5690a2eed47cf92ac0a/5.0.5-300.fc30.x86_64/initrd (No such file or directory) /08a5690a2eed47cf92ac0a/5.0.5-300.fc30.x86_64/initrd2 (No such file or directory) options: ...	2019-04-05 13:51:19 +02:00
Zbigniew Jędrzejewski-Szmek	ce4c4f8108	bootctl: replace "type" with "source" in output I think this is more useful (because it's easy to stick the path into an editor command when one wants to change the options or inspect the files), and more self-explanatory. Example output: title: Fedora 30 (Workstation Edition) (4.20.16-200.fc29.x86_64) id: 08a5690a2eed47cf92ac0a5d2e3cf6b0-4.20.16-200.fc29.x86_64 source: /boot/efi/loader/entries/08a5690a2eed47cf92ac0a5d2e3cf6b0-4.20.16-200.fc29.x86_64.conf version: 4.20.16-200.fc29.x86_64 ... title: Fedora 30 (Workstation Edition) id: fedora-30 source: /boot/efi/EFI/Linux/linux-5.0.5-300.fc30.x86_64-08a5690a2eed47cf92ac0a5d2e3cf6b0.efi linux: EFI/Linux/linux-5.0.5-300.fc30.x86_64-08a5690a2eed47cf92ac0a5d2e3cf6b0.efi ... title: Reboot Into Firmware Interface id: auto-reboot-to-firmware-setup source: /sys/firmware/efi/efivars/LoaderEntries-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f	2019-04-05 13:50:34 +02:00
Zbigniew Jędrzejewski-Szmek	bd44566c4d	tree-wide: use SD_ID128_UUID_FORMAT_STR as appropriate	2019-04-05 13:48:38 +02:00
Lennart Poettering	c1db999eb8	boot: use TAKE_PTR() where appropriate	2019-04-02 14:54:42 +02:00
Lennart Poettering	a7798cd81b	tree-wide: use reallocarray() where appropriate	2019-04-02 14:54:42 +02:00
Lennart Poettering	d55e43344b	Merge pull request #11971 from keszybz/kernel-install-directory Make kernel-install create entry directory	2019-03-14 10:51:55 +01:00
Zbigniew Jędrzejewski-Szmek	e2600fd582	bootctl: use path_join() to join paths We would say "/boot/efi//loader/entries"...	2019-03-14 08:28:18 +01:00
Zbigniew Jędrzejewski-Szmek	7a2cb0228c	boot: avoid 32-bit calculation for a 64-bit lvalue Coverity CID#1399116: > Potentially overflowing expression > gpt_header_buffer.gpt_header.SizeOfPartitionEntry * gpt_header_buffer.gpt_header.NumberOfPartitionEntries > with type unsigned int (32 bits, unsigned) is evaluated using 32-bit > arithmetic, and then used in a context that expects an expression of type > UINTN (64 bits, unsigned). Let's import the ALIGN_TO macro to sd-boot and use it to avoid the issue.	2019-03-12 13:32:45 +01:00
Zbigniew Jędrzejewski-Szmek	341890de86	bootctl: create $BOOT/<machine-id> when installing sd-boot	2019-03-12 09:45:16 +01:00
Zbigniew Jędrzejewski-Szmek	ff19ad888d	efi: wrap some long lines	2019-03-08 11:04:16 +01:00
Lennart Poettering	93f14ce28d	bootspec: move augmentation of loader-discovered entries into bootspec.c Previously, bootctl would show boot loader entries discovered by the boot loader which couldn't found locally separately in the output. Let's move this code into bootspec.c, and beef it up a bit. This way we can use it later on for logind, and correctly show automatically discovered windows/macos entries too.	2019-03-05 16:50:58 +01:00
Lennart Poettering	4629499e7f	bootctl: tweak 'list' output a bit Let's suppress the final newline in the list if it's the last entry we are outputting.	2019-03-05 16:50:58 +01:00
Zbigniew Jędrzejewski-Szmek	cc5fc36aec	Merge pull request #11243 from poettering/nspawn-root-overlay add systemd-nspawn --volatile=overlay support, as well as the same for host systems	2019-03-01 16:08:55 +01:00
Lennart Poettering	adc6f43b14	copy: don't synthesize a 'user.crtime_usec' xattr on copy unless explicitly requested Previously, when we'd copy an individual file we'd synthesize a user.crtime_usec xattr with the source's creation time if we can determine it. As the creation/birth time was until recently not queriable form userspace this effectively just propagated the same xattr on the source to the same xattr on the destination. However, current kernels now allow to query the birthtime using statx() and we do make use of that now. Which means that suddenly we started synthesizing these xattrs much more regularly. Doing this actually does make sense, but only in very few cases: not for the typical regular files we copy, but certainly when dealing with disk images. Hence, let's keep this kind of propagation, but let's make it a flag and default to off. Then turn it on whenever we deal with disk images, and leave it off otherwise. This is particularly relevant as overlayfs combining a real fs, and a tmpfs on top will result in EOPNOTSUPP when it is attempted to open a file with xattrs for writing, as tmpfs does not support xattrs, and hence the copy-up cannot work. Hence, let's avoid synthesizing this needlessly, to increase compat with overlayfs.	2019-03-01 14:11:07 +01:00
