stub: add StubDevicePartUUID/StubImageIdentifier

These variables closely mirror the existing LoaderDevicePartUUID/LoaderImageIdentifier variables. But the Stub… variables indicate the location of the stub/UKI (i.e. of systemd-stub), while the Loader… variables indicate the location of the boot loader (i.e. of systemd-boot). (Except of course, there is no boot loader used, in which case both sets point to the stub/UKI, as a special case). This actually matters, as we support that sd-boot runs off the ESP, while a UKI then runs off XBOOTLDR, i.e. two distinct partitions.
2025-03-19 22:50:17 +03:00 · 2024-07-15 16:11:31 +02:00 · 2024-07-15 16:11:31 +02:00 · a482908cbc
commit a482908cbc
parent 77d496c083
4 changed files with 28 additions and 1 deletions
--- a/man/systemd-stub.xml
+++ b/man/systemd-stub.xml
@ -496,6 +496,18 @@
        <xi:include href="version-info.xml" xpointer="v237"/></listitem>
      </varlistentry>

+      <varlistentry>
+        <term><varname>StubDevicePartUUID</varname></term>
+        <term><varname>StubImageIdentifier</varname></term>
+
+        <listitem><para>Similar to <varname>LoaderDevicePartUUID</varname> and
+        <varname>StubImageIdentifier</varname>, but indicates the location of the unified kernel image EFI
+        binary rather than the location of the boot loader binary, regardless if booted via a boot loader
+        or not.</para>
+
+        <xi:include href="version-info.xml" xpointer="v257"/></listitem>
+      </varlistentry>
+
      <varlistentry>
        <term><varname>StubInfo</varname></term>

--- a/src/boot/bootctl-status.c
+++ b/src/boot/bootctl-status.c
@ -384,7 +384,7 @@ int verb_status(int argc, char *argv[], void *userdata) {
                        uint64_t flag;
                        const char *name;
                } stub_flags[] = {
-                        { EFI_STUB_FEATURE_REPORT_BOOT_PARTITION,     "Stub sets ESP information"                                   },
+                        { EFI_STUB_FEATURE_REPORT_BOOT_PARTITION,     "Stub sets loader partition information"                      },
                        { EFI_STUB_FEATURE_PICK_UP_CREDENTIALS,       "Picks up credentials from boot partition"                    },
                        { EFI_STUB_FEATURE_PICK_UP_SYSEXTS,           "Picks up system extension images from boot partition"        },
                        { EFI_STUB_FEATURE_PICK_UP_CONFEXTS,          "Picks up configuration extension images from boot partition" },
@ -394,6 +394,7 @@ int verb_status(int argc, char *argv[], void *userdata) {
                        { EFI_STUB_FEATURE_CMDLINE_SMBIOS,            "Pick up .cmdline from SMBIOS Type 11"                        },
                        { EFI_STUB_FEATURE_DEVICETREE_ADDONS,         "Pick up .dtb from addons"                                    },
                        { EFI_STUB_FEATURE_MULTI_PROFILE_UKI,         "Stub understands profile selector"                           },
+                        { EFI_STUB_FEATURE_REPORT_STUB_PARTITION,     "Stub sets stub partition information"                        },
                };
                _cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL, *stub = NULL;
                sd_id128_t loader_part_uuid = SD_ID128_NULL;
--- a/src/boot/efi/stub.c
+++ b/src/boot/efi/stub.c
@ -153,6 +153,7 @@ static void export_stub_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image, unsig
                EFI_STUB_FEATURE_CMDLINE_SMBIOS |           /* We support extending kernel cmdline from SMBIOS Type #11 */
                EFI_STUB_FEATURE_DEVICETREE_ADDONS |        /* We pick up .dtb addons */
                EFI_STUB_FEATURE_MULTI_PROFILE_UKI |        /* We grok the "@1" profile command line argument */
+                EFI_STUB_FEATURE_REPORT_STUB_PARTITION |    /* We set StubDevicePartUUID + StubImageIdentifier */
                0;

        assert(loaded_image);
@ -164,6 +165,18 @@ static void export_stub_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image, unsig
        (void) efivar_set_uint64_le(MAKE_GUID_PTR(LOADER), u"StubFeatures", stub_features, 0);

        (void) efivar_set_uint64_str16(MAKE_GUID_PTR(LOADER), u"StubProfile", profile, 0);
+
+        if (loaded_image->DeviceHandle) {
+                _cleanup_free_ char16_t *uuid = disk_get_part_uuid(loaded_image->DeviceHandle);
+                if (uuid)
+                        efivar_set_str16(MAKE_GUID_PTR(LOADER), u"StubDevicePartUUID", uuid, 0);
+        }
+
+        if (loaded_image->FilePath) {
+                _cleanup_free_ char16_t *s = NULL;
+                if (device_path_to_str(loaded_image->FilePath, &s) == EFI_SUCCESS)
+                        efivar_set_str16(MAKE_GUID_PTR(LOADER), u"StubImageIdentifier", s, 0);
+        }
 }

 static bool parse_profile_from_cmdline(char16_t **cmdline, unsigned *ret_profile) {
--- a/src/fundamental/efivars-fundamental.h
+++ b/src/fundamental/efivars-fundamental.h
@ -36,6 +36,7 @@
 #define EFI_STUB_FEATURE_DEVICETREE_ADDONS         (UINT64_C(1) << 7)
 #define EFI_STUB_FEATURE_PICK_UP_CONFEXTS          (UINT64_C(1) << 8)
 #define EFI_STUB_FEATURE_MULTI_PROFILE_UKI         (UINT64_C(1) << 9)
+#define EFI_STUB_FEATURE_REPORT_STUB_PARTITION     (UINT64_C(1) << 10)

 typedef enum SecureBootMode {
        SECURE_BOOT_UNSUPPORTED,