From 1656c534869b61ab1cb148930bb5629ee48d86e0 Mon Sep 17 00:00:00 2001 From: Gabriel Goller Date: Wed, 29 Nov 2023 14:28:58 +0100 Subject: [PATCH] node: status: added bootmode Added field that shows the bootmode of the node. The bootmode is either Legacy Bios, EFI, or EFI (Secure Boot). To detect the mode we use the exact same method as in pve: We check if the `/sys/firmware/efi` folder exists, then check if the `SecureBoot-xx...` file in the `efivars` directory has the SecureBoot flag enabled. Signed-off-by: Gabriel Goller Tested-by: Lukas Wagner --- pbs-api-types/src/node.rs | 27 ++++++++++++++++++++++++++- src/api2/node/status.rs | 29 +++++++++++++++++++++++++++-- 2 files changed, 53 insertions(+), 3 deletions(-) diff --git a/pbs-api-types/src/node.rs b/pbs-api-types/src/node.rs index 9033d5867..ab6261574 100644 --- a/pbs-api-types/src/node.rs +++ b/pbs-api-types/src/node.rs @@ -38,6 +38,29 @@ pub struct NodeInformation { pub fingerprint: String, } + +#[api] +#[derive(Serialize, Deserialize, Copy, Clone)] +#[serde(rename_all = "kebab-case")] +/// The possible BootModes +pub enum BootMode { + /// The BootMode is EFI/UEFI + Efi, + /// The BootMode is Legacy BIOS + LegacyBios, +} + +#[api] +#[derive(Serialize, Deserialize, Clone)] +#[serde(rename_all = "lowercase")] +/// Holds the Bootmodes +pub struct BootModeInformation { + /// The BootMode, either Efi or Bios + pub mode: BootMode, + /// SecureBoot status + pub secureboot: bool, +} + #[api] #[derive(Serialize, Deserialize, Default)] #[serde(rename_all = "kebab-case")] @@ -77,7 +100,7 @@ pub struct NodeCpuInformation { } }, )] -#[derive(Serialize, Deserialize, Default)] +#[derive(Serialize, Deserialize)] #[serde(rename_all = "kebab-case")] /// The Node status pub struct NodeStatus { @@ -96,4 +119,6 @@ pub struct NodeStatus { pub wait: f64, pub cpuinfo: NodeCpuInformation, pub info: NodeInformation, + /// Current boot mode + pub boot_info: BootModeInformation, } diff --git a/src/api2/node/status.rs b/src/api2/node/status.rs index 639d7211f..17b9aff39 100644 --- a/src/api2/node/status.rs +++ b/src/api2/node/status.rs @@ -1,16 +1,18 @@ -use std::os::unix::prelude::OsStrExt; +use std::os::unix::ffi::OsStrExt; use std::process::Command; use anyhow::{bail, format_err, Error}; use serde_json::Value; +use proxmox_sys::boot_mode; use proxmox_sys::linux::procfs; use proxmox_router::{ApiMethod, Permission, Router, RpcEnvironment}; use proxmox_schema::api; use pbs_api_types::{ - NodePowerCommand, StorageStatus, NODE_SCHEMA, PRIV_SYS_AUDIT, PRIV_SYS_POWER_MANAGEMENT, + BootModeInformation, NodePowerCommand, StorageStatus, NODE_SCHEMA, PRIV_SYS_AUDIT, + PRIV_SYS_POWER_MANAGEMENT, }; use pbs_api_types::{ @@ -25,6 +27,26 @@ fn procfs_to_node_cpu_info(info: procfs::ProcFsCPUInfo) -> NodeCpuInformation { } } +fn boot_mode_to_info(bm: boot_mode::BootMode, sb: boot_mode::SecureBoot) -> BootModeInformation { + use boot_mode::BootMode; + use boot_mode::SecureBoot; + + match (bm, sb) { + (BootMode::Efi, SecureBoot::Enabled) => BootModeInformation { + mode: pbs_api_types::BootMode::Efi, + secureboot: true, + }, + (BootMode::Efi, SecureBoot::Disabled) => BootModeInformation { + mode: pbs_api_types::BootMode::Efi, + secureboot: false, + }, + (BootMode::Bios, _) => BootModeInformation { + mode: pbs_api_types::BootMode::LegacyBios, + secureboot: false, + }, + } +} + #[api( input: { properties: { @@ -79,6 +101,8 @@ async fn get_status( let disk = crate::tools::fs::fs_info_static(proxmox_lang::c_str!("/")).await?; + let boot_info = boot_mode_to_info(boot_mode::BootMode::query(), boot_mode::SecureBoot::query()); + Ok(NodeStatus { memory, swap, @@ -96,6 +120,7 @@ async fn get_status( info: NodeInformation { fingerprint: crate::cert_info()?.fingerprint()?, }, + boot_info, }) }