Lennart Poettering	2cb45cdc4d	meson: sort header list again	2019-03-01 12:41:32 +01:00
Lennart Poettering	c8b32d06bd	stub: don't override LoaderDevicePartUUID EFI var We document and all our code assumes that LoaderDevicePartUUID is initialized to the ESP's UUID. Let's hence not override the variable if it is already set, in order to not confuse userspace if the kernel's EFI image is run from a different partition than the ESP. This matches behaviour for all other variables set by the EFI stub, in particular the closely related LoaderImageIdentifier variable.	2019-03-01 12:41:32 +01:00
Lennart Poettering	8118fb3c83	stub: don't ask for variable data we actually don't care about Let's take benefit of the fact that efivar_get_xyz() take NULL pointers for the return data: let's shorten the code a bit.	2019-03-01 12:41:32 +01:00
Lennart Poettering	0d957ef6cf	stub: fix GUID to check EFI vars in Our own variables are in the the "loader" GUID namespace, but our code so far checked the "global" GUID namespace (i.e. EFI's own), before setting the variables. Correct that, so that we always check the right namespace for existing variables before we write them.	2019-03-01 12:41:32 +01:00
Lennart Poettering	b9e452423c	efi: beef up efivar_get_xyz() to accept NULL return values	2019-03-01 12:41:32 +01:00
Lennart Poettering	5d87589732	sd-boot: don't print error string where there's no error code known	2019-03-01 12:41:32 +01:00
Lennart Poettering	fa2a3bbdd8	sd-boot: also look for boot loader entries in the XBOOTLDR partition The specification always said so, let's actually implement this. Unfortunately UEFI's own APIs don't allow us to search for partition type GUID, hence we have to implement a minimal GPT parser ourselves.	2019-03-01 12:41:32 +01:00
Lennart Poettering	17ad0f0f4b	sd-boot: don't dereference NULL ptr if loaded_image_path is NULL In a follow-up commit we'd like to invoke config_entry_add_from_file() on partitions that are not the ESP, let's prepare fpr that and allow loaded_image_path to be passed as NULL.	2019-03-01 12:41:32 +01:00
Lennart Poettering	c8ad5996b0	sd-boot: pass device handle to config_entry_add_linux() This makes the code a bit simpler (after all the call is not interested in the loaded image, just where it is found), and more like config_load_entries() which takes the same arguments. This also makes things easier for us later on, when we add support for discovering images in $XBOOTLDR partitions.	2019-03-01 12:41:32 +01:00
Lennart Poettering	0d73a81611	bootctl: properly handle readdir() errors	2019-03-01 12:41:32 +01:00
Lennart Poettering	882b3bd6c5	bootctl: let's make sure we always add empty line after EFI binary output Let's make sure we output another "\n", even if we fail this function, so that the output we started is separated properly from what is following.	2019-03-01 12:41:32 +01:00
Lennart Poettering	2f88b2a081	boot-bless: port over to new $BOOT discovery calls	2019-03-01 12:41:32 +01:00
Lennart Poettering	81fed855d9	bootctl: output where we found $BOOT	2019-03-01 12:41:32 +01:00
Lennart Poettering	fbf45d22da	bootctl: teach bootctl the new partition type	2019-03-01 12:41:32 +01:00
Lennart Poettering	a2f8664e9a	bootspec: load entries from both the ESP and XBOOTLDR partitions Let's simply search in both.	2019-03-01 12:41:32 +01:00
Lennart Poettering	c4ba5b516d	bootctl: safety check for regular file when reading EFI images	2019-03-01 12:41:32 +01:00
Lennart Poettering	78d5d4ed77	bootctl: use SYNTHETIC_ERRNO() where appropriate	2019-03-01 12:41:32 +01:00
