1 /* SPDX-License-Identifier: LGPL-2.1+ */
4 #include <linux/magic.h>
10 #include "alloc-util.h"
11 #include "blkid-util.h"
13 #include "conf-files.h"
15 #include "device-nodes.h"
16 #include "dirent-util.h"
22 #include "parse-util.h"
23 #include "path-util.h"
24 #include "pe-header.h"
25 #include "sort-util.h"
26 #include "stat-util.h"
27 #include "string-table.h"
28 #include "string-util.h"
30 #include "unaligned.h"
34 static void boot_entry_free(BootEntry
*entry
) {
41 free(entry
->show_title
);
43 free(entry
->machine_id
);
44 free(entry
->architecture
);
45 strv_free(entry
->options
);
48 strv_free(entry
->initrd
);
49 free(entry
->device_tree
);
52 static int boot_entry_load(
57 _cleanup_(boot_entry_free
) BootEntry tmp
= {
58 .type
= BOOT_ENTRY_CONF
,
61 _cleanup_fclose_
FILE *f
= NULL
;
70 c
= endswith_no_case(path
, ".conf");
72 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
), "Invalid loader entry file suffix: %s", path
);
75 tmp
.id
= strndup(b
, c
- b
);
79 if (!efi_loader_entry_name_valid(tmp
.id
))
80 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
), "Invalid loader entry filename: %s", path
);
82 tmp
.path
= strdup(path
);
86 tmp
.root
= strdup(root
);
90 f
= fopen(path
, "re");
92 return log_error_errno(errno
, "Failed to open \"%s\": %m", path
);
95 _cleanup_free_
char *buf
= NULL
, *field
= NULL
;
98 r
= read_line(f
, LONG_LINE_MAX
, &buf
);
102 return log_error_errno(r
, "%s:%u: Line too long", path
, line
);
104 return log_error_errno(r
, "%s:%u: Error while reading: %m", path
, line
);
108 if (IN_SET(*strstrip(buf
), '#', '\0'))
112 r
= extract_first_word(&p
, &field
, " \t", 0);
114 log_error_errno(r
, "Failed to parse config file %s line %u: %m", path
, line
);
118 log_warning("%s:%u: Bad syntax", path
, line
);
122 if (streq(field
, "title"))
123 r
= free_and_strdup(&tmp
.title
, p
);
124 else if (streq(field
, "version"))
125 r
= free_and_strdup(&tmp
.version
, p
);
126 else if (streq(field
, "machine-id"))
127 r
= free_and_strdup(&tmp
.machine_id
, p
);
128 else if (streq(field
, "architecture"))
129 r
= free_and_strdup(&tmp
.architecture
, p
);
130 else if (streq(field
, "options"))
131 r
= strv_extend(&tmp
.options
, p
);
132 else if (streq(field
, "linux"))
133 r
= free_and_strdup(&tmp
.kernel
, p
);
134 else if (streq(field
, "efi"))
135 r
= free_and_strdup(&tmp
.efi
, p
);
136 else if (streq(field
, "initrd"))
137 r
= strv_extend(&tmp
.initrd
, p
);
138 else if (streq(field
, "devicetree"))
139 r
= free_and_strdup(&tmp
.device_tree
, p
);
141 log_notice("%s:%u: Unknown line \"%s\", ignoring.", path
, line
, field
);
145 return log_error_errno(r
, "%s:%u: Error while reading: %m", path
, line
);
149 tmp
= (BootEntry
) {};
153 void boot_config_free(BootConfig
*config
) {
158 free(config
->default_pattern
);
159 free(config
->timeout
);
160 free(config
->editor
);
161 free(config
->auto_entries
);
162 free(config
->auto_firmware
);
163 free(config
->console_mode
);
165 free(config
->entry_oneshot
);
166 free(config
->entry_default
);
168 for (i
= 0; i
< config
->n_entries
; i
++)
169 boot_entry_free(config
->entries
+ i
);
170 free(config
->entries
);
173 static int boot_loader_read_conf(const char *path
, BootConfig
*config
) {
174 _cleanup_fclose_
FILE *f
= NULL
;
181 f
= fopen(path
, "re");
186 return log_error_errno(errno
, "Failed to open \"%s\": %m", path
);
190 _cleanup_free_
char *buf
= NULL
, *field
= NULL
;
193 r
= read_line(f
, LONG_LINE_MAX
, &buf
);
197 return log_error_errno(r
, "%s:%u: Line too long", path
, line
);
199 return log_error_errno(r
, "%s:%u: Error while reading: %m", path
, line
);
203 if (IN_SET(*strstrip(buf
), '#', '\0'))
207 r
= extract_first_word(&p
, &field
, " \t", 0);
209 log_error_errno(r
, "Failed to parse config file %s line %u: %m", path
, line
);
213 log_warning("%s:%u: Bad syntax", path
, line
);
217 if (streq(field
, "default"))
218 r
= free_and_strdup(&config
->default_pattern
, p
);
219 else if (streq(field
, "timeout"))
220 r
= free_and_strdup(&config
->timeout
, p
);
221 else if (streq(field
, "editor"))
222 r
= free_and_strdup(&config
->editor
, p
);
223 else if (streq(field
, "auto-entries"))
224 r
= free_and_strdup(&config
->auto_entries
, p
);
225 else if (streq(field
, "auto-firmware"))
226 r
= free_and_strdup(&config
->auto_firmware
, p
);
227 else if (streq(field
, "console-mode"))
228 r
= free_and_strdup(&config
->console_mode
, p
);
