diff options
| author | Lennart Poettering <lennart@poettering.net> | 2022-07-27 15:25:59 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2022-08-02 10:28:49 +0200 |
| commit | 46d336722da20e1f0e6734dffe203bb358ce2485 (patch) | |
| tree | f8c0b8e66e510f60fe3c88382f4b036db69c53a3 | |
| parent | 6017eee9ce495d0b12cfe2f6f7569a0808cd672d (diff) | |
| download | systemd-46d336722da20e1f0e6734dffe203bb358ce2485.tar.gz | |
stub: introduce StubFeatures, similar to LoaderFeatures
systemd-boot reports its features via the LoaderFeatures EFI variable.
Let's add something similar for stub features, given they have been
growing.
For starters only define four feature flags. One is a baseline feature
we pretty much always supported (see comment in code), two are features
added in one of the most recently released systemd version, and the
final one, is a feature we added a few commits ago.
This is useful for userspace to figure out what is supported and what
not.
| -rw-r--r-- | src/boot/efi/stub.c | 10 | ||||
| -rw-r--r-- | src/fundamental/efivars-fundamental.h | 7 |
2 files changed, 17 insertions, 0 deletions
diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c index c35ee38749..0bd6043149 100644 --- a/src/boot/efi/stub.c +++ b/src/boot/efi/stub.c @@ -103,6 +103,13 @@ static EFI_STATUS combine_initrd( } static void export_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image) { + static const uint64_t stub_features = + EFI_STUB_FEATURE_REPORT_BOOT_PARTITION | /* We set LoaderDevicePartUUID */ + EFI_STUB_FEATURE_PICK_UP_CREDENTIALS | /* We pick up credentials from the boot partition */ + EFI_STUB_FEATURE_PICK_UP_SYSEXTS | /* We pick up system extensions from the boot partition */ + EFI_STUB_FEATURE_THREE_PCRS | /* We can measure kernel image, parameters and sysext */ + 0; + char16_t uuid[37]; assert(loaded_image); @@ -143,9 +150,12 @@ static void export_variables(EFI_LOADED_IMAGE_PROTOCOL *loaded_image) { efivar_set(LOADER_GUID, L"LoaderFirmwareType", s, 0); } + /* add StubInfo (this is one is owned by the stub, hence we unconditionally override this with our * own data) */ (void) efivar_set(LOADER_GUID, L"StubInfo", L"systemd-stub " GIT_VERSION, 0); + + (void) efivar_set_uint64_le(LOADER_GUID, L"StubFeatures", stub_features, 0); } EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { diff --git a/src/fundamental/efivars-fundamental.h b/src/fundamental/efivars-fundamental.h index d1b70eafdc..5d15e19a0e 100644 --- a/src/fundamental/efivars-fundamental.h +++ b/src/fundamental/efivars-fundamental.h @@ -4,6 +4,7 @@ #include <errno.h> #include "string-util-fundamental.h" +/* Features of the loader, i.e. systemd-boot */ #define EFI_LOADER_FEATURE_CONFIG_TIMEOUT (UINT64_C(1) << 0) #define EFI_LOADER_FEATURE_CONFIG_TIMEOUT_ONE_SHOT (UINT64_C(1) << 1) #define EFI_LOADER_FEATURE_ENTRY_DEFAULT (UINT64_C(1) << 2) @@ -13,6 +14,12 @@ #define EFI_LOADER_FEATURE_RANDOM_SEED (UINT64_C(1) << 6) #define EFI_LOADER_FEATURE_LOAD_DRIVER (UINT64_C(1) << 7) +/* Features of the stub, i.e. systemd-stub */ +#define EFI_STUB_FEATURE_REPORT_BOOT_PARTITION (UINT64_C(1) << 0) +#define EFI_STUB_FEATURE_PICK_UP_CREDENTIALS (UINT64_C(1) << 1) +#define EFI_STUB_FEATURE_PICK_UP_SYSEXTS (UINT64_C(1) << 2) +#define EFI_STUB_FEATURE_THREE_PCRS (UINT64_C(1) << 3) + typedef enum SecureBootMode { SECURE_BOOT_UNSUPPORTED, SECURE_BOOT_DISABLED, |