Michael Niewöhner	6247c33614	Make systemd-boot compliant with the Linux Boot / EFI Handover Protocol The current implementation copied the complete header to boot_params, thus making the kernel ignore many of the fields. As mentioned in the code comment for the sentinel variable in bootparam.h a bootloader should only copy the setup_header, set some fields in boot_params and zero out anything else. This change makes systemd-boot (mostly) compliant with the Linux Boot Protocol and the EFI Handover Protocol described in bootparam.h and Documentation/boot.txt to fix various issues: - Secure boot not being detected corretly by Linux (#11717) - tboot error message / warning on boot (#11717) - Strange purple text color when booting in qemu with OVMF - Hopefully even more ...	2019-02-20 22:59:52 +01:00
Michael Niewöhner	5f7df68c11	Revert "Set secure_boot flag in Kernel Zero-Page (#7482 )" This reverts commit `b4f9f2a62f`. Revert this because a) the quiet bug is fixed in linux and b) Documentation/boot.txt says "All other fields should be zero."	2019-02-20 20:14:15 +01:00
YiFei Zhu	2f92b1e99a	boot/efi: use a wildcard section copy for final EFI generation The GNU gold linker uses the section name `.rela.dyn` instead of `.rela` for containing the relocation information. If this section is not copied systemd-boot can crash. Efitools started using wildcard section copies in their commit b98d381b, and these wildcard sections are the only difference between systemd-boot's section copy list and theirs. This patch add the wildcard section `.rel*` to our objcopy, as it should include all other wildcards assuming a recent GNU objcopy. Redundant arguments for sections that would be matched by this wildcard are removed. This patch has been tested on EDK II UEFI v2.70 Firmware on QEMU, and Lenovo 0.5120 UEFI 2.40 Firmware on bare metal. Fixes: #11541	2019-02-09 17:51:23 +01:00
Louis Taylor	e768a4f032	tree-wide: use '"' instead of '\"' The escape used previously was redundant and made things more confusing.	2019-01-17 16:46:29 +00:00
Topi Miettinen	a1e92eee3e	Remove 'inline' attributes from static functions in .c files (#11426 ) Let the compiler perform inlining (see #11397).	2019-01-15 08:12:28 +01:00
Zbigniew Jędrzejewski-Szmek	3042bbebdd	tree-wide: use c99 static for array size declarations https://hamberg.no/erlend/posts/2013-02-18-static-array-indices.html This only works with clang, unfortunately gcc doesn't seem to implement the check (tested with gcc-8.2.1-5.fc29.x86_64). Simulated error: [2/3] Compiling C object 'systemd-nspawn@exe/src_nspawn_nspawn.c.o'. ../src/nspawn/nspawn.c:3179:45: warning: array argument is too small; contains 15 elements, callee requires at least 16 [-Warray-bounds] candidate = (uid_t) siphash24(arg_machine, strlen(arg_machine), hash_key); ^ ~~~~~~~~ ../src/basic/siphash24.h:24:64: note: callee declares array parameter as static here uint64_t siphash24(const void *in, size_t inlen, const uint8_t k[static 16]); ^~~~~~~~~~~~	2019-01-04 12:37:25 +01:00
Zbigniew Jędrzejewski-Szmek	681bd2c524	meson: generate version tag from git $ build/systemctl --version systemd 239-3555-g6178cbb5b5 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN +PCRE2 default-hierarchy=hybrid $ git tag v240 -m 'v240' $ ninja -C build ninja: Entering directory `build' [76/76] Linking target fuzz-unit-file. $ build/systemctl --version systemd 240 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN +PCRE2 default-hierarchy=hybrid This is very useful during development, because a precise version string is embedded in the build product and displayed during boot, so we don't have to guess answers for questions like "did I just boot the latest version or the one from before?". This change creates an overhead for "noop" builds. On my laptop, 'ninja -C build' that does nothing goes from 0.1 to 0.5 s. It would be nice to avoid this, but I think that <1 s is still acceptable. Fixes #7183. PACKAGE_VERSION is renamed to GIT_VERSION, to make it obvious that this is the more dynamically changing version string. Why save to a file? It would be easy to generate the version tag using run_command(), but we want to go through a file so that stuff gets rebuilt when this file changes. If we just defined an variable in meson, ninja wouldn't know it needs to rebuild things.	2018-12-21 13:43:20 +01:00