230 log_notice("%s:%u: Unknown line \"%s\", ignoring.", path
, line
, field
);
234 return log_error_errno(r
, "%s:%u: Error while reading: %m", path
, line
);
240 static int boot_entry_compare(const BootEntry
*a
, const BootEntry
*b
) {
241 return str_verscmp(a
->id
, b
->id
);
244 static int boot_entries_find(
250 _cleanup_strv_free_
char **files
= NULL
;
251 size_t n_allocated
= *n_entries
;
260 r
= conf_files_list(&files
, ".conf", NULL
, 0, dir
, NULL
);
262 return log_error_errno(r
, "Failed to list files in \"%s\": %m", dir
);
264 STRV_FOREACH(f
, files
) {
265 if (!GREEDY_REALLOC0(*entries
, n_allocated
, *n_entries
+ 1))
268 r
= boot_entry_load(root
, *f
, *entries
+ *n_entries
);
278 static int boot_entry_load_unified(
281 const char *osrelease
,
285 _cleanup_free_
char *os_pretty_name
= NULL
, *os_id
= NULL
, *version_id
= NULL
, *build_id
= NULL
;
286 _cleanup_(boot_entry_free
) BootEntry tmp
= {
287 .type
= BOOT_ENTRY_UNIFIED
,
289 _cleanup_fclose_
FILE *f
= NULL
;
297 k
= path_startswith(path
, root
);
299 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
), "Path is not below root: %s", path
);
301 f
= fmemopen((void*) osrelease
, strlen(osrelease
), "r");
303 return log_error_errno(errno
, "Failed to open os-release buffer: %m");
305 r
= parse_env_file(f
, "os-release",
306 "PRETTY_NAME", &os_pretty_name
,
308 "VERSION_ID", &version_id
,
309 "BUILD_ID", &build_id
);
311 return log_error_errno(r
, "Failed to parse os-release data from unified kernel image %s: %m", path
);
313 if (!os_pretty_name
|| !os_id
|| !(version_id
|| build_id
))
314 return log_error_errno(SYNTHETIC_ERRNO(EBADMSG
), "Missing fields in os-release data from unified kernel image %s, refusing.", path
);
316 tmp
.id
= strjoin(os_id
, "-", version_id
?: build_id
);
320 if (!efi_loader_entry_name_valid(tmp
.id
))
321 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
), "Invalid loader entry: %s", tmp
.id
);
323 tmp
.path
= strdup(path
);
327 tmp
.root
= strdup(root
);
331 tmp
.kernel
= strdup(skip_leading_chars(k
, "/"));
335 tmp
.options
= strv_new(skip_leading_chars(cmdline
, WHITESPACE
));
339 delete_trailing_chars(tmp
.options
[0], WHITESPACE
);
341 tmp
.title
= TAKE_PTR(os_pretty_name
);
344 tmp
= (BootEntry
) {};
348 /* Maximum PE section we are willing to load (Note that sections we are not interested in may be larger, but
349 * the ones we do care about and we are willing to load into memory have this size limit.) */
350 #define PE_SECTION_SIZE_MAX (4U*1024U*1024U)
352 static int find_sections(
354 char **ret_osrelease
,
355 char **ret_cmdline
) {
357 _cleanup_free_
struct PeSectionHeader
*sections
= NULL
;
358 _cleanup_free_
char *osrelease
= NULL
, *cmdline
= NULL
;
359 size_t i
, n_sections
;
360 struct DosFileHeader dos
;
365 n
= pread(fd
, &dos
, sizeof(dos
), 0);
367 return log_error_errno(errno
, "Failed read DOS header: %m");
368 if (n
!= sizeof(dos
))
369 return log_error_errno(SYNTHETIC_ERRNO(EIO
), "Short read while reading DOS header, refusing.");
371 if (dos
.Magic
[0] != 'M' || dos
.Magic
[1] != 'Z')
372 return log_error_errno(SYNTHETIC_ERRNO(EBADMSG
), "DOS executable magic missing, refusing.");
374 start
= unaligned_read_le32(&dos
.ExeHeader
);
375 n
= pread(fd
, &pe
, sizeof(pe
), start
);
377 return log_error_errno(errno
, "Failed to read PE header: %m");
379 return log_error_errno(SYNTHETIC_ERRNO(EIO
), "Short read while reading PE header, refusing.");
381 if (pe
.Magic
[0] != 'P' || pe
.Magic
[1] != 'E' || pe
.Magic
[2] != 0 || pe
.Magic
[3] != 0)
382 return log_error_errno(SYNTHETIC_ERRNO(EBADMSG
), "PE executable magic missing, refusing.");
384 n_sections
= unaligned_read_le16(&pe
.FileHeader
.NumberOfSections
);
386 return log_error_errno(SYNTHETIC_ERRNO(EBADMSG
), "PE header has too many sections, refusing.");
388 sections
= new(struct PeSectionHeader
, n_sections
);
392 n
= pread(fd
, sections
,
393 n_sections
* sizeof(struct PeSectionHeader
),
394 start
+ sizeof(pe
) + unaligned_read_le16(&pe
.FileHeader
.SizeOfOptionalHeader
));
396 return log_error_errno(errno
, "Failed to read section data: %m");
397 if ((size_t) n
!= n_sections
* sizeof(struct PeSectionHeader
))
398 return log_error_errno(SYNTHETIC_ERRNO(EIO
), "Short read while reading sections, refusing.");
400 for (i
= 0; i
< n_sections
; i
++) {
401 _cleanup_free_
char *k
= NULL
;
402 uint32_t offset
, size
;
405 if (strneq((char*) sections
[i
].Name
, ".osrel", sizeof(sections
[i
].Name
