]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/kernel-install/kernel-install.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #31531 from poettering/verity-userspace-optional
[thirdparty/systemd.git] / src / kernel-install / kernel-install.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <getopt.h>
4 #include <stdbool.h>
5 #include <sys/utsname.h>
6
7 #include "boot-entry.h"
8 #include "build.h"
9 #include "chase.h"
10 #include "conf-files.h"
11 #include "dirent-util.h"
12 #include "env-file.h"
13 #include "env-util.h"
14 #include "exec-util.h"
15 #include "fd-util.h"
16 #include "fileio.h"
17 #include "find-esp.h"
18 #include "format-table.h"
19 #include "fs-util.h"
20 #include "id128-util.h"
21 #include "image-policy.h"
22 #include "kernel-image.h"
23 #include "main-func.h"
24 #include "mkdir.h"
25 #include "mount-util.h"
26 #include "parse-argument.h"
27 #include "path-util.h"
28 #include "pretty-print.h"
29 #include "recurse-dir.h"
30 #include "rm-rf.h"
31 #include "stat-util.h"
32 #include "string-table.h"
33 #include "string-util.h"
34 #include "strv.h"
35 #include "tmpfile-util.h"
36 #include "verbs.h"
37
38 static bool arg_verbose = false;
39 static char *arg_esp_path = NULL;
40 static char *arg_xbootldr_path = NULL;
41 static int arg_make_entry_directory = -1; /* tristate */
42 static PagerFlags arg_pager_flags = 0;
43 static JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF;
44 static char *arg_root = NULL;
45 static char *arg_image = NULL;
46 static ImagePolicy *arg_image_policy = NULL;
47 static bool arg_legend = true;
48
49 STATIC_DESTRUCTOR_REGISTER(arg_esp_path, freep);
50 STATIC_DESTRUCTOR_REGISTER(arg_xbootldr_path, freep);
51 STATIC_DESTRUCTOR_REGISTER(arg_root, freep);
52 STATIC_DESTRUCTOR_REGISTER(arg_image, freep);
53 STATIC_DESTRUCTOR_REGISTER(arg_image_policy, image_policy_freep);
54
55 typedef enum Action {
56 ACTION_ADD,
57 ACTION_REMOVE,
58 ACTION_INSPECT,
59 _ACTION_MAX,
60 _ACTION_INVALID = -EINVAL,
61 } Action;
62
63 typedef enum Layout {
64 LAYOUT_AUTO,
65 LAYOUT_UKI,
66 LAYOUT_BLS,
67 LAYOUT_OTHER,
68 _LAYOUT_MAX,
69 _LAYOUT_INVALID = -EINVAL,
70 } Layout;
71
72 static const char * const layout_table[_LAYOUT_MAX] = {
73 [LAYOUT_AUTO] = "auto",
74 [LAYOUT_UKI] = "uki",
75 [LAYOUT_BLS] = "bls",
76 [LAYOUT_OTHER] = "other",
77 };
78
79 DEFINE_PRIVATE_STRING_TABLE_LOOKUP(layout, Layout);
80
81 typedef struct Context {
82 int rfd;
83 Action action;
84 sd_id128_t machine_id;
85 bool machine_id_is_random;
86 KernelImageType kernel_image_type;
87 Layout layout;
88 char *layout_other;
89 char *conf_root;
90 char *boot_root;
91 BootEntryTokenType entry_token_type;
92 char *entry_token;
93 char *entry_dir;
94 char *version;
95 char *kernel;
96 char **initrds;
97 char *initrd_generator;
98 char *uki_generator;
99 char *staging_area;
100 char **plugins;
101 char **argv;
102 char **envp;
103 } Context;
104
105 #define CONTEXT_NULL (Context) { .rfd = -EBADF }
106
107 static void context_done(Context *c) {
108 assert(c);
109
110 free(c->layout_other);
111 free(c->conf_root);
112 free(c->boot_root);
113 free(c->entry_token);
114 free(c->entry_dir);
115 free(c->version);
116 free(c->kernel);
117 strv_free(c->initrds);
118 free(c->initrd_generator);
119 free(c->uki_generator);
120 if (c->action == ACTION_INSPECT)
121 free(c->staging_area);
122 else
123 rm_rf_physical_and_free(c->staging_area);
124 strv_free(c->plugins);
125 strv_free(c->argv);
126 strv_free(c->envp);
127
128 safe_close(c->rfd);
129 }
130
131 static int context_copy(const Context *source, Context *ret) {
132 int r;
133
134 assert(source);
135 assert(ret);
136 assert(source->rfd >= 0 || source->rfd == AT_FDCWD);
137
138 _cleanup_(context_done) Context copy = (Context) {
139 .rfd = AT_FDCWD,
140 .action = source->action,
141 .machine_id = source->machine_id,
142 .machine_id_is_random = source->machine_id_is_random,
143 .kernel_image_type = source->kernel_image_type,
144 .layout = source->layout,
145 .entry_token_type = source->entry_token_type,
146 };
147
148 if (source->rfd >= 0) {
149 copy.rfd = fd_reopen(source->rfd, O_CLOEXEC|O_DIRECTORY|O_PATH);
150 if (copy.rfd < 0)
151 return copy.rfd;
152 }
153
154 r = strdup_or_null(source->layout_other, &copy.layout_other);
155 if (r < 0)
156 return r;
157 r = strdup_or_null(source->conf_root, &copy.conf_root);
158 if (r < 0)
159 return r;
160 r = strdup_or_null(source->boot_root, &copy.boot_root);
161 if (r < 0)
162 return r;
163 r = strdup_or_null(source->entry_token, &copy.entry_token);
164 if (r < 0)
165 return r;
166 r = strdup_or_null(source->entry_dir, &copy.entry_dir);
167 if (r < 0)
168 return r;
169 r = strdup_or_null(source->version, &copy.version);
170 if (r < 0)
171 return r;
172 r = strdup_or_null(source->kernel, &copy.kernel);
173 if (r < 0)
174 return r;
175 r = strv_copy_unless_empty(source->initrds, &copy.initrds);
176 if (r < 0)
177 return r;
178 r = strdup_or_null(source->initrd_generator, &copy.initrd_generator);
179 if (r < 0)
180 return r;
181 r = strdup_or_null(source->uki_generator, &copy.uki_generator);
182 if (r < 0)
183 return r;
184 r = strdup_or_null(source->staging_area, &copy.staging_area);
185 if (r < 0)
186 return r;
187 r = strv_copy_unless_empty(source->plugins, &copy.plugins);
188 if (r < 0)
189 return r;
190 r = strv_copy_unless_empty(source->argv, &copy.argv);
191 if (r < 0)
192 return r;
193 r = strv_copy_unless_empty(source->envp, &copy.envp);
194 if (r < 0)
195 return r;
196
197 *ret = copy;
198 copy = CONTEXT_NULL;
199
200 return 0;
201 }
202
203 static int context_open_root(Context *c) {
204 int r;
205
206 assert(c);
207 assert(c->rfd < 0);
208
209 if (isempty(arg_root))
210 return 0;
211
212 r = path_is_root(arg_root);
213 if (r < 0)
214 return log_error_errno(r, "Failed to determine if '%s' is the root directory: %m", arg_root);
215 if (r > 0)
216 return 0;
217
218 c->rfd = open(empty_to_root(arg_root), O_CLOEXEC | O_DIRECTORY | O_PATH);
219 if (c->rfd < 0)
220 return log_error_errno(errno, "Failed to open root directory '%s': %m", empty_to_root(arg_root));
221
222 return 0;
223 }
224
225 static const char* context_get_layout(const Context *c) {
226 assert(c);
227 assert(c->layout >= 0);
228