Lennart Poettering	9a6f746fb6	locale-util: prefix special glyph enum values with SPECIAL_GLYPH_ This has been irritating me for quite a while: let's prefix these enum values with a common prefix, like we do for almost all other enums. No change in behaviour, just some renaming.	2018-12-14 08:22:54 +01:00
Chris Down	e92aaed30e	tree-wide: Remove O_CLOEXEC from fdopen fdopen doesn't accept "e", it's ignored. Let's not mislead people into believing that it actually sets O_CLOEXEC. From `man 3 fdopen`: > e (since glibc 2.7): > Open the file with the O_CLOEXEC flag. See open(2) for more information. This flag is ignored for fdopen() As mentioned by @jlebon in #11131.	2018-12-12 20:47:40 +01:00
Lennart Poettering	2ee1c55d6c	tree-wide: drop redundant space between __attribute__ and (( We follow no general rule, but in most cases we do not place a space outside of macro.h. Hence let's stick to that, and adapt macro.h too, and follow the rule systematically that there shall not be a space between __attribute__ and ((... Yes, this does not matter at all, and is purely OCD cosmetics. But then again, the uses of __attribute__ are very local only, hence the changes cleaning this up are small and are unlikely to have to be repeated too often...	2018-12-03 13:28:26 +01:00
Harald Hoyer	4a3b569445	sd-boot: remove Stall() call (#11029 ) This is left-over from debugging.	2018-12-03 10:27:26 +01:00
Lennart Poettering	e4de72876e	util-lib: split out all temporary file related calls into tmpfiles-util.c This splits out a bunch of functions from fileio.c that have to do with temporary files. Simply to make the header files a bit shorter, and to group things more nicely. No code changes, just some rearranging of source files.	2018-12-02 13:22:29 +01:00
Lennart Poettering	5dd9527883	tree-wide: remove various unused functions All found with "cppcheck --enable=unusedFunction".	2018-12-02 13:35:34 +09:00
Yu Watanabe	d949c467b8	sd-boot: fix trailing whitespace trimming Fixes #10922.	2018-11-26 06:43:36 +09:00
Zbigniew Jędrzejewski-Szmek	baaa35ad70	coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.	2018-11-22 10:54:38 +01:00
Zbigniew Jędrzejewski-Szmek	053254e3cb	generators: drop umask calls systemd already sets the umask (see `e3b8d0637d`). When running under systemd, we don't need to set it. And when not running under systemd, for example during development, there is no reason to override the user config. Let's just drop those calls. $ git grep -e 'umask\(' -l 'src/generator' \|xargs perl -i -0pe 's\|^[^\n]*umask\([^\n]+\n\n\|\|gms'	2018-11-21 13:40:24 +01:00
Zbigniew Jędrzejewski-Szmek	294bf0c34a	Split out pretty-print.c and move pager.c and main-func.h to shared/ This is high-level functionality, and fits better in shared/ (which is for our executables), than in basic/ (which is also for libraries).	2018-11-20 18:40:02 +01:00
Yu Watanabe	a8a7e5fcf2	bless-boot: use static destructor and DEFINE_MAIN_FUNCTION() macro	2018-11-20 18:40:02 +01:00
Yu Watanabe	608f8ec92e	bootctl: use static destructor and DEFINE_MAIN_FUNCTION() macro	2018-11-20 16:48:21 +01:00
Lennart Poettering	afe44c8ffd	generators: introduce a common implementation for the log setup boilerplate	2018-11-20 10:57:50 +01:00
Lennart Poettering	012c2f761b	tree-wide: use __ prefixed gcc attributes (#10843 ) As suggest here: https://gcc.gnu.org/onlinedocs/gcc/Attribute-Syntax.html#Attribute-Syntax "You may optionally specify attribute names with ‘__’ preceding and following the name. This allows you to use them in header files without being concerned about a possible macro of the same name. For example, you may use the attribute name __noreturn__ instead of noreturn. "	2018-11-20 12:34:08 +09:00
Lennart Poettering	5e332028f2	util-lib: move main() definition macros to its own header file This way, we can extend the macro a bit with stuff pulled in from other headers without this affecting everything which pulls in macro.h, which is one of our most basic headers. This is just refactoring, no change in behaviour, in prepartion for later changes.	2018-11-19 21:14:34 +01:00