)))
407 else if (strneq((char*) sections
[i
].Name
, ".cmdline", sizeof(sections
[i
].Name
)))
413 return log_error_errno(SYNTHETIC_ERRNO(EBADMSG
), "Duplicate section %s, refusing.", sections
[i
].Name
);
415 offset
= unaligned_read_le32(§ions
[i
].PointerToRawData
);
416 size
= unaligned_read_le32(§ions
[i
].VirtualSize
);
418 if (size
> PE_SECTION_SIZE_MAX
)
419 return log_error_errno(SYNTHETIC_ERRNO(EBADMSG
), "Section %s too large, refusing.", sections
[i
].Name
);
421 k
= new(char, size
+1);
425 n
= pread(fd
, k
, size
, offset
);
427 return log_error_errno(errno
, "Failed to read section payload: %m");
428 if ((size_t) n
!= size
)
429 return log_error_errno(SYNTHETIC_ERRNO(EIO
), "Short read while reading section payload, refusing:");
431 /* Allow one trailing NUL byte, but nothing more. */
432 if (size
> 0 && memchr(k
, 0, size
- 1))
433 return log_error_errno(SYNTHETIC_ERRNO(EBADMSG
), "Section contains embedded NUL byte: %m");
440 return log_error_errno(SYNTHETIC_ERRNO(EBADMSG
), "Image lacks .osrel section, refusing.");
443 *ret_osrelease
= TAKE_PTR(osrelease
);
445 *ret_cmdline
= TAKE_PTR(cmdline
);
450 static int boot_entries_find_unified(
456 _cleanup_(closedirp
) DIR *d
= NULL
;
457 size_t n_allocated
= *n_entries
;
471 return log_error_errno(errno
, "Failed to open %s: %m", dir
);
474 FOREACH_DIRENT(de
, d
, return log_error_errno(errno
, "Failed to read %s: %m", dir
)) {
475 _cleanup_free_
char *j
= NULL
, *osrelease
= NULL
, *cmdline
= NULL
;
476 _cleanup_close_
int fd
= -1;
478 if (!dirent_is_file(de
))
481 if (!endswith_no_case(de
->d_name
, ".efi"))
484 if (!GREEDY_REALLOC0(*entries
, n_allocated
, *n_entries
+ 1))
487 fd
= openat(dirfd(d
), de
->d_name
, O_RDONLY
|O_CLOEXEC
|O_NONBLOCK
);
489 log_warning_errno(errno
, "Failed to open %s/%s, ignoring: %m", dir
, de
->d_name
);
493 r
= fd_verify_regular(fd
);
495 log_warning_errno(r
, "File %s/%s is not regular, ignoring: %m", dir
, de
->d_name
);
499 r
= find_sections(fd
, &osrelease
, &cmdline
);
503 j
= path_join(dir
, de
->d_name
);
507 r
= boot_entry_load_unified(root
, j
, osrelease
, cmdline
, *entries
+ *n_entries
);
517 static bool find_nonunique(BootEntry
*entries
, size_t n_entries
, bool *arr
) {
519 bool non_unique
= false;
521 assert(entries
|| n_entries
== 0);
522 assert(arr
|| n_entries
== 0);
524 for (i
= 0; i
< n_entries
; i
++)
527 for (i
= 0; i
< n_entries
; i
++)
528 for (j
= 0; j
< n_entries
; j
++)
529 if (i
!= j
&& streq(boot_entry_title(entries
+ i
),
530 boot_entry_title(entries
+ j
)))
531 non_unique
= arr
[i
] = arr
[j
] = true;
536 static int boot_entries_uniquify(BootEntry
*entries
, size_t n_entries
) {
542 assert(entries
|| n_entries
== 0);
544 /* Find _all_ non-unique titles */
545 if (!find_nonunique(entries
, n_entries
, arr
))
548 /* Add version to non-unique titles */
549 for (i
= 0; i
< n_entries
; i
++)
550 if (arr
[i
] && entries
[i
].version
) {
551 r
= asprintf(&s
, "%s (%s)", boot_entry_title(entries
+ i
), entries
[i
].version
);
555 free_and_replace(entries
[i
].show_title
, s
);
558 if (!find_nonunique(entries
, n_entries
, arr
))
561 /* Add machine-id to non-unique titles */
562 for (i
= 0; i
< n_entries
; i
++)
563 if (arr
[i
] && entries
[i
].machine_id
) {
564 r
= asprintf(&s
, "%s (%s)", boot_entry_title(entries
+ i
), entries
[i
].machine_id
);
568 free_and_replace(entries
[i
].show_title
, s
);
571 if (!find_nonunique(entries
, n_entries
, arr
))
574 /* Add file name to non-unique titles */
575 for (i
= 0; i
< n_entries
; i
++)
577 r
= asprintf(&s
, "%s (%s)", boot_entry_title(entries
+ i
), entries
[i
].id
);
581 free_and_replace(entries
[i
].show_title
, s
);
587 static int boot_entries_select_default(const BootConfig
*config
) {
591 assert(config
->entries
|| config
->n_entries
== 0);
593 if (config
->n_entries
== 0) {
594 log_debug("Found no default boot entry :(");
595 return -1; /* -1 means "no default" */
598 if (config
->entry_oneshot
)
599 for (i
= config
->n_entries
- 1; i
>= 0; i
--)
600 if (streq(config
->entry_oneshot
, config
->entries
[i
].id
)) {
601 log_debug("Found default: id \"%s\" is matched by LoaderEntryOneShot",
602 config
->entries
[i
].id
);
606 if (config
->entry_default
)
607 for (i
= config
->n_entries
- 1; i
>= 0; i
--)
608 if (streq(config
->entry_default
, config
->entries
[i
].id
)) {
609 log_debug("Found default: id \"%s\" is matched by LoaderEntryDefault",
610 config
->entries
[i
].id
);
