1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

Merge pull request #34348 from poettering/stub-efivar-tweaks

sd-stub: report stub location in efi vars
This commit is contained in:
Lennart Poettering 2024-09-11 10:09:53 +02:00 committed by GitHub
commit a5d0f74e62
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 63 additions and 21 deletions

View File

@ -429,13 +429,15 @@
<varlistentry>
<term><varname>LoaderDevicePartUUID</varname></term>
<listitem><para>Contains the partition UUID of the EFI System Partition the boot loader was run from. Set by
the boot
loader. <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
uses this information to automatically find the disk booted from, in order to discover various other partitions
on the same disk automatically.</para>
<listitem><para>Contains the partition UUID of the partition the boot loader has been started from on
the current boot (usually a EFI System Partition). Set by the boot loader. (Note that
<command>systemd-stub</command> will set this too, if not set yet, to support systems that directly
boot into a unified kernel image, bypassing any boot loader.)
<citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
uses this information to automatically find the disk booted from, in order to discover various other
partitions on the same disk automatically.</para>
<xi:include href="version-info.xml" xpointer="v240"/></listitem>
<xi:include href="version-info.xml" xpointer="v220"/></listitem>
</varlistentry>
<varlistentry>
@ -516,12 +518,15 @@
<varlistentry>
<term><varname>LoaderImageIdentifier</varname></term>
<listitem><para>The path of executable of the boot loader used for the current boot, relative to the EFI System
Partition's root directory. Set by the boot loader. Use
<citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view this
data.</para>
<listitem><para>The file system path to the EFI executable of the boot loader for the current boot,
relative to the partition's root directory (i.e. relative to the partition indicated by
<varname>LoaderDevicePartUUID</varname>, see above). Set by the boot loader. (Note that
<command>systemd-stub</command> will set this too, if not set yet, to support systems that directly
boot into a unified kernel image, bypassing any boot loader.) Use
<citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view
this data.</para>
<xi:include href="version-info.xml" xpointer="v240"/></listitem>
<xi:include href="version-info.xml" xpointer="v220"/></listitem>
</varlistentry>
<varlistentry>

View File

@ -459,12 +459,16 @@
<varlistentry>
<term><varname>LoaderDevicePartUUID</varname></term>
<listitem><para>Contains the partition UUID of the EFI System Partition the EFI image was run
from. <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
<listitem><para>Contains the partition UUID of the partition the boot loader has been started from on
the current boot (usually a EFI System Partition). If already set by the boot loader, this will
remain untouched by <command>systemd-stub</command>. If not set yet, this will be set to the
partition UUID of the partition the unified kernel is started from, in order to support systems that
directly boot into a unified kernel image, bypassing any boot loader.
<citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
uses this information to automatically find the disk booted from, in order to discover various other
partitions on the same disk automatically.</para>
<xi:include href="version-info.xml" xpointer="v250"/></listitem>
<xi:include href="version-info.xml" xpointer="v224"/></listitem>
</varlistentry>
<varlistentry>
@ -481,12 +485,27 @@
<varlistentry>
<term><varname>LoaderImageIdentifier</varname></term>
<listitem><para>The path of EFI executable, relative to the EFI System Partition's root
directory. Use
<listitem><para>The file system path to the EFI executable of the boot loader for the current boot,
relative to the partition's root directory (i.e. relative to the partition indicated by
<varname>LoaderDevicePartUUID</varname>, see above). If not set yet, this will be set to the file
system path of the EFI executable of the booted unified kernel, in order to support systems that
directly boot into a unified kernel image, bypassing any boot loader. Use
<citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view
this data.</para>
<xi:include href="version-info.xml" xpointer="v250"/></listitem>
<xi:include href="version-info.xml" xpointer="v237"/></listitem>
</varlistentry>
<varlistentry>
<term><varname>StubDevicePartUUID</varname></term>
<term><varname>StubImageIdentifier</varname></term>
<listitem><para>Similar to <varname>LoaderDevicePartUUID</varname> and
<varname>StubImageIdentifier</varname>, but indicates the location of the unified kernel image EFI
binary rather than the location of the boot loader binary, regardless if booted via a boot loader
or not.</para>
<xi:include href="version-info.xml" xpointer="v257"/></listitem>
</varlistentry>
<varlistentry>