Lennart Poettering	2a44bf5099	Merge pull request #10811 from keszybz/define-main-through-macro Define main through macro	2018-11-19 15:28:17 +01:00
Zbigniew Jędrzejewski-Szmek	02434ea263	boot-check-no-failures: define main through macro	2018-11-17 09:13:35 +01:00
Lennart Poettering	1b259a5bf3	Merge pull request #10804 from poettering/sd-boot-updates various sd-boot/EFI fixes (split out from #10495)	2018-11-16 17:52:37 +01:00
Lennart Poettering	80641a81b6	bootctl: display loader features in a pretty way.	2018-11-16 15:52:22 +01:00
Lennart Poettering	c027b67f53	util: force time multiplications to happen in longs	2018-11-16 15:52:22 +01:00
Lennart Poettering	3b42f34910	efi: NUL terminate strings read with efivar_get() let's be more careful and NUL terminate everything we read from EFI variables, in case it isn't already.	2018-11-16 15:47:18 +01:00
Lennart Poettering	996daf2fa9	sd-boot: make sure special menu items also work if menu is skipped While it doesn't really make much sense to set "auto-reboot-to-firmware" as oneshot boot item, let's still support it properly, by also dispatching such a menu item if selected.	2018-11-16 15:47:18 +01:00
Lennart Poettering	aec1443aec	sd-boot: use structured initialization	2018-11-16 15:47:18 +01:00
Lennart Poettering	b58c7351c0	sd-boot: change name of automatic entry for rebooting into firmware Let's stick to one nomenclature. In userspace we usually call this "reboot to firmware setup", hence use the same name in sd-boot too. This name was previously only relevant internally, but since the addition of the LoaderEntries EFI var is exposed to userspace, hence let's get this right with the first release adding this.	2018-11-16 15:47:18 +01:00
Lennart Poettering	5dd5f7cfa8	sd-boot: add new EFI variable exposing feature set of boot loader We keep adding new features, let's advertise to the host OS what these are in a new variable LoaderFeatures. It works a bit like OsIndicationsSupported, but is about Loader features.	2018-11-16 15:47:18 +01:00
Lennart Poettering	95a18e91db	efi: make sure parse_boolean() does something useful on a NULL parameter	2018-11-16 15:47:18 +01:00
Lennart Poettering	427ee7ec82	efi: add 'const' to various util.h API parameters	2018-11-16 15:47:18 +01:00
Lennart Poettering	fe2579dd9c	sd-boot: introduce a one-time override for the boot menu timeout This is useful to allow userspace to request a "boot into boot menu" feature.	2018-11-16 15:47:18 +01:00
Lennart Poettering	2366d92345	sd-boot: when converting menu timeout for UINTN to INTN saturate Let's be a bit more careful and handle overly long timeouts in a slightly more sensible way.	2018-11-16 15:47:18 +01:00
Lennart Poettering	b49dd00f8c	efi: add simple macros for MAX values of EFI's UINTN/INTN types	2018-11-16 15:47:18 +01:00
Lennart Poettering	8ac694710f	sd-boot: timeout_sec is unsigned hence show it with %u	2018-11-16 15:47:18 +01:00
Zbigniew Jędrzejewski-Szmek	0221d68a13	basic/pager: convert the pager options to a flags argument Pretty much everything uses just the first argument, and this doesn't make this common pattern more complicated, but makes it simpler to pass multiple options.	2018-11-14 16:25:11 +01:00
Lennart Poettering	a2689fa5fc	Merge pull request #9437 from poettering/sd-boot-count many sd-boot/bootctl fixes, and a new "boot counting" concept, for automatic fallback to older kernels on persistent failures	2018-10-19 23:04:22 +02:00
Lennart Poettering	f876f53789	units: add simple boot check unit This is might be useful in some cases, but it's primarily an example for a boot check service that can be plugged before boot-complete.target. It's disabled by default. All it does is check whether the failed unit count is zero	2018-10-19 22:34:50 +02:00
Lennart Poettering	8d16ed0785	add "systemd-bless-boot-generator" This generator automatically pulls in "systemd-bless-boot.service" if a boot with boot counting is detected.	2018-10-19 22:34:50 +02:00
