diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh index c90044c9a85..3ec229bd9b7 100755 --- a/.github/workflows/build_test.sh +++ b/.github/workflows/build_test.sh @@ -9,7 +9,7 @@ success() { echo >&2 -e "\033[32;1m$1\033[0m"; } ARGS=( "--optimization=0" - "--optimization=s -Dgnu-efi=true -Defi-cflags=-m32 -Defi-libdir=/usr/lib32" + "--optimization=s" "--optimization=3 -Db_lto=true -Ddns-over-tls=false" "--optimization=3 -Db_lto=false" "--optimization=3 -Ddns-over-tls=openssl" @@ -27,7 +27,6 @@ PACKAGES=( kbd libblkid-dev libbpf-dev - libc6-dev-i386 libcap-dev libcurl4-gnutls-dev libfdisk-dev @@ -55,6 +54,7 @@ PACKAGES=( python3-lxml python3-pefile python3-pip + python3-pyelftools python3-pyparsing python3-setuptools quota @@ -156,8 +156,8 @@ for args in "${ARGS[@]}"; do fatal "'meson compile' failed with '$args'" fi - for loader in build/src/boot/efi/*.efi; do - if sbverify --list "$loader" |& grep -q "gap in section table"; then + for loader in build/src/boot/efi/*{.efi,.efi.stub}; do + if [[ "$(sbverify --list "$loader" 2>&1)" != "No signature table present" ]]; then fatal "$loader: Gaps found in section table" fi done diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh index 70ba090eb8e..da99f993f11 100755 --- a/.github/workflows/unit_tests.sh +++ b/.github/workflows/unit_tests.sh @@ -22,6 +22,7 @@ ADDITIONAL_DEPS=( perl python3-libevdev python3-pefile + python3-pyelftools python3-pyparsing rpm zstd diff --git a/README b/README index 97338a633d1..a94f71cc667 100644 --- a/README +++ b/README @@ -216,7 +216,7 @@ REQUIREMENTS: awk, sed, grep, and similar tools clang >= 10.0, llvm >= 10.0 (optional, required to build BPF programs from source code in C) - gnu-efi >= 3.0.5 (optional, required for systemd-boot) + pyelftools (optional, required for systemd-boot) During runtime, you need the following additional dependencies: diff --git a/man/bootctl.xml b/man/bootctl.xml index 84d6b7756f7..a6f1fc1c4cf 100644 --- a/man/bootctl.xml +++ b/man/bootctl.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - bootctl diff --git a/man/loader.conf.xml b/man/loader.conf.xml index b0022270325..a0fc278c2ac 100644 --- a/man/loader.conf.xml +++ b/man/loader.conf.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - loader.conf diff --git a/man/rules/meson.build b/man/rules/meson.build index 4c92da359c9..39cc55a929f 100644 --- a/man/rules/meson.build +++ b/man/rules/meson.build @@ -5,7 +5,7 @@ # ninja -C build update-man-rules manpages = [ ['binfmt.d', '5', [], 'ENABLE_BINFMT'], - ['bootctl', '1', [], 'HAVE_GNU_EFI'], + ['bootctl', '1', [], 'ENABLE_BOOTLOADER'], ['bootup', '7', [], ''], ['busctl', '1', [], ''], ['coredump.conf', '5', ['coredump.conf.d'], 'ENABLE_COREDUMP'], @@ -31,7 +31,7 @@ manpages = [ ['kernel-command-line', '7', [], ''], ['kernel-install', '8', [], 'ENABLE_KERNEL_INSTALL'], ['libudev', '3', [], ''], - ['loader.conf', '5', [], 'HAVE_GNU_EFI'], + ['loader.conf', '5', [], 'ENABLE_BOOTLOADER'], ['locale.conf', '5', [], ''], ['localectl', '1', [], 'ENABLE_LOCALED'], ['localtime', '5', [], ''], @@ -877,14 +877,17 @@ manpages = [ ['systemd-ask-password', '1', [], ''], ['systemd-backlight@.service', '8', ['systemd-backlight'], 'ENABLE_BACKLIGHT'], ['systemd-binfmt.service', '8', ['systemd-binfmt'], 'ENABLE_BINFMT'], - ['systemd-bless-boot-generator', '8', [], 'HAVE_GNU_EFI'], - ['systemd-bless-boot.service', '8', ['systemd-bless-boot'], 'HAVE_GNU_EFI'], + ['systemd-bless-boot-generator', '8', [], 'ENABLE_BOOTLOADER'], + ['systemd-bless-boot.service', + '8', + ['systemd-bless-boot'], + 'ENABLE_BOOTLOADER'], ['systemd-boot-check-no-failures.service', '8', ['systemd-boot-check-no-failures'], ''], - ['systemd-boot-random-seed.service', '8', [], 'HAVE_GNU_EFI'], - ['systemd-boot', '7', ['sd-boot'], 'HAVE_GNU_EFI'], + ['systemd-boot-random-seed.service', '8', [], 'ENABLE_BOOTLOADER'], + ['systemd-boot', '7', ['sd-boot'], 'ENABLE_BOOTLOADER'], ['systemd-cat', '1', [], ''], ['systemd-cgls', '1', [], ''], ['systemd-cgtop', '1', [], ''], @@ -971,7 +974,7 @@ manpages = [ 'systemd-makefs', 'systemd-mkswap@.service'], ''], - ['systemd-measure', '1', [], 'HAVE_GNU_EFI'], + ['systemd-measure', '1', [], 'ENABLE_BOOTLOADER'], ['systemd-modules-load.service', '8', ['systemd-modules-load'], 'HAVE_KMOD'], ['systemd-mount', '1', ['systemd-umount'], ''], ['systemd-network-generator.service', '8', ['systemd-network-generator'], ''], @@ -992,7 +995,7 @@ manpages = [ 'systemd-pcrphase', 'systemd-pcrphase-initrd.service', 'systemd-pcrphase-sysinit.service'], - 'HAVE_GNU_EFI'], + 'ENABLE_BOOTLOADER'], ['systemd-portabled.service', '8', ['systemd-portabled'], 'ENABLE_PORTABLED'], ['systemd-poweroff.service', '8', @@ -1027,7 +1030,7 @@ manpages = [ ['systemd-stub', '7', ['linuxaa64.efi.stub', 'linuxia32.efi.stub', 'linuxx64.efi.stub', 'sd-stub'], - 'HAVE_GNU_EFI'], + 'ENABLE_BOOTLOADER'], ['systemd-suspend.service', '8', ['systemd-hibernate.service', diff --git a/man/systemd-bless-boot-generator.xml b/man/systemd-bless-boot-generator.xml index 992e0e90cca..173d5ae98f9 100644 --- a/man/systemd-bless-boot-generator.xml +++ b/man/systemd-bless-boot-generator.xml @@ -3,7 +3,7 @@ - + systemd-bless-boot-generator diff --git a/man/systemd-bless-boot.service.xml b/man/systemd-bless-boot.service.xml index 484f072352e..dcbad20495c 100644 --- a/man/systemd-bless-boot.service.xml +++ b/man/systemd-bless-boot.service.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - diff --git a/man/systemd-boot-random-seed.service.xml b/man/systemd-boot-random-seed.service.xml index 49f33668aaa..ad3477a97ad 100644 --- a/man/systemd-boot-random-seed.service.xml +++ b/man/systemd-boot-random-seed.service.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - diff --git a/man/systemd-boot.xml b/man/systemd-boot.xml index 64ded052e16..a64281b9190 100644 --- a/man/systemd-boot.xml +++ b/man/systemd-boot.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - systemd-boot diff --git a/man/systemd-measure.xml b/man/systemd-measure.xml index 7a10a6db567..950aeebc540 100644 --- a/man/systemd-measure.xml +++ b/man/systemd-measure.xml @@ -3,7 +3,7 @@ - + systemd-measure diff --git a/man/systemd-pcrphase.service.xml b/man/systemd-pcrphase.service.xml index 643dbe60ceb..24c7560468f 100644 --- a/man/systemd-pcrphase.service.xml +++ b/man/systemd-pcrphase.service.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - diff --git a/man/systemd-stub.xml b/man/systemd-stub.xml index 7934f344f86..21b79cd35f1 100644 --- a/man/systemd-stub.xml +++ b/man/systemd-stub.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - systemd-stub diff --git a/meson.build b/meson.build index 4a597845365..b1521e5937b 100644 --- a/meson.build +++ b/meson.build @@ -318,6 +318,8 @@ conf.set10('FIRST_BOOT_FULL_PRESET', get_option('first- ##################################################################### cc = meson.get_compiler('c') +userspace_c_args = [] +userspace_c_ld_args = [] meson_build_sh = find_program('tools/meson-build.sh') want_tests = get_option('tests') @@ -336,9 +338,9 @@ endif if want_libfuzzer fuzzing_engine = meson.get_compiler('cpp').find_library('Fuzzer', required : false) if fuzzing_engine.found() - add_project_arguments('-fsanitize-coverage=trace-pc-guard,trace-cmp', language : 'c') + userspace_c_args += '-fsanitize-coverage=trace-pc-guard,trace-cmp' elif cc.has_argument('-fsanitize=fuzzer-no-link') - add_project_arguments('-fsanitize=fuzzer-no-link', language : 'c') + userspace_c_args += '-fsanitize=fuzzer-no-link' else error('Looks like neither libFuzzer nor -fsanitize=fuzzer-no-link is supported') endif @@ -451,7 +453,7 @@ if get_option('mode') == 'release' possible_common_cc_flags += '-ftrivial-auto-var-init=zero' endif -possible_cc_flags = possible_common_cc_flags + [ +possible_cc_flags = [ '-Werror=missing-declarations', '-Werror=missing-prototypes', '-fdiagnostics-show-option', @@ -477,9 +479,15 @@ if get_option('mode') == 'developer' possible_cc_flags += '-fno-omit-frame-pointer' endif -add_project_arguments(cc.get_supported_arguments(basic_disabled_warnings), language : 'c') -add_project_arguments(cc.get_supported_arguments(possible_cc_flags), language : 'c') -add_project_link_arguments(cc.get_supported_link_arguments(possible_link_flags), language : 'c') +add_project_arguments( + cc.get_supported_arguments( + basic_disabled_warnings, + possible_common_cc_flags + ), + language : 'c') + +userspace_c_args += cc.get_supported_arguments(possible_cc_flags) +userspace_c_ld_args += cc.get_supported_link_arguments(possible_link_flags) have = cc.has_argument('-Wzero-length-bounds') conf.set10('HAVE_ZERO_LENGTH_BOUNDS', have) @@ -667,7 +675,9 @@ else command: vcs_tagger) endif -versiondep = declare_dependency(sources: version_h) +versiondep = declare_dependency( + sources: version_h, + include_directories : include_directories('.')) shared_lib_tag = get_option('shared-lib-tag') if shared_lib_tag == '' @@ -1859,6 +1869,7 @@ conf.set10('ENABLE_REMOTE', have) foreach term : ['analyze', 'backlight', 'binfmt', + 'compat-mutable-uid-boundaries', 'coredump', 'efi', 'environment-d', @@ -1870,23 +1881,22 @@ foreach term : ['analyze', 'idn', 'ima', 'initrd', - 'compat-mutable-uid-boundaries', - 'nscd', 'ldconfig', 'localed', 'logind', 'machined', 'networkd', + 'nscd', 'nss-myhostname', 'nss-systemd', 'portabled', - 'sysext', 'pstore', 'quotacheck', 'randomseed', 'resolve', 'rfkill', 'smack', + 'sysext', 'sysusers', 'timedated', 'timesyncd', @@ -1943,20 +1953,56 @@ catalogs = [] ############################################################ -# Include these now as they provide gnu-efi detection. -subdir('src/fundamental') -subdir('src/boot/efi') - -############################################################ - pymod = import('python') python = pymod.find_installation('python3', required : true, modules : ['jinja2']) python_39 = python.language_version().version_compare('>=3.9') +##################################################################### + +efi_arch = { + 'aarch64' : 'aa64', + 'arm' : 'arm', + 'loongarch32' : 'loongarch32', + 'loongarch64' : 'loongarch64', + 'riscv32' : 'riscv32', + 'riscv64' : 'riscv64', + 'x86_64' : 'x64', + 'x86' : 'ia32', +}.get(host_machine.cpu_family(), '') + +if get_option('bootloader') != 'false' and efi_arch != '' + conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch) +elif get_option('bootloader') == 'true' and efi_arch == '' + error('EFI not supported for this arch.') +endif + +efi_arch_alt = '' +if efi_arch == 'x64' and cc.links(''' + #include + int main(int argc, char *argv[]) { + return __builtin_popcount(argc - CHAR_MAX); + }''', args : ['-m32', '-march=i686'], name : '32bit build possible') + efi_arch_alt = 'ia32' +endif + +have_pyelftools = pymod.find_installation('python3', required : false, modules : ['elftools']).found() +if get_option('bootloader') == 'true' and (not python_39 or not have_pyelftools) + error('EFI bootloader support requires Python >= 3.9 and pyelftools.') +endif + +conf.set10( + 'ENABLE_BOOTLOADER', + get_option('efi') and + get_option('bootloader') in ['auto', 'true'] and + efi_arch != '' and + python_39 and + have_pyelftools, +) + if get_option('ukify') == 'auto' - want_ukify = python_39 and conf.get('HAVE_GNU_EFI') == 1 -elif get_option('ukify') == 'true' and (not python_39 or conf.get('HAVE_GNU_EFI') != 1) - error('ukify requires Python >= 3.9 and GNU EFI') + want_ukify = python_39 and conf.get('ENABLE_BOOTLOADER') == 1 +elif get_option('ukify') == 'true' and (not python_39 or conf.get('ENABLE_BOOTLOADER') != 1) + error('ukify requires Python >= 3.9 and -Dbootloader=true') else want_ukify = get_option('ukify') == 'true' endif @@ -1964,23 +2010,25 @@ conf.set10('ENABLE_UKIFY', want_ukify) ############################################################ # +elf2efi_lds = project_source_root / 'tools/elf2efi.lds' +elf2efi_py = find_program('tools/elf2efi.py') +export_dbus_interfaces_py = find_program('tools/dbus_exporter.py') generate_gperfs = find_program('tools/generate-gperfs.py') make_autosuspend_rules_py = find_program('tools/make-autosuspend-rules.py') make_directive_index_py = find_program('tools/make-directive-index.py') make_man_index_py = find_program('tools/make-man-index.py') meson_render_jinja2 = find_program('tools/meson-render-jinja2.py') update_dbus_docs_py = find_program('tools/update-dbus-docs.py') -update_man_rules_py = find_program('tools/update-man-rules.py') -update_hwdb_sh = find_program('tools/update-hwdb.sh') update_hwdb_autosuspend_sh = find_program('tools/update-hwdb-autosuspend.sh') +update_hwdb_sh = find_program('tools/update-hwdb.sh') +update_man_rules_py = find_program('tools/update-man-rules.py') update_syscall_tables_sh = find_program('tools/update-syscall-tables.sh') xml_helper_py = find_program('tools/xml_helper.py') -export_dbus_interfaces_py = find_program('tools/dbus_exporter.py') ############################################################ if get_option('b_coverage') - add_project_arguments('-include', 'src/basic/coverage.h', language : 'c') + userspace_c_args += ['-include', 'src/basic/coverage.h'] endif ############################################################ @@ -1989,10 +2037,15 @@ config_h = configure_file( output : 'config.h', configuration : conf) -add_project_arguments('-include', 'config.h', language : 'c') +userspace_c_args += ['-include', 'config.h'] jinja2_cmdline = [meson_render_jinja2, config_h, version_h] +userspace = declare_dependency( + compile_args : userspace_c_args, + link_args : userspace_c_ld_args, +) + ############################################################ # binaries that have --help and are intended for use by humans, @@ -2023,6 +2076,7 @@ includes = [libsystemd_includes, include_directories('src/shared')] subdir('po') subdir('catalog') +subdir('src/fundamental') subdir('src/basic') subdir('src/libsystemd') subdir('src/shared') @@ -2042,8 +2096,9 @@ libsystemd = shared_library( libbasic_gcrypt, libbasic_compress], link_whole : [libsystemd_static], - dependencies : [threads, - librt], + dependencies : [librt, + threads, + userspace], link_depends : libsystemd_sym, install : true, install_tag: 'libsystemd', @@ -2064,17 +2119,18 @@ install_libsystemd_static = static_library( install_tag: 'libsystemd', install_dir : rootlibdir, pic : static_libsystemd_pic, - dependencies : [threads, + dependencies : [libblkid, + libcap, + libdl, + libgcrypt, + liblz4, + libmount, + libopenssl, librt, libxz, libzstd, - liblz4, - libdl, - libcap, - libblkid, - libmount, - libgcrypt, - libopenssl, + threads, + userspace, versiondep], c_args : libsystemd_c_args + (static_libsystemd_pic ? [] : ['-fno-PIC'])) @@ -2086,7 +2142,8 @@ libudev = shared_library( '-Wl,--version-script=' + libudev_sym_path], link_with : [libsystemd_static, libshared_static], link_whole : libudev_basic, - dependencies : [threads], + dependencies : [threads, + userspace], link_depends : libudev_sym, install : true, install_tag: 'libudev', @@ -2107,8 +2164,9 @@ install_libudev_static = static_library( install_tag: 'libudev', install_dir : rootlibdir, link_depends : libudev_sym, - dependencies : [libshared_deps, - libmount, + dependencies : [libmount, + libshared_deps, + userspace, versiondep], c_args : static_libudev_pic ? [] : ['-fno-PIC'], pic : static_libudev_pic) @@ -2125,6 +2183,7 @@ if conf.get('HAVE_LIBCRYPTSETUP_PLUGINS') == 1 libshared], dependencies : [libcryptsetup, tpm2, + userspace, versiondep], link_depends : cryptsetup_token_sym, install_rpath : rootpkglibdir, @@ -2143,6 +2202,7 @@ if conf.get('HAVE_LIBCRYPTSETUP_PLUGINS') == 1 libshared], dependencies : [libcryptsetup, libfido2, + userspace, versiondep], link_depends : cryptsetup_token_sym, install_rpath : rootpkglibdir, @@ -2161,6 +2221,7 @@ if conf.get('HAVE_LIBCRYPTSETUP_PLUGINS') == 1 libshared], dependencies : [libcryptsetup, libp11kit, + userspace, versiondep], link_depends : cryptsetup_token_sym, install_rpath : rootpkglibdir, @@ -2180,6 +2241,7 @@ subdir('src/libsystemd-network') subdir('src/analyze') subdir('src/boot') +subdir('src/boot/efi') subdir('src/busctl') subdir('src/coredump') subdir('src/cryptenroll') @@ -2227,7 +2289,8 @@ test_dlopen = executable( test_dlopen_c, include_directories : includes, link_with : [libbasic], - dependencies : [libdl], + dependencies : [libdl, + userspace], build_by_default : want_tests != 'false') foreach tuple : [['myhostname', 'ENABLE_NSS_MYHOSTNAME'], @@ -2263,8 +2326,9 @@ foreach tuple : [['myhostname', 'ENABLE_NSS_MYHOSTNAME'], link_with : [libsystemd_static, libshared_static, libbasic], - dependencies : [threads, - librt], + dependencies : [librt, + threads, + userspace], link_depends : sym, install : true, install_tag : 'nss', @@ -2297,6 +2361,7 @@ exe = executable( link_with : [libcore, libshared], dependencies : [libseccomp, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2315,6 +2380,7 @@ exe = executable( link_with : [libcore, libshared], dependencies : [libseccomp, + userspace, versiondep], install_rpath : rootpkglibdir, install : conf.get('ENABLE_ANALYZE') == 1) @@ -2332,11 +2398,12 @@ executable( include_directories : includes, link_with : [libjournal_core, libshared], - dependencies : [threads, - libxz, - liblz4, + dependencies : [liblz4, libselinux, + libxz, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2349,6 +2416,7 @@ public_programs += executable( link_with : [libjournal_core, libshared], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -2366,12 +2434,12 @@ public_programs += executable( journalctl_sources, include_directories : includes, link_with : [journalctl_link_with], - dependencies : [threads, - libdl, - libxz, + dependencies : [libdl, liblz4, + libxz, libzstd, - libdl, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2382,6 +2450,7 @@ executable( 'src/getty-generator/getty-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2391,6 +2460,7 @@ executable( 'src/debug-generator/debug-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2400,6 +2470,7 @@ executable( 'src/run-generator/run-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2409,6 +2480,7 @@ exe = executable( 'src/fstab-generator/fstab-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2431,6 +2503,7 @@ if conf.get('ENABLE_ENVIRONMENT_D') == 1 'src/environment-d-generator/environment-d-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : userenvgeneratordir) @@ -2446,6 +2519,7 @@ if conf.get('ENABLE_HIBERNATE') == 1 'src/hibernate-resume/hibernate-resume-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2455,6 +2529,7 @@ if conf.get('ENABLE_HIBERNATE') == 1 'src/hibernate-resume/hibernate-resume.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -2466,7 +2541,8 @@ if conf.get('HAVE_BLKID') == 1 'src/gpt-auto-generator/gpt-auto-generator.c', include_directories : includes, link_with : [libshared], - dependencies : libblkid, + dependencies : [libblkid, + userspace], install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2476,7 +2552,8 @@ if conf.get('HAVE_BLKID') == 1 'src/dissect/dissect.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -2493,7 +2570,8 @@ if conf.get('ENABLE_RESOLVE') == 1 link_with : [libshared, libbasic_gcrypt, libsystemd_resolve_core], - dependencies : systemd_resolved_dependencies, + dependencies : [systemd_resolved_dependencies, + userspace], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -2505,10 +2583,11 @@ if conf.get('ENABLE_RESOLVE') == 1 link_with : [libshared, libbasic_gcrypt, libsystemd_resolve_core], - dependencies : [threads, - lib_openssl_or_gcrypt, - libm, + dependencies : [lib_openssl_or_gcrypt, libidn, + libm, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -2529,8 +2608,9 @@ if conf.get('ENABLE_LOGIND') == 1 include_directories : includes, link_with : [liblogind_core, libshared], - dependencies : [threads, - libacl, + dependencies : [libacl, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2541,10 +2621,11 @@ if conf.get('ENABLE_LOGIND') == 1 loginctl_sources, include_directories : includes, link_with : [libshared], - dependencies : [threads, - liblz4, + dependencies : [liblz4, libxz, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2555,7 +2636,8 @@ if conf.get('ENABLE_LOGIND') == 1 'src/login/inhibit.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -2571,9 +2653,10 @@ if conf.get('ENABLE_LOGIND') == 1 '-Wl,--version-script=' + version_script_arg], link_with : [libsystemd_static, libshared_static], - dependencies : [threads, + dependencies : [libpam_misc, libpam, - libpam_misc, + threads, + userspace, versiondep], link_depends : pam_systemd_sym, install : true, @@ -2594,6 +2677,7 @@ if conf.get('ENABLE_LOGIND') == 1 user_runtime_dir_sources, include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -2605,12 +2689,13 @@ if conf.get('HAVE_PAM') == 1 'src/user-sessions/user-sessions.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) endif -if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 +if conf.get('HAVE_BLKID') == 1 and conf.get('ENABLE_BOOTLOADER') == 1 if get_option('link-boot-shared') boot_link_with = [libshared] else @@ -2623,6 +2708,7 @@ if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 include_directories : includes, link_with : [boot_link_with], dependencies : [libblkid, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -2641,6 +2727,7 @@ if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 include_directories : includes, link_with : [boot_link_with], dependencies : [libblkid, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2651,6 +2738,7 @@ if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 'src/boot/bless-boot-generator.c', include_directories : includes, link_with : [boot_link_with], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2662,6 +2750,7 @@ if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 include_directories : includes, link_with : [libshared], dependencies : [libopenssl, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2671,9 +2760,10 @@ if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 'src/boot/pcrphase.c', include_directories : includes, link_with : [libshared], - dependencies : [libopenssl, + dependencies : [libblkid, + libopenssl, tpm2, - libblkid, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2687,6 +2777,7 @@ executable( include_directories : includes, link_with : [libshared], dependencies : [libblkid, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2698,6 +2789,7 @@ public_programs += executable( include_directories : includes, link_with : [libshared], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -2707,12 +2799,13 @@ systemctl = executable( systemctl_sources, include_directories : includes, link_with : systemctl_link_with, - dependencies : [threads, - libcap, + dependencies : [libcap, + liblz4, libselinux, libxz, - liblz4, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2725,8 +2818,9 @@ if conf.get('ENABLE_PORTABLED') == 1 systemd_portabled_sources, include_directories : includes, link_with : [libshared], - dependencies : [threads, - libselinux, + dependencies : [libselinux, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2738,6 +2832,7 @@ if conf.get('ENABLE_PORTABLED') == 1 include_directories : includes, link_with : [libshared], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2750,7 +2845,8 @@ if conf.get('ENABLE_SYSEXT') == 1 systemd_sysext_sources, include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -2763,6 +2859,7 @@ if conf.get('ENABLE_USERDB') == 1 include_directories : includes, link_with : [libshared], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2774,6 +2871,7 @@ if conf.get('ENABLE_USERDB') == 1 include_directories : includes, link_with : [libshared], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2785,6 +2883,7 @@ if conf.get('ENABLE_USERDB') == 1 include_directories : includes, link_with : [libshared], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -2797,12 +2896,13 @@ if conf.get('ENABLE_HOMED') == 1 include_directories : includes, link_with : [libshared, libshared_fdisk], - dependencies : [threads, - libblkid, + dependencies : [libblkid, libcrypt, - libopenssl, libfdisk, + libopenssl, libp11kit, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2813,10 +2913,11 @@ if conf.get('ENABLE_HOMED') == 1 systemd_homed_sources, include_directories : home_includes, link_with : [libshared], - dependencies : [threads, - libcrypt, - libopenssl, + dependencies : [libcrypt, libm, + libopenssl, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2827,11 +2928,12 @@ if conf.get('ENABLE_HOMED') == 1 homectl_sources, include_directories : includes, link_with : [libshared], - dependencies : [threads, - libcrypt, + dependencies : [libcrypt, + libdl, libopenssl, libp11kit, - libdl, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -2847,10 +2949,11 @@ if conf.get('ENABLE_HOMED') == 1 '-Wl,--version-script=' + version_script_arg], link_with : [libsystemd_static, libshared_static], - dependencies : [threads, - libpam, + dependencies : [libcrypt, libpam_misc, - libcrypt, + libpam, + threads, + userspace, versiondep], link_depends : pam_systemd_home_sym, install : true, @@ -2884,6 +2987,7 @@ if conf.get('ENABLE_BACKLIGHT') == 1 'src/backlight/backlight.