614 if (config
->default_pattern
)
615 for (i
= config
->n_entries
- 1; i
>= 0; i
--)
616 if (fnmatch(config
->default_pattern
, config
->entries
[i
].id
, FNM_CASEFOLD
) == 0) {
617 log_debug("Found default: id \"%s\" is matched by pattern \"%s\"",
618 config
->entries
[i
].id
, config
->default_pattern
);
622 log_debug("Found default: last entry \"%s\"", config
->entries
[config
->n_entries
- 1].id
);
623 return config
->n_entries
- 1;
626 int boot_entries_load_config(
627 const char *esp_path
,
628 const char *xbootldr_path
,
629 BootConfig
*config
) {
637 p
= strjoina(esp_path
, "/loader/loader.conf");
638 r
= boot_loader_read_conf(p
, config
);
642 p
= strjoina(esp_path
, "/loader/entries");
643 r
= boot_entries_find(esp_path
, p
, &config
->entries
, &config
->n_entries
);
647 p
= strjoina(esp_path
, "/EFI/Linux/");
648 r
= boot_entries_find_unified(esp_path
, p
, &config
->entries
, &config
->n_entries
);
654 p
= strjoina(xbootldr_path
, "/loader/entries");
655 r
= boot_entries_find(xbootldr_path
, p
, &config
->entries
, &config
->n_entries
);
659 p
= strjoina(xbootldr_path
, "/EFI/Linux/");
660 r
= boot_entries_find_unified(xbootldr_path
, p
, &config
->entries
, &config
->n_entries
);
665 typesafe_qsort(config
->entries
, config
->n_entries
, boot_entry_compare
);
667 r
= boot_entries_uniquify(config
->entries
, config
->n_entries
);
669 return log_error_errno(r
, "Failed to uniquify boot entries: %m");
672 r
= efi_get_variable_string(EFI_VENDOR_LOADER
, "LoaderEntryOneShot", &config
->entry_oneshot
);
673 if (r
< 0 && !IN_SET(r
, -ENOENT
, -ENODATA
)) {
674 log_warning_errno(r
, "Failed to read EFI variable \"LoaderEntryOneShot\": %m");
679 r
= efi_get_variable_string(EFI_VENDOR_LOADER
, "LoaderEntryDefault", &config
->entry_default
);
680 if (r
< 0 && !IN_SET(r
, -ENOENT
, -ENODATA
)) {
681 log_warning_errno(r
, "Failed to read EFI variable \"LoaderEntryDefault\": %m");
687 config
->default_entry
= boot_entries_select_default(config
);
691 int boot_entries_load_config_auto(
692 const char *override_esp_path
,
693 const char *override_xbootldr_path
,
694 BootConfig
*config
) {
696 _cleanup_free_
char *esp_where
= NULL
, *xbootldr_where
= NULL
;
701 /* This function is similar to boot_entries_load_config(), however we automatically search for the
702 * ESP and the XBOOTLDR partition unless it is explicitly specified. Also, if the user did not pass
703 * an ESP or XBOOTLDR path directly, let's see if /run/boot-loader-entries/ exists. If so, let's
704 * read data from there, as if it was an ESP (i.e. loading both entries and loader.conf data from
705 * it). This allows other boot loaders to pass boot loader entry information to our tools if they
708 if (!override_esp_path
&& !override_xbootldr_path
) {
709 if (access("/run/boot-loader-entries/", F_OK
) >= 0)
710 return boot_entries_load_config("/run/boot-loader-entries/", NULL
, config
);
713 return log_error_errno(errno
,
714 "Failed to determine whether /run/boot-loader-entries/ exists: %m");
717 r
= find_esp_and_warn(override_esp_path
, false, &esp_where
, NULL
, NULL
, NULL
, NULL
);
718 if (r
< 0) /* we don't log about ENOKEY here, but propagate it, leaving it to the caller to log */
721 r
= find_xbootldr_and_warn(override_xbootldr_path
, false, &xbootldr_where
, NULL
);
722 if (r
< 0 && r
!= -ENOKEY
)
723 return r
; /* It's fine if the XBOOTLDR partition doesn't exist, hence we ignore ENOKEY here */
725 return boot_entries_load_config(esp_where
, xbootldr_where
, config
);
728 int boot_entries_augment_from_loader(BootConfig
*config
, bool only_auto
) {
730 static const char * const title_table
[] = {
731 /* Pretty names for a few well-known automatically discovered entries. */
733 "auto-windows", "Windows Boot Manager",
734 "auto-efi-shell", "EFI Shell",
735 "auto-efi-default", "EFI Default Loader",
736 "auto-reboot-to-firmware-setup", "Reboot Into Firmware Interface",
739 _cleanup_strv_free_
char **found_by_loader
= NULL
;
746 /* Let's add the entries discovered by the boot loader to the end of our list, unless they are
747 * already included there. */
749 r
= efi_loader_get_entries(&found_by_loader
);
750 if (IN_SET(r
, -ENOENT
, -EOPNOTSUPP
))
751 return log_debug_errno(r
, "Boot loader reported no entries.");
753 return log_error_errno(r
, "Failed to determine entries reported by boot loader: %m");
755 n_allocated
= config
->n_entries
;
757 STRV_FOREACH(i
, found_by_loader
) {