229 return c->layout_other ?: layout_to_string(c->layout);
230 }
231
232 static int context_set_layout(Context *c, const char *s, const char *source) {
233 Layout t;
234
235 assert(c);
236 assert(source);
237
238 if (c->layout >= 0 || !s)
239 return 0;
240
241 assert(!c->layout_other);
242
243 t = layout_from_string(s);
244 if (t >= 0)
245 c->layout = t;
246 else if (isempty(s))
247 c->layout = LAYOUT_AUTO;
248 else {
249 c->layout_other = strdup(s);
250 if (!c->layout_other)
251 return log_oom();
252
253 c->layout = LAYOUT_OTHER;
254 }
255
256 log_debug("layout=%s set via %s", context_get_layout(c), source);
257 return 1;
258 }
259
260 static int context_set_machine_id(Context *c, const char *s, const char *source) {
261 int r;
262
263 assert(c);
264 assert(source);
265
266 if (!sd_id128_is_null(c->machine_id) || !s)
267 return 0;
268
269 r = sd_id128_from_string(s, &c->machine_id);
270 if (r < 0)
271 return log_warning_errno(r, "Failed to parse machine ID specified via %s, ignoring.", source);
272
273 if (sd_id128_is_null(c->machine_id))
274 return 0;
275
276 log_debug("MACHINE_ID=%s set via %s.", SD_ID128_TO_STRING(c->machine_id), source);
277 return 1;
278 }
279
280 static int context_set_string(const char *s, const char *source, const char *name, char **dest) {
281 char *p;
282
283 assert(source);
284 assert(name);
285 assert(dest);
286
287 if (*dest || !s)
288 return 0;
289
290 p = strdup(s);
291 if (!p)
292 return log_oom();
293
294 log_debug("%s (%s) set via %s.", name, p, source);
295
296 *dest = p;
297 return 1;
298 }
299
300 static int context_set_initrd_generator(Context *c, const char *s, const char *source) {
301 assert(c);
302 return context_set_string(s, source, "INITRD_GENERATOR", &c->initrd_generator);
303 }
304
305 static int context_set_uki_generator(Context *c, const char *s, const char *source) {
306 assert(c);
307 return context_set_string(s, source, "UKI_GENERATOR", &c->uki_generator);
308 }
309
310 static int context_set_version(Context *c, const char *s) {
311 assert(c);
312
313 if (s && !filename_is_valid(s))
314 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid version specified: %s", s);
315
316 return context_set_string(s, "command line", "kernel version", &c->version);
317 }
318
319 static int context_set_path(Context *c, const char *s, const char *source, const char *name, char **dest) {
320 char *p;
321 int r;
322
323 assert(c);
324 assert(source);
325 assert(name);
326 assert(dest);
327
328 if (*dest || !s)
329 return 0;
330
331 if (c->rfd >= 0) {
332 r = chaseat(c->rfd, s, CHASE_AT_RESOLVE_IN_ROOT, &p, /* ret_fd = */ NULL);
333 if (r < 0)
334 return log_warning_errno(r, "Failed to chase path %s for %s specified via %s, ignoring: %m",
335 s, name, source);
336 } else {
337 r = path_make_absolute_cwd(s, &p);
338 if (r < 0)
339 return log_warning_errno(r, "Failed to make path '%s' for %s specified via %s absolute, ignoring: %m",
340 s, name, source);
341 }
342
343 log_debug("%s (%s) set via %s.", name, p, source);
344
345 *dest = p;
346 return 1;
347 }
348
349 static int context_set_boot_root(Context *c, const char *s, const char *source) {
350 assert(c);
351 return context_set_path(c, s, source, "BOOT_ROOT", &c->boot_root);
352 }
353
354 static int context_set_conf_root(Context *c, const char *s, const char *source) {
355 assert(c);
356 return context_set_path(c, s, source, "CONF_ROOT", &c->conf_root);
357 }
358
359 static int context_set_kernel(Context *c, const char *s) {
360 assert(c);
361 return context_set_path(c, s, "command line", "kernel image file", &c->kernel);
362 }
363
364 static int context_set_path_strv(Context *c, char* const* strv, const char *source, const char *name, char ***dest) {
365 _cleanup_strv_free_ char **w = NULL;
366 int r;
367
368 assert(c);
369 assert(source);
370 assert(name);
371 assert(dest);
372
373 if (*dest)
374 return 0;
375
376 STRV_FOREACH(s, strv) {
377 char *p;
378
379 if (c->rfd >= 0) {
380 r = chaseat(c->rfd, *s, CHASE_AT_RESOLVE_IN_ROOT, &p, /* ret_fd = */ NULL);
381 if (r < 0)
382 return log_warning_errno(r, "Failed to chase path %s for %s specified via %s: %m",
383 *s, name, source);
384 } else {
385 r = path_make_absolute_cwd(*s, &p);
386 if (r < 0)
387 return log_warning_errno(r, "Failed to make path '%s' for %s specified via %s absolute, ignoring: %m",
388 *s, name, source);
389 }
390 r = strv_consume(&w, p);
391 if (r < 0)
392 return log_oom();
393 }
394
395 if (strv_isempty(w))
396 return 0;
397
398 log_debug("%s set via %s", name, source);
399
400 *dest = TAKE_PTR(w);
401 return 1;
402 }
403
404 static int context_set_plugins(Context *c, const char *s, const char *source) {
405 _cleanup_strv_free_ char **v = NULL;
406
407 assert(c);
408
409 if (c->plugins || !s)
410 return 0;
411
412 v = strv_split(s, NULL);
413 if (!v)
414 return log_oom();
415
416 return context_set_path_strv(c, v, source, "plugins", &c->plugins);
417 }
418
419 static int context_set_initrds(Context *c, char* const* strv) {
420 assert(c);
421 return context_set_path_strv(c, strv, "command line", "initrds", &c->initrds);
422 }
423
424 static int context_load_environment(Context *c) {
425 assert(c);
426
427 (void) context_set_machine_id(c, getenv("MACHINE_ID"), "environment");
428 (void) context_set_boot_root(c, getenv("BOOT_ROOT"), "environment");
429 (void) context_set_conf_root(c, getenv("KERNEL_INSTALL_CONF_ROOT"), "environment");
430 (void) context_set_plugins(c, getenv("KERNEL_INSTALL_PLUGINS"), "environment");
431 return 0;
432 }
433
434 static int context_load_install_conf_one(Context *c, const char *path) {
435 _cleanup_fclose_ FILE *f = NULL;
436 _cleanup_free_ char
437 *conf = NULL, *machine_id = NULL, *boot_root = NULL, *layout = NULL,
438 *initrd_generator = NULL, *uki_generator = NULL;
439 int r;
440
441 assert(c);
442 assert(path);
443
444 conf = path_join(path, "install.conf");
445 if (!conf)
446 return log_oom();
447
448 r = chase_and_fopenat_unlocked(c->rfd, conf, CHASE_AT_RESOLVE_IN_ROOT, "re", NULL, &f);
449 if (r == -ENOENT)
450 return 0;
451 if (r < 0)
452 return log_error_errno(r, "Failed to chase %s: %m", conf);
453
454 log_debug("Loading %s…", conf);
455
456 r = parse_env_file(f, conf,
457 "MACHINE_ID", &machine_id,
