<!-- Let's keep this in the canonical order we also measure the sections by, i.e. as in
src/fundamental/uki.h's UnifiedSection enum -->
- <listitem><para>The ELF Linux kernel images will be looked for in the <literal>.linux</literal> PE
- section of the executed image.</para></listitem>
+ <listitem><para>A <literal>.linux</literal> section with the ELF Linux kernel image.</para></listitem>
- <listitem><para>OS release information, i.e. the
- <citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry> file of
- the OS the kernel belongs to, in the <literal>.osrel</literal> PE section.</para></listitem>
+ <listitem><para>An <literal>.osrel</literal> section with OS release information, i.e. the contents of
+ the <citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry> file
+ of the OS the kernel belongs to.</para></listitem>
- <listitem><para>The kernel command line to pass to the invoked kernel will be looked for in the
- <literal>.cmdline</literal> PE section.</para></listitem>
+ <listitem><para>A <literal>.cmdline</literal> section with the kernel command line to pass to the
+ invoked kernel.</para></listitem>
- <listitem><para>The initrd will be loaded from the <literal>.initrd</literal> PE
- section.</para></listitem>
+ <listitem><para>An <literal>.initrd</literal> section with the initrd.</para></listitem>
- <listitem><para>A boot splash (in Windows <filename>.BMP</filename> format) to show on screen before
- invoking the kernel will be looked for in the <literal>.splash</literal> PE section.</para></listitem>
+ <listitem><para>A <literal>.splash</literal> section with an image (in the Windows
+ <filename>.BMP</filename> format) to show on screen before invoking the kernel.</para></listitem>
- <listitem><para>A compiled binary DeviceTree will be looked for in the <literal>.dtb</literal> PE
- section.</para></listitem>
+ <listitem><para>A <literal>.dtb</literal> section with a compiled binary DeviceTree.</para></listitem>
- <listitem><para>Kernel version information, i.e. the output of <command>uname -r</command> for the
- kernel included in the UKI, in the <literal>.uname</literal> PE section.</para></listitem>
+ <listitem><para>A <literal>.uname</literal> section with the kernel version information, i.e. the
+ output of <command>uname -r</command> for the kernel included in the <literal>.linux</literal>
+ section.</para></listitem>
- <listitem><para><ulink url="https://github.com/rhboot/shim/blob/main/SBAT.md">SBAT</ulink> revocation
- metadata, in the <literal>.sbat</literal> PE section.</para></listitem>
+ <listitem><para>An <literal>.sbat</literal> section with
+ <ulink url="https://github.com/rhboot/shim/blob/main/SBAT.md">SBAT</ulink> revocation
+ metadata.</para></listitem>
- <listitem><para>A set of cryptographic signatures for expected TPM2 PCR values when this kernel is
- booted, in JSON format, in the <literal>.pcrsig</literal> section. This is useful for implementing TPM2
- policies that bind disk encryption and similar to kernels that are signed by a specific
- key.</para></listitem>
+ <listitem><para>A <literal>.pcrsig</literal> section with a set of cryptographic signatures for the
+ expected TPM2 PCR values after the kernel has been booted, in JSON format. This is useful for
+ implementing TPM2 policies that bind disk encryption and similar to kernels that are signed by a
+ specific key.</para></listitem>
- <listitem><para>A public key in PEM format matching this TPM2 PCR signature data in the
- <literal>.pcrpkey</literal> section.</para></listitem>
+ <listitem><para>A <literal>.pcrpkey</literal> section with a public key in the PEM format matching the
+ signature data in the the <literal>.pcrsig</literal> section.</para></listitem>
</itemizedlist>
<para>If UEFI SecureBoot is enabled and the <literal>.cmdline</literal> section is present in the executed
DeviceTree in the corresponding EFI configuration table. systemd-stub will ask the firmware via the
<literal>EFI_DT_FIXUP_PROTOCOL</literal> for hardware specific fixups to the DeviceTree.</para>
- <para>The contents of seven of these eight PE sections are measured into TPM PCR 11, that is otherwise
- not used. Thus, it can be pre-calculated without too much effort. The <literal>.pcrsig</literal> section
- is not included in this PCR measurement, since it's supposed to contain signatures for the expected
- results for these measurements, i.e. of the outputs of the measurement operation, and thus cannot also be
- input to it.</para>
+ <para>The contents of eight of these nine sections are measured into TPM PCR 11. It is otherwise not used
+ and thus the result can be pre-calculated without too much effort. The <literal>.pcrsig</literal> section
+ is not included in this PCR measurement, since it is supposed to contain signatures for the output of the
+ measurement operation, and thus cannot also be input to it.</para>
- <para>When <literal>.pcrsig</literal> and/or <literal>.pcrpkey</literal> are present in a unified kernel
- image their contents are passed to the booted kernel in an synthetic initrd cpio archive that places them in the
- <filename>/.extra/tpm2-pcr-signature.json</filename> and
+ <para>When <literal>.pcrsig</literal> and/or <literal>.pcrpkey</literal> sections are present in a
+ unified kernel image their contents are passed to the booted kernel in an synthetic initrd cpio archive
+ that places them in the <filename>/.extra/tpm2-pcr-signature.json</filename> and
<filename>/.extra/tpm2-pcr-public-key.pem</filename> files. Typically, a
<citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> line then
ensures they are copied into <filename>/run/systemd/tpm2-pcr-signature.json</filename> and
<varlistentry>
<term><filename>/</filename></term>
- <listitem><para>The main initrd from the <literal>.initrd</literal> PE section of the unified kernel image.</para>
+ <listitem><para>The main initrd from the <literal>.initrd</literal> PE section of the unified kernel
+ image.</para>
<xi:include href="version-info.xml" xpointer="v252"/></listitem>
</varlistentry>
<varlistentry>
<term><filename>/.extra/global_credentials/*.cred</filename></term>
- <listitem><para>Similar, credential files in the <filename>/loader/credentials/</filename> directory
- in the file system the unified kernel image is placed in are copied into the
+ <listitem><para>Similarly, credential files in the <filename>/loader/credentials/</filename>
+ directory in the file system the unified kernel image is placed in are copied into the
<filename>/.extra/global_credentials/</filename> directory in the initrd execution
environment.</para>
<term><filename>/.extra/tpm2-pcr-signature.json</filename></term>
<listitem><para>The TPM2 PCR signature JSON object included in the <literal>.pcrsig</literal> PE
section of the unified kernel image is copied into the
- <filename>/.extra/tpm2-pcr-signature.json</filename> file in the initrd execution
- environment.</para>
+ <filename>/.extra/tpm2-pcr-signature.json</filename> file in the initrd execution environment.</para>
<xi:include href="version-info.xml" xpointer="v252"/></listitem>
</varlistentry>