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -2895,6 +2999,7 @@ if conf.get('ENABLE_RFKILL') == 1 'src/rfkill/rfkill.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -2905,6 +3010,7 @@ executable( 'src/system-update-generator/system-update-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2916,9 +3022,10 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1 include_directories : includes, link_with : [libshared], dependencies : [libcryptsetup, + libopenssl, libp11kit, - versiondep, - libopenssl], + userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -2928,6 +3035,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1 'src/cryptsetup/cryptsetup-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2938,6 +3046,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1 include_directories : includes, link_with : [libshared], dependencies : [libcryptsetup, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2948,7 +3057,8 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1 'src/veritysetup/veritysetup-generator.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2962,6 +3072,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1 libdl, libopenssl, libp11kit, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -2972,6 +3083,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1 include_directories : includes, link_with : [libshared], dependencies : [libcryptsetup, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -2982,6 +3094,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1 ['src/integritysetup/integritysetup-generator.c', 'src/integritysetup/integrity-util.c'], include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -2993,6 +3106,7 @@ if conf.get('HAVE_SYSV_COMPAT') == 1 'src/sysv-generator/sysv-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -3009,6 +3123,7 @@ if conf.get('HAVE_SYSV_COMPAT') == 1 'src/rc-local-generator/rc-local-generator.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : systemgeneratordir) @@ -3020,6 +3135,7 @@ if conf.get('ENABLE_XDG_AUTOSTART') == 1 systemd_xdg_autostart_generator_sources, include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : usergeneratordir) @@ -3029,6 +3145,7 @@ if conf.get('ENABLE_XDG_AUTOSTART') == 1 'src/xdg-autostart-generator/xdg-autostart-condition.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3040,6 +3157,7 @@ if conf.get('ENABLE_HOSTNAMED') == 1 'src/hostname/hostnamed.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3049,7 +3167,8 @@ if conf.get('ENABLE_HOSTNAMED') == 1 'src/hostname/hostnamectl.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) endif @@ -3060,9 +3179,11 @@ if conf.get('ENABLE_LOCALED') == 1 # need to specify where the headers are deps = [libdl, libxkbcommon.partial_dependency(compile_args: true), + userspace, versiondep] else - deps = [versiondep] + deps = [userspace, + versiondep] endif dbus_programs += executable( @@ -3080,7 +3201,8 @@ if conf.get('ENABLE_LOCALED') == 1 localectl_sources, include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) endif @@ -3091,6 +3213,7 @@ if conf.get('ENABLE_TIMEDATED') == 1 'src/timedate/timedated.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3104,6 +3227,7 @@ if conf.get('ENABLE_TIMEDATECTL') == 1 install_rpath : rootpkglibdir, link_with : [libshared], dependencies : [libm, + userspace, versiondep], install : true) endif @@ -3114,8 +3238,9 @@ if conf.get('ENABLE_TIMESYNCD') == 1 systemd_timesyncd_sources, include_directories : includes, link_with : [libtimesyncd_core], - dependencies : [threads, - libm, + dependencies : [libm, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3126,6 +3251,7 @@ if conf.get('ENABLE_TIMESYNCD') == 1 'src/timesync/wait-sync.c', include_directories : includes, link_with : [libtimesyncd_core], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3138,6 +3264,7 @@ if conf.get('ENABLE_MACHINED') == 1 include_directories : includes, link_with : [libmachine_core, libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3147,10 +3274,11 @@ if conf.get('ENABLE_MACHINED') == 1 'src/machine/machinectl.c', include_directories : includes, link_with : [libshared], - dependencies : [threads, + dependencies : [liblz4, libxz, - liblz4, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3164,6 +3292,7 @@ if conf.get('ENABLE_IMPORTD') == 1 include_directories : includes, link_with : [libshared], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3175,11 +3304,12 @@ if conf.get('ENABLE_IMPORTD') == 1 include_directories : includes, link_with : [libshared, lib_import_common], - dependencies : [libcurl, - lib_openssl_or_gcrypt, - libz, + dependencies : [lib_openssl_or_gcrypt, libbzip2, + libcurl, libxz, + libz, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3191,10 +3321,11 @@ if conf.get('ENABLE_IMPORTD') == 1 include_directories : includes, link_with : [libshared, lib_import_common], - dependencies : [libcurl, - libz, - libbzip2, + dependencies : [libbzip2, + libcurl, libxz, + libz, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3206,7 +3337,8 @@ if conf.get('ENABLE_IMPORTD') == 1 include_directories : includes, link_with : [libshared, lib_import_common], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3217,10 +3349,11 @@ if conf.get('ENABLE_IMPORTD') == 1 include_directories : includes, link_with : [libshared, lib_import_common], - dependencies : [libcurl, - libz, - libbzip2, + dependencies : [libbzip2, + libcurl, libxz, + libz, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3235,12 +3368,13 @@ if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_LIBCURL') == 1 systemd_journal_upload_sources, include_directories : includes, link_with : [libshared], - dependencies : [threads, - libcurl, + dependencies : [libcurl, libgnutls, - libxz, liblz4, + libxz, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3254,12 +3388,13 @@ if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1 include_directories : journal_includes, link_with : [libshared, libsystemd_journal_remote], - dependencies : [threads, - libmicrohttpd, - libgnutls, - libxz, + dependencies : [libgnutls, liblz4, + libmicrohttpd, + libxz, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3270,12 +3405,13 @@ if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1 systemd_journal_gatewayd_sources, include_directories : journal_includes, link_with : [libshared], - dependencies : [threads, - libmicrohttpd, - libgnutls, - libxz, + dependencies : [libgnutls, liblz4, + libmicrohttpd, + libxz, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3289,11 +3425,12 @@ if conf.get('ENABLE_COREDUMP') == 1 include_directories : includes, link_with : [libshared, libbasic_compress], - dependencies : [threads, - libacl, - libxz, + dependencies : [libacl, liblz4, + libxz, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3305,10 +3442,11 @@ if conf.get('ENABLE_COREDUMP') == 1 include_directories : includes, link_with : [libshared, libbasic_compress], - dependencies : [threads, + dependencies : [liblz4, libxz, - liblz4, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -3320,11 +3458,12 @@ if conf.get('ENABLE_PSTORE') == 1 systemd_pstore_sources, include_directories : includes, link_with : [libshared], - dependencies : [threads, - libacl, - libxz, + dependencies : [libacl, liblz4, + libxz, libzstd, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3337,6 +3476,7 @@ if conf.get('ENABLE_OOMD') == 1 include_directories : includes, link_with : [libshared], dependencies : [libatomic, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3347,7 +3487,8 @@ if conf.get('ENABLE_OOMD') == 1 oomctl_sources, include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) endif @@ -3358,7 +3499,8 @@ if conf.get('ENABLE_BINFMT') == 1 'src/binfmt/binfmt.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3378,10 +3520,11 @@ if conf.get('ENABLE_SYSUPDATE') == 1 include_directories : includes, link_with : [libshared, libshared_fdisk], - dependencies : [threads, - libblkid, + dependencies : [libblkid, libfdisk, libopenssl, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3395,6 +3538,7 @@ if conf.get('ENABLE_VCONSOLE') == 1 'src/vconsole/vconsole-setup.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3406,7 +3550,8 @@ if conf.get('ENABLE_RANDOMSEED') == 1 'src/random-seed/random-seed.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3419,6 +3564,7 @@ if conf.get('ENABLE_FIRSTBOOT') == 1 include_directories : includes, link_with : [libshared], dependencies : [libcrypt, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3430,7 +3576,8 @@ executable( 'src/remount-fs/remount-fs.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3440,7 +3587,8 @@ executable( 'src/machine-id-setup/machine-id-setup-main.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -3450,7 +3598,8 @@ executable( 'src/fsck/fsck.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3460,7 +3609,8 @@ executable( 'src/partition/growfs.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3470,7 +3620,8 @@ executable( 'src/partition/makefs.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3480,7 +3631,8 @@ executable( 'src/sleep/sleep.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3495,7 +3647,8 @@ public_programs += executable( 'src/sysctl/sysctl.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3505,7 +3658,8 @@ public_programs += executable( 'src/ac-power/ac-power.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -3514,7 +3668,8 @@ public_programs += executable( 'src/detect-virt/detect-virt.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -3523,7 +3678,8 @@ public_programs += executable( 'src/delta/delta.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -3532,7 +3688,8 @@ public_programs += executable( 'src/escape/escape.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -3542,7 +3699,8 @@ public_programs += executable( 'src/notify/notify.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -3554,6 +3712,7 @@ public_programs += executable( link_with : [libshared], dependencies : [threads, libopenssl, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3564,6 +3723,7 @@ executable( 'src/volatile-root/volatile-root.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : conf.get('ENABLE_INITRD') == 1, install_dir : rootlibexecdir) @@ -3573,6 +3733,7 @@ executable( 'src/cgroups-agent/cgroups-agent.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3582,7 +3743,8 @@ systemd_id128 = executable( 'src/id128/id128.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) public_programs += systemd_id128 @@ -3600,7 +3762,8 @@ public_programs += executable( 'src/path/path.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -3609,7 +3772,8 @@ public_programs += executable( 'src/ask-password/ask-password.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -3619,6 +3783,7 @@ executable( 'src/reply-password/reply-password.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3628,7 +3793,8 @@ public_programs += executable( 'src/tty-ask-password-agent/tty-ask-password-agent.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -3638,7 +3804,8 @@ public_programs += executable( 'src/cgls/cgls.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -3647,7 +3814,8 @@ public_programs += executable( 'src/cgtop/cgtop.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -3656,6 +3824,7 @@ executable( 'src/initctl/initctl.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : (conf.get('HAVE_SYSV_COMPAT') == 1), install_dir : rootlibexecdir) @@ -3666,6 +3835,7 @@ public_programs += executable( include_directories : includes, link_with : [libshared], dependencies: [libmount, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -3678,7 +3848,8 @@ public_programs += executable( 'src/run/run.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -3687,7 +3858,7 @@ public_programs += executable( 'src/stdio-bridge/stdio-bridge.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep, + dependencies : [userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -3697,7 +3868,8 @@ public_programs += executable( busctl_sources, include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true) @@ -3707,7 +3879,8 @@ if enable_sysusers 'src/sysusers/sysusers.