git.ipfire.org Git - thirdparty/systemd.git/commit

stub: pick up confexts from the ESP as well

This does what we do for system extension also for configuration
extension.

This is complicated by the fact that we previously looked for
<uki-binary>.d/*.raw for system extensions. We want to measure sysexts
and confexts to different PCRs (13 vs. 12) hence we must distinguish
them, but *.raw would match both kinds.

This commit solves this via the following mechanism: we'll load confexts
from *.confext.raw and sysexts from *.raw but will then enclude
*.confext.raw from the latter. This preserves compatibility but allows
us to somewhat reasonable distinguish both types of images.

The documentation is updated not going into this detail though, and
instead now claims that sysexts shall be *.sysext.raw and confexts
*.confext.raw even though we actually are more lenient than this. This
is simply to push people towards using the longer, more descriptive
suffixes.

I added an XML comment () about this to the docs, so that
whenever somebody notices the difference between code and docs
understands why and leaves it that way.

author	Lennart Poettering <lennart@poettering.net>
	Wed, 8 Nov 2023 18:02:03 +0000 (19:02 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Wed, 3 Jan 2024 09:38:34 +0000 (10:38 +0100)
commit	39e0c237f19be47d24c1ca4372808686e175d11a
tree	46d3404d04ddf14a1d6c95519aad4baa0aa8a0b4	tree \| snapshot
parent	cb924b9b6a963d0bad5725cae9016fb513383531	commit \| diff

man/systemd-stub.xml		diff \| blob \| blame \| history
src/boot/bootctl-status.c		diff \| blob \| blame \| history
src/boot/efi/cpio.c		diff \| blob \| blame \| history
src/boot/efi/cpio.h		diff \| blob \| blame \| history
src/boot/efi/stub.c		diff \| blob \| blame \| history
src/fundamental/efivars-fundamental.h		diff \| blob \| blame \| history