Lennart Poettering	36695e880a	add new systemd-bless-boot.service that marks boots as successful This is the counterpiece to the boot counting implemented in systemd-boot: if a boot is detected as successful we mark drop the counter again from the booted snippet or kernel image.	2018-10-19 22:34:50 +02:00
Yu Watanabe	7709ef3a70	bootctl: include error cause in log message	2018-10-20 00:52:45 +09:00
Lennart Poettering	0fef958361	efi: rework OFFSETOF() based on __builtin_offsetof() Since both LLVM and gcc supported this for a long time, we are not adding a fallback compat kludge. And even if there's some relevant compiler that doesn't know this concept, it'll fail with a compiler error, and we'll fix it then. As suggested by @keszybz: https://github.com/systemd/systemd/pull/10174#discussion_r226266540	2018-10-18 19:01:54 +02:00
Lennart Poettering	535610b561	sd-boot: factor out searching for loader entry	2018-10-16 16:44:34 +02:00
Lennart Poettering	7f1ef12526	sd-boot: also set an ID for the reboot-into-firmware entry	2018-10-16 16:44:34 +02:00
Lennart Poettering	0e2bc73274	sd-boot: write the IDs of all discovered entries to an EFI variable This is primarily useful for debugging, but can be useful for other purposes too. For example userspace could check whether "auto-windows" is included in the list, before triggering a boot-into-windows operation.	2018-10-16 16:44:34 +02:00
Lennart Poettering	f82ecab0a9	efi: make efivar_set_raw() buffer argument VOID* No need to define a type if it is just some arbitrary buffer for us anyway.	2018-10-16 16:44:34 +02:00
Lennart Poettering	f538cc6548	sd-boot: add boot counting mechanism	2018-10-16 16:44:34 +02:00
Lennart Poettering	64e7e27cd4	sd-boot: coding style fix, don't rely on C's downgrade-to-bool feature for numerical values	2018-10-16 16:44:34 +02:00
Lennart Poettering	05907f25a5	sd-boot: remove left-over lgpl blurb	2018-10-16 16:44:34 +02:00
Lennart Poettering	2214cfbf50	sd-boot: simplify memory management in processing of unified kernel image a bit	2018-10-16 16:44:34 +02:00
Lennart Poettering	42cf81c26f	sd-boot: properly free all config entry fields	2018-10-16 16:44:34 +02:00
Lennart Poettering	081cc95fec	sd-boot: rename ConfigEntry field 'file' to 'id' The field derives from a file name only in very specific cases, for many cases it's a fixed string (for example, all "auto-" items are like this). Also, even when it derives from a file name, it is processed a bit, as suffixes are removed and the string is converted to lower case. hence, let's name this field "id" instead, because that's what it is used for: as general identification token.	2018-10-16 16:44:34 +02:00
Lennart Poettering	580fe4df59	sd-boot: break overly long function argument lists following our usual coding style	2018-10-16 16:44:34 +02:00
Lennart Poettering	1336bb9864	sd-boot: drop initialization of 'line' which we override in the next line anyway	2018-10-16 16:44:34 +02:00
Lennart Poettering	2880e665ab	efi: explicity check for NULL in FreePoolp() Firmware implementations are generally pretty bad, hence let's better add an explicit check for NULL before invokin FreePool(), in particular is it doesn't appear to be documented whether FreePool() is supposed to be happy with NULL.	2018-10-16 16:44:34 +02:00
Lennart Poettering	3aaa95e0a0	efi: add cleanup handler for closing file descriptors	2018-10-16 16:44:34 +02:00
Lennart Poettering	b73acaed42	efi: add poor man's offsetof() implementation	2018-10-16 16:44:34 +02:00
David Tardon	de699c7a06	console: avoid promotion to signed int coverity message: sign_extension: Suspicious implicit sign extension: "keydata.Key.ScanCode" with type "UINT16" (16 bits, unsigned) is promoted in "keydata.Key.ScanCode << 16" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "keydata.Key.ScanCode << 16" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.	2018-10-12 12:38:41 +02:00
Lennart Poettering	bd2865caf6	bootctl: include boot entries discovered by the boot loader but not in $BOOT in the "list" output Let's use the new LoaderEntries efi var for this, and show all entries we couldn't find via the config snippets.	2018-10-08 21:40:44 +02:00