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -3730,7 +3903,8 @@ if enable_sysusers libbasic, libbasic_gcrypt, libsystemd_static], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install : true, install_dir : rootbindir) public_programs += exe @@ -3751,6 +3925,7 @@ if conf.get('ENABLE_TMPFILES') == 1 include_directories : includes, link_with : [libshared], dependencies : [libacl, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3775,6 +3950,7 @@ if conf.get('ENABLE_TMPFILES') == 1 libbasic_gcrypt, libsystemd_static], dependencies : [libacl, + userspace, versiondep], install : true, install_dir : rootbindir) @@ -3795,7 +3971,8 @@ if conf.get('ENABLE_HWDB') == 1 'src/hwdb/hwdb.c', include_directories : includes, link_with : udev_link_with, - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : udev_rpath, install : true, install_dir : rootbindir) @@ -3816,6 +3993,7 @@ if conf.get('ENABLE_QUOTACHECK') == 1 'src/quotacheck/quotacheck.c', include_directories : includes, link_with : [libshared], + dependencies : userspace, install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3827,6 +4005,7 @@ public_programs += executable( include_directories : includes, link_with : [libshared], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3837,11 +4016,12 @@ udevadm = executable( udevadm_sources, include_directories : includes, link_with : [libudevd_core], - dependencies : [threads, - libkmod, - libidn, - libacl, + dependencies : [libacl, libblkid, + libidn, + libkmod, + threads, + userspace, versiondep], install_rpath : udev_rpath, install : true, @@ -3862,10 +4042,11 @@ if conf.get('ENABLE_REPART') == 1 include_directories : includes, link_with : [libshared, libshared_fdisk], - dependencies : [threads, - libblkid, + dependencies : [libblkid, libfdisk, libopenssl, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3883,10 +4064,11 @@ if conf.get('ENABLE_REPART') == 1 libbasic_gcrypt, libsystemd_static, libshared_fdisk], - dependencies : [threads, - libblkid, + dependencies : [libblkid, libfdisk, libopenssl, + threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3901,6 +4083,7 @@ executable( include_directories : includes, link_with : [libshared], dependencies : [libmount, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3916,6 +4099,7 @@ if have_standalone_binaries libbasic, libsystemd_static], dependencies : [libmount, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3927,7 +4111,8 @@ executable( 'src/update-done/update-done.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -3938,6 +4123,7 @@ executable( include_directories : includes, link_with : [libshared], dependencies : [libaudit, + userspace, versiondep], install_rpath : rootpkglibdir, install : (conf.get('ENABLE_UTMP') == 1), @@ -3950,6 +4136,7 @@ if conf.get('HAVE_KMOD') == 1 include_directories : includes, link_with : [libshared], dependencies : [libkmod, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3971,6 +4158,7 @@ public_programs += executable( libshared], dependencies : [libblkid, libseccomp, + userspace, versiondep], install_rpath : rootpkglibdir, install : true) @@ -3984,6 +4172,7 @@ if conf.get('ENABLE_NETWORKD') == 1 libsystemd_network, networkd_link_with], dependencies : [threads, + userspace, versiondep], install_rpath : rootpkglibdir, install : true, @@ -3994,7 +4183,8 @@ if conf.get('ENABLE_NETWORKD') == 1 systemd_networkd_wait_online_sources, include_directories : includes, link_with : [networkd_link_with], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -4005,7 +4195,8 @@ if conf.get('ENABLE_NETWORKD') == 1 include_directories : libsystemd_network_includes, link_with : [libsystemd_network, networkd_link_with], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootbindir) @@ -4016,7 +4207,8 @@ exe = executable( network_generator_sources, include_directories : includes, link_with : [networkd_link_with], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -4034,7 +4226,8 @@ executable( 'src/sulogin-shell/sulogin-shell.c', include_directories : includes, link_with : [libshared], - dependencies : [versiondep], + dependencies : [userspace, + versiondep], install_rpath : rootpkglibdir, install : true, install_dir : rootlibexecdir) @@ -4098,9 +4291,18 @@ foreach test : tests condition = test.get('condition', '') type = test.get('type', '') base = test.get('base', {}) + deps = [ + base.get('dependencies', []), + test.get('dependencies', []), + versiondep, + ] # FIXME: Use fs.stem() with meson >= 0.54.0 - name = '@0@'.format(sources[0]).split('/')[-1].split('.')[0] + name = '@0@'.format(sources[0]).split('/')[-1] + if not name.endswith('.cc') + deps += [userspace] + endif + name = name.split('.')[0] suite = fs.name(fs.parent('@0@'.format(sources[0]))) # FIXME: Use str.replace() with meson >= 0.58.0 @@ -4116,7 +4318,7 @@ foreach test : tests sources, include_directories : [base.get('includes', []), test.get('includes', includes)], link_with : [base.get('link_with', []), test.get('link_with', libshared)], - dependencies : [versiondep, base.get('dependencies', []), test.get('dependencies', [])], + dependencies : deps, c_args : [test_cflags, test.get('c_args', [])], build_by_default : want_tests != 'false', install_rpath : rootpkglibdir, @@ -4142,6 +4344,7 @@ exe = executable( test_libsystemd_sym_c, include_directories : includes, link_with : [libsystemd], + dependencies : userspace, build_by_default : want_tests != 'false', install : install_tests, install_dir : testsdir) @@ -4154,8 +4357,12 @@ exe = executable( test_libsystemd_sym_c, include_directories : includes, link_with : [install_libsystemd_static], - dependencies : [threads], # threads is already included in dependencies on the library, - # but does not seem to get propagated. Add here as a work-around. + dependencies : [ + # threads is already included in dependencies on the library, + # but does not seem to get propagated. Add here as a work-around. + threads, + userspace, + ], build_by_default : want_tests != 'false' and static_libsystemd_pic, install : install_tests and static_libsystemd_pic, install_dir : testsdir) @@ -4169,6 +4376,7 @@ exe = executable( include_directories : libudev_includes, c_args : ['-Wno-deprecated-declarations'] + test_cflags, link_with : [libudev], + dependencies : userspace, build_by_default : want_tests != 'false', install : install_tests, install_dir : testsdir) @@ -4182,6 +4390,7 @@ exe = executable( include_directories : libudev_includes, c_args : ['-Wno-deprecated-declarations'] + test_cflags, link_with : [install_libudev_static], + dependencies : userspace, build_by_default : want_tests != 'false' and static_libudev_pic, install : install_tests and static_libudev_pic, install_dir : testsdir) @@ -4228,7 +4437,11 @@ foreach fuzzer : fuzzers include_directories('src/fuzz'), ], link_with : [base.get('link_with', []), fuzzer.get('link_with', libshared)], - dependencies : [dependencies, versiondep], + dependencies : [ + dependencies, + userspace, + versiondep, + ], c_args : [test_cflags, fuzzer.get('c_args', [])], link_args: link_args, install : false, @@ -4557,11 +4770,11 @@ foreach tuple : [ # components ['backlight'], ['binfmt'], + ['bootloader'], ['bpf-framework', conf.get('BPF_FRAMEWORK') == 1], ['coredump'], - ['environment.d'], ['efi'], - ['gnu-efi'], + ['environment.d'], ['firstboot'], ['hibernate'], ['homed'], diff --git a/meson_options.txt b/meson_options.txt index 95b1162249c..d3af35e7ef7 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -93,7 +93,7 @@ option('ldconfig', type : 'boolean', option('resolve', type : 'boolean', description : 'systemd-resolved stack') option('efi', type : 'boolean', - description : 'enable systemd-boot and bootctl') + description : 'enable EFI support') option('tpm', type : 'boolean', description : 'TPM should be used to log events and extend the registers') option('environment-d', type : 'boolean', @@ -436,18 +436,8 @@ option('glib', type : 'combo', choices : ['auto', 'true', 'false'], option('dbus', type : 'combo', choices : ['auto', 'true', 'false'], description : 'libdbus support (for tests only)') -option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'], - description : 'gnu-efi support for sd-boot') -option('efi-cflags', type : 'array', - description : 'additional flags for EFI compiler') -# Note that LLD does not support PE/COFF relocations -# https://lists.llvm.org/pipermail/llvm-dev/2021-March/149234.html -option('efi-ld', type : 'combo', choices : ['auto', 'bfd', 'gold'], - description : 'the linker to use for EFI modules') -option('efi-libdir', type : 'string', - description : 'path to the EFI lib directory') -option('efi-includedir', type : 'string', value : '/usr/include/efi', - description : 'path to the EFI header directory') +option('bootloader', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'sd-boot/stub and userspace tools') option('sbat-distro', type : 'string', value : 'auto', description : 'SBAT distribution ID, e.g. fedora, or auto for autodetection') option('sbat-distro-generation', type : 'integer', value : 1, diff --git a/mkosi.build b/mkosi.build index 7968051289d..33b864e211d 100755 --- a/mkosi.build +++ b/mkosi.build @@ -139,7 +139,7 @@ if [ ! -f "$BUILDDIR"/build.ninja ] ; then -D pcre2=true \ -D glib=true \ -D dbus=true \ - -D gnu-efi=true \ + -D bootloader=true \ -D kernel-install=true \ -D analyze=true \ -D bpf-framework=true \ diff --git a/mkosi.conf.d/10-systemd.conf b/mkosi.conf.d/10-systemd.conf index 0eeee89052a..2ae33d0f591 100644 --- a/mkosi.conf.d/10-systemd.conf +++ b/mkosi.conf.d/10-systemd.conf @@ -53,7 +53,6 @@ BuildPackages= gcc gettext git - gnu-efi gperf lld llvm diff --git a/mkosi.conf.d/arch/10-arch.conf b/mkosi.conf.d/arch/10-arch.conf index a1bff770969..e1c75b3996f 100644 --- a/mkosi.conf.d/arch/10-arch.conf +++ b/mkosi.conf.d/arch/10-arch.conf @@ -46,4 +46,5 @@ BuildPackages= python-docutils python-jinja python-lxml + python-pyelftools python-pytest diff --git a/mkosi.conf.d/centos/10-centos.conf b/mkosi.conf.d/centos/10-centos.conf index 15075f72604..606942273f5 100644 --- a/mkosi.conf.d/centos/10-centos.conf +++ b/mkosi.conf.d/centos/10-centos.conf @@ -59,7 +59,6 @@ BuildPackages= glibc-devel.i686 glibc-static glibc-static.i686 - gnu-efi-devel libgcrypt-devel # CentOS Stream 8 libgcrypt-devel doesn't ship a pkg-config file. libxslt pam-devel @@ -104,3 +103,4 @@ BuildPackages= python3*dist(docutils) python3*dist(jinja2) python3*dist(lxml) + python3*dist(pyelftools) diff --git a/mkosi.conf.d/debian/10-debian.conf b/mkosi.conf.d/debian/10-debian.conf index 0712a70bea7..e9b5775a373 100644 --- a/mkosi.conf.d/debian/10-debian.conf +++ b/mkosi.conf.d/debian/10-debian.conf @@ -91,5 +91,6 @@ BuildPackages= python3-docutils python3-jinja2 python3-lxml + python3-pyelftools python3-pytest xsltproc diff --git a/mkosi.conf.d/fedora/10-fedora.conf b/mkosi.conf.d/fedora/10-fedora.conf index 2cd9bc1d44a..b4c641cd67e 100644 --- a/mkosi.conf.d/fedora/10-fedora.conf +++ b/mkosi.conf.d/fedora/10-fedora.conf @@ -50,7 +50,6 @@ BuildPackages= docbook-xsl dwarves glibc-static - gnu-efi-devel libcap-static pam-devel pkgconfig # pkgconf shim to provide /usr/bin/pkg-config @@ -94,4 +93,5 @@ BuildPackages= python3dist(docutils) python3dist(jinja2) python3dist(lxml) + python3dist(pyelftools) python3dist(pytest) diff --git a/mkosi.conf.d/opensuse/10-opensuse.conf b/mkosi.conf.d/opensuse/10-opensuse.conf index 3b0a643efd2..ae0486850c8 100644 --- a/mkosi.conf.d/opensuse/10-opensuse.conf +++ b/mkosi.conf.d/opensuse/10-opensuse.conf @@ -94,6 +94,7 @@ BuildPackages= python3-docutils python3-Jinja2 python3-lxml + python3-pyelftools python3-pytest qrencode-devel shadow diff --git a/mkosi.conf.d/ubuntu/10-ubuntu.conf b/mkosi.conf.d/ubuntu/10-ubuntu.conf index a34fe8d94f8..ffc1d544562 100644 --- a/mkosi.conf.d/ubuntu/10-ubuntu.conf +++ b/mkosi.conf.d/ubuntu/10-ubuntu.conf @@ -92,5 +92,6 @@ BuildPackages= python3-docutils python3-jinja2 python3-lxml + python3-pyelftools python3-pytest xsltproc diff --git a/shell-completion/bash/meson.build b/shell-completion/bash/meson.build index 0446be7302f..5fe7611b71d 100644 --- a/shell-completion/bash/meson.build +++ b/shell-completion/bash/meson.build @@ -31,7 +31,7 @@ items = [['busctl', ''], ['systemd-path', ''], ['systemd-run', ''], ['udevadm', ''], - ['bootctl', 'HAVE_GNU_EFI'], + ['bootctl', 'ENABLE_BOOTLOADER'], ['coredumpctl', 'ENABLE_COREDUMP'], ['homectl', 'ENABLE_HOMED'], ['hostnamectl', 'ENABLE_HOSTNAMED'], diff --git a/shell-completion/zsh/meson.build