diff --git a/man/systemd-analyze.xml b/man/systemd-analyze.xml index 9a4b0cada41..67c7e07778a 100644 --- a/man/systemd-analyze.xml +++ b/man/systemd-analyze.xml @@ -186,6 +186,11 @@ architectures NAME + + systemd-analyze + OPTIONS + smbios11 + @@ -979,6 +984,26 @@ x86-64 native + + <command>systemd-analyze smbios11</command> + + Shows a list of SMBIOS Type #11 strings passed to the system. Also see + smbios-type-117. + + + Example output + $ systemd-analyze smbios11 +io.systemd.stub.kernel-cmdline-extra=console=ttyS0 +io.systemd.credential.binary:ssh.ephemeral-authorized_keys-all=c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSURGd20xbFp4WlRGclJteG9ZQlozOTYzcE1uYlJCaDMwM1MxVXhLSUM2NmYgbGVubmFydEB6ZXRhCg== +io.systemd.credential:vmm.notify_socket=vsock-stream:2:254570042 + +3 SMBIOS Type #11 strings passed. + + + + + + diff --git a/src/analyze/analyze-smbios11.c b/src/analyze/analyze-smbios11.c new file mode 100644 index 00000000000..cee5a3ad0be --- /dev/null +++ b/src/analyze/analyze-smbios11.c @@ -0,0 +1,73 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "analyze.h" +#include "analyze-smbios11.h" +#include "escape.h" +#include "smbios11.h" +#include "virt.h" + +int verb_smbios11(int argc, char *argv[], void *userdata) { + unsigned n = 0; + int r; + + for (unsigned i = 0;; i++) { + _cleanup_free_ char *data = NULL; + bool written = false; + size_t size; + + r = read_smbios11_field(i, SIZE_MAX, &data, &size); + if (r == -ENOENT) /* Reached the end */ + break; + if (r < 0) + return log_error_errno(r, "Failed to read SMBIOS Type #11 string %u: %m", i); + bool incomplete = r == 0; + + size_t left, skip; + const char *p; + for (p = data, left = size; left > 0; p += skip, left -= skip) { + const char *nul; + + nul = memchr(p, 0, left); + if (nul) + skip = (nul - p) + 1; + else { + nul = p + left; + skip = left; + } + + if (nul - p == 0) /* Skip empty strings */ + continue; + + _cleanup_free_ char *escaped = NULL; + escaped = cescape_length(p, nul - p); + if (!escaped) + return log_oom(); + + if (written) + fputc('\n', stdout); + + fputs(escaped, stdout); + written = true; + n++; + } + + if (written) { + if (incomplete) + fputs(special_glyph(SPECIAL_GLYPH_ELLIPSIS), stdout); + + fputc('\n', stdout); + } + + if (i == UINT_MAX) /* Prevent overflow */ + break; + } + + if (!arg_quiet) { + if (n == 0) + log_info("No SMBIOS Type #11 strings passed."); + else + log_info("\n%u SMBIOS Type #11 strings passed.", n); + } + + return EXIT_SUCCESS; +} diff --git a/src/analyze/analyze-smbios11.h b/src/analyze/analyze-smbios11.h new file mode 100644 index 00000000000..4b1f334dc8f --- /dev/null +++ b/src/analyze/analyze-smbios11.h @@ -0,0 +1,4 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +int verb_smbios11(int argc, char *argv[], void *userdata); diff --git a/src/analyze/analyze.c b/src/analyze/analyze.c index cf4894a9d3b..db3996faea4 100644 --- a/src/analyze/analyze.c +++ b/src/analyze/analyze.c @@ -34,6 +34,7 @@ #include "analyze-plot.h" #include "analyze-security.h" #include "analyze-service-watchdogs.h" +#include "analyze-smbios11.h" #include "analyze-srk.h" #include "analyze-syscall-filter.h" #include "analyze-time.h" @@ -241,6 +242,7 @@ static int help(int argc, char *argv[], void *userdata) { " image-policy POLICY... Analyze image policy string\n" " pcrs [PCR...] Show TPM2 PCRs and their names\n" " srk [>FILE] Write TPM2 SRK (to FILE)\n" + " smbios11 List strings passed via SMBIOS Type #11\n" "\nOptions:\n" " --recursive-errors=MODE Control which units are verified\n" " --offline=BOOL Perform a security review on unit file(s)\n" @@ -657,6 +659,7 @@ static int run(int argc, char *argv[]) { { "pcrs", VERB_ANY, VERB_ANY, 0, verb_pcrs }, { "srk", VERB_ANY, 1, 0, verb_srk }, { "architectures", VERB_ANY, VERB_ANY, 0, verb_architectures }, + { "smbios11", VERB_ANY, 1, 0, verb_smbios11 }, {} }; diff --git a/src/analyze/meson.build b/src/analyze/meson.build index f150ed7613b..a307923c22e 100644 --- a/src/analyze/meson.build +++ b/src/analyze/meson.build @@ -22,6 +22,7 @@ systemd_analyze_sources = files( 'analyze-plot.c', 'analyze-security.c', 'analyze-service-watchdogs.c', + 'analyze-smbios11.c', 'analyze-srk.c', 'analyze-syscall-filter.c', 'analyze-time.c', diff --git a/test/units/TEST-65-ANALYZE.sh b/test/units/TEST-65-ANALYZE.sh index 18f5c4d804a..fde15192f78 100755 --- a/test/units/TEST-65-ANALYZE.sh +++ b/test/units/TEST-65-ANALYZE.sh @@ -947,6 +947,9 @@ systemd-analyze architectures x86-64 systemd-analyze architectures native systemd-analyze architectures uname +systemd-analyze smbios11 +systemd-analyze smbios11 -q + systemd-analyze log-level info touch /testok