Compare commits

..

No commits in common. "209b2592ed5883bdfc7a0f2e5b7277c5c4fe834e" and "ac4e03d45bcf4ad2e570cabdb218e9bac003cc80" have entirely different histories.

4 changed files with 26 additions and 65 deletions

View File

@ -14,7 +14,6 @@
#include "chattr-util.h" #include "chattr-util.h"
#include "efivars.h" #include "efivars.h"
#include "fd-util.h" #include "fd-util.h"
#include "fileio.h"
#include "io-util.h" #include "io-util.h"
#include "macro.h" #include "macro.h"
#include "stdio-util.h" #include "stdio-util.h"
@ -41,17 +40,6 @@ char* efi_variable_path(sd_id128_t vendor, const char *name) {
return p; return p;
} }
static char* efi_variable_cache_path(sd_id128_t vendor, const char *name) {
char *p;
if (asprintf(&p,
"/run/systemd/efivars/%s-" SD_ID128_UUID_FORMAT_STR,
name, SD_ID128_FORMAT_VAL(vendor)) < 0)
return NULL;
return p;
}
int efi_get_variable( int efi_get_variable(
sd_id128_t vendor, sd_id128_t vendor,
const char *name, const char *name,
@ -335,49 +323,8 @@ bool is_efi_secure_boot_setup_mode(void) {
return cache > 0; return cache > 0;
} }
int cache_efi_options_variable(void) {
_cleanup_free_ char *line = NULL, *cachepath = NULL;
int r;
/* In SecureBoot mode this is probably not what you want. As your cmdline is cryptographically signed
* like when using Type #2 EFI Unified Kernel Images (https://systemd.io/BOOT_LOADER_SPECIFICATION/)
* The user's intention is then that the cmdline should not be modified. You want to make sure that
* the system starts up as exactly specified in the signed artifact.
*
* (NB: For testing purposes, we still check the $SYSTEMD_EFI_OPTIONS env var before accessing this
* cache, even when in SecureBoot mode.) */
if (is_efi_secure_boot()) {
_cleanup_free_ char *k;
k = efi_variable_path(EFI_VENDOR_SYSTEMD, "SystemdOptions");
if (!k)
return -ENOMEM;
/* Let's be helpful with the returned error and check if the variable exists at all. If it
* does, let's return a recognizable error (EPERM), and if not ENODATA. */
if (access(k, F_OK) < 0)
return errno == ENOENT ? -ENODATA : -errno;
return -EPERM;
}
r = efi_get_variable_string(EFI_VENDOR_SYSTEMD, "SystemdOptions", &line);
if (r == -ENOENT)
return -ENODATA;
if (r < 0)
return r;
cachepath = efi_variable_cache_path(EFI_VENDOR_SYSTEMD, "SystemdOptions");
if (!cachepath)
return -ENOMEM;
return write_string_file(cachepath, line, WRITE_STRING_FILE_ATOMIC|WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_MKDIR_0755);
}
int systemd_efi_options_variable(char **line) { int systemd_efi_options_variable(char **line) {
const char *e; const char *e;
_cleanup_free_ char *cachepath = NULL;
int r; int r;
assert(line); assert(line);
@ -395,13 +342,33 @@ int systemd_efi_options_variable(char **line) {
return 0; return 0;
} }
cachepath = efi_variable_cache_path(EFI_VENDOR_SYSTEMD, "SystemdOptions"); /* In SecureBoot mode this is probably not what you want. As your cmdline is cryptographically signed
if (!cachepath) * like when using Type #2 EFI Unified Kernel Images (https://systemd.io/BOOT_LOADER_SPECIFICATION/)
* The user's intention is then that the cmdline should not be modified. You want to make sure that
* the system starts up as exactly specified in the signed artifact.
*
* (NB: to make testing purposes we still check the $SYSTEMD_EFI_OPTIONS env var above, even when in
* SecureBoot mode.) */
if (is_efi_secure_boot()) {
_cleanup_free_ char *k;
k = efi_variable_path(EFI_VENDOR_SYSTEMD, "SystemdOptions");
if (!k)
return -ENOMEM; return -ENOMEM;
r = read_one_line_file(cachepath, line); /* Let's be helpful with the returned error and check if the variable exists at all. If it
* does, let's return a recognizable error (EPERM), and if not ENODATA. */
if (access(k, F_OK) < 0)
return errno == ENOENT ? -ENODATA : -errno;
return -EPERM;
}
r = efi_get_variable_string(EFI_VENDOR_SYSTEMD, "SystemdOptions", line);
if (r == -ENOENT) if (r == -ENOENT)
return -ENODATA; return -ENODATA;
return r; return r;
} }
#endif #endif