758 _cleanup_free_
char *c
= NULL
, *t
= NULL
;
761 if (boot_config_has_entry(config
, *i
))
764 if (only_auto
&& !startswith(*i
, "auto-"))
771 STRV_FOREACH_PAIR(a
, b
, (char**) title_table
)
779 if (!GREEDY_REALLOC0(config
->entries
, n_allocated
, config
->n_entries
+ 1))
782 config
->entries
[config
->n_entries
++] = (BootEntry
) {
783 .type
= BOOT_ENTRY_LOADER
,
785 .title
= TAKE_PTR(t
),
792 /********************************************************************************/
794 static int verify_esp_blkid(
798 uint64_t *ret_pstart
,
800 sd_id128_t
*ret_uuid
) {
802 sd_id128_t uuid
= SD_ID128_NULL
;
803 uint64_t pstart
= 0, psize
= 0;
807 _cleanup_(blkid_free_probep
) blkid_probe b
= NULL
;
808 _cleanup_free_
char *node
= NULL
;
812 r
= device_path_make_major_minor(S_IFBLK
, devid
, &node
);
814 return log_error_errno(r
, "Failed to format major/minor device path: %m");
817 b
= blkid_new_probe_from_filename(node
);
819 return log_error_errno(errno
?: SYNTHETIC_ERRNO(ENOMEM
), "Failed to open file system \"%s\": %m", node
);
821 blkid_probe_enable_superblocks(b
, 1);
822 blkid_probe_set_superblocks_flags(b
, BLKID_SUBLKS_TYPE
);
823 blkid_probe_enable_partitions(b
, 1);
824 blkid_probe_set_partitions_flags(b
, BLKID_PARTS_ENTRY_DETAILS
);
827 r
= blkid_do_safeprobe(b
);
829 return log_error_errno(SYNTHETIC_ERRNO(ENODEV
), "File system \"%s\" is ambiguous.", node
);
831 return log_error_errno(SYNTHETIC_ERRNO(ENODEV
), "File system \"%s\" does not contain a label.", node
);
833 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe file system \"%s\": %m", node
);
836 r
= blkid_probe_lookup_value(b
, "TYPE", &v
, NULL
);
838 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe file system type of \"%s\": %m", node
);
839 if (!streq(v
, "vfat"))
840 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
841 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
842 "File system \"%s\" is not FAT.", node
);
845 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_SCHEME", &v
, NULL
);
847 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition scheme of \"%s\": %m", node
);
848 if (!streq(v
, "gpt"))
849 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
850 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
851 "File system \"%s\" is not on a GPT partition table.", node
);
854 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_TYPE", &v
, NULL
);
856 return log_error_errno(errno
?: EIO
, "Failed to probe partition type UUID of \"%s\": %m", node
);
857 if (!streq(v
, "c12a7328-f81f-11d2-ba4b-00a0c93ec93b"))
858 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
859 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
860 "File system \"%s\" has wrong type for an EFI System Partition (ESP).", node
);
863 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_UUID", &v
, NULL
);
865 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition entry UUID of \"%s\": %m", node
);
866 r
= sd_id128_from_string(v
, &uuid
);
868 return log_error_errno(r
, "Partition \"%s\" has invalid UUID \"%s\".", node
, v
);
871 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_NUMBER", &v
, NULL
);
873 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition number of \"%s\": m", node
);
874 r
= safe_atou32(v
, &part
);
876 return log_error_errno(r
, "Failed to parse PART_ENTRY_NUMBER field.");
879 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_OFFSET", &v
, NULL
);
881 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition offset of \"%s\": %m", node
);
882 r
= safe_atou64(v
, &pstart
);
884 return log_error_errno(r
, "Failed to parse PART_ENTRY_OFFSET field.");
887 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_SIZE", &v
, NULL
);
889 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition size of \"%s\": %m", node
);
890 r
= safe_atou64(v
, &psize
);
892 return log_error_errno(r
, "Failed to parse PART_ENTRY_SIZE field.");
898 *ret_pstart
= pstart
;
907 static int verify_esp_udev(
911 uint64_t *ret_pstart
,
913 sd_id128_t
*ret_uuid
) {
915 _cleanup_(sd_device_unrefp
) sd_device
*d
= NULL
;
916 _cleanup_free_
char *node
= NULL
;
917 sd_id128_t uuid
= SD_ID128_NULL
;
918 uint64_t pstart
= 0, psize
= 0;
923 r
= device_path_make_major_minor(S_IFBLK
, devid
, &node
);
925 return log_error_errno(r
, "Failed to format major/minor device path: %m");
927 r
= sd_device_new_from_devnum(&d
, 'b', devid
);
929 return log_error_errno(r