458 "BOOT_ROOT", &boot_root,
459 "layout", &layout,
460 "initrd_generator", &initrd_generator,
461 "uki_generator", &uki_generator);
462 if (r < 0)
463 return log_error_errno(r, "Failed to parse '%s': %m", conf);
464
465 (void) context_set_machine_id(c, machine_id, conf);
466 (void) context_set_boot_root(c, boot_root, conf);
467 (void) context_set_layout(c, layout, conf);
468 (void) context_set_initrd_generator(c, initrd_generator, conf);
469 (void) context_set_uki_generator(c, uki_generator, conf);
470
471 log_debug("Loaded %s.", conf);
472 return 1;
473 }
474
475 static int context_load_install_conf(Context *c) {
476 int r;
477
478 assert(c);
479
480 if (c->conf_root) {
481 r = context_load_install_conf_one(c, c->conf_root);
482 if (r != 0)
483 return r;
484 }
485
486 FOREACH_STRING(p, "/etc/kernel", "/usr/lib/kernel") {
487 r = context_load_install_conf_one(c, p);
488 if (r != 0)
489 return r;
490 }
491
492 return 0;
493 }
494
495 static int context_load_machine_info(Context *c) {
496 _cleanup_fclose_ FILE *f = NULL;
497 _cleanup_free_ char *machine_id = NULL, *layout = NULL;
498 static const char *path = "/etc/machine-info";
499 int r;
500
501 assert(c);
502
503 /* If the user configured an explicit machine ID in /etc/machine-info to use for our purpose, we'll
504 * use that instead (for compatibility). */
505
506 if (!sd_id128_is_null(c->machine_id) && c->layout >= 0)
507 return 0;
508
509 /* For testing. To make not read host's /etc/machine-info. */
510 r = getenv_bool("KERNEL_INSTALL_READ_MACHINE_INFO");
511 if (r < 0 && r != -ENXIO)
512 log_warning_errno(r, "Failed to read $KERNEL_INSTALL_READ_MACHINE_INFO, assuming yes: %m");
513 if (r == 0) {
514 log_debug("Skipping to read /etc/machine-info.");
515 return 0;
516 }
517
518 r = chase_and_fopenat_unlocked(c->rfd, path, CHASE_AT_RESOLVE_IN_ROOT, "re", NULL, &f);
519 if (r == -ENOENT)
520 return 0;
521 if (r < 0)
522 return log_error_errno(r, "Failed to chase %s: %m", path);
523
524 log_debug("Loading %s…", path);
525
526 r = parse_env_file(f, path,
527 "KERNEL_INSTALL_MACHINE_ID", &machine_id,
528 "KERNEL_INSTALL_LAYOUT", &layout);
529 if (r < 0)
530 return log_error_errno(r, "Failed to parse '%s': %m", path);
531
532 (void) context_set_machine_id(c, machine_id, path);
533 (void) context_set_layout(c, layout, path);
534 return 0;
535 }
536
537 static int context_load_machine_id(Context *c) {
538 int r;
539
540 assert(c);
541
542 r = id128_get_machine_at(c->rfd, &c->machine_id);
543 if (ERRNO_IS_NEG_MACHINE_ID_UNSET(r))
544 return 0;
545 if (r < 0)
546 return log_error_errno(r, "Failed to load machine ID from /etc/machine-id: %m");
547
548 log_debug("MACHINE_ID=%s set via /etc/machine-id.", SD_ID128_TO_STRING(c->machine_id));
549 return 1; /* loaded */
550 }
551
552 static int context_ensure_machine_id(Context *c) {
553 int r;
554
555 assert(c);
556
557 if (!sd_id128_is_null(c->machine_id))
558 return 0;
559
560 /* If /etc/machine-id is initialized we'll use it. */
561 r = context_load_machine_id(c);
562 if (r != 0)
563 return r;
564
565 /* Otherwise we'll use a freshly generated one. */
566 r = sd_id128_randomize(&c->machine_id);
567 if (r < 0)
568 return log_error_errno(r, "Failed to generate random ID: %m");
569
570 c->machine_id_is_random = true;
571 log_debug("New machine ID '%s' generated.", SD_ID128_TO_STRING(c->machine_id));
572 return 0;
573 }
574
575 static int context_acquire_xbootldr(Context *c) {
576 int r;
577
578 assert(c);
579 assert(!c->boot_root);
580
581 r = find_xbootldr_and_warn_at(
582 /* rfd = */ c->rfd,
583 /* path = */ arg_xbootldr_path,
584 /* unprivileged_mode= */ -1,
585 /* ret_path = */ &c->boot_root,
586 /* ret_uuid = */ NULL,
587 /* ret_devid = */ NULL);
588 if (r == -ENOKEY) {
589 log_debug_errno(r, "Couldn't find an XBOOTLDR partition.");
590 return 0;
591 }
592 if (r == -EACCES && geteuid() != 0)
593 return log_error_errno(r, "Failed to determine XBOOTLDR partition: %m");
594 if (r < 0)
595 return r;
596
597 log_debug("Using XBOOTLDR partition at %s as $BOOT_ROOT.", c->boot_root);
598 return 1; /* found */
599 }
600
601 static int context_acquire_esp(Context *c) {
602 int r;
603
604 assert(c);
605 assert(!c->boot_root);
606
607 r = find_esp_and_warn_at(
608 /* rfd = */ c->rfd,
609 /* path = */ arg_esp_path,
610 /* unprivileged_mode= */ -1,
611 /* ret_path = */ &c->boot_root,
612 /* ret_part = */ NULL,
613 /* ret_pstart = */ NULL,
614 /* ret_psize = */ NULL,
615 /* ret_uuid = */ NULL,
616 /* ret_devid = */ NULL);
617 if (r == -ENOKEY) {
618 log_debug_errno(r, "Couldn't find EFI system partition, ignoring.");
619 return 0;
620 }
621 if (r == -EACCES && geteuid() != 0)
622 return log_error_errno(r, "Failed to determine EFI system partition: %m");
623 if (r < 0)
624 return r;
625
626 log_debug("Using EFI System Partition at %s as $BOOT_ROOT.", c->boot_root);
627 return 1; /* found */
628 }
629
630 static int context_ensure_boot_root(Context *c) {
631 int r;
632
633 assert(c);
634
635 /* If BOOT_ROOT is specified via environment or install.conf, then use it. */
636 if (c->boot_root)
637 return 0;
638
639 /* Otherwise, use XBOOTLDR partition, if mounted. */
640 r = context_acquire_xbootldr(c);
641 if (r != 0)
642 return r;
643
644 /* Otherwise, use EFI system partition, if mounted. */
645 r = context_acquire_esp(c);
646 if (r != 0)
647 return r;
648
649 /* If all else fails, use /boot. */
650 if (c->rfd >= 0) {
651 r = chaseat(c->rfd, "/boot", CHASE_AT_RESOLVE_IN_ROOT, &c->boot_root, /* ret_fd = */ NULL);
652 if (r < 0)
653 return log_error_errno(r, "Failed to chase '/boot': %m");
654 } else {
655 c->boot_root = strdup("/boot");
656 if (!c->boot_root)
657 return log_oom();
658 }
659
660 log_debug("KERNEL_INSTALL_BOOT_ROOT autodetection yielded no candidates, using \"%s\".", c->boot_root);
661 return 0;
662 }
663
664 static int context_ensure_entry_token(Context *c) {
665 int r;
666
667 assert(c);
668
669 /* Now that we determined the machine ID to use, let's determine the "token" for the boot loader
670 * entry to generate. We use that for naming the directory below $BOOT where we want to place the
671 * kernel/initrd and related resources, as well for naming the .conf boot loader spec entry.