View File

@ -378,12 +378,13 @@ int verb_status(int argc, char *argv[], void *userdata) {
{ EFI_LOADER_FEATURE_SECUREBOOT_ENROLL, "Enroll SecureBoot keys" },
{ EFI_LOADER_FEATURE_RETAIN_SHIM, "Retain SHIM protocols" },
{ EFI_LOADER_FEATURE_MENU_DISABLE, "Menu can be disabled" },
{ EFI_LOADER_FEATURE_MULTI_PROFILE_UKI, "Multi-Profile UKIs are supported" },
};
static const struct {
uint64_t flag;
const char *name;
} stub_flags[] = {
{ EFI_STUB_FEATURE_REPORT_BOOT_PARTITION, "Stub sets ESP information" },
{ EFI_STUB_FEATURE_REPORT_BOOT_PARTITION, "Stub sets loader partition information" },
{ EFI_STUB_FEATURE_PICK_UP_CREDENTIALS, "Picks up credentials from boot partition" },
{ EFI_STUB_FEATURE_PICK_UP_SYSEXTS, "Picks up system extension images from boot partition" },
{ EFI_STUB_FEATURE_PICK_UP_CONFEXTS, "Picks up configuration extension images from boot partition" },
@ -392,6 +393,8 @@ int verb_status(int argc, char *argv[], void *userdata) {
{ EFI_STUB_FEATURE_CMDLINE_ADDONS, "Pick up .cmdline from addons" },
{ EFI_STUB_FEATURE_CMDLINE_SMBIOS, "Pick up .cmdline from SMBIOS Type 11" },
{ EFI_STUB_FEATURE_DEVICETREE_ADDONS, "Pick up .dtb from addons" },
{ EFI_STUB_FEATURE_MULTI_PROFILE_UKI, "Stub understands profile selector" },
{ EFI_STUB_FEATURE_REPORT_STUB_PARTITION, "Stub sets stub partition information" },
};
_cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL, *stub = NULL;
sd_id128_t loader_part_uuid = SD_ID128_NULL;

View File

@ -10,7 +10,8 @@ void export_common_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image) {
assert(loaded_image);
/* Export the device path this image is started from, if it's not set yet */
if (efivar_get_raw(MAKE_GUID_PTR(LOADER), u"LoaderDevicePartUUID", NULL, NULL) != EFI_SUCCESS) {
if (loaded_image->DeviceHandle &&
efivar_get_raw(MAKE_GUID_PTR(LOADER), u"LoaderDevicePartUUID", NULL, NULL) != EFI_SUCCESS) {
_cleanup_free_ char16_t *uuid = disk_get_part_uuid(loaded_image->DeviceHandle);
if (uuid)
efivar_set_str16(MAKE_GUID_PTR(LOADER), u"LoaderDevicePartUUID", uuid, 0);
@ -22,8 +23,8 @@ void export_common_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image) {
* in which case there's simple nothing to set for us. (The UEFI spec doesn't really say who's wrong
* here, i.e. whether FilePath may be NULL or not, hence handle this gracefully and check if FilePath
* is non-NULL explicitly.) */
if (efivar_get_raw(MAKE_GUID_PTR(LOADER), u"LoaderImageIdentifier", NULL, NULL) != EFI_SUCCESS &&
loaded_image->FilePath) {
if (loaded_image->FilePath &&
efivar_get_raw(MAKE_GUID_PTR(LOADER), u"LoaderImageIdentifier", NULL, NULL) != EFI_SUCCESS) {
_cleanup_free_ char16_t *s = NULL;
if (device_path_to_str(loaded_image->FilePath, &s) == EFI_SUCCESS)
efivar_set_str16(MAKE_GUID_PTR(LOADER), u"LoaderImageIdentifier", s, 0);

View File

@ -153,6 +153,7 @@ static void export_stub_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image, unsig
EFI_STUB_FEATURE_CMDLINE_SMBIOS | /* We support extending kernel cmdline from SMBIOS Type #11 */
EFI_STUB_FEATURE_DEVICETREE_ADDONS | /* We pick up .dtb addons */
EFI_STUB_FEATURE_MULTI_PROFILE_UKI | /* We grok the "@1" profile command line argument */
EFI_STUB_FEATURE_REPORT_STUB_PARTITION | /* We set StubDevicePartUUID + StubImageIdentifier */
0;
assert(loaded_image);
@ -164,6 +165,18 @@ static void export_stub_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image, unsig
(void) efivar_set_uint64_le(MAKE_GUID_PTR(LOADER), u"StubFeatures", stub_features, 0);
(void) efivar_set_uint64_str16(MAKE_GUID_PTR(LOADER), u"StubProfile", profile, 0);
if (loaded_image->DeviceHandle) {
_cleanup_free_ char16_t *uuid = disk_get_part_uuid(loaded_image->DeviceHandle);
if (uuid)
efivar_set_str16(MAKE_GUID_PTR(LOADER), u"StubDevicePartUUID", uuid, 0);
}
if (loaded_image->FilePath) {
_cleanup_free_ char16_t *s = NULL;
if (device_path_to_str(loaded_image->FilePath, &s) == EFI_SUCCESS)
efivar_set_str16(MAKE_GUID_PTR(LOADER), u"StubImageIdentifier", s, 0);
}
}
static bool parse_profile_from_cmdline(char16_t **cmdline, unsigned *ret_profile) {

View File

@ -36,6 +36,7 @@
#define EFI_STUB_FEATURE_DEVICETREE_ADDONS (UINT64_C(1) << 7)
#define EFI_STUB_FEATURE_PICK_UP_CONFEXTS (UINT64_C(1) << 8)
#define EFI_STUB_FEATURE_MULTI_PROFILE_UKI (UINT64_C(1) << 9)
#define EFI_STUB_FEATURE_REPORT_STUB_PARTITION (UINT64_C(1) << 10)
typedef enum SecureBootMode {
SECURE_BOOT_UNSUPPORTED,