diff options
| author | Lennart Poettering <lennart@poettering.net> | 2024-09-11 10:09:53 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-11 10:09:53 +0200 |
| commit | a5d0f74e623634efdc54549d2b04a9d6e17ce5ee (patch) | |
| tree | d90f02f4732cc9c85b2086f79c06b685804a719e | |
| parent | Change OS X to macOS in BOOT.md (#34358) (diff) | |
| parent | stub: add StubDevicePartUUID/StubImageIdentifier (diff) | |
| download | systemd-a5d0f74e623634efdc54549d2b04a9d6e17ce5ee.tar.xz systemd-a5d0f74e623634efdc54549d2b04a9d6e17ce5ee.zip | |
Merge pull request #34348 from poettering/stub-efivar-tweaks
sd-stub: report stub location in efi vars
| -rw-r--r-- | man/systemd-boot.xml | 27 | ||||
| -rw-r--r-- | man/systemd-stub.xml | 31 | ||||
| -rw-r--r-- | src/boot/bootctl-status.c | 5 | ||||
| -rw-r--r-- | src/boot/efi/export-vars.c | 7 | ||||
| -rw-r--r-- | src/boot/efi/stub.c | 13 | ||||
| -rw-r--r-- | src/fundamental/efivars-fundamental.h | 1 |
6 files changed, 63 insertions, 21 deletions
diff --git a/man/systemd-boot.xml b/man/systemd-boot.xml index cc4504926c..0da919b127 100644 --- a/man/systemd-boot.xml +++ b/man/systemd-boot.xml @@ -429,13 +429,15 @@ <varlistentry> <term><varname>LoaderDevicePartUUID</varname></term> - <listitem><para>Contains the partition UUID of the EFI System Partition the boot loader was run from. Set by - the boot - loader. <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> - uses this information to automatically find the disk booted from, in order to discover various other partitions - on the same disk automatically.</para> + <listitem><para>Contains the partition UUID of the partition the boot loader has been started from on + the current boot (usually a EFI System Partition). Set by the boot loader. (Note that + <command>systemd-stub</command> will set this too, if not set yet, to support systems that directly + boot into a unified kernel image, bypassing any boot loader.) + <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> + uses this information to automatically find the disk booted from, in order to discover various other + partitions on the same disk automatically.</para> - <xi:include href="version-info.xml" xpointer="v240"/></listitem> + <xi:include href="version-info.xml" xpointer="v220"/></listitem> </varlistentry> <varlistentry> @@ -516,12 +518,15 @@ <varlistentry> <term><varname>LoaderImageIdentifier</varname></term> - <listitem><para>The path of executable of the boot loader used for the current boot, relative to the EFI System - Partition's root directory. Set by the boot loader. Use - <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view this - data.</para> + <listitem><para>The file system path to the EFI executable of the boot loader for the current boot, + relative to the partition's root directory (i.e. relative to the partition indicated by + <varname>LoaderDevicePartUUID</varname>, see above). Set by the boot loader. (Note that + <command>systemd-stub</command> will set this too, if not set yet, to support systems that directly + boot into a unified kernel image, bypassing any boot loader.) Use + <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view + this data.