b/shell-completion/zsh/meson.build index b39f933ea4c..6703204ec24 100644 --- a/shell-completion/zsh/meson.build +++ b/shell-completion/zsh/meson.build @@ -27,7 +27,7 @@ items = [['_busctl', ''], ['_sd_outputmodes', ''], ['_sd_unit_files', ''], ['_sd_machines', ''], - ['_bootctl', 'HAVE_GNU_EFI'], + ['_bootctl', 'ENABLE_BOOTLOADER'], ['_coredumpctl', 'ENABLE_COREDUMP'], ['_hostnamectl', 'ENABLE_HOSTNAMED'], ['_localectl', 'ENABLE_LOCALED'], diff --git a/src/basic/meson.build b/src/basic/meson.build index bd8fc16833d..5f616c18934 100644 --- a/src/basic/meson.build +++ b/src/basic/meson.build @@ -264,10 +264,11 @@ libbasic = static_library( basic_sources, fundamental_sources, include_directories : basic_includes, - dependencies : [versiondep, + dependencies : [libcap, + libm, threads, - libcap, - libm], + userspace, + versiondep], c_args : ['-fvisibility=default'], build_by_default : false) @@ -283,7 +284,8 @@ libbasic_gcrypt = static_library( 'basic-gcrypt', basic_gcrypt_sources, include_directories : basic_includes, - dependencies : [libgcrypt], + dependencies : [libgcrypt, + userspace], c_args : ['-fvisibility=default'], build_by_default : false) @@ -299,8 +301,9 @@ libbasic_compress = static_library( 'basic-compress', basic_compress_sources, include_directories : basic_includes, - dependencies : [libxz, + dependencies : [liblz4, + libxz, libzstd, - liblz4], + userspace], c_args : ['-fvisibility=default'], build_by_default : false) diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c index ee507e379ac..6959482ab6a 100644 --- a/src/boot/efi/boot.c +++ b/src/boot/efi/boot.c @@ -21,15 +21,9 @@ #include "shim.h" #include "ticks.h" #include "util.h" +#include "version.h" #include "vmm.h" -#ifndef GNU_EFI_USE_MS_ABI - /* We do not use uefi_call_wrapper() in systemd-boot. As such, we rely on the - * compiler to do the calling convention conversion for us. This is check is - * to make sure the -DGNU_EFI_USE_MS_ABI was passed to the compiler. */ - #error systemd-boot requires compilation with GNU_EFI_USE_MS_ABI defined. -#endif - /* Magic string for recognizing our own binaries */ _used_ _section_(".sdmagic") static const char magic[] = "#### LoaderInfo: systemd-boot " GIT_VERSION " ####"; @@ -1966,6 +1960,7 @@ static void config_entry_add_osx(Config *config) { } } +#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) static EFI_STATUS boot_windows_bitlocker(void) { _cleanup_free_ EFI_HANDLE *handles = NULL; size_t n_handles; @@ -2046,6 +2041,7 @@ static EFI_STATUS boot_windows_bitlocker(void) { return EFI_NOT_FOUND; } +#endif static void config_entry_add_windows(Config *config, EFI_HANDLE *device, EFI_FILE *root_dir) { #if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) @@ -2735,8 +2731,3 @@ out: } DEFINE_EFI_MAIN_FUNCTION(run, "systemd-boot", /*wait_for_debugger=*/false); - -/* Fedora has a heavily patched gnu-efi that supports elf constructors. It calls into _entry instead. */ -EFI_STATUS _entry(EFI_HANDLE image, EFI_SYSTEM_TABLE *system_table) { - return efi_main(image, system_table); -} diff --git a/src/boot/efi/efi-string.h b/src/boot/efi/efi-string.h index 4df37a85054..b97e16990a4 100644 --- a/src/boot/efi/efi-string.h +++ b/src/boot/efi/efi-string.h @@ -126,7 +126,7 @@ _gnu_printf_(2, 0) _warn_unused_result_ char16_t *xvasprintf_status(EFI_STATUS s /* inttypes.h is provided by libc instead of the compiler and is not supposed to be used in freestanding * environments. We could use clang __*_FMT*__ constants for this, bug gcc does not have them. :( */ -# if defined(__ILP32__) || defined(__arm__) +# if defined(__ILP32__) || defined(__arm__) || defined(__i386__) # define PRI64_PREFIX "ll" # elif defined(__LP64__) # define PRI64_PREFIX "l" diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build index ea55f1c9fa5..7e497f78663 100644 --- a/src/boot/efi/meson.build +++ b/src/boot/efi/meson.build @@ -1,129 +1,61 @@ # SPDX-License-Identifier: LGPL-2.1-or-later -conf.set10('ENABLE_EFI', get_option('efi')) -conf.set10('HAVE_GNU_EFI', false) - efi_config_h_dir = meson.current_build_dir() -if not get_option('efi') or get_option('gnu-efi') == 'false' - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but general efi support is disabled') - endif +if efi_arch != '' + libefitest = static_library( + 'efitest', + files( + 'bcd.c', + 'efi-string.c', + ), + build_by_default : false, + include_directories : [ + basic_includes, + include_directories('.'), + ], + dependencies : userspace) + + efitest_base = { + 'link_with' : [ + libefitest, + libshared, + ], + } + + tests += [ + { + 'sources' : files('test-bcd.c'), + 'dependencies' : libzstd, + 'condition' : 'HAVE_ZSTD', + 'base' : efitest_base, + }, + { + 'sources' : files('test-efi-string.c'), + 'base' : efitest_base, + }, + ] + fuzzers += [ + { + 'sources' : files('fuzz-bcd.c'), + 'base' : efitest_base, + }, + { + 'sources' : files('fuzz-efi-string.c'), + 'base' : efitest_base, + }, + { + 'sources' : files('fuzz-efi-printf.c'), + 'base' : efitest_base, + }, + ] +endif + +if conf.get('ENABLE_BOOTLOADER') != 1 subdir_done() endif -efi_arch = host_machine.cpu_family() -if efi_arch == 'x86' and '-m64' in get_option('efi-cflags') - efi_arch = 'x86_64' -elif efi_arch == 'x86_64' and '-m32' in get_option('efi-cflags') - efi_arch = 'x86' -endif -efi_arch = { - # host_cc_arch: [efi_arch (see Table 3-2 in UEFI spec), obsolete gnu_efi_inc_arch] - 'x86': ['ia32', 'ia32'], - 'x86_64': ['x64', 'x86_64'], - 'arm': ['arm', 'arm'], - 'aarch64': ['aa64', 'aarch64'], - 'riscv64': ['riscv64', 'riscv64'], -}.get(efi_arch, []) - -efi_incdir = get_option('efi-includedir') -found = false -foreach efi_arch_candidate : efi_arch - efi_archdir = efi_incdir / efi_arch_candidate - if cc.has_header(efi_archdir / 'efibind.h', - args: get_option('efi-cflags')) - found = true - break - endif -endforeach - -if not found - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but headers not found or efi arch is unknown') - endif - warning('gnu-efi headers not found or efi arch is unknown, disabling gnu-efi support') - subdir_done() -endif - -if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64', - args: ['-nostdlib', '-ffreestanding', '-fshort-wchar'] + get_option('efi-cflags'), - include_directories: include_directories(efi_incdir, - efi_archdir)) - - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but found headers are too old (3.0.5+ required)') - endif - warning('gnu-efi headers are too old (3.0.5+ required), disabling gnu-efi support') - subdir_done() -endif - -objcopy = run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip() -objcopy_2_38 = find_program('objcopy', version: '>=2.38', required: false) - -efi_ld = get_option('efi-ld') -if efi_ld == 'auto' - efi_ld = cc.get_linker_id().split('.')[1] - if efi_ld not in ['bfd', 'gold'] - message('Not using @0@ as efi-ld, falling back to bfd'.format(efi_ld)) - efi_ld = 'bfd' - endif -endif - -efi_multilib = run_command( - cc.cmd_array(), '-print-multi-os-directory', get_option('efi-cflags'), - check: false -).stdout().strip() -efi_multilib = run_command( - 'realpath', '-e', '/usr/lib' / efi_multilib, - check: false -).stdout().strip() - -efi_libdir = '' -foreach dir : [get_option('efi-libdir'), - '/usr/lib/gnuefi' / efi_arch[0], - efi_multilib] - if dir != '' and fs.is_dir(dir) - efi_libdir = dir - break - endif -endforeach -if efi_libdir == '' - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but efi-libdir was not found') - endif - warning('efi-libdir was not found, disabling gnu-efi support') - subdir_done() -endif - -efi_lds = '' -foreach location : [ # New locations first introduced with gnu-efi 3.0.11 - [efi_libdir / 'efi.lds', - efi_libdir / 'crt0.o'], - # Older locations... - [efi_libdir / 'gnuefi' / 'elf_@0@_efi.lds'.format(efi_arch[1]), - efi_libdir / 'gnuefi' / 'crt0-efi-@0@.o'.format(efi_arch[1])], - [efi_libdir / 'elf_@0@_efi.lds'.format(efi_arch[1]), - efi_libdir / 'crt0-efi-@0@.o'.format(efi_arch[1])]] - if fs.is_file(location[0]) and fs.is_file(location[1]) - efi_lds = location[0] - efi_crt0 = location[1] - break - endif -endforeach -if efi_lds == '' - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but cannot find efi.lds') - endif - warning('efi.lds was not found, disabling gnu-efi support') - subdir_done() -endif - -conf.set10('HAVE_GNU_EFI', true) -conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch[0]) - efi_conf = configuration_data() -efi_conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch[0]) efi_conf.set10('ENABLE_TPM', get_option('tpm')) foreach ctype : ['color-normal', 'color-entry', 'color-highlight', 'color-edit'] @@ -174,151 +106,8 @@ elif get_option('sbat-distro') != '' endif endif -efi_config_h = configure_file( - output : 'efi_config.h', - configuration : efi_conf) - -efi_cflags = [ - '-DGNU_EFI_USE_MS_ABI', - '-DSD_BOOT=1', - '-ffreestanding', - '-fshort-wchar', - '-fvisibility=hidden', - '-I', fundamental_path, - '-I', meson.current_source_dir(), - '-include', efi_config_h, - '-include', version_h, - '-std=gnu11', - '-Wall', - '-Wextra', -] + cc.get_supported_arguments( - basic_disabled_warnings + - possible_common_cc_flags + [ - '-fno-stack-protector', - '-fno-strict-aliasing', - '-fpic', - '-fwide-exec-charset=UCS2', - ] -) - -efi_cflags += cc.get_supported_arguments({ - 'ia32': ['-mno-sse', '-mno-mmx'], - 'x86_64': ['-mno-red-zone', '-mno-sse', '-mno-mmx'], - 'arm': ['-mgeneral-regs-only', '-mfpu=none'], -}.get(efi_arch[1], [])) - -# We are putting the efi_cc command line together ourselves, so make sure to pull any -# relevant compiler flags from meson/CFLAGS as povided by the user or distro. - -if get_option('werror') - efi_cflags += ['-Werror'] -endif -if get_option('debug') and get_option('mode') == 'developer' - efi_cflags += ['-ggdb', '-DEFI_DEBUG'] -endif -if get_option('optimization') in ['1', '2', '3', 's', 'g'] - efi_cflags += ['-O' + get_option('optimization')] -endif -if get_option('b_ndebug') == 'true' or ( - get_option('b_ndebug') == 'if-release' and get_option('buildtype') in ['plain', 'release']) - efi_cflags += ['-DNDEBUG'] -endif -if get_option('b_lto') - efi_cflags += cc.has_argument('-flto=auto') ? ['-flto=auto'] : ['-flto'] -endif - -foreach arg : get_option('c_args') - if arg in [ - '-DNDEBUG', - '-fno-lto', - '-O1', '-O2', '-O3', '-Og', '-Os', - '-Werror', - ] or arg.split('=')[0] in [ - '-ffile-prefix-map', - '-flto', - ] or (get_option('mode') == 'developer' and arg in [ - '-DEFI_DEBUG', - '-g', '-ggdb', - ]) - - message('Using "@0@" from c_args for EFI compiler'.format(arg)) - efi_cflags += arg - endif -endforeach - -efi_cflags += get_option('efi-cflags') - -efi_ldflags = [ - '-fuse-ld=' + efi_ld, - '-L', efi_libdir, - '-nostdlib', - '-T', efi_lds, - '-Wl,--build-id=sha1', - '-Wl,--fatal-warnings', - '-Wl,--no-undefined', - '-Wl,--warn-common', - '-Wl,-Bsymbolic', - '-z', 'nocombreloc', - '-z', 'noexecstack', - efi_crt0, -] - -foreach arg : ['-Wl,--no-warn-execstack', - '-Wl,--no-warn-rwx-segments'] - # We need to check the correct linker for supported args. This is what - # cc.has_multi_link_arguments() is for, but it helpfully overrides our - # choice of linker by putting its own -fuse-ld= arg after ours. - if run_command('bash', '-c', - 'exec "$@" -x c -o/dev/null <(echo "int main(void){return 0;}")' + - ' -fuse-ld=' + efi_ld + ' -Wl,--fatal-warnings ' + arg, - 'bash', cc.cmd_array(), - check : false).returncode() == 0 - efi_ldflags += arg - endif -endforeach - -# If using objcopy, crt0 must not include the PE/COFF header -if run_command('grep', '-q', 'coff_header', efi_crt0, check: false).returncode() == 0 - coff_header_in_crt0 = true -else - coff_header_in_crt0 = false -endif - -if efi_arch[1] in ['arm', 'riscv64'] or (efi_arch[1] == 'aarch64' and (not objcopy_2_38.found() or coff_header_in_crt0)) - efi_ldflags += ['-shared'] - # ARM32 and 64bit RISC-V don't have an EFI capable objcopy. - # Older objcopy doesn't support Aarch64 either. - # Use 'binary' instead, and add required symbols manually. - efi_ldflags += ['-Wl,--defsym=EFI_SUBSYSTEM=0xa'] - efi_format = ['-O', 'binary'] -else - efi_ldflags += ['-pie'] - if efi_ld == 'bfd' - efi_ldflags += '-Wl,--no-dynamic-linker' - endif - efi_format = ['--target=efi-app-@0@'.format(efi_arch[1])] -endif - -if efi_arch[1] == 'arm' - # On arm, the compiler (correctly) warns about wchar_t size mismatch. This - # is because libgcc is not compiled with -fshort-wchar, but it does not - # have any occurrences of wchar_t in its sources or the documentation, so - # it is safe to assume that we can ignore this warning. - efi_ldflags += ['-Wl,--no-wchar-size-warning'] -endif - -if cc.get_id() == 'clang' and cc.version().split('.')