672 * Typically this is just the machine ID, but it can be anything else, too, if we are told so. */
673
674 r = boot_entry_token_ensure_at(
675 c->rfd,
676 c->conf_root,
677 c->machine_id,
678 c->machine_id_is_random,
679 &c->entry_token_type,
680 &c->entry_token);
681 if (r < 0)
682 return r;
683
684 log_debug("Using entry token: %s", c->entry_token);
685 return 0;
686 }
687
688 static int context_load_plugins(Context *c) {
689 int r;
690
691 assert(c);
692
693 if (c->plugins)
694 return 0;
695
696 r = conf_files_list_strv_at(
697 &c->plugins,
698 ".install",
699 c->rfd,
700 CONF_FILES_EXECUTABLE | CONF_FILES_REGULAR | CONF_FILES_FILTER_MASKED,
701 STRV_MAKE_CONST("/etc/kernel/install.d", "/usr/lib/kernel/install.d"));
702 if (r < 0)
703 return log_error_errno(r, "Failed to find plugins: %m");
704
705 return 0;
706 }
707
708 static int context_init(Context *c) {
709 int r;
710
711 assert(c);
712
713 r = context_open_root(c);
714 if (r < 0)
715 return r;
716
717 r = context_load_environment(c);
718 if (r < 0)
719 return r;
720
721 r = context_load_install_conf(c);
722 if (r < 0)
723 return r;
724
725 r = context_load_machine_info(c);
726 if (r < 0)
727 return r;
728
729 r = context_ensure_machine_id(c);
730 if (r < 0)
731 return r;
732
733 r = context_ensure_boot_root(c);
734 if (r < 0)
735 return r;
736
737 r = context_ensure_entry_token(c);
738 if (r < 0)
739 return r;
740
741 r = context_load_plugins(c);
742 if (r < 0)
743 return r;
744
745 return 0;
746 }
747
748 static int context_inspect_kernel(Context *c) {
749 assert(c);
750
751 if (!c->kernel)
752 return 0;
753
754 return inspect_kernel(c->rfd, c->kernel, &c->kernel_image_type, NULL, NULL, NULL);
755 }
756
757 static int context_ensure_layout(Context *c) {
758 int r;
759
760 assert(c);
761 assert(c->boot_root);
762 assert(c->entry_token);
763
764 if (c->layout >= 0 && c->layout != LAYOUT_AUTO)
765 return 0;
766
767 /* No layout configured by the administrator. Let's try to figure it out automatically from metadata
768 * already contained in $BOOT_ROOT. */
769
770 if (c->kernel_image_type == KERNEL_IMAGE_TYPE_UKI) {
771 c->layout = LAYOUT_UKI;
772 log_debug("Kernel image type is %s, using layout=%s.",
773 kernel_image_type_to_string(c->kernel_image_type), layout_to_string(c->layout));
774 return 0;
775 }
776
777 _cleanup_free_ char *srel_path = path_join(c->boot_root, "loader/entries.srel");
778 if (!srel_path)
779 return log_oom();
780
781 _cleanup_free_ char *srel = NULL;
782 r = read_one_line_file_at(c->rfd, srel_path, &srel);
783 if (r >= 0) {
784 if (streq(srel, "type1"))
785 /* The loader/entries.srel file clearly indicates that the installed boot loader
786 * implements the proper standard upstream boot loader spec for Type #1 entries.
787 * Let's default to that, then. */
788 c->layout = LAYOUT_BLS;
789 else
790 /* The loader/entries.srel file indicates some other spec is implemented and owns the
791 * /loader/entries/ directory. Since we have no idea what that means, let's stay away
792 * from it by default. */
793 c->layout = LAYOUT_OTHER;
794
795 log_debug("%s with '%s' found, using layout=%s.", srel_path, srel, layout_to_string(c->layout));
796 return 0;
797 } else if (r != -ENOENT)
798 return log_error_errno(r, "Failed to read %s: %m", srel_path);
799
800 _cleanup_free_ char *entry_token_path = path_join(c->boot_root, c->entry_token);
801 if (!entry_token_path)
802 return log_oom();
803
804 r = is_dir_full(c->rfd, entry_token_path, /* follow = */ false);
805 if (r < 0 && r != -ENOENT)
806 return log_error_errno(r, "Failed to check if '%s' is a directory: %m", entry_token_path);
807 if (r > 0) {
808 /* If the metadata in $BOOT_ROOT doesn't tell us anything, then check if the entry token
809 * directory already exists. If so, let's assume it's the standard boot loader spec, too. */
810 c->layout = LAYOUT_BLS;
811 log_debug("%s exists, using layout=%s.", entry_token_path, layout_to_string(c->layout));
812 return 0;
813 }
814
815 /* There's no metadata in $BOOT_ROOT, and apparently no entry token directory installed? Then we
816 * really don't know anything. */
817 c->layout = LAYOUT_OTHER;
818 log_debug("Entry-token directory not found, using layout=%s.", layout_to_string(c->layout));
819 return 0;
820 }
821
822 static int context_set_up_staging_area(Context *c) {
823 static const char *template = "/tmp/kernel-install.staging.XXXXXX";
824 int r;
825
826 assert(c);
827
828 if (c->staging_area)
829 return 0;
830
831 if (c->action == ACTION_INSPECT) {
832 /* This is only used for display. The directory will not be created. */
833 c->staging_area = strdup(template);
834 if (!c->staging_area)
835 return log_oom();
836 } else {
837 r = mkdtemp_malloc(template, &c->staging_area);
838 if (r < 0)
839 return log_error_errno(r, "Failed to create staging area: %m");
840 }
841
842 return 0;
843 }
844
845 static int context_build_entry_dir(Context *c) {
846 assert(c);
847 assert(c->boot_root);
848 assert(c->entry_token);
849 assert(c->version || c->action == ACTION_INSPECT);
850
851 if (c->entry_dir)
852 return 0;
853
854 c->entry_dir = path_join(c->boot_root, c->entry_token, c->version ?: "KERNEL_VERSION");
855 if (!c->entry_dir)
856 return log_oom();
857
858 log_debug("Using ENTRY_DIR=%s", c->entry_dir);
859 return 0;
860 }
861
862 static bool context_should_make_entry_dir(Context *c) {
863 assert(c);
864
865 /* Compatibility with earlier versions that used the presence of $BOOT_ROOT/$ENTRY_TOKEN to signal to
866 * 00-entry-directory to create $ENTRY_DIR to serve as the indication to use or to not use the BLS */
867
868 if (arg_make_entry_directory < 0)
869 return c->layout == LAYOUT_BLS;
870
871 return arg_make_entry_directory;
872 }
873
874 static int context_make_entry_dir(Context *c) {
875 _cleanup_close_ int fd = -EBADF;
876
877 assert(c);
878 assert(c->entry_dir);
879
880 if (c->action != ACTION_ADD)
881 return 0;
882
883 if (!context_should_make_entry_dir(c))
884 return 0;
885
886 log_debug("mkdir -p %s", c->entry_dir);
887 fd = chase_and_openat(c->rfd, c->entry_dir, CHASE_AT_RESOLVE_IN_ROOT | CHASE_MKDIR_0755,