</para> - <xi:include href="version-info.xml" xpointer="v240"/></listitem> + <xi:include href="version-info.xml" xpointer="v220"/></listitem> </varlistentry> <varlistentry> diff --git a/man/systemd-stub.xml b/man/systemd-stub.xml index 9f87f19f4c..dbc85d837a 100644 --- a/man/systemd-stub.xml +++ b/man/systemd-stub.xml @@ -459,12 +459,16 @@ <varlistentry> <term><varname>LoaderDevicePartUUID</varname></term> - <listitem><para>Contains the partition UUID of the EFI System Partition the EFI image was run - from. <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> + <listitem><para>Contains the partition UUID of the partition the boot loader has been started from on + the current boot (usually a EFI System Partition). If already set by the boot loader, this will + remain untouched by <command>systemd-stub</command>. If not set yet, this will be set to the + partition UUID of the partition the unified kernel is started from, in order to support systems that + directly boot into a unified kernel image, bypassing any boot loader. + <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> uses this information to automatically find the disk booted from, in order to discover various other partitions on the same disk automatically.</para> - <xi:include href="version-info.xml" xpointer="v250"/></listitem> + <xi:include href="version-info.xml" xpointer="v224"/></listitem> </varlistentry> <varlistentry> @@ -481,12 +485,27 @@ <varlistentry> <term><varname>LoaderImageIdentifier</varname></term> - <listitem><para>The path of EFI executable, relative to the EFI System Partition's root - directory. Use + <listitem><para>The file system path to the EFI executable of the boot loader for the current boot, + relative to the partition's root directory (i.e. relative to the partition indicated by + <varname>LoaderDevicePartUUID</varname>, see above). If not set yet, this will be set to the file + system path of the EFI executable of the booted unified kernel, in order to support systems that + directly boot into a unified kernel image, bypassing any boot loader. Use <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view this data.</para> - <xi:include href="version-info.xml" xpointer="v250"/></listitem> + <xi:include href="version-info.xml" xpointer="v237"/></listitem> + </varlistentry> + + <varlistentry> + <term><varname>StubDevicePartUUID</varname></term> + <term><varname>StubImageIdentifier</varname></term> + + <listitem><para>Similar to <varname>LoaderDevicePartUUID</varname> and + <varname>StubImageIdentifier</varname>, but indicates the location of the unified kernel image EFI + binary rather than the location of the boot loader binary, regardless if booted via a boot loader + or not.</para> + + <xi:include href="version-info.xml" xpointer="v257"/></listitem> </varlistentry> <varlistentry> diff --git a/src/boot/bootctl-status.c b/src/boot/bootctl-status.c index 113d27410f..192fddbf5e 100644 --- a/src/boot/bootctl-status.c +++ b/src/boot/bootctl-status.c @@ -378,12 +378,13 @@ int verb_status(int argc, char *argv[], void *userdata) { { EFI_LOADER_FEATURE_SECUREBOOT_ENROLL, "Enroll SecureBoot keys" }, { EFI_LOADER_FEATURE_RETAIN_SHIM, "Retain SHIM protocols" }, { EFI_LOADER_FEATURE_MENU_DISABLE, "Menu can be disabled" }, + { EFI_LOADER_FEATURE_MULTI_PROFILE_UKI, "Multi-Profile UKIs are supported" }, }; static const struct { uint64_t flag; const char *name; } stub_flags[] = { - { EFI_STUB_FEATURE_REPORT_BOOT_PARTITION, "Stub sets ESP information" }, + { EFI_STUB_FEATURE_REPORT_BOOT_PARTITION, "Stub sets loader partition information" }, { EFI_STUB_FEATURE_PICK_UP_CREDENTIALS, "Picks up credentials from boot partition" }, { EFI_STUB_FEATURE_PICK_UP_SYSEXTS, "Picks up system extension images from boot partition" }, { EFI_STUB_FEATURE_PICK_UP_CONFEXTS, "Picks up configuration extension images from boot partition" }, @@ -392,6 +393,8 @@ int verb_status(int argc, char *argv[], void *userdata) { { EFI_STUB_FEATURE_CMDLINE_ADDONS, "Pick up .cmdline from addons" }, { EFI_STUB_FEATURE_CMDLINE_SMBIOS, "Pick up .cmdline from SMBIOS Type 11" }, { EFI_STUB_FEATURE_DEVICETREE_ADDONS, "Pick up .dtb from addons" }, + { EFI_STUB_FEATURE_MULTI_PROFILE_UKI, "Stub understands profile