, "Failed to get device from device number: %m");
931 r
= sd_device_get_property_value(d
, "ID_FS_TYPE", &v
);
933 return log_error_errno(r
, "Failed to get device property: %m");
934 if (!streq(v
, "vfat"))
935 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
936 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
937 "File system \"%s\" is not FAT.", node
);
939 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_SCHEME", &v
);
941 return log_error_errno(r
, "Failed to get device property: %m");
942 if (!streq(v
, "gpt"))
943 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
944 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
945 "File system \"%s\" is not on a GPT partition table.", node
);
947 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_TYPE", &v
);
949 return log_error_errno(r
, "Failed to get device property: %m");
950 if (!streq(v
, "c12a7328-f81f-11d2-ba4b-00a0c93ec93b"))
951 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
952 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
953 "File system \"%s\" has wrong type for an EFI System Partition (ESP).", node
);
955 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_UUID", &v
);
957 return log_error_errno(r
, "Failed to get device property: %m");
958 r
= sd_id128_from_string(v
, &uuid
);
960 return log_error_errno(r
, "Partition \"%s\" has invalid UUID \"%s\".", node
, v
);
962 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_NUMBER", &v
);
964 return log_error_errno(r
, "Failed to get device property: %m");
965 r
= safe_atou32(v
, &part
);
967 return log_error_errno(r
, "Failed to parse PART_ENTRY_NUMBER field.");
969 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_OFFSET", &v
);
971 return log_error_errno(r
, "Failed to get device property: %m");
972 r
= safe_atou64(v
, &pstart
);
974 return log_error_errno(r
, "Failed to parse PART_ENTRY_OFFSET field.");
976 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_SIZE", &v
);
978 return log_error_errno(r
, "Failed to get device property: %m");
979 r
= safe_atou64(v
, &psize
);
981 return log_error_errno(r
, "Failed to parse PART_ENTRY_SIZE field.");
986 *ret_pstart
= pstart
;
995 static int verify_fsroot_dir(
998 bool unprivileged_mode
,
1001 struct stat st
, st2
;
1002 const char *t2
, *trigger
;
1008 /* So, the ESP and XBOOTLDR partition are commonly located on an autofs mount. stat() on the
1009 * directory won't trigger it, if it is not mounted yet. Let's hence explicitly trigger it here,
1010 * before stat()ing */
1011 trigger
= strjoina(path
, "/trigger"); /* Filename doesn't matter... */
1012 (void) access(trigger
, F_OK
);
1014 if (stat(path
, &st
) < 0)
1015 return log_full_errno((searching
&& errno
== ENOENT
) ||
1016 (unprivileged_mode
&& errno
== EACCES
) ? LOG_DEBUG
: LOG_ERR
, errno
,
1017 "Failed to determine block device node of \"%s\": %m", path
);
1019 if (major(st
.st_dev
) == 0)
1020 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1021 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
1022 "Block device node of \"%s\" is invalid.", path
);
1024 t2
= strjoina(path
, "/..");
1025 if (stat(t2
, &st2
) < 0) {
1026 if (errno
!= EACCES
)
1029 _cleanup_free_
char *parent
= NULL
;
1031 /* If going via ".." didn't work due to EACCESS, then let's determine the parent path
1032 * directly instead. It's not as good, due to symlinks and such, but we can't do
1033 * anything better here. */
1035 parent
= dirname_malloc(path
);
1039 if (stat(parent
, &st2
) < 0)
1046 return log_full_errno(unprivileged_mode
&& r
== -EACCES
? LOG_DEBUG
: LOG_ERR
, r
,
1047 "Failed to determine block device node of parent of \"%s\": %m", path
);
1050 if (st
.st_dev
== st2
.st_dev
)
1051 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1052 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
1053 "Directory \"%s\" is not the root of the file system.", path
);
1056 *ret_dev
= st
.st_dev
;
1061 static int verify_esp(
1064 bool unprivileged_mode
,
1066 uint64_t *ret_pstart
,
1067 uint64_t *ret_psize
,
1068 sd_id128_t
*ret_uuid
) {
1076 /* This logs about all errors, except:
1078 * -ENOENT → if 'searching' is set, and the dir doesn't exist
1079 * -EADDRNOTAVAIL → if 'searching' is set, and the dir doesn't look like an ESP
1080 * -EACESS → if 'unprivileged_mode' is set, and we have trouble acessing the thing
1083 relax_checks
= getenv_bool("SYSTEMD_RELAX_ESP_CHECKS") > 0;