888 O_CLOEXEC | O_CREAT | O_DIRECTORY | O_PATH, NULL);
889 if (fd < 0)
890 return log_error_errno(fd, "Failed to make directory '%s': %m", c->entry_dir);
891
892 return 0;
893 }
894
895 static int context_remove_entry_dir(Context *c) {
896 _cleanup_free_ char *p = NULL;
897 _cleanup_close_ int fd = -EBADF;
898 struct stat st;
899 int r;
900
901 assert(c);
902 assert(c->entry_dir);
903
904 if (c->action != ACTION_REMOVE)
905 return 0;
906
907 if (!context_should_make_entry_dir(c))
908 return 0;
909
910 log_debug("rm -rf %s", c->entry_dir);
911 fd = chase_and_openat(c->rfd, c->entry_dir, CHASE_AT_RESOLVE_IN_ROOT, O_CLOEXEC | O_DIRECTORY, &p);
912 if (fd < 0) {
913 if (IN_SET(fd, -ENOTDIR, -ENOENT))
914 return 0;
915 return log_debug_errno(fd, "Failed to chase and open %s, ignoring: %m", c->entry_dir);
916 }
917
918 if (fstat(fd, &st) < 0)
919 return log_debug_errno(errno, "Failed to stat %s: %m", p);
920
921 r = rm_rf_children(TAKE_FD(fd), REMOVE_PHYSICAL|REMOVE_MISSING_OK|REMOVE_CHMOD, &st);
922 if (r < 0)
923 log_debug_errno(r, "Failed to remove children of %s, ignoring: %m", p);
924
925 if (unlinkat(c->rfd, p, AT_REMOVEDIR) < 0)
926 log_debug_errno(errno, "Failed to remove %s, ignoring: %m", p);
927
928 return 0;
929 }
930
931 static int context_build_arguments(Context *c) {
932 _cleanup_strv_free_ char **a = NULL;
933 const char *verb;
934 int r;
935
936 assert(c);
937 assert(c->entry_dir);
938
939 if (c->argv)
940 return 0;
941
942 switch (c->action) {
943 case ACTION_ADD:
944 assert(c->version);
945 assert(c->kernel);
946 verb = "add";
947 break;
948
949 case ACTION_REMOVE:
950 assert(c->version);
951 assert(!c->kernel);
952 assert(!c->initrds);
953 verb = "remove";
954 break;
955
956 case ACTION_INSPECT:
957 verb = "add|remove";
958 break;
959
960 default:
961 assert_not_reached();
962 }
963
964 a = strv_new("dummy-arg", /* to make strv_free() works for this variable. */
965 verb,
966 c->version ?: "KERNEL_VERSION",
967 c->entry_dir);
968 if (!a)
969 return log_oom();
970
971 if (c->action == ACTION_ADD) {
972 r = strv_extend(&a, c->kernel);
973 if (r < 0)
974 return log_oom();
975
976 r = strv_extend_strv(&a, c->initrds, /* filter_duplicates = */ false);
977 if (r < 0)
978 return log_oom();
979
980 } else if (c->action == ACTION_INSPECT) {
981 r = strv_extend_many(
982 &a,
983 c->kernel ?: "[KERNEL_IMAGE]",
984 "[INITRD...]");
985 if (r < 0)
986 return log_oom();
987 }
988
989 c->argv = TAKE_PTR(a);
990 return 0;
991 }
992
993 static int context_build_environment(Context *c) {
994 _cleanup_strv_free_ char **e = NULL;
995 int r;
996
997 assert(c);
998
999 if (c->envp)
1000 return 0;
1001
1002 r = strv_env_assign_many(&e,
1003 "LC_COLLATE", SYSTEMD_DEFAULT_LOCALE,
1004 "KERNEL_INSTALL_VERBOSE", one_zero(arg_verbose),
1005 "KERNEL_INSTALL_IMAGE_TYPE", kernel_image_type_to_string(c->kernel_image_type),
1006 "KERNEL_INSTALL_MACHINE_ID", SD_ID128_TO_STRING(c->machine_id),
1007 "KERNEL_INSTALL_ENTRY_TOKEN", c->entry_token,
1008 "KERNEL_INSTALL_BOOT_ROOT", c->boot_root,
1009 "KERNEL_INSTALL_LAYOUT", context_get_layout(c),
1010 "KERNEL_INSTALL_INITRD_GENERATOR", strempty(c->initrd_generator),
1011 "KERNEL_INSTALL_UKI_GENERATOR", strempty(c->uki_generator),
1012 "KERNEL_INSTALL_STAGING_AREA", c->staging_area);
1013 if (r < 0)
1014 return log_error_errno(r, "Failed to build environment variables for plugins: %m");
1015
1016 c->envp = TAKE_PTR(e);
1017 return 0;
1018 }
1019
1020 static int context_prepare_execution(Context *c) {
1021 int r;
1022
1023 assert(c);
1024
1025 r = context_inspect_kernel(c);
1026 if (r < 0)
1027 return r;
1028
1029 r = context_ensure_layout(c);
1030 if (r < 0)
1031 return r;
1032
1033 r = context_set_up_staging_area(c);
1034 if (r < 0)
1035 return r;
1036
1037 r = context_build_entry_dir(c);
1038 if (r < 0)
1039 return r;
1040
1041 r = context_build_arguments(c);
1042 if (r < 0)
1043 return r;
1044
1045 r = context_build_environment(c);
1046 if (r < 0)
1047 return r;
1048
1049 return 0;
1050 }
1051
1052 static int context_execute(Context *c) {
1053 int r, ret;
1054
1055 assert(c);
1056
1057 r = context_make_entry_dir(c);
1058 if (r < 0)
1059 return r;
1060
1061 if (DEBUG_LOGGING) {
1062 _cleanup_free_ char *x = strv_join_full(c->plugins, "", "\n ", /* escape_separator = */ false);
1063 log_debug("Using plugins: %s", strna(x));
1064
1065 _cleanup_free_ char *y = strv_join_full(c->envp, "", "\n ", /* escape_separator = */ false);
1066 log_debug("Plugin environment: %s", strna(y));
1067
1068 _cleanup_free_ char *z = strv_join(strv_skip(c->argv, 1), " ");
1069 log_debug("Plugin arguments: %s", strna(z));
1070 }
1071
1072 ret = execute_strv(
1073 /* name = */ NULL,
1074 c->plugins,
1075 /* root = */ NULL,
1076 USEC_INFINITY,
1077 /* callbacks = */ NULL,
1078 /* callback_args = */ NULL,
1079 c->argv,
1080 c->envp,
1081 EXEC_DIR_SKIP_REMAINING);
1082
1083 r = context_remove_entry_dir(c);
1084 if (r < 0)
1085 return r;
1086
1087 /* This returns 0 on success, positive exit code on plugin failure, negative errno on other failures. */
1088 return ret;
1089 }
1090
1091 static bool bypass(void) {
1092 int r;
1093
1094 r = getenv_bool("KERNEL_INSTALL_BYPASS");
1095 if (r < 0 && r != -ENXIO)
1096 log_debug_errno(r, "Failed to parse $KERNEL_INSTALL_BYPASS, assuming no.");
1097 if (r <= 0)
1098 return false;
1099
1100 log_debug("$KERNEL_INSTALL_BYPASS is enabled, skipping execution.");
1101 return true;
1102 }
1103
1104 static int do_add(
1105 Context *c,
1106 const char *version,
1107 const char *kernel,
1108 char **initrds) {
1109
1110 int r;
1111
1112 assert(c);
1113 assert(version);
1114 assert(kernel);
1115
1116 r = context_set_version(c, version);
1117 if (r < 0)
1118 return r;
1119
1120 r = context_set_kernel(c, kernel);
1121 if (r < 0)
1122 return r;
1123
1124 r = context_set_initrds(c, initrds);
1125 if (r < 0)
1126 return r;
1127
1128 r = context_prepare_execution(c);
1129 if (r < 0)
1130 return r;
1131
1132 return context_execute(c);
1133 }
1134
1135 static int kernel_from_version(const char *version, char **ret_kernel) {
1136 _cleanup_free_ char *vmlinuz = NULL;
1137 int r;
1138
1139 assert(version);