[0].to_int() <= 10 - # clang <= 10 doesn't pass -T to the linker and then even complains about it being unused - efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument'] -endif - -summary({ - 'EFI machine type' : efi_arch[0], - 'EFI LD' : efi_ld, - 'EFI lds' : efi_lds, - 'EFI crt0' : efi_crt0, - 'EFI include directory' : efi_archdir}, - section : 'Extensible Firmware Interface') +summary({'UEFI architectures' : efi_arch + (efi_arch_alt == '' ? '' : ', ' + efi_arch_alt)}, + section : 'UEFI') if efi_conf.get('SBAT_DISTRO', '') != '' summary({ @@ -327,49 +116,114 @@ if efi_conf.get('SBAT_DISTRO', '') != '' 'SBAT distro version': sbat_distro_version_display, 'SBAT distro summary': efi_conf.get('SBAT_DISTRO_SUMMARY'), 'SBAT distro URL': efi_conf.get('SBAT_DISTRO_URL')}, - section : 'Extensible Firmware Interface') + section : 'UEFI') +endif + +configure_file( + output : 'efi_config.h', + configuration : efi_conf) + +############################################################ + +efi_includes = [fundamental_include, include_directories('.')] + +efi_c_args = [ + '-DSD_BOOT=1', + '-ffreestanding', + '-fno-strict-aliasing', + '-fshort-wchar', + '-include', 'efi_config.h', +] + +efi_c_args += cc.get_supported_arguments( + '-fwide-exec-charset=UCS2', + # gcc docs says this is required for ms_abi to work correctly. + '-maccumulate-outgoing-args', +) + +# Debug information has little value in release builds as no normal human being knows +# how to attach a debugger to EFI binaries running on real hardware. Anyone who does +# certainly has the means to do their own dev build. +if get_option('mode') == 'developer' and get_option('debug') + efi_c_args += '-DEFI_DEBUG' +endif + +efi_c_ld_args = [ + # We only support bfd. gold is going away, lld has issues with LTO on x86 + # and mold does not support linker scripts. + '-fuse-ld=bfd', + + '-lgcc', + '-nostdlib', + '-static-pie', + '-Wl,--entry=efi_main', + '-Wl,--fatal-warnings', + + # These flags should be passed by -static-pie, but seem to be missing sometimes. + '-Wl,--no-dynamic-linker', + '-z', 'text', + + # EFI has 4KiB pages. + '-z', 'common-page-size=4096', + '-z', 'max-page-size=4096', + + '-z', 'noexecstack', + '-z', 'norelro', + '-T' + elf2efi_lds, +] + +# efi_c_args is explicitly passed to targets so that they can override distro-provided flags +# that should not be used for EFI binaries. +efi_disabled_c_args = cc.get_supported_arguments( + '-fcf-protection=none', + '-fno-asynchronous-unwind-tables', + '-fno-exceptions', + '-fno-trapv', + '-fno-sanitize=all', + '-fno-stack-clash-protection', + '-fno-stack-protector', + '-fno-unwind-tables', +) +efi_c_args += efi_disabled_c_args +efi_c_ld_args += efi_disabled_c_args +efi_override_options = [ + 'b_coverage=false', + 'b_pgo=off', + 'b_sanitize=none', +] + +if cc.get_id() == 'clang' + # clang is too picky sometimes. + efi_c_args += '-Wno-unused-command-line-argument' + efi_c_ld_args += '-Wno-unused-command-line-argument' +endif + +if host_machine.cpu_family() == 'arm' + # libgcc is not compiled with -fshort-wchar, but it does not use it anyways, + # so it's fine to link against it. + efi_c_ld_args += '-Wl,--no-wchar-size-warning' +endif + +efi_c_args_primary = [efi_c_args, '-DEFI_MACHINE_TYPE_NAME="' + efi_arch + '"'] +efi_c_args_alt = [efi_c_args, '-DEFI_MACHINE_TYPE_NAME="' + efi_arch_alt + '"'] +efi_c_ld_args_primary = efi_c_ld_args +efi_c_ld_args_alt = efi_c_ld_args + +efi_c_args_primary += { + 'aarch64' : ['-mgeneral-regs-only'], + 'arm' : ['-mgeneral-regs-only'], + 'x86_64' : ['-march=x86-64', '-mno-red-zone', '-mgeneral-regs-only'], + 'x86' : ['-march=i686', '-mgeneral-regs-only'], +}.get(host_machine.cpu_family(), []) + +if efi_arch_alt == 'ia32' + efi_c_args_alt += ['-m32', '-march=i686', '-mgeneral-regs-only'] + efi_c_ld_args_alt += '-m32' endif ############################################################ -efi_headers = files( - 'bcd.h', - 'console.h', - 'cpio.h', - 'device-path-util.h', - 'devicetree.h', - 'drivers.h', - 'efi-string.h', - 'efi.h', - 'graphics.h', - 'initrd.h', - 'linux.h', - 'log.h', - 'measure.h', - 'part-discovery.h', - 'pe.h', - 'proto/block-io.h', - 'proto/console-control.h', - 'proto/device-path.h', - 'proto/dt-fixup.h', - 'proto/file-io.h', - 'proto/graphics-output.h', - 'proto/load-file.h', - 'proto/loaded-image.h', - 'proto/rng.h', - 'proto/security-arch.h', - 'proto/shell-parameters.h', - 'proto/simple-text-io.h', - 'proto/tcg.h', - 'random-seed.h', - 'secure-boot.h', - 'shim.h', - 'splash.h', - 'ticks.h', - 'util.h', -) - -common_sources = files( +libefi_sources = files( 'console.c', 'device-path-util.c', 'devicetree.c', @@ -400,111 +254,94 @@ stub_sources = files( 'stub.c', ) -if efi_arch[1] in ['ia32', 'x86_64'] +if host_machine.cpu_family() in ['x86', 'x86_64'] stub_sources += files('linux_x86.c') endif -tests += [ - { - 'sources' : files( - 'test-efi-string.c', - 'efi-string.c', - ) - }, -] - # BCD parser only makes sense on arches that Windows supports. -if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64'] +if host_machine.cpu_family() in ['aarch64', 'arm', 'x86_64', 'x86'] systemd_boot_sources += files('bcd.c') - tests += [ - { - 'sources' : files( - 'test-bcd.c', - 'efi-string.c', - ), - 'dependencies' : libzstd, - 'condition' : 'HAVE_ZSTD', - }, - ] - fuzzers += [ - { - 'sources' : files( - 'fuzz-bcd.c', - 'bcd.c', - 'efi-string.c' - ), - }, - { - 'sources' : files( - 'fuzz-efi-string.c', - 'efi-string.c' - ), - }, - { - 'sources' : files( - 'fuzz-efi-printf.c', - 'efi-string.c' - ), - }, - ] endif -systemd_boot_objects = [] -stub_objects = [] -foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources - # FIXME: replace ''.format(file) with fs.name(file) when meson_version requirement is >= 0.59.0 - o_file = custom_target('@0@.o'.format(file).split('/')[-1], - input : file, - output : '@0@.o'.format(file).split('/')[-1], - command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags], - depend_files : efi_headers + fundamental_headers) - if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file) - systemd_boot_objects += o_file - endif - if (fundamental_source_paths + common_sources + stub_sources).contains(file) - stub_objects += o_file - endif +boot_targets = [] +efi_elf_binaries = [] +efi_archspecs = [ + { + 'arch' : efi_arch, + 'c_args' : efi_c_args_primary, + 'link_args' : efi_c_ld_args_primary, + }, +] +if efi_arch_alt != '' + efi_archspecs += { + 'arch' : efi_arch_alt, + 'c_args' : efi_c_args_alt, + 'link_args' : efi_c_ld_args_alt, + } +endif + +foreach archspec : efi_archspecs + libefi = static_library( + 'efi' + archspec['arch'], + fundamental_sources, + libefi_sources, + include_directories : efi_includes, + c_args : archspec['c_args'], + dependencies : versiondep, + gnu_symbol_visibility : 'hidden', + override_options : efi_override_options, + pic : true) + + efi_elf_binaries += executable( + 'systemd-boot' + archspec['arch'], + systemd_boot_sources, + include_directories : efi_includes, + c_args : archspec['c_args'], + link_args : archspec['link_args'], + link_with : libefi, + link_depends : elf2efi_lds, + dependencies : versiondep, + gnu_symbol_visibility : 'hidden', + override_options : efi_override_options, + name_suffix : 'elf', + pie : true) + + efi_elf_binaries += executable( + 'linux' + archspec['arch'], + stub_sources, + include_directories : efi_includes, + c_args : archspec['c_args'], + link_args : archspec['link_args'], + link_with : libefi, + link_depends : elf2efi_lds, + dependencies : versiondep, + gnu_symbol_visibility : 'hidden', + override_options : efi_override_options, + name_suffix : 'elf.stub', + pie : true) endforeach -foreach tuple : [['systemd-boot@0@.@1@', systemd_boot_objects, false, 'systemd-boot'], - ['linux@0@.@1@.stub', stub_objects, true, 'systemd-stub']] - elf = custom_target( - tuple[0].format(efi_arch[0], 'elf'), - input : tuple[1], - output : tuple[0].format(efi_arch[0], 'elf'), - command : [cc.cmd_array(), - '-o', '@OUTPUT@', - efi_cflags, - efi_ldflags, - '@INPUT@', - '-lgnuefi', - '-lgcc'], - install : tuple[2], - install_tag: tuple[3], - install_dir : bootlibdir) - - efi = custom_target( - tuple[0].format(efi_arch[0], 'efi'), - input : elf, - output : tuple[0].format(efi_arch[0], 'efi'), - command : [objcopy, - '-j', '.bss*', - '-j', '.data', - '-j', '.dynamic', - '-j', '.dynsym', - '-j', '.osrel', - '-j', '.rel*', - '-j', '.sbat', - '-j', '.sdata', - '-j', '.sdmagic', - '-j', '.text', - '--strip-all', - '--section-alignment=512', - efi_format, - '@INPUT@', '@OUTPUT@'], +foreach efi_elf_binary : efi_elf_binaries + # FIXME: Use build_tgt.name() with meson >= 0.54.0 + name = fs.name(efi_elf_binary.full_path()).split('.')[0] + name += name.startswith('linux') ? '.efi.stub' : '.efi' + boot_targets += custom_target( + name, + output : name, + input : efi_elf_binary, install : true, - install_tag: tuple[3], - install_dir : bootlibdir) - - alias_target(tuple[3], efi) + install_dir : bootlibdir, + install_tag : 'systemd-boot', + command : [ + elf2efi_py, + '--version-major=' + meson.project_version(), + '--version-minor=0', + '--efi-major=1', + '--efi-minor=1', + '--subsystem=10', + '@INPUT@', + '@OUTPUT@', + ]) endforeach + +alias_target('systemd-boot', boot_targets) diff --git a/src/boot/efi/pe.c b/src/boot/efi/pe.c index 5128eeecb56..9b1b10d4a12 100644 --- a/src/boot/efi/pe.c +++ b/src/boot/efi/pe.c @@ -16,8 +16,14 @@ # define TARGET_MACHINE_TYPE 0xAA64U #elif defined(__arm__) # define TARGET_MACHINE_TYPE 0x01C2U +#elif defined(__riscv) && __riscv_xlen == 32 +# define TARGET_MACHINE_TYPE 0x5032U #elif defined(__riscv) && __riscv_xlen == 64 # define TARGET_MACHINE_TYPE 0x5064U +#elif defined(__loongarch__) && __loongarch_grlen == 32 +# define TARGET_MACHINE_TYPE 0x6232U +#elif defined(__loongarch__) && __loongarch_grlen == 64 +# define TARGET_MACHINE_TYPE 0x6264U #else # error Unknown EFI arch #endif diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c index 25c81ca1647..6339d82ddc8 100644 --- a/src/boot/efi/stub.c +++ b/src/boot/efi/stub.c @@ -14,6 +14,7 @@ #include "splash.h" #include "tpm-pcr.h" #include "util.h" +#include "version.h" #include "vmm.h" /* magic string to find in the binary image */ @@ -423,8 +424,3 @@ static EFI_STATUS run(EFI_HANDLE image) { } DEFINE_EFI_MAIN_FUNCTION(run, "systemd-stub", /*wait_for_debugger=*/false); - -/* See comment in boot.c. */ -EFI_STATUS _entry(EFI_HANDLE image, EFI_SYSTEM_TABLE *system_table) { - return efi_main(image, system_table); -} diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c index 588d60dd061..c8bbe752779 100644 --- a/src/boot/efi/util.c +++ b/src/boot/efi/util.c @@ -508,9 +508,9 @@ uint64_t get_os_indications_supported(void) { } #ifdef EFI_DEBUG -extern uint8_t _text, _data; +extern uint8_t __ImageBase; __attribute__((noinline)) void notify_debugger(const char *identity, volatile bool wait) { - printf("%s@%p,%p\n", identity, &_text, &_data); + printf("%s@%p\n", identity, &__ImageBase); if (wait) printf("Waiting for debugger to attach...