diff --git a/src/boot/bootctl-status.c b/src/boot/bootctl-status.c index 192fddbf5e7..c8ab363de59 100644 --- a/src/boot/bootctl-status.c +++ b/src/boot/bootctl-status.c @@ -303,7 +303,7 @@ static void read_efi_var(const char *variable, char **ret) { r = efi_get_variable_string(variable, ret); if (r < 0 && r != -ENOENT) - log_warning_errno(r, "Failed to read EFI variable %s: %m", variable); + log_warning_errno(r, "Failed to read EFI variable '%s', ignoring: %m", variable); } static void print_yes_no_line(bool first, bool good, const char *name) { @@ -396,8 +396,7 @@ int verb_status(int argc, char *argv[], void *userdata) { { EFI_STUB_FEATURE_MULTI_PROFILE_UKI, "Stub understands profile selector" }, { EFI_STUB_FEATURE_REPORT_STUB_PARTITION, "Stub sets stub partition information" }, }; - _cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL, *stub = NULL; - sd_id128_t loader_part_uuid = SD_ID128_NULL; + _cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL, *stub = NULL, *stub_path = NULL; uint64_t loader_features = 0, stub_features = 0; Tpm2Support s; int have; @@ -407,15 +406,14 @@ int verb_status(int argc, char *argv[], void *userdata) { read_efi_var(EFI_LOADER_VARIABLE(LoaderInfo), &loader); read_efi_var(EFI_LOADER_VARIABLE(StubInfo), &stub); read_efi_var(EFI_LOADER_VARIABLE(LoaderImageIdentifier), &loader_path); + read_efi_var(EFI_LOADER_VARIABLE(StubImageIdentifier), &stub_path); (void) efi_loader_get_features(&loader_features); (void) efi_stub_get_features(&stub_features); if (loader_path) efi_tilt_backslashes(loader_path); - - k = efi_loader_get_device_part_uuid(&loader_part_uuid); - if (k < 0 && k != -ENOENT) - r = log_warning_errno(k, "Failed to read EFI variable LoaderDevicePartUUID: %m"); + if (stub_path) + efi_tilt_backslashes(stub_path); SecureBootMode secure = efi_get_secure_boot_mode(); printf("%sSystem:%s\n", ansi_underline(), ansi_normal()); @@ -463,34 +461,50 @@ int verb_status(int argc, char *argv[], void *userdata) { } printf("\n"); - printf("%sCurrent Boot Loader:%s\n", ansi_underline(), ansi_normal()); - printf(" Product: %s%s%s\n", ansi_highlight(), strna(loader), ansi_normal()); + if (loader) { + printf("%sCurrent Boot Loader:%s\n", ansi_underline(), ansi_normal()); + printf(" Product: %s%s%s\n", ansi_highlight(), loader, ansi_normal()); + for (size_t i = 0; i < ELEMENTSOF(loader_flags); i++) + print_yes_no_line(i == 0, FLAGS_SET(loader_features, loader_flags[i].flag), loader_flags[i].name); - for (size_t i = 0; i < ELEMENTSOF(loader_flags); i++) - print_yes_no_line(i == 0, FLAGS_SET(loader_features, loader_flags[i].flag), loader_flags[i].name); + sd_id128_t loader_partition_uuid; + bool have_loader_partition_uuid = efi_loader_get_device_part_uuid(&loader_partition_uuid) >= 0; - sd_id128_t bootloader_esp_uuid; - bool have_bootloader_esp_uuid = efi_loader_get_device_part_uuid(&bootloader_esp_uuid) >= 0; + print_yes_no_line(false, have_loader_partition_uuid, "Boot loader set ESP information"); + if (have_loader_partition_uuid && !sd_id128_is_null(esp_uuid) && !sd_id128_equal(esp_uuid, loader_partition_uuid)) + printf("WARNING: The boot loader reports a different partition UUID than the detected ESP ("SD_ID128_UUID_FORMAT_STR" vs. "SD_ID128_UUID_FORMAT_STR")!\n", + SD_ID128_FORMAT_VAL(loader_partition_uuid), SD_ID128_FORMAT_VAL(esp_uuid)); - print_yes_no_line(false, have_bootloader_esp_uuid, "Boot loader sets ESP information"); - if (have_bootloader_esp_uuid && !sd_id128_is_null(esp_uuid) && - !sd_id128_equal(esp_uuid, bootloader_esp_uuid)) - printf("WARNING: The boot loader reports a different ESP UUID than detected ("SD_ID128_UUID_FORMAT_STR" vs. "SD_ID128_UUID_FORMAT_STR")!\n", - SD_ID128_FORMAT_VAL(bootloader_esp_uuid), - SD_ID128_FORMAT_VAL(esp_uuid)); + if (!sd_id128_is_null(loader_partition_uuid)) + printf(" Partition: /dev/disk/by-partuuid/" SD_ID128_UUID_FORMAT_STR "\n", + SD_ID128_FORMAT_VAL(loader_partition_uuid)); + else + printf(" Partition: n/a\n"); + printf(" Loader: %s%s\n", special_glyph(SPECIAL_GLYPH_TREE_RIGHT), strna(loader_path)); + printf("\n"); + } if (stub) { - printf(" Stub: %s\n", stub); + printf("%sCurrent Stub:%s\n", ansi_underline(), ansi_normal()); + printf(" Product: %s%s%s\n", ansi_highlight(), stub, ansi_normal()); for (size_t i = 0; i < ELEMENTSOF(stub_flags); i++) print_yes_no_line(i == 0, FLAGS_SET(stub_features, stub_flags[i].flag), stub_flags[i].name); + + sd_id128_t stub_partition_uuid; + bool have_stub_partition_uuid = efi_stub_get_device_part_uuid(&stub_partition_uuid) >= 0; + + if (have_stub_partition_uuid && (!