1140
1141 vmlinuz = path_join("/usr/lib/modules/", version, "/vmlinuz");
1142 if (!vmlinuz)
1143 return log_oom();
1144
1145 r = laccess(vmlinuz, F_OK);
1146 if (r < 0) {
1147 if (r == -ENOENT)
1148 return log_error_errno(r, "Kernel image not installed to '%s', requiring manual kernel image path specification.", vmlinuz);
1149
1150 return log_error_errno(r, "Failed to determine if kernel image is installed to '%s': %m", vmlinuz);
1151 }
1152
1153 *ret_kernel = TAKE_PTR(vmlinuz);
1154 return 0;
1155 }
1156
1157 static int verb_add(int argc, char *argv[], void *userdata) {
1158 Context *c = ASSERT_PTR(userdata);
1159 _cleanup_free_ char *vmlinuz = NULL;
1160 const char *version, *kernel;
1161 char **initrds;
1162 struct utsname un;
1163 int r;
1164
1165 assert(argv);
1166
1167 if (arg_root)
1168 return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "'add' does not support --root= or --image=.");
1169
1170 if (bypass())
1171 return 0;
1172
1173 c->action = ACTION_ADD;
1174
1175 /* We use the same order of arguments that "inspect" introduced, i.e. if only on argument is
1176 * specified we take it as the kernel path, not the version, i.e. it's the first argument that is
1177 * optional, not the 2nd. */
1178 version = argc > 2 ? empty_or_dash_to_null(argv[1]) : NULL;
1179 kernel = argc > 2 ? empty_or_dash_to_null(argv[2]) :
1180 (argc > 1 ? empty_or_dash_to_null(argv[1]) : NULL);
1181 initrds = strv_skip(argv, 3);
1182
1183 if (!version) {
1184 assert_se(uname(&un) >= 0);
1185 version = un.release;
1186 }
1187
1188 if (!kernel) {
1189 r = kernel_from_version(version, &vmlinuz);
1190 if (r < 0)
1191 return r;
1192
1193 kernel = vmlinuz;
1194 }
1195
1196 return do_add(c, version, kernel, initrds);
1197 }
1198
1199 static int verb_add_all(int argc, char *argv[], void *userdata) {
1200 Context *c = ASSERT_PTR(userdata);
1201 _cleanup_close_ int fd = -EBADF;
1202 size_t n = 0;
1203 int ret = 0, r;
1204
1205 assert(argv);
1206
1207 if (arg_root)
1208 return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "'add-all' does not support --root= or --image=.");
1209
1210 if (bypass())
1211 return 0;
1212
1213 c->action = ACTION_ADD;
1214
1215 fd = chase_and_openat(c->rfd, "/usr/lib/modules", CHASE_AT_RESOLVE_IN_ROOT, O_DIRECTORY|O_RDONLY|O_CLOEXEC, NULL);
1216 if (fd < 0)
1217 return log_error_errno(fd, "Failed to open %s/usr/lib/modules/: %m", strempty(arg_root));
1218
1219 _cleanup_free_ DirectoryEntries *de = NULL;
1220 r = readdir_all(fd, RECURSE_DIR_SORT|RECURSE_DIR_IGNORE_DOT, &de);
1221 if (r < 0)
1222 return log_error_errno(r, "Failed to numerate /usr/lib/modules/ contents: %m");
1223
1224 FOREACH_ARRAY(d, de->entries, de->n_entries) {
1225 r = dirent_ensure_type(fd, *d);
1226 if (r < 0) {
1227 if (r != -ENOENT) /* don't log if just gone by now */
1228 log_debug_errno(r, "Failed to check if '%s/usr/lib/modules/%s' is a directory, ignoring: %m", strempty(arg_root), (*d)->d_name);
1229 continue;
1230 }
1231
1232 if ((*d)->d_type != DT_DIR)
1233 continue;
1234
1235 _cleanup_free_ char *fn = path_join((*d)->d_name, "vmlinuz");
1236 if (!fn)
1237 return log_oom();
1238
1239 if (faccessat(fd, fn, F_OK, AT_SYMLINK_NOFOLLOW) < 0) {
1240 if (errno != ENOENT)
1241 log_debug_errno(errno, "Failed to check if '%s/usr/lib/modules/%s/vmlinuz' exists, ignoring: %m", strempty(arg_root), (*d)->d_name);
1242
1243 log_notice("Not adding version '%s', because kernel image not found.", (*d)->d_name);
1244 continue;
1245 }
1246
1247 _cleanup_(context_done) Context copy = CONTEXT_NULL;
1248
1249 r = context_copy(c, &copy);
1250 if (r < 0)
1251 return log_error_errno(r, "Failed to copy execution context: %m");
1252
1253 /* do_add() will look up the path in the correct root directory so we don't need to prefix it
1254 * with arg_root here. */
1255 _cleanup_free_ char *full = path_join("/usr/lib/modules/", fn);
1256 if (!full)
1257 return log_oom();
1258
1259 r = do_add(&copy,
1260 /* version= */ (*d)->d_name,
1261 /* kernel= */ full,
1262 /* initrds= */ NULL);
1263 if (r == 0)
1264 n++;
1265 else if (ret == 0)
1266 ret = r;
1267 }
1268
1269 if (n > 0)
1270 log_debug("Installed %zu kernel(s).", n);
1271 else if (ret == 0)
1272 ret = log_error_errno(SYNTHETIC_ERRNO(ENOENT), "No kernels to install found.");
1273
1274 return ret;
1275 }
1276
1277 static int run_as_installkernel(int argc, char *argv[], Context *c) {
1278 /* kernel's install.sh invokes us as
1279 * /sbin/installkernel <version> <vmlinuz> <map> <installation-dir>
1280 * We ignore the last two arguments. */
1281 if (optind + 2 > argc)
1282 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "'installkernel' command requires at least two arguments.");
1283
1284 return verb_add(3, STRV_MAKE("add", argv[optind], argv[optind+1]), c);
1285 }
1286
1287 static int verb_remove(int argc, char *argv[], void *userdata) {
1288 Context *c = ASSERT_PTR(userdata);
1289 int r;
1290
1291 assert(argc >= 2);
1292 assert(argv);
1293
1294 if (arg_root)
1295 return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "'remove' does not support --root= or --image=.");
1296
1297 if (argc > 2)
1298 log_debug("Too many arguments specified. 'kernel-install remove' takes only kernel version. "
1299 "Ignoring residual arguments.");
1300
1301 if (bypass())
1302 return 0;
1303
1304 c->action = ACTION_REMOVE;
1305
1306 /* Note, we do not automatically derive the kernel version to remove from uname() here (unlike we do
1307 * it for the "add" verb), since we don't want to make it too easy to uninstall your running
1308 * kernel, as a safety precaution */
1309
1310 r = context_set_version(c, argv[1]);
1311 if (r < 0)
1312 return r;
1313
1314 r = context_prepare_execution(c);
1315 if (r < 0)
1316 return r;
1317
1318 return context_execute(c);
1319 }
1320
1321 static int verb_inspect(int argc, char *argv[], void *userdata) {
1322 Context *c = ASSERT_PTR(userdata);
1323 _cleanup_(table_unrefp) Table *t = NULL;
1324 _cleanup_free_ char *vmlinuz = NULL;
1325 const char *version, *kernel;
1326 char **initrds;
1327 struct utsname un;
1328 int r;
1329
1330 c->action = ACTION_INSPECT;
1331