1085 /* Non-root user can only check the status, so if an error occured in the following, it does not cause any
1086 * issues. Let's also, silence the error messages. */
1088 if (!relax_checks
) {
1091 if (statfs(p
, &sfs
) < 0)
1092 /* If we are searching for the mount point, don't generate a log message if we can't find the path */
1093 return log_full_errno((searching
&& errno
== ENOENT
) ||
1094 (unprivileged_mode
&& errno
== EACCES
) ? LOG_DEBUG
: LOG_ERR
, errno
,
1095 "Failed to check file system type of \"%s\": %m", p
);
1097 if (!F_TYPE_EQUAL(sfs
.f_type
, MSDOS_SUPER_MAGIC
))
1098 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1099 SYNTHETIC_ERRNO(searching
? EADDRNOTAVAIL
: ENODEV
),
1100 "File system \"%s\" is not a FAT EFI System Partition (ESP) file system.", p
);
1103 r
= verify_fsroot_dir(p
, searching
, unprivileged_mode
, &devid
);
1107 /* In a container we don't have access to block devices, skip this part of the verification, we trust
1108 * the container manager set everything up correctly on its own. */
1109 if (detect_container() > 0 || relax_checks
)
1112 /* If we are unprivileged we ask udev for the metadata about the partition. If we are privileged we
1113 * use blkid instead. Why? Because this code is called from 'bootctl' which is pretty much an
1114 * emergency recovery tool that should also work when udev isn't up (i.e. from the emergency shell),
1115 * however blkid can't work if we have no privileges to access block devices directly, which is why
1116 * we use udev in that case. */
1117 if (unprivileged_mode
)
1118 return verify_esp_udev(devid
, searching
, ret_part
, ret_pstart
, ret_psize
, ret_uuid
);
1120 return verify_esp_blkid(devid
, searching
, ret_part
, ret_pstart
, ret_psize
, ret_uuid
);
1130 *ret_uuid
= SD_ID128_NULL
;
1135 int find_esp_and_warn(
1137 bool unprivileged_mode
,
1140 uint64_t *ret_pstart
,
1141 uint64_t *ret_psize
,
1142 sd_id128_t
*ret_uuid
) {
1146 /* This logs about all errors except:
1148 * -ENOKEY → when we can't find the partition
1149 * -EACCESS → when unprivileged_mode is true, and we can't access something
1153 r
= verify_esp(path
, false, unprivileged_mode
, ret_part
, ret_pstart
, ret_psize
, ret_uuid
);
1160 path
= getenv("SYSTEMD_ESP_PATH");
1162 if (!path_is_valid(path
) || !path_is_absolute(path
))
1163 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
1164 "$SYSTEMD_ESP_PATH does not refer to absolute path, refusing to use it: %s",
1167 /* Note: when the user explicitly configured things with an env var we won't validate the mount
1168 * point. After all we want this to be useful for testing. */
1172 FOREACH_STRING(path
, "/efi", "/boot", "/boot/efi") {
1174 r
= verify_esp(path
, true, unprivileged_mode
, ret_part
, ret_pstart
, ret_psize
, ret_uuid
);
1177 if (!IN_SET(r
, -ENOENT
, -EADDRNOTAVAIL
)) /* This one is not it */
1181 /* No logging here */
1198 static int verify_xbootldr_blkid(
1201 sd_id128_t
*ret_uuid
) {
1203 sd_id128_t uuid
= SD_ID128_NULL
;
1206 _cleanup_(blkid_free_probep
) blkid_probe b
= NULL
;
1207 _cleanup_free_
char *node
= NULL
;
1211 r
= device_path_make_major_minor(S_IFBLK
, devid
, &node
);
1213 return log_error_errno(r
, "Failed to format major/minor device path: %m");
1215 b
= blkid_new_probe_from_filename(node
);
1217 return log_error_errno(errno
?: SYNTHETIC_ERRNO(ENOMEM
), "Failed to open file system \"%s\": %m", node
);
1219 blkid_probe_enable_partitions(b
, 1);
1220 blkid_probe_set_partitions_flags(b
, BLKID_PARTS_ENTRY_DETAILS
);
1223 r
= blkid_do_safeprobe(b
);
1225 return log_error_errno(SYNTHETIC_ERRNO(ENODEV
), "File system \"%s\" is ambiguous.", node
);
1227 return log_error_errno(SYNTHETIC_ERRNO(ENODEV
), "File system \"%s\" does not contain a label.", node
);
1229 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe file system \"%s\": %m", node
);
1232 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_SCHEME", &v
, NULL
);
1234 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition scheme of \"%s\": %m", node
);
1235 if (streq(v
, "gpt")) {
1238 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_TYPE", &v
, NULL
);
1240 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition type UUID of \"%s\": %m", node
);
1241 if (!streq(v
, "bc13c2ff-59e6-4262-a352-b275fd6f7172"))
1242 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1243 searching
? SYNTHETIC_ERRNO(EADDRNOTAVAIL
) : SYNTHETIC_ERRNO(ENODEV
),
