shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-03-31 14:50:15 +03:00
Code

Factory reset followup (#36621)

Browse Source 
@poettering hrm, there's still one thing unclear to me: we currently
have no way for canceling factory reset via IPC. And adding that to
varlink service solely doesn't seem feasible either, since the state
departs from the active state of `factory-reset.target` and it would
become impossible to re-request it without restarting
`factory-reset.target` _and all dependencies_, which feels
unmaintainable.
This commit is contained in:
Lennart Poettering 2025-03-06 17:43:04 +01:00 committed by GitHub
commit 8ef9ceb7e5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 22 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/factory-reset/factory-reset-tool.c
View File

@ -209,12 +209,9 @@ static int verb_cancel(int argc, char *argv[], void *userdata) {
return 0;
}
if (!is_efi_boot()) {
if (!arg_quiet)
log_info("Not an EFI boot, cannot remove FactoryResetMode EFI variable, not cancelling.");
return 0;
}
if (!is_efi_boot())
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
"Not an EFI boot, cannot remove FactoryResetMode EFI variable, not cancelling.");
r = efi_set_variable(EFI_SYSTEMD_VARIABLE_STR("FactoryResetRequest"), /* value= */ NULL, /* size= */ 0);
if (r < 0)

10
src/hibernate-resume/hibernate-resume-config.c
View File

@ -143,11 +143,11 @@ static bool validate_efi_hibernate_location(EFIHibernateLocation *e) {
int get_efi_hibernate_location(EFIHibernateLocation **ret) {
#if ENABLE_EFI
static const sd_json_dispatch_field dispatch_table[] = {
{ "uuid", SD_JSON_VARIANT_STRING, sd_json_dispatch_id128, offsetof(EFIHibernateLocation, uuid), SD_JSON_MANDATORY },
{ "offset", _SD_JSON_VARIANT_TYPE_INVALID, sd_json_dispatch_uint64, offsetof(EFIHibernateLocation, offset), SD_JSON_MANDATORY },
{ "kernelVersion", SD_JSON_VARIANT_STRING, sd_json_dispatch_string, offsetof(EFIHibernateLocation, kernel_version), SD_JSON_PERMISSIVE|SD_JSON_DEBUG },
{ "osReleaseId", SD_JSON_VARIANT_STRING, sd_json_dispatch_string, offsetof(EFIHibernateLocation, id), SD_JSON_PERMISSIVE|SD_JSON_DEBUG },
{ "osReleaseImageId", SD_JSON_VARIANT_STRING, sd_json_dispatch_string, offsetof(EFIHibernateLocation, image_id), SD_JSON_PERMISSIVE|SD_JSON_DEBUG },
{ "uuid", SD_JSON_VARIANT_STRING, sd_json_dispatch_id128, offsetof(EFIHibernateLocation, uuid), SD_JSON_MANDATORY },
{ "offset", _SD_JSON_VARIANT_TYPE_INVALID, sd_json_dispatch_uint64, offsetof(EFIHibernateLocation, offset), SD_JSON_MANDATORY },
{ "kernelVersion", SD_JSON_VARIANT_STRING, sd_json_dispatch_string, offsetof(EFIHibernateLocation, kernel_version), SD_JSON_PERMISSIVE },
{ "osReleaseId", SD_JSON_VARIANT_STRING, sd_json_dispatch_string, offsetof(EFIHibernateLocation, id), SD_JSON_PERMISSIVE },
{ "osReleaseImageId", SD_JSON_VARIANT_STRING, sd_json_dispatch_string, offsetof(EFIHibernateLocation, image_id), SD_JSON_PERMISSIVE },
{ "osReleaseVersionId", SD_JSON_VARIANT_STRING, sd_json_dispatch_string, offsetof(EFIHibernateLocation, version_id), SD_JSON_PERMISSIVE|SD_JSON_DEBUG },
{ "osReleaseImageVersion", SD_JSON_VARIANT_STRING, sd_json_dispatch_string, offsetof(EFIHibernateLocation, image_version), SD_JSON_PERMISSIVE|SD_JSON_DEBUG },
{},

19
src/tpm2-setup/tpm2-clear.c
View File

@ -88,22 +88,23 @@ static int request_tpm2_clear(void) {
r = secure_getenv_bool("SYSTEMD_TPM2_ALLOW_CLEAR");
if (r < 0 && r != -ENXIO)
log_warning_errno(r, "Failed to parse $SYSTEMD_TPM2_ALLOW_CLEAR, ignoring: %m");
return log_error_errno(r, "Failed to parse $SYSTEMD_TPM2_ALLOW_CLEAR: %m");
if (r >= 0)
clear = r;
if (clear < 0) {
bool b;
r = proc_cmdline_get_bool("systemd.tpm2_allow_clear", /* flags= */ 0, &b);
r = proc_cmdline_get_bool("systemd.tpm2_allow_clear", PROC_CMDLINE_TRUE_WHEN_MISSING, &b);
if (r < 0)
return log_debug_errno(r, "Failed to parse systemd.tpm2_allow_clear kernel command line argument: %m");
if (r > 0)
clear = b;
return log_error_errno(r, "Failed to parse systemd.tpm2_allow_clear kernel command line argument: %m");
clear = b;
}
if (clear == 0) {
assert(clear >= 0);
if (!clear) {
log_info("Clearing TPM2 disabled, exiting early.");
return EXIT_SUCCESS;
return 0;
}
/* Now issue PPI request */
@ -131,10 +132,10 @@ static int run(int argc, char *argv[]) {
* to rebuild it. */
if (arg_graceful && !tpm2_is_fully_supported()) {
log_notice("No complete TPM2 support detected, exiting gracefully.");
return EXIT_SUCCESS;
return 0;
}
return request_tpm2_clear();
}
DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE(run);
DEFINE_MAIN_FUNCTION(run);

1
units/factory-reset-now.target
View File

@ -11,3 +11,4 @@
Description=Factory Reset Execution
Documentation=man:systemd.special(7)
Wants=systemd-factory-reset-complete.service
RefuseManualStart=yes

4
units/meson.build
View File

@ -323,9 +323,7 @@ units = [
},
{ 'file' : 'systemd-creds@.service' },
{ 'file' : 'systemd-exit.service' },
{
'file' : 'systemd-factory-reset@.service.in',
},
{ 'file' : 'systemd-factory-reset@.service.in' },
{
'file' : 'systemd-factory-reset.socket',
'symlinks' : ['sockets.target.wants/'],

2
units/systemd-factory-reset-complete.service.in
View File

@ -15,6 +15,8 @@ Requires=factory-reset-now.target
After=factory-reset-now.target
Conflicts=shutdown.target
Before=shutdown.target
RefuseManualStart=yes
RefuseManualStop=yes
[Service]
Type=oneshot