Lennart Poettering	d88c96ffe5	bootctl: add new verbs for setting the default boot/oneshot entry Fixes: #5739 #8574	2018-10-08 21:40:44 +02:00
Lennart Poettering	57db6f18d4	bootctl: add auto-paging	2018-10-08 21:40:44 +02:00
Lennart Poettering	ba85725324	bootctl: highlight various title/product fields in output	2018-10-08 21:40:44 +02:00
Lennart Poettering	20a28174c5	bootctl: unify the code which we use to show boot loader entries	2018-10-08 21:40:44 +02:00
Lennart Poettering	48184e4391	bootctl: downgrade to log messages that aren't actually errors	2018-10-08 21:40:44 +02:00
Lennart Poettering	7fd66f3c3d	bootctl: reword status/list section headers a bit This is really confusing, let's try to clean this up a bit, in particular as there are two very similar concepts: 1. The boot loaders, i.e. the category you find systemd-boot, the Windows and Apple boot loaders in. These may typically be listed in the firmware's EFI variables. 2. The boot loader entries, as defined by the Boot Loader Spec. In this category you find the various Linux kernels that are installed, i.e. the stuff systemd-boot shows on screen. To make things confusing, the Windows and Apple boot loaders can appear both as boot loaders and as boot loader entries. This tries to establish the following nomenclature: "boot loaders" and "boot loader entries" for these two concepts.	2018-10-08 21:40:44 +02:00
Lennart Poettering	a099e0352c	bootctl: show 'Default Boot Entry' header only when we found something	2018-10-08 21:40:44 +02:00
Lennart Poettering	21f7a622d5	bootspec: remove redundant logging boot_loader_read_conf(), boot_entries_find(), boot_entries_load_config() all log their errors internally, hence no need to log a second or third time about the same error when they return.	2018-10-08 21:40:44 +02:00
Lennart Poettering	a36b411ea2	bootctl: tiny shortification	2018-10-08 21:40:44 +02:00
Lennart Poettering	e0e8d177c8	bootctl: let's be paranoid and synchronize the ESP in full after all changes We already synchronize all files we write individually, as well as the directories they are stored in. Let's also synchronize the ESP as a whole after our work, just in case.	2018-10-08 21:40:44 +02:00
Lennart Poettering	1634ebb54a	Merge pull request #10262 from keszybz/hibres-disable Switches to disable hibernation and/or resuming	2018-10-08 21:39:54 +02:00
Zbigniew Jędrzejewski-Szmek	cac4d95ec8	boot: change multiplication order LGTM was complaining: > Multiplication result may overflow 'unsigned int' before it is converted to 'unsigned long'.	2018-10-02 12:54:00 +02:00
Mike Gilbert	5f723125ae	meson: avoid calling the shell to resolve efi_libdir	2018-09-30 16:22:07 -04:00
Mike Gilbert	595343fb4c	meson: use an array option for efi-cc Fixes: https://github.com/systemd/systemd/issues/10211	2018-09-30 15:43:39 -04:00
Helmut Grohne	df7cacae69	meson: use the host architecture compiler/linker for src/boot/efi cross building systemd to arm64 presently fails, because the build system uses plain gcc and plain ld (build architecture compiler and linker respectively) for building src/boot/efi. These values come from the efi-cc and efi-ld options respectively. It rather should be using host tools here. Fixes: `b710072da4` ("add support for building efi modules")	2018-09-28 14:42:56 +02:00
Lennart Poettering	12580bc3ed	bootspec: rename "filename" field to "id" This follows the renaming done a few commits earlier too systemd-boot itself. Also, let's show the ID, since it's useful.	2018-09-27 17:31:37 +02:00
Zbigniew Jędrzejewski-Szmek	938be08926	meson: disable _all_ tests when -Dtests=false Back in `08318a2c5a`, value "false" was enabled for '-Dtests=', but various tests were not conditionalized properly. So even with -Dtests=false -Dslow-tests=false we'd run 120 tests. Let's make this consistent.	2018-09-13 12:07:34 +02:00
Harald Hoyer	15720d0340	boot/efi/stub.c: fix Dell LoadOptions On Dell machines LoadOptions is filled with: 01 00 00 00 <name of BIOS Boot Loader Entry> ... <unknown bytes> So, in case of meaningfull LoadOptions, better check if the first char is a printable character.	2018-09-03 14:10:38 +02:00

... 3 4 5 6 7 ...

656 Commits