mirror of
https://github.com/systemd/systemd.git
synced 2024-12-23 21:35:11 +03:00
05c9f9c251
Files placed in /EFI/Linux/UKI.efi.extra.d/ and /loader/addons/ are opened and verified using the LoadImage protocol, and will thus get verified via shim/firmware. If they are valid signed PE files, the .cmdline section will be extracted and appended. If there are multiple addons in each directory, they will be parsed in alphanumerical order. Optionally the .uname sections are also matched if present, so that they can be used to filter out addons as well if needed, and only addons that correspond exactly to the UKI being loaded are used. It is recommended to also always add a .sbat section to addons, so that they can be mass-revoked with just a policy update. The files must have a .addon.efi suffix. Files in the per-UKI directory are parsed, sorted, measured and appended first. Then, files in the generic directory are processed. |
||
---|---|---|
.. | ||
mkosi.conf.d | ||
mkosi.extra | ||
mkosi.repart | ||
mkosi.conf | ||
mkosi.finalize | ||
mkosi.kernel.build | ||
mkosi.postinst |