\n"); diff --git a/src/boot/efi/util.h b/src/boot/efi/util.h index a28228c4cc1..5e1085c7886 100644 --- a/src/boot/efi/util.h +++ b/src/boot/efi/util.h @@ -168,18 +168,18 @@ void hexdump(const char16_t *prefix, const void *data, size_t size); # define notify_debugger(i, w) #endif -#define DEFINE_EFI_MAIN_FUNCTION(func, identity, wait_for_debugger) \ - EFI_SYSTEM_TABLE *ST; \ - EFI_BOOT_SERVICES *BS; \ - EFI_RUNTIME_SERVICES *RT; \ - EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *system_table) { \ - ST = system_table; \ - BS = system_table->BootServices; \ - RT = system_table->RuntimeServices; \ - notify_debugger((identity), (wait_for_debugger)); \ - EFI_STATUS err = func(image); \ - log_wait(); \ - return err; \ +#define DEFINE_EFI_MAIN_FUNCTION(func, identity, wait_for_debugger) \ + EFI_SYSTEM_TABLE *ST; \ + EFI_BOOT_SERVICES *BS; \ + EFI_RUNTIME_SERVICES *RT; \ + EFIAPI EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *system_table) { \ + ST = system_table; \ + BS = system_table->BootServices; \ + RT = system_table->RuntimeServices; \ + notify_debugger((identity), (wait_for_debugger)); \ + EFI_STATUS err = func(image); \ + log_wait(); \ + return err; \ } #if defined(__i386__) || defined(__x86_64__) diff --git a/src/core/meson.build b/src/core/meson.build index 15df4485cae..e68c55917f8 100644 --- a/src/core/meson.build +++ b/src/core/meson.build @@ -120,19 +120,20 @@ libcore = shared_library( link_args : ['-shared', '-Wl,--version-script=' + libshared_sym_path], link_with : libshared, - dependencies : [versiondep, - threads, + dependencies : [libacl, + libapparmor, + libaudit, + libblkid, libdl, + libkmod, + libmount, + libpam, librt, libseccomp, - libpam, - libaudit, - libkmod, - libapparmor, libselinux, - libmount, - libblkid, - libacl], + threads, + userspace, + versiondep], install : true, install_dir : rootpkglibdir) diff --git a/src/cryptsetup/cryptsetup-tokens/meson.build b/src/cryptsetup/cryptsetup-tokens/meson.build index 9df3fea5d7a..e7b7fbab119 100644 --- a/src/cryptsetup/cryptsetup-tokens/meson.build +++ b/src/cryptsetup/cryptsetup-tokens/meson.build @@ -7,6 +7,7 @@ lib_cryptsetup_token_common = static_library( 'cryptsetup-token-common', 'cryptsetup-token-util.c', include_directories : includes, + dependencies : userspace, link_with : libshared, build_by_default : false) diff --git a/src/fundamental/meson.build b/src/fundamental/meson.build index 4b8e32337dd..a55a5faa53f 100644 --- a/src/fundamental/meson.build +++ b/src/fundamental/meson.build @@ -1,25 +1,11 @@ # SPDX-License-Identifier: LGPL-2.1-or-later -fundamental_path = meson.current_source_dir() +fundamental_include = include_directories('.') -fundamental_headers = files( - 'bootspec-fundamental.h', - 'efivars-fundamental.h', - 'macro-fundamental.h', - 'memory-util-fundamental.h', - 'sha256.h', - 'string-util-fundamental.h', - 'tpm-pcr.h', -) - -# for sd-boot -fundamental_source_paths = files( +fundamental_sources = files( 'bootspec-fundamental.c', 'efivars-fundamental.c', 'sha256.c', 'string-util-fundamental.c', 'tpm-pcr.c', ) - -# for libbasic -fundamental_sources = fundamental_source_paths + fundamental_headers diff --git a/src/fundamental/sbat.h b/src/fundamental/sbat.h index b3c09dcb4c3..a18da48038f 100644 --- a/src/fundamental/sbat.h +++ b/src/fundamental/sbat.h @@ -1,5 +1,7 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ +#include "version.h" + #ifdef SBAT_DISTRO # define SBAT_SECTION_TEXT \ "sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md\n" \ diff --git a/src/import/meson.build b/src/import/meson.build index 58b9719cc1b..ffebeebacd4 100644 --- a/src/import/meson.build +++ b/src/import/meson.build @@ -36,7 +36,8 @@ if conf.get('ENABLE_IMPORTD') == 1 include_directories : includes, dependencies : [libbzip2, libxz, - libz], + libz, + userspace], build_by_default : false) install_data('org.freedesktop.import1.conf', diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build index 74f01b04764..9fe1b8049b5 100644 --- a/src/journal-remote/meson.build +++ b/src/journal-remote/meson.build @@ -22,11 +22,12 @@ libsystemd_journal_remote = static_library( libsystemd_journal_remote_sources, include_directories : journal_includes, link_with : libjournal_core, - dependencies : [threads, + dependencies : [libgnutls, + liblz4, libmicrohttpd, - libgnutls, libxz, - liblz4], + threads, + userspace], build_by_default : false) systemd_journal_remote_sources = files('journal-remote-main.c') diff --git a/src/journal/meson.build b/src/journal/meson.build index c9ff54c9917..1490113f1cc 100644 --- a/src/journal/meson.build +++ b/src/journal/meson.build @@ -25,7 +25,8 @@ libjournal_core = static_library( 'journal-core', sources, include_directories : includes, - dependencies: threads, + dependencies: [threads, + userspace], build_by_default : false) journal_includes = [includes, include_directories('.')] diff --git a/src/libsystemd-network/meson.build b/src/libsystemd-network/meson.build index 85d4afeb058..ac4a15b4747 100644 --- a/src/libsystemd-network/meson.build +++ b/src/libsystemd-network/meson.build @@ -32,6 +32,7 @@ libsystemd_network = static_library( 'systemd-network', sources, include_directories : includes, + dependencies : userspace, build_by_default : false) libsystemd_network_includes = [includes, include_directories('.')] diff --git a/src/libsystemd/meson.build b/src/libsystemd/meson.build index 23fa7c20cae..91887be8312 100644 --- a/src/libsystemd/meson.build +++ b/src/libsystemd/meson.build @@ -122,7 +122,8 @@ libsystemd_static = static_library( link_with : [libbasic, libbasic_compress], dependencies : [threads, - librt], + librt, + userspace], build_by_default : false) libsystemd_sym = files('libsystemd.sym') diff --git a/src/libudev/meson.build b/src/libudev/meson.build index 0e53b83e515..1c349cef6df 100644 --- a/src/libudev/meson.build +++ b/src/libudev/meson.build @@ -25,6 +25,7 @@ libudev_basic = static_library( 'udev-basic', libudev_sources, include_directories : includes, + dependencies : userspace, c_args : ['-fvisibility=default'], build_by_default : false) diff --git a/src/login/meson.build b/src/login/meson.build index 198023715b6..473cf340893 100644 --- a/src/login/meson.build +++ b/src/login/meson.build @@ -35,7 +35,8 @@ liblogind_core = static_library( 'logind-core', liblogind_core_sources, include_directories : includes, - dependencies : libacl, + dependencies : [libacl, + userspace], build_by_default : false) loginctl_sources = files( diff --git a/src/machine/meson.build b/src/machine/meson.build index 7b09d4b24f9..d8b2dd188d0 100644 --- a/src/machine/meson.build +++ b/src/machine/meson.build @@ -18,7 +18,8 @@ libmachine_core = static_library( 'machine-core', libmachine_core_sources, include_directories : includes, - dependencies : threads, + dependencies : [threads, + userspace], build_by_default : false) if conf.get('ENABLE_MACHINED') == 1 diff --git a/src/network/meson.build b/src/network/meson.build index 91572ba132c..dab77a0d22b 100644 --- a/src/network/meson.build +++ b/src/network/meson.build @@ -146,6 +146,7 @@ libnetworkd_core = static_library( 'networkd-core', sources, include_directories : network_includes, + dependencies : userspace, link_with : networkd_link_with, build_by_default : false) diff --git a/src/nspawn/meson.build b/src/nspawn/meson.build index 43e3e188b2f..9f00e882564 100644 --- a/src/nspawn/meson.build +++ b/src/nspawn/meson.build @@ -31,7 +31,8 @@ libnspawn_core = static_library( include_directories : includes, dependencies : [libacl, libseccomp, - libselinux], + libselinux, + userspace], build_by_default : false) systemd_nspawn_sources = files('nspawn.c') diff --git a/src/resolve/meson.build b/src/resolve/meson.build index 8166118c74f..052d54086f5 100644 --- a/src/resolve/meson.build +++ b/src/resolve/meson.build @@ -85,6 +85,7 @@ libsystemd_resolve_core = static_library( 'systemd-resolve-core', basic_dns_sources, include_directories : includes, + dependencies : userspace, build_by_default : false) systemd_resolved_sources += custom_target( diff --git a/src/shared/meson.build b/src/shared/meson.build index 51fd37d16de..8c107fd1614 100644 --- a/src/shared/meson.build +++ b/src/shared/meson.build @@ -296,7 +296,8 @@ libshared_static = static_library( libshared_name, shared_sources, include_directories : includes, - dependencies : libshared_deps, + dependencies : [libshared_deps, + userspace], c_args : ['-fvisibility=default'], build_by_default : false) @@ -310,7 +311,8 @@ libshared = shared_library( libbasic, libbasic_gcrypt, libsystemd_static], - dependencies : libshared_deps, + dependencies : [libshared_deps, + userspace], install : true, install_dir : rootpkglibdir) @@ -323,7 +325,8 @@ if get_option('fdisk') != 'false' 'shared-fdisk', shared_fdisk_sources, include_directories : includes, - dependencies : [libfdisk], + dependencies : [libfdisk, + userspace], c_args : ['-fvisibility=default'], build_by_default : false) endif diff --git a/src/test/meson.build b/src/test/meson.build index 55c08812999..afd95cf8dd4 100644 --- a/src/test/meson.build +++ b/src/test/meson.build @@ -456,7 +456,7 @@ tests += [ }, { 'sources' : files('test-sbat.c'), - 'condition' : 'HAVE_GNU_EFI', + 'condition' : 'ENABLE_BOOTLOADER', 'c_args' : '-I@0@'.format(efi_config_h_dir), }, { diff --git a/src/timesync/meson.build b/src/timesync/meson.build index f847728f62f..54f5b18a3aa 100644 --- a/src/timesync/meson.build +++ b/src/timesync/meson.build @@ -29,6 +29,7 @@ libtimesyncd_core = static_library( 'timesyncd-core', sources, include_directories : includes, + dependencies : userspace, link_with : timesyncd_link_with, build_by_default : false) diff --git a/src/udev/meson.build b/src/udev/meson.build index 1cac581e7fe..af7dea0dce8 100644 --- a/src/udev/meson.build +++ b/src/udev/meson.build @@ -108,7 +108,8 @@ libudevd_core = static_library( include_directories : udev_includes, link_with : udev_link_with, dependencies : [libblkid, - libkmod], + libkmod, + userspace], build_by_default : false) udev_progs = [['ata_id/ata_id.c'], @@ -134,7 +135,8 @@ foreach prog : udev_progs name, prog, include_directories : includes, - dependencies : versiondep, + dependencies : [userspace, + versiondep], link_with : udev_link_with, install_rpath : udev_rpath, install : true, diff --git a/test/meson.build b/test/meson.build index a051f77a522..1d9ea4905a4 100644 --- a/test/meson.build +++ b/test/meson.build @@ -73,7 +73,7 @@ if install_tests '../-.mount', testsuite08_dir + '/local-fs.target.wants/-.mount') - if conf.get('HAVE_GNU_EFI') == 1 and conf.get('HAVE_ZSTD') == 1 + if conf.get('HAVE_ZSTD') == 1 and efi_arch != '' install_subdir('test-bcd', exclude_files : '.gitattributes', install_dir : testdata_dir) diff --git a/test/mkosi.default.networkd-test b/test/mkosi.default.networkd-test index ed3604ccdf1..fe15f394be7 100644 --- a/test/mkosi.default.networkd-test +++ b/test/mkosi.default.networkd-test @@ -33,8 +33,6 @@ BuildPackages= gcc gettext git - gnu-efi - gnu-efi-devel gnutls-devel gperf hostname diff --git a/tools/debug-sd-boot.sh b/tools/debug-sd-boot.sh index b087c1d4d5e..0420dbdab70 100755 --- a/tools/debug-sd-boot.sh +++ b/tools/debug-sd-boot.sh @@ -51,19 +51,17 @@ case "${BASH_REMATCH[1]}" in exit 1 esac -# system-boot will print out a line like this to inform us where gdb is supposed to -# look for .text and .data section: -# systemd-boot@0x0,0x0 +# system-boot/stub will print out a line like this to inform us where it was loaded: +# systemd-boot@0xC0DE while read -r line; do - if [[ "${line}" =~ ${target}@(0x[[:xdigit:]]+),(0x[[:xdigit:]]+) ]]; then - text="${BASH_REMATCH[1]}" - data="${BASH_REMATCH[2]}" + if [[ "${line}" =~ ${target}@(0x[[:xdigit:]]+) ]]; then + loaded_base="${BASH_REMATCH[1]}" break fi done <"${2}" -if [[ -z "${text}" || -z "${data}" ]]; then - echo "Could not determine text and data location." +if [[ -z "${loaded_base}" ]]; then + echo "Could not determine loaded image base." exit 1 fi @@ -76,8 +74,8 @@ fi cat >"${gdb_script}" < int: + return (x + align - 1) & ~(align - 1) + + +def use_section(elf_s: ELFSection) -> bool: + # These sections are either needed during conversion to PE or are otherwise not needed + # in the final PE image. + IGNORE_SECTIONS = [ + ".ARM.exidx", + ".dynamic", + ".dynstr", + ".dynsym", + ".eh_frame_hdr", + ".eh_frame", + ".gnu.hash", + ".hash", + ".note.gnu.build-id", + ".rel.dyn", + ".rela.dyn", + ] + + # Known sections we care about and want to be in the final PE. + COPY_SECTIONS = [ + ".data", + ".osrel", + ".rodata", + ".sbat", + ".sdmagic", + ".text", + ] + + # By only dealing with allocating sections we effectively filter out debug sections. + if not elf_s["sh_flags"] & SH_FLAGS.SHF_ALLOC: + return False + + if elf_s.name in IGNORE_SECTIONS: + return False + + # For paranoia we only handle sections we know of. Any new sections that come up should + # be added to IGNORE_SECTIONS/COPY_SECTIONS and/or the linker script. + if elf_s.name not in COPY_SECTIONS: + raise RuntimeError(f"Unknown section {elf_s.name}, refusing.") + + if elf_s["sh_addr"] % SECTION_ALIGNMENT != 0: + raise RuntimeError(f"Section {elf_s.name} is not aligned.") + if len(elf_s.name) > 8: + raise RuntimeError(f"ELF section name {elf_s.name} too long.") + + return True + + +def convert_elf_section(elf_s: ELFSection) -> PeSection: + pe_s = PeSection() + pe_s.Name = elf_s.name.encode() + pe_s.VirtualSize = elf_s.data_size + pe_s.VirtualAddress = elf_s["sh_addr"] + pe_s.SizeOfRawData = align_to(elf_s.data_size, FILE_ALIGNMENT) + pe_s.data = bytearray(elf_s.data()) + + if elf_s["sh_flags"] & SH_FLAGS.SHF_EXECINSTR: + pe_s.Characteristics = 0x60000020 # CNT_CODE|MEM_READ|MEM_EXECUTE + elif