View File

@ -32,7 +32,6 @@ bool is_efi_boot(void);
bool is_efi_secure_boot(void); bool is_efi_secure_boot(void);
bool is_efi_secure_boot_setup_mode(void); bool is_efi_secure_boot_setup_mode(void);
int cache_efi_options_variable(void);
int systemd_efi_options_variable(char **line); int systemd_efi_options_variable(char **line);
#else #else

View File

@ -33,7 +33,6 @@
#include "dbus.h" #include "dbus.h"
#include "def.h" #include "def.h"
#include "efi-random.h" #include "efi-random.h"
#include "efivars.h"
#include "emergency-action.h" #include "emergency-action.h"
#include "env-util.h" #include "env-util.h"
#include "exit-status.h" #include "exit-status.h"
@ -2631,10 +2630,6 @@ int main(int argc, char *argv[]) {
/* The efivarfs is now mounted, let's read the random seed off it */ /* The efivarfs is now mounted, let's read the random seed off it */
(void) efi_take_random_seed(); (void) efi_take_random_seed();
/* Cache command-line options passed from EFI variables */
if (!skip_setup)
(void) cache_efi_options_variable();
} }
/* Save the original RLIMIT_NOFILE/RLIMIT_MEMLOCK so that we can reset it later when /* Save the original RLIMIT_NOFILE/RLIMIT_MEMLOCK so that we can reset it later when

View File

@ -2798,7 +2798,7 @@ class NetworkdBridgeTests(unittest.TestCase, Utilities):
if test == 'no-slave': if test == 'no-slave':
# bridge has no slaves; it's up but *might* not have carrier # bridge has no slaves; it's up but *might* not have carrier
# It may take very long time that the interface become configured state. # It may take very long time that the interface become configured state.
self.wait_online(['bridge99:no-carrier'], timeout='2m', setup_state=None) self.wait_online(['bridge99:no-carrier'], timeout='2m')
# due to a bug in the kernel, newly-created bridges are brought up # due to a bug in the kernel, newly-created bridges are brought up
# *with* carrier, unless they have had any setting changed; e.g. # *with* carrier, unless they have had any setting changed; e.g.
# their mac set, priority set, etc. Then, they will lose carrier # their mac set, priority set, etc. Then, they will lose carrier
@ -2809,7 +2809,7 @@ class NetworkdBridgeTests(unittest.TestCase, Utilities):
# add slave to bridge, but leave it down; bridge is definitely no-carrier # add slave to bridge, but leave it down; bridge is definitely no-carrier
self.check_link_attr('test1', 'operstate', 'down') self.check_link_attr('test1', 'operstate', 'down')
check_output('ip link set dev test1 master bridge99') check_output('ip link set dev test1 master bridge99')
self.wait_online(['bridge99:no-carrier:no-carrier'], setup_state=None) self.wait_online(['bridge99:no-carrier:no-carrier'])
self.check_link_attr('bridge99', 'carrier', '0') self.check_link_attr('bridge99', 'carrier', '0')
elif test == 'slave-up': elif test == 'slave-up':
# bring up slave, which will have carrier; bridge gains carrier # bring up slave, which will have carrier; bridge gains carrier