1244 "File system \"%s\" has wrong type for extended boot loader partition.", node
);
1247 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_UUID", &v
, NULL
);
1249 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition entry UUID of \"%s\": %m", node
);
1250 r
= sd_id128_from_string(v
, &uuid
);
1252 return log_error_errno(r
, "Partition \"%s\" has invalid UUID \"%s\".", node
, v
);
1254 } else if (streq(v
, "dos")) {
1257 r
= blkid_probe_lookup_value(b
, "PART_ENTRY_TYPE", &v
, NULL
);
1259 return log_error_errno(errno
?: SYNTHETIC_ERRNO(EIO
), "Failed to probe partition type UUID of \"%s\": %m", node
);
1260 if (!streq(v
, "0xea"))
1261 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1262 searching
? SYNTHETIC_ERRNO(EADDRNOTAVAIL
) : SYNTHETIC_ERRNO(ENODEV
),
1263 "File system \"%s\" has wrong type for extended boot loader partition.", node
);
1266 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1267 searching
? SYNTHETIC_ERRNO(EADDRNOTAVAIL
) : SYNTHETIC_ERRNO(ENODEV
),
1268 "File system \"%s\" is not on a GPT or DOS partition table.", node
);
1277 static int verify_xbootldr_udev(
1280 sd_id128_t
*ret_uuid
) {
1282 _cleanup_(sd_device_unrefp
) sd_device
*d
= NULL
;
1283 _cleanup_free_
char *node
= NULL
;
1284 sd_id128_t uuid
= SD_ID128_NULL
;
1288 r
= device_path_make_major_minor(S_IFBLK
, devid
, &node
);
1290 return log_error_errno(r
, "Failed to format major/minor device path: %m");
1292 r
= sd_device_new_from_devnum(&d
, 'b', devid
);
1294 return log_error_errno(r
, "Failed to get device from device number: %m");
1296 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_SCHEME", &v
);
1298 return log_error_errno(r
, "Failed to get device property: %m");
1300 if (streq(v
, "gpt")) {
1302 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_TYPE", &v
);
1304 return log_error_errno(r
, "Failed to get device property: %m");
1305 if (!streq(v
, "bc13c2ff-59e6-4262-a352-b275fd6f7172"))
1306 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1307 searching
? SYNTHETIC_ERRNO(EADDRNOTAVAIL
) : SYNTHETIC_ERRNO(ENODEV
),
1308 "File system \"%s\" has wrong type for extended boot loader partition.", node
);
1310 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_UUID", &v
);
1312 return log_error_errno(r
, "Failed to get device property: %m");
1313 r
= sd_id128_from_string(v
, &uuid
);
1315 return log_error_errno(r
, "Partition \"%s\" has invalid UUID \"%s\".", node
, v
);
1317 } else if (streq(v
, "dos")) {
1319 r
= sd_device_get_property_value(d
, "ID_PART_ENTRY_TYPE", &v
);
1321 return log_error_errno(r
, "Failed to get device property: %m");
1322 if (!streq(v
, "0xea"))
1323 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1324 searching
? SYNTHETIC_ERRNO(EADDRNOTAVAIL
) : SYNTHETIC_ERRNO(ENODEV
),
1325 "File system \"%s\" has wrong type for extended boot loader partition.", node
);
1327 return log_full_errno(searching
? LOG_DEBUG
: LOG_ERR
,
1328 searching
? SYNTHETIC_ERRNO(EADDRNOTAVAIL
) : SYNTHETIC_ERRNO(ENODEV
),
1329 "File system \"%s\" is not on a GPT or DOS partition table.", node
);
1337 static int verify_xbootldr(
1340 bool unprivileged_mode
,
1341 sd_id128_t
*ret_uuid
) {
1349 relax_checks
= getenv_bool("SYSTEMD_RELAX_XBOOTLDR_CHECKS") > 0;
1351 r
= verify_fsroot_dir(p
, searching
, unprivileged_mode
, &devid
);
1355 if (detect_container() > 0 || relax_checks
)
1358 if (unprivileged_mode
)
1359 return verify_xbootldr_udev(devid
, searching
, ret_uuid
);
1361 return verify_xbootldr_blkid(devid
, searching
, ret_uuid
);
1365 *ret_uuid
= SD_ID128_NULL
;
1370 int find_xbootldr_and_warn(
1372 bool unprivileged_mode
,
1374 sd_id128_t
*ret_uuid
) {
1378 /* Similar to find_esp_and_warn(), but finds the XBOOTLDR partition. Returns the same errors. */
1381 r
= verify_xbootldr(path
, false, unprivileged_mode
, ret_uuid
);
1388 path
= getenv("SYSTEMD_XBOOTLDR_PATH");
1390 if (!path_is_valid(path
) || !path_is_absolute(path
))
1391 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
1392 "$SYSTEMD_XBOOTLDR_PATH does not refer to absolute path, refusing to use it: %s",
1398 r
= verify_xbootldr("/boot", true, unprivileged_mode
, ret_uuid
);
1403 if (!IN_SET(r
, -ENOENT
, -EADDRNOTAVAIL
)) /* This one is not it */
1422 static const char* const boot_entry_type_table
[_BOOT_ENTRY_MAX
] = {
1423 [BOOT_ENTRY_CONF
] = "conf",
1424 [BOOT_ENTRY_UNIFIED
] = "unified",
1425 [BOOT_ENTRY_LOADER
] = "loader",
1428 DEFINE_STRING_TABLE_LOOKUP(boot_entry_type
, BootEntryType
);