elf_s["sh_flags"] & SH_FLAGS.SHF_WRITE: + pe_s.Characteristics = 0xC0000040 # CNT_INITIALIZED_DATA|MEM_READ|MEM_WRITE + else: + pe_s.Characteristics = 0x40000040 # CNT_INITIALIZED_DATA|MEM_READ + + return pe_s + + +def copy_sections(elf: ELFFile, opt: PeOptionalHeader) -> list[PeSection]: + sections = [] + + for elf_s in elf.iter_sections(): + if not use_section(elf_s): + continue + + pe_s = convert_elf_section(elf_s) + if pe_s.Name == b".text": + opt.BaseOfCode = pe_s.VirtualAddress + opt.SizeOfCode += pe_s.VirtualSize + else: + opt.SizeOfInitializedData += pe_s.VirtualSize + + if pe_s.Name == b".data" and isinstance(opt, PeOptionalHeader32): + opt.BaseOfData = pe_s.VirtualAddress + + sections.append(pe_s) + + return sections + + +def apply_elf_relative_relocation( + reloc: ElfRelocation, image_base: int, sections: list[PeSection], addend_size: int +): + # fmt: off + [target] = [ + pe_s for pe_s in sections + if pe_s.VirtualAddress <= reloc["r_offset"] < pe_s.VirtualAddress + len(pe_s.data) + ] + # fmt: on + + addend_offset = reloc["r_offset"] - target.VirtualAddress + + if reloc.is_RELA(): + addend = reloc["r_addend"] + else: + addend = target.data[addend_offset : addend_offset + addend_size] + addend = int.from_bytes(addend, byteorder="little") + + # This currently assumes that the ELF file has an image base of 0. + value = (image_base + addend).to_bytes(addend_size, byteorder="little") + target.data[addend_offset : addend_offset + addend_size] = value + + +def convert_elf_reloc_table( + elf: ELFFile, + elf_reloc_table: ElfRelocationTable, + image_base: int, + sections: list[PeSection], + pe_reloc_blocks: dict[int, PeRelocationBlock], +): + NONE_RELOC = { + "EM_386": ENUM_RELOC_TYPE_i386["R_386_NONE"], + "EM_AARCH64": ENUM_RELOC_TYPE_AARCH64["R_AARCH64_NONE"], + "EM_ARM": ENUM_RELOC_TYPE_ARM["R_ARM_NONE"], + "EM_LOONGARCH": 0, + "EM_RISCV": 0, + "EM_X86_64": ENUM_RELOC_TYPE_x64["R_X86_64_NONE"], + }[elf["e_machine"]] + + RELATIVE_RELOC = { + "EM_386": ENUM_RELOC_TYPE_i386["R_386_RELATIVE"], + "EM_AARCH64": ENUM_RELOC_TYPE_AARCH64["R_AARCH64_RELATIVE"], + "EM_ARM": ENUM_RELOC_TYPE_ARM["R_ARM_RELATIVE"], + "EM_LOONGARCH": 3, + "EM_RISCV": 3, + "EM_X86_64": ENUM_RELOC_TYPE_x64["R_X86_64_RELATIVE"], + }[elf["e_machine"]] + + for reloc in elf_reloc_table.iter_relocations(): + if reloc["r_info_type"] == NONE_RELOC: + continue + + if reloc["r_info_type"] == RELATIVE_RELOC: + apply_elf_relative_relocation( + reloc, image_base, sections, elf.elfclass // 8 + ) + + # Now that the ELF relocation has been applied, we can create a PE relocation. + block_rva = reloc["r_offset"] & ~0xFFF + if block_rva not in pe_reloc_blocks: + pe_reloc_blocks[block_rva] = PeRelocationBlock(block_rva) + + entry = PeRelocationEntry() + entry.Offset = reloc["r_offset"] & 0xFFF + # REL_BASED_HIGHLOW or REL_BASED_DIR64 + entry.Type = 3 if elf.elfclass == 32 else 10 + pe_reloc_blocks[block_rva].entries.append(entry) + + continue + + raise RuntimeError(f"Unsupported relocation {reloc}") + + +def convert_elf_relocations( + elf: ELFFile, opt: PeOptionalHeader, sections: list[PeSection] +) -> PeSection: + dynamic = elf.get_section_by_name(".dynamic") + if dynamic is None: + raise RuntimeError("ELF .dynamic section is missing.") + + [flags_tag] = dynamic.iter_tags("DT_FLAGS_1") + if not flags_tag["d_val"] & ENUM_DT_FLAGS_1["DF_1_PIE"]: + raise RuntimeError("ELF file is not a PIE.") + + pe_reloc_blocks: dict[int, PeRelocationBlock] = {} + for reloc_type, reloc_table in dynamic.get_relocation_tables().items(): + if reloc_type not in ["REL", "RELA"]: + raise RuntimeError("Unsupported relocation type {elf_reloc_type}.") + convert_elf_reloc_table( + elf, reloc_table, opt.ImageBase, sections, pe_reloc_blocks + ) + + data = bytearray() + for rva in sorted(pe_reloc_blocks): + block = pe_reloc_blocks[rva] + n_relocs = len(block.entries) + + # Each block must start on a 32-bit boundary. Because each entry is 16 bits + # the len has to be even. We pad by adding a none relocation. + if n_relocs % 2 != 0: + n_relocs += 1 + block.entries.append(PeRelocationEntry()) + + block.BlockSize = ( + sizeof(PeRelocationBlock) + sizeof(PeRelocationEntry) * n_relocs + ) + data += block + for entry in sorted(block.entries, key=lambda e: e.Offset): + data += entry + + pe_reloc_s = PeSection() + pe_reloc_s.Name = b".reloc" + pe_reloc_s.data = data + pe_reloc_s.VirtualSize = len(data) + pe_reloc_s.SizeOfRawData = align_to(len(data), FILE_ALIGNMENT) + pe_reloc_s.VirtualAddress = align_to( + sections[-1].VirtualAddress + sections[-1].VirtualSize, SECTION_ALIGNMENT + ) + # CNT_INITIALIZED_DATA|MEM_READ|MEM_DISCARDABLE + pe_reloc_s.Characteristics = 0x42000040 + + sections.append(pe_reloc_s) + opt.SizeOfInitializedData += pe_reloc_s.VirtualSize + return pe_reloc_s + + +def write_pe( + file, coff: PeCoffHeader, opt: PeOptionalHeader, sections: list[PeSection] +): + file.write(b"MZ") + file.seek(0x3C, io.SEEK_SET) + file.write(PE_OFFSET.to_bytes(2, byteorder="little")) + file.seek(PE_OFFSET, io.SEEK_SET) + file.write(b"PE\0\0") + file.write(coff) + file.write(opt) + + offset = opt.SizeOfHeaders + for pe_s in sorted(sections, key=lambda s: s.VirtualAddress): + if pe_s.VirtualAddress < opt.SizeOfHeaders: + # Linker script should make sure this does not happen. + raise RuntimeError(f"Section {pe_s.Name} overlapping PE headers.") + + pe_s.PointerToRawData = offset + file.write(pe_s) + offset = align_to(offset + len(pe_s.data), FILE_ALIGNMENT) + + for pe_s in sections: + file.seek(pe_s.PointerToRawData, io.SEEK_SET) + file.write(pe_s.data) + + file.truncate(offset) + + +def elf2efi(args: argparse.Namespace): + elf = ELFFile(args.ELF) + if not elf.little_endian: + raise RuntimeError("ELF file is not little-endian.") + if elf["e_type"] not in ["ET_DYN", "ET_EXEC"]: + raise RuntimeError("Unsupported ELF type.") + + pe_arch = { + "EM_386": 0x014C, + "EM_AARCH64": 0xAA64, + "EM_ARM": 0x01C2, + "EM_LOONGARCH": 0x6232 if elf.elfclass == 32 else 0x6264, + "EM_RISCV": 0x5032 if elf.elfclass == 32 else 0x5064, + "EM_X86_64": 0x8664, + }.get(elf["e_machine"]) + if pe_arch is None: + raise RuntimeError(f"Unuspported ELF arch {elf['e_machine']}") + + coff = PeCoffHeader() + opt = PeOptionalHeader32() if elf.elfclass == 32 else PeOptionalHeader32Plus() + + # We relocate to a unique image base to reduce the chances for runtime relocation to occur. + base_name = pathlib.Path(args.PE.name).name.encode() + opt.ImageBase = int(hashlib.sha1(base_name).hexdigest()[0:8], 16) + if elf.elfclass == 32: + opt.ImageBase = (0x400000 + opt.ImageBase) & 0xFFFF0000 + else: + opt.ImageBase = (0x100000000 + opt.ImageBase) & 0x1FFFF0000 + + sections = copy_sections(elf, opt) + pe_reloc_s = convert_elf_relocations(elf, opt, sections) + + coff.Machine = pe_arch + coff.NumberOfSections = len(sections) + coff.TimeDateStamp = int(os.environ.get("SOURCE_DATE_EPOCH", time.time())) + coff.SizeOfOptionalHeader = sizeof(opt) + # EXECUTABLE_IMAGE|LINE_NUMS_STRIPPED|LOCAL_SYMS_STRIPPED|DEBUG_STRIPPED + # and (32BIT_MACHINE or LARGE_ADDRESS_AWARE) + coff.Characteristics = 0x30E if elf.elfclass == 32 else 0x22E + + opt.AddressOfEntryPoint = elf["e_entry"] + opt.SectionAlignment = SECTION_ALIGNMENT + opt.FileAlignment = FILE_ALIGNMENT + opt.MajorImageVersion = args.version_major + opt.MinorImageVersion = args.version_minor + opt.MajorSubsystemVersion = args.efi_major + opt.MinorSubsystemVersion = args.efi_minor + opt.Subsystem = args.subsystem + opt.Magic = 0x10B if elf.elfclass == 32 else 0x20B + opt.SizeOfImage = align_to( + sections[-1].VirtualAddress + sections[-1].VirtualSize, SECTION_ALIGNMENT + ) + opt.SizeOfHeaders = align_to( + PE_OFFSET + + coff.SizeOfOptionalHeader + + sizeof(PeSection) * coff.NumberOfSections, + FILE_ALIGNMENT, + ) + # DYNAMIC_BASE|NX_COMPAT|HIGH_ENTROPY_VA or DYNAMIC_BASE|NX_COMPAT + opt.DllCharacteristics = 0x160 if elf.elfclass == 64 else 0x140 + + # These values are taken from a natively built PE binary (although, unused by EDK2/EFI). + opt.SizeOfStackReserve = 0x100000 + opt.SizeOfStackCommit = 0x001000 + opt.SizeOfHeapReserve = 0x100000 + opt.SizeOfHeapCommit = 0x001000 + + opt.NumberOfRvaAndSizes = N_DATA_DIRECTORY_ENTRIES + opt.BaseRelocationTable = PeDataDirectory( + pe_reloc_s.VirtualAddress, pe_reloc_s.VirtualSize + ) + + write_pe(args.PE, coff, opt, sections) + + +def main(): + parser = argparse.ArgumentParser(description="Convert ELF binaries to PE/EFI") + parser.add_argument( + "--version-major", + type=int, + default=0, + help="Major image version of EFI image", + ) + parser.add_argument( + "--version-minor", + type=int, + default=0, + help="Minor image version of EFI image", + ) + parser.add_argument( + "--efi-major", + type=int, + default=0, + help="Minimum major EFI subsystem version", + ) + parser.add_argument( + "--efi-minor", + type=int, + default=0, + help="Minimum minor EFI subsystem version", + ) + parser.add_argument( + "--subsystem", + type=int, + default=10, + help="PE subsystem", + ) + parser.add_argument( + "ELF", + type=argparse.FileType("rb"), + help="Input ELF file", + ) + parser.add_argument( + "PE", + type=argparse.FileType("wb"), + help="Output PE/EFI file", + ) + + elf2efi(parser.parse_args()) + + +if __name__ == "__main__": + main() diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh index 2e64475c6d7..b2a5900b1f0 100755 --- a/tools/oss-fuzz.sh +++ b/tools/oss-fuzz.sh @@ -35,18 +35,12 @@ else apt-get update apt-get install -y gperf m4 gettext python3-pip \ libcap-dev libmount-dev \ - pkg-config wget python3-jinja2 zipmerge + pkg-config wget python3-jinja2 zipmerge zstd if [[ "$ARCHITECTURE" == i386 ]]; then apt-get install -y pkg-config:i386 libcap-dev:i386 libmount-dev:i386 fi - # gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd - # is hidden. It isn't linked against efi. It doesn't - # even include "efi.h" because "bcd.c" can work in "unit test" mode - # where it isn't necessary. - apt-get install -y gnu-efi zstd - pip3 install -r .github/workflows/requirements.txt --require-hashes # https://github.com/google/oss-fuzz/issues/6868 diff --git a/units/meson.build b/units/meson.build index c7939a10f81..06d68c1d6bc 100644 --- a/units/meson.build +++ b/units/meson.build @@ -105,9 +105,9 @@ units = [ ['systemd-ask-password-wall.path', '', 'multi-user.target.wants/'], ['systemd-ask-password-wall.service', ''], - ['systemd-boot-random-seed.service', 'HAVE_GNU_EFI', + ['systemd-boot-random-seed.service', 'ENABLE_BOOTLOADER', 'sysinit.target.wants/'], - ['systemd-boot-update.service', 'HAVE_GNU_EFI'], + ['systemd-boot-update.service', 'ENABLE_BOOTLOADER'], ['systemd-coredump.socket', 'ENABLE_COREDUMP', 'sockets.target.wants/'], ['systemd-exit.service', ''], @@ -187,7 +187,7 @@ in_units = [ ['systemd-backlight@.service', 'ENABLE_BACKLIGHT'], ['systemd-binfmt.service', 'ENABLE_BINFMT', 'sysinit.target.wants/'], - ['systemd-bless-boot.service', 'HAVE_GNU_EFI HAVE_BLKID'], + ['systemd-bless-boot.service', 'ENABLE_BOOTLOADER HAVE_BLKID'], ['systemd-boot-check-no-failures.service', ''], ['systemd-coredump@.service', 'ENABLE_COREDUMP'], ['systemd-pstore.service', 'ENABLE_PSTORE'], @@ -259,16 +259,16 @@ in_units = [ 'sysinit.target.wants/ initrd-root-fs.target.wants/'], ['user-runtime-dir@.service', ''], ['user@.service', ''], - ['systemd-pcrphase-initrd.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2 ENABLE_INITRD', + ['systemd-pcrphase-initrd.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2 ENABLE_INITRD', 'initrd.target.wants/'], - ['systemd-pcrphase-sysinit.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2', + ['systemd-pcrphase-sysinit.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2', 'sysinit.target.wants/'], - ['systemd-pcrphase.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2', + ['systemd-pcrphase.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2', 'sysinit.target.wants/'], - ['systemd-pcrmachine.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2', + ['systemd-pcrmachine.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2', 'sysinit.target.wants/'], - ['systemd-pcrfs-root.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2'], - ['systemd-pcrfs@.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2'], + ['systemd-pcrfs-root.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2'], + ['systemd-pcrfs@.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2'], ['systemd-growfs-root.service', ''], ['systemd-growfs@.service', ''], ]