selector" }, + { EFI_STUB_FEATURE_REPORT_STUB_PARTITION, "Stub sets stub partition information" }, }; _cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL, *stub = NULL; sd_id128_t loader_part_uuid = SD_ID128_NULL; diff --git a/src/boot/efi/export-vars.c b/src/boot/efi/export-vars.c index 3f59922a7e..12fbd10b05 100644 --- a/src/boot/efi/export-vars.c +++ b/src/boot/efi/export-vars.c @@ -10,7 +10,8 @@ void export_common_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image) { assert(loaded_image); /* Export the device path this image is started from, if it's not set yet */ - if (efivar_get_raw(MAKE_GUID_PTR(LOADER), u"LoaderDevicePartUUID", NULL, NULL) != EFI_SUCCESS) { + if (loaded_image->DeviceHandle && + efivar_get_raw(MAKE_GUID_PTR(LOADER), u"LoaderDevicePartUUID", NULL, NULL) != EFI_SUCCESS) { _cleanup_free_ char16_t *uuid = disk_get_part_uuid(loaded_image->DeviceHandle); if (uuid) efivar_set_str16(MAKE_GUID_PTR(LOADER), u"LoaderDevicePartUUID", uuid, 0); @@ -22,8 +23,8 @@ void export_common_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image) { * in which case there's simple nothing to set for us. (The UEFI spec doesn't really say who's wrong * here, i.e. whether FilePath may be NULL or not, hence handle this gracefully and check if FilePath * is non-NULL explicitly.) */ - if (efivar_get_raw(MAKE_GUID_PTR(LOADER), u"LoaderImageIdentifier", NULL, NULL) != EFI_SUCCESS && - loaded_image->FilePath) { + if (loaded_image->FilePath && + efivar_get_raw(MAKE_GUID_PTR(LOADER), u"LoaderImageIdentifier", NULL, NULL) != EFI_SUCCESS) { _cleanup_free_ char16_t *s = NULL; if (device_path_to_str(loaded_image->FilePath, &s) == EFI_SUCCESS) efivar_set_str16(MAKE_GUID_PTR(LOADER), u"LoaderImageIdentifier", s, 0); diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c index 0ace97013f..a5b1c50acb 100644 --- a/src/boot/efi/stub.c +++ b/src/boot/efi/stub.c @@ -153,6 +153,7 @@ static void export_stub_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image, unsig EFI_STUB_FEATURE_CMDLINE_SMBIOS | /* We support extending kernel cmdline from SMBIOS Type #11 */ EFI_STUB_FEATURE_DEVICETREE_ADDONS | /* We pick up .dtb addons */ EFI_STUB_FEATURE_MULTI_PROFILE_UKI | /* We grok the "@1" profile command line argument */ + EFI_STUB_FEATURE_REPORT_STUB_PARTITION | /* We set StubDevicePartUUID + StubImageIdentifier */ 0; assert(loaded_image); @@ -164,6 +165,18 @@ static void export_stub_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image, unsig (void) efivar_set_uint64_le(MAKE_GUID_PTR(LOADER), u"StubFeatures", stub_features, 0); (void) efivar_set_uint64_str16(MAKE_GUID_PTR(LOADER), u"StubProfile", profile, 0); + + if (loaded_image->DeviceHandle) { + _cleanup_free_ char16_t *uuid = disk_get_part_uuid(loaded_image->DeviceHandle); + if (uuid) + efivar_set_str16(MAKE_GUID_PTR(LOADER), u"StubDevicePartUUID", uuid, 0); + } + + if (loaded_image->FilePath) { + _cleanup_free_ char16_t *s = NULL; + if (device_path_to_str(loaded_image->FilePath, &s) == EFI_SUCCESS) + efivar_set_str16(MAKE_GUID_PTR(LOADER), u"StubImageIdentifier", s, 0); + } } static bool parse_profile_from_cmdline(char16_t **cmdline, unsigned *ret_profile) { diff --git a/src/fundamental/efivars-fundamental.h b/src/fundamental/efivars-fundamental.h index e18d59ff60..f002e81b53 100644 --- a/src/fundamental/efivars-fundamental.h +++ b/src/fundamental/efivars-fundamental.h @@ -36,6 +36,7 @@ #define EFI_STUB_FEATURE_DEVICETREE_ADDONS (UINT64_C(1) << 7) #define EFI_STUB_FEATURE_PICK_UP_CONFEXTS (UINT64_C(1) << 8) #define EFI_STUB_FEATURE_MULTI_PROFILE_UKI (UINT64_C(1) << 9) +#define EFI_STUB_FEATURE_REPORT_STUB_PARTITION (UINT64_C(1) << 10) typedef enum SecureBootMode { SECURE_BOOT_UNSUPPORTED, |