(!sd_id128_is_null(esp_uuid) && sd_id128_equal(esp_uuid, stub_partition_uuid)) && + !(!sd_id128_is_null(xbootldr_uuid) && sd_id128_equal(xbootldr_uuid, stub_partition_uuid)))) + printf("WARNING: The stub loader reports a different UUID than the detected ESP or XBOOTDLR partition ("SD_ID128_UUID_FORMAT_STR" vs. "SD_ID128_UUID_FORMAT_STR"/"SD_ID128_UUID_FORMAT_STR")!\n", + SD_ID128_FORMAT_VAL(stub_partition_uuid), SD_ID128_FORMAT_VAL(esp_uuid), SD_ID128_FORMAT_VAL(xbootldr_uuid)); + if (!sd_id128_is_null(stub_partition_uuid)) + printf(" Partition: /dev/disk/by-partuuid/" SD_ID128_UUID_FORMAT_STR "\n", + SD_ID128_FORMAT_VAL(stub_partition_uuid)); + else + printf(" Partition: n/a\n"); + printf(" Stub: %s%s\n", special_glyph(SPECIAL_GLYPH_TREE_RIGHT), strna(stub_path)); + printf("\n"); } - if (!sd_id128_is_null(loader_part_uuid)) - printf(" ESP: /dev/disk/by-partuuid/" SD_ID128_UUID_FORMAT_STR "\n", - SD_ID128_FORMAT_VAL(loader_part_uuid)); - else - printf(" ESP: n/a\n"); - printf(" File: %s%s\n", special_glyph(SPECIAL_GLYPH_TREE_RIGHT), strna(loader_path)); - printf("\n"); printf("%sRandom Seed:%s\n", ansi_underline(), ansi_normal()); have = access(EFIVAR_PATH(EFI_LOADER_VARIABLE(LoaderSystemToken)), F_OK) >= 0; diff --git a/src/shared/efi-loader.c b/src/shared/efi-loader.c index ab377aaa8b7..74144af95ab 100644 --- a/src/shared/efi-loader.c +++ b/src/shared/efi-loader.c @@ -61,30 +61,19 @@ int efi_loader_get_boot_usec(usec_t *ret_firmware, usec_t *ret_loader) { return 0; } -int efi_loader_get_device_part_uuid(sd_id128_t *ret) { - _cleanup_free_ char *p = NULL; - int r; - unsigned parsed[16]; - +static int get_device_part_uuid(const char *variable, sd_id128_t *ret) { if (!is_efi_boot()) return -EOPNOTSUPP; - r = efi_get_variable_string(EFI_LOADER_VARIABLE(LoaderDevicePartUUID), &p); - if (r < 0) - return r; + return efi_get_variable_id128(variable, ret); +} - if (sscanf(p, SD_ID128_UUID_FORMAT_STR, - &parsed[0], &parsed[1], &parsed[2], &parsed[3], - &parsed[4], &parsed[5], &parsed[6], &parsed[7], - &parsed[8], &parsed[9], &parsed[10], &parsed[11], - &parsed[12], &parsed[13], &parsed[14], &parsed[15]) != 16) - return -EIO; +int efi_loader_get_device_part_uuid(sd_id128_t *ret) { + return get_device_part_uuid(EFI_LOADER_VARIABLE(LoaderDevicePartUUID), ret); +} - if (ret) - for (unsigned i = 0; i < ELEMENTSOF(parsed); i++) - ret->bytes[i] = parsed[i]; - - return 0; +int efi_stub_get_device_part_uuid(sd_id128_t *ret) { + return get_device_part_uuid(EFI_LOADER_VARIABLE(StubDevicePartUUID), ret); } int efi_loader_get_entries(char ***ret) { @@ -353,6 +342,22 @@ int efi_loader_update_entry_one_shot_cache(char **cache, struct stat *cache_stat return 0; } +int efi_get_variable_id128(const char *variable, sd_id128_t *ret) { + int r; + + assert(variable); + + /* This is placed here (rather than in basic/efivars.c) because code in basic/ is not allowed to link + * against libsystemd.so */ + + _cleanup_free_ char *p = NULL; + r = efi_get_variable_string(variable, &p); + if (r < 0) + return r; + + return sd_id128_from_string(p, ret); +} + #endif bool efi_loader_entry_name_valid(const char *s) { diff --git a/src/shared/efi-loader.h b/src/shared/efi-loader.h index c878eea72fc..0b6d059398a 100644 --- a/src/shared/efi-loader.h +++ b/src/shared/efi-loader.h @@ -11,6 +11,7 @@ #if ENABLE_EFI int efi_loader_get_device_part_uuid(sd_id128_t *ret); +int efi_stub_get_device_part_uuid(sd_id128_t *ret); int efi_loader_get_boot_usec(usec_t *ret_firmware, usec_t *ret_loader); int efi_loader_get_entries(char ***ret); @@ -23,6 +24,8 @@ int efi_measured_uki(int log_level); int efi_loader_get_config_timeout_one_shot(usec_t *ret); int efi_loader_update_entry_one_shot_cache(char **cache, struct stat *cache_stat); +int efi_get_variable_id128(const char *variable, sd_id128_t *ret); + #else static inline int efi_loader_get_device_part_uuid(sd_id128_t *u) { @@ -58,6 +61,10 @@ static inline int efi_loader_update_entry_one_shot_cache(char **cache, struct st return -EOPNOTSUPP; } +static inline int efi_get_variable_id128(const char *variable, sd_id128_t *ret) { + return -EOPNOTSUPP; +} + #endif bool efi_loader_entry_name_valid(const char *s);