1332 /* When only a single parameter is specified 'inspect' it's the kernel image path, and not the kernel
1333 * version. i.e. it's the first argument that is optional, not the 2nd. That's a bit unfortunate, but
1334 * we keep the behaviour for compatibility. If users want to specify only the version (and have the
1335 * kernel image path derived automatically), then they may specify an empty string or "dash" as
1336 * kernel image path. */
1337 version = argc > 2 ? empty_or_dash_to_null(argv[1]) : NULL;
1338 kernel = argc > 2 ? empty_or_dash_to_null(argv[2]) :
1339 (argc > 1 ? empty_or_dash_to_null(argv[1]) : NULL);
1340 initrds = strv_skip(argv, 3);
1341
1342 if (!version && !arg_root) {
1343 assert_se(uname(&un) >= 0);
1344 version = un.release;
1345 }
1346
1347 if (!kernel && version) {
1348 r = kernel_from_version(version, &vmlinuz);
1349 if (r < 0)
1350 return r;
1351
1352 kernel = vmlinuz;
1353 }
1354
1355 r = context_set_version(c, version);
1356 if (r < 0)
1357 return r;
1358
1359 r = context_set_kernel(c, kernel);
1360 if (r < 0)
1361 return r;
1362
1363 r = context_set_initrds(c, initrds);
1364 if (r < 0)
1365 return r;
1366
1367 r = context_prepare_execution(c);
1368 if (r < 0)
1369 return r;
1370
1371 t = table_new_vertical();
1372 if (!t)
1373 return log_oom();
1374
1375 r = table_add_many(t,
1376 TABLE_FIELD, "Machine ID",
1377 TABLE_ID128, c->machine_id,
1378 TABLE_FIELD, "Kernel Image Type",
1379 TABLE_STRING, kernel_image_type_to_string(c->kernel_image_type),
1380 TABLE_FIELD, "Layout",
1381 TABLE_STRING, context_get_layout(c),
1382 TABLE_FIELD, "Boot Root",
1383 TABLE_STRING, c->boot_root,
1384 TABLE_FIELD, "Entry Token Type",
1385 TABLE_STRING, boot_entry_token_type_to_string(c->entry_token_type),
1386 TABLE_FIELD, "Entry Token",
1387 TABLE_STRING, c->entry_token,
1388 TABLE_FIELD, "Entry Directory",
1389 TABLE_STRING, c->entry_dir,
1390 TABLE_FIELD, "Kernel Version",
1391 TABLE_STRING, c->version,
1392 TABLE_FIELD, "Kernel",
1393 TABLE_STRING, c->kernel,
1394 TABLE_FIELD, "Initrds",
1395 TABLE_STRV, c->initrds,
1396 TABLE_FIELD, "Initrd Generator",
1397 TABLE_STRING, c->initrd_generator,
1398 TABLE_FIELD, "UKI Generator",
1399 TABLE_STRING, c->uki_generator,
1400 TABLE_FIELD, "Plugins",
1401 TABLE_STRV, c->plugins,
1402 TABLE_FIELD, "Plugin Environment",
1403 TABLE_STRV, c->envp);
1404 if (r < 0)
1405 return table_log_add_error(r);
1406
1407 if (arg_json_format_flags & JSON_FORMAT_OFF) {
1408 r = table_add_many(t,
1409 TABLE_FIELD, "Plugin Arguments",
1410 TABLE_STRV, strv_skip(c->argv, 1));
1411 if (r < 0)
1412 return table_log_add_error(r);
1413 }
1414
1415 table_set_ersatz_string(t, TABLE_ERSATZ_UNSET);
1416
1417 for (size_t row = 1; row < table_get_rows(t); row++) {
1418 _cleanup_free_ char *name = NULL;
1419
1420 name = strdup(table_get_at(t, row, 0));
1421 if (!name)
1422 return log_oom();
1423
1424 r = table_set_json_field_name(t, row - 1, delete_chars(name, " "));
1425 if (r < 0)
1426 return log_error_errno(r, "Failed to set JSON field name: %m");
1427 }
1428
1429 return table_print_with_pager(t, arg_json_format_flags, arg_pager_flags, /* show_header= */ false);
1430 }
1431
1432 static int verb_list(int argc, char *argv[], void *userdata) {
1433 Context *c = ASSERT_PTR(userdata);
1434 _cleanup_close_ int fd = -EBADF;
1435 int r;
1436
1437 fd = chase_and_openat(c->rfd, "/usr/lib/modules", CHASE_AT_RESOLVE_IN_ROOT, O_DIRECTORY|O_RDONLY|O_CLOEXEC, NULL);
1438 if (fd < 0)
1439 return log_error_errno(fd, "Failed to open %s/usr/lib/modules/: %m", strempty(arg_root));
1440
1441 _cleanup_free_ DirectoryEntries *de = NULL;
1442 r = readdir_all(fd, RECURSE_DIR_SORT|RECURSE_DIR_IGNORE_DOT, &de);
1443 if (r < 0)
1444 return log_error_errno(r, "Failed to numerate /usr/lib/modules/ contents: %m");
1445
1446 _cleanup_(table_unrefp) Table *table = NULL;
1447 table = table_new("version", "has kernel", "path");
1448 if (!table)
1449 return log_oom();
1450
1451 table_set_ersatz_string(table, TABLE_ERSATZ_DASH);
1452 table_set_align_percent(table, table_get_cell(table, 0, 1), 100);
1453
1454 FOREACH_ARRAY(d, de->entries, de->n_entries) {
1455 _cleanup_free_ char *j = path_join("/usr/lib/modules/", (*d)->d_name);
1456 if (!j)
1457 return log_oom();
1458
1459 r = dirent_ensure_type(fd, *d);
1460 if (r < 0) {
1461 if (r != -ENOENT) /* don't log if just gone by now */
1462 log_debug_errno(r, "Failed to check if '%s/%s' is a directory, ignoring: %m", strempty(arg_root), j);
1463 continue;
1464 }
1465
1466 if ((*d)->d_type != DT_DIR)
1467 continue;
1468
1469 _cleanup_free_ char *fn = path_join((*d)->d_name, "vmlinuz");
1470 if (!fn)
1471 return log_oom();
1472
1473 bool exists;
1474 if (faccessat(fd, fn, F_OK, AT_SYMLINK_NOFOLLOW) < 0) {
1475 if (errno != ENOENT)
1476 log_debug_errno(errno, "Failed to check if '%s/usr/lib/modules/%s/vmlinuz' exists, ignoring: %m", strempty(arg_root), (*d)->d_name);
1477
1478 exists = false;
1479 } else
1480 exists = true;
1481
1482 r = table_add_many(table,
1483 TABLE_STRING, (*d)->d_name,
1484 TABLE_BOOLEAN_CHECKMARK, exists,
1485 TABLE_SET_COLOR, ansi_highlight_green_red(exists),
1486 TABLE_PATH, j);
1487 if (r < 0)
1488 return table_log_add_error(r);
1489 }
1490
1491 return table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, arg_legend);
1492 }
1493
1494 static int help(void) {
1495 _cleanup_free_ char *link = NULL;
1496 int r;
1497
1498 r = terminal_urlify_man("kernel-install", "8", &link);
1499 if (r < 0)
1500 return log_oom();
1501
1502 printf("%1$s [OPTIONS...] COMMAND ...\n\n"
1503 "%5$sAdd and remove kernel and initrd images to and from /boot/%6$s\n"
1504 "\n%3$sUsage:%4$s\n"
1505 " kernel-install [OPTIONS...] add [[[KERNEL-VERSION] KERNEL-IMAGE] [INITRD ...]]\n"
1506 " kernel-install [OPTIONS...] add-all\n"
1507 " kernel-install [OPTIONS...] remove KERNEL-VERSION\n"
1508 " kernel-install [OPTIONS...] inspect [[[KERNEL-VERSION] KERNEL-IMAGE]\n"
1509 " [INITRD ...]]\n"
1510 " kernel-install [OPTIONS...] list\n"
1511 "\n%3$sOptions:%4$s\n"
1512 " -h --help Show this help\n"
1513 " --version Show package version\n"
1514 " -v --verbose Increase verbosity\n"
1515 " --esp-path=PATH Path to the EFI System Partition (ESP)\n"
1516 " --boot-path=PATH Path to the $BOOT partition\n"
1517 " --make-entry-directory=yes|no|auto\n"
1518 " Create $BOOT/ENTRY-TOKEN/ directory\n"
1519 " --entry-token=machine-id|os-id|os-image-id|auto|literal:…\n"
1520 " Entry token to use for this installation\n"
1521 " --no-pager Do not pipe inspect output into a pager\n"
1522 " --json=pretty|short|off Generate JSON output\n"
1523 " --no-legend Do not show the headers and footers\n"
1524 " --root=PATH Operate on an alternate filesystem root\n"
1525 " --image=PATH Operate on disk image as filesystem root\n"
1526 " --image-policy=POLICY Specify disk image dissection policy\n"
1527 "\n"
1528 "This program may also be invoked as 'installkernel':\n"
1529 " installkernel [OPTIONS...] VERSION VMLINUZ [MAP] [INSTALLATION-DIR]\n"
1530 "(The optional arguments are passed by kernel build system, but ignored.)\n"
1531 "\n"
1532 "See the %2$s for details.\n",
1533 program_invocation_short_name,
1534 link,
1535 ansi_underline(),
1536 ansi_normal(),
1537 ansi_highlight(),
1538 ansi_normal());
1539
1540 return 0;
1541 }
1542
1543 static int parse_argv(int argc, char *argv[], Context *c) {
1544 enum {
1545 ARG_VERSION = 0x100,
1546 ARG_NO_LEGEND,
1547 ARG_ESP_PATH,
1548 ARG_BOOT_PATH,
1549 ARG_MAKE_ENTRY_DIRECTORY,
1550 ARG_ENTRY_TOKEN,
1551 ARG_NO_PAGER,
1552 ARG_JSON,
1553 ARG_ROOT,
1554 ARG_IMAGE,
1555 ARG_IMAGE_POLICY,
1556 };
1557 static const struct option options[] = {
1558 { "help", no_argument, NULL, 'h' },
1559 { "version", no_argument, NULL, ARG_VERSION },
1560 { "verbose", no_argument, NULL, 'v' },
1561 { "esp-path", required_argument, NULL, ARG_ESP_PATH },
1562 { "boot-path", required_argument, NULL, ARG_BOOT_PATH },
1563 { "make-entry-directory", required_argument, NULL, ARG_MAKE_ENTRY_DIRECTORY },
1564 { "entry-token", required_argument, NULL, ARG_ENTRY_TOKEN },
1565 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
1566 { "json", required_argument, NULL, ARG_JSON },
1567 { "root", required_argument, NULL, ARG_ROOT },
1568 { "image", required_argument, NULL, ARG_IMAGE },
1569 { "image-policy", required_argument, NULL, ARG_IMAGE_POLICY },
1570 { "no-legend", no_argument, NULL, ARG_NO_LEGEND },
1571 {}
1572 };
1573 int t, r;
1574
1575 assert(argc >= 0);
1576 assert(argv);
1577 assert(c);
1578
1579 while ((t = getopt_long(argc, argv, "hv", options, NULL)) >= 0)
1580 switch (t) {
1581 case 'h':
1582 return help();
1583
1584 case ARG_VERSION:
1585 return version();
1586
1587 case ARG_NO_LEGEND:
1588 arg_legend = false;
1589 break;
1590
1591 case 'v':
1592 log_set_max_level(LOG_DEBUG);
1593 arg_verbose = true;
1594 break;
1595
1596 case ARG_ESP_PATH:
1597 r = parse_path_argument(optarg, /* suppress_root = */ false, &arg_esp_path);
1598 if (r < 0)
1599 return log_oom();
1600 break;
1601
1602 case ARG_BOOT_PATH:
1603 r = parse_path_argument(optarg, /* suppress_root = */ false, &arg_xbootldr_path);
1604 if (r < 0)
1605 return log_oom();
1606 break;
1607
1608 case ARG_MAKE_ENTRY_DIRECTORY:
1609 if (streq(optarg, "auto"))
1610 arg_make_entry_directory = -1;
1611 else {
1612 r = parse_boolean_argument("--make-entry-directory=", optarg, NULL);
1613 if (r < 0)
1614 return r;
1615
1616 arg_make_entry_directory = r;
1617 }
1618 break;
1619
1620 case ARG_ENTRY_TOKEN:
1621 r = parse_boot_entry_token_type(optarg, &c->entry_token_type, &c->entry_token);
1622 if (r < 0)
1623 return r;
1624 break;
1625
1626 case ARG_NO_PAGER:
1627 arg_pager_flags |= PAGER_DISABLE;
1628 break;
1629
1630 case ARG_JSON:
1631 r = parse_json_argument(optarg, &arg_json_format_flags);
1632 if (r < 0)
1633 return r;
1634 break;
1635
1636 case ARG_ROOT:
1637 r = parse_path_argument(optarg, /* suppress_root= */ false, &arg_root);
1638 if (r < 0)
1639 return r;
1640 break;
1641
1642 case ARG_IMAGE:
1643 r = parse_path_argument(optarg, /* suppress_root= */ false, &arg_image);
1644 if (r < 0)
1645 return r;
1646 break;
1647
1648 case ARG_IMAGE_POLICY:
1649 r = parse_image_policy_argument(optarg, &arg_image_policy);
1650 if (r < 0)
1651 return r;
1652 break;
1653
1654 case '?':
1655 return -EINVAL;
1656
1657 default:
1658 assert_not_reached();
1659 }
1660
1661 if (arg_image && arg_root)
1662 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Please specify either --root= or --image=, the combination of both is not supported.");
1663
1664 return 1;
1665 }
1666
1667 static int run(int argc, char* argv[]) {
1668 static const Verb verbs[] = {
1669 { "add", 1, VERB_ANY, 0, verb_add },
1670 { "add-all", 1, 1, 0, verb_add_all },
1671 { "remove", 2, VERB_ANY, 0, verb_remove },
1672 { "inspect", 1, VERB_ANY, VERB_DEFAULT, verb_inspect },
1673 { "list", 1, 1, 0, verb_list },
1674 {}
1675 };
1676 _cleanup_(context_done) Context c = {
1677 .rfd = AT_FDCWD,
1678 .action = _ACTION_INVALID,
1679 .kernel_image_type = KERNEL_IMAGE_TYPE_UNKNOWN,
1680 .layout = _LAYOUT_INVALID,
1681 .entry_token_type = BOOT_ENTRY_TOKEN_AUTO,
1682 };
1683 _cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL;
1684 _cleanup_(umount_and_freep) char *mounted_dir = NULL;
1685 int r;
1686
1687 log_setup();
1688
1689 r = parse_argv(argc, argv, &c);
1690 if (r <= 0)
1691 return r;
1692
1693 if (arg_image) {
1694 assert(!arg_root);
1695
1696 r = mount_image_privately_interactively(
1697 arg_image,
1698 arg_image_policy,
1699 DISSECT_IMAGE_GENERIC_ROOT |
1700 DISSECT_IMAGE_REQUIRE_ROOT |
1701 DISSECT_IMAGE_RELAX_VAR_CHECK |
1702 DISSECT_IMAGE_VALIDATE_OS |
1703 DISSECT_IMAGE_ALLOW_USERSPACE_VERITY,
1704 &mounted_dir,
1705 /* ret_dir_fd= */ NULL,
1706 &loop_device);
1707 if (r < 0)
1708 return r;
1709
1710 arg_root = strdup(mounted_dir);
1711 if (!arg_root)
1712 return log_oom();
1713 }
1714
1715 r = context_init(&c);
1716 if (r < 0)
1717 return r;
1718
1719 if (invoked_as(argv, "installkernel"))
1720 return run_as_installkernel(argc, argv, &c);
1721
1722 return dispatch_verb(argc, argv, verbs, &c);
1723 }
1724
1725 DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE(run);
Unnamed repository; edit this file 'description' to name the repository.