measure: separate out PE section options in --help text

Let's separate the PE section options in the --help text to make clearer
that they are about PE sections, and thus make things less confusing
regarding the cryptic names. Specifically, there's now a separate
section in the --help text that looks like this:

<snip>
UKI PE Section Options:                                         UKI PE Section
     --linux=PATH        Path Linux kernel image                → .linux
     --osrel=PATH        Path to os-release file                → .osrel
     --cmdline=PATH      Path to file with kernel command line  → .cmdline
     --initrd=PATH       Path to initrd image                   → .initrd
     --splash=PATH       Path to splash bitmap                  → .splash
     --dtb=PATH          Path to Devicetree file                → .dtb
     --pcrpkey=PATH      Path to public key for PCR signatures  → .pcrpkey
</snipe>

(The section title is underlined, like we usually do it)

I think separating this out, and organizing the section name in tabular
form emphasizes nicely where this switches get their name from and what
they mean.

Hopefully addresses concerns from
https://github.com/systemd/systemd/pull/24458#discussion_r967052720 in a
diferent way.

(Also dropped a hint regarding DER format for public key. it's simply
wrong, we use PEM like everyone else on Linux. Outside of Java land DER
isn't popular, so we don't need to mention it here in the --help text,
man page should be enough.)

diff --git a/src/boot/measure.c b/src/boot/measure.c
index eee076075cbba04671fd5d9cb9b0e218e3a5d018..ec67e0cdb6778d0dc730f21a231c96109799358f 100644 (file)
--- a/src/boot/measure.c
+++ b/src/boot/measure.c
@@ -53,7 +53,7 @@ static int help(int argc, char *argv[], void *userdata) {
                 return log_oom();
 
         printf("%1$s  [OPTIONS...] COMMAND ...\n"
-               "\n%5$sPre-calculate and sign PCR hash for a unified kernel image.%6$s\n"
+               "\n%5$sPre-calculate and sign PCR hash for a unified kernel image (UKI).%6$s\n"
                "\n%3$sCommands:%4$s\n"
                "  status                 Show current PCR values\n"
                "  calculate              Calculate expected PCR values\n"
@@ -62,13 +62,6 @@ static int help(int argc, char *argv[], void *userdata) {
                "  -h --help              Show this help\n"
                "     --version           Print version\n"
                "     --no-pager          Do not pipe output into a pager\n"
-               "     --linux=PATH        Path Linux kernel ELF image\n"
-               "     --osrel=PATH        Path to os-release file\n"
-               "     --cmdline=PATH      Path to file with kernel command line\n"
-               "     --initrd=PATH       Path to initrd image\n"
-               "     --splash=PATH       Path to splash bitmap\n"
-               "     --dtb=PATH          Path to Devicetree file\n"
-               "     --pcrpkey=PATH      Path to public key for PCR signatures in DER format\n"
                "  -c --current           Use current PCR values\n"
                "     --bank=DIGEST       Select TPM bank (SHA1, SHA256)\n"
                "     --tpm2-device=PATH  Use specified TPM2 device\n"
@@ -76,13 +69,22 @@ static int help(int argc, char *argv[], void *userdata) {
                "     --public-key=KEY    Public key (PEM) to validate against\n"
                "     --json=MODE         Output as JSON\n"
                "  -j                     Same as --json=pretty on tty, --json=short otherwise\n"
+               "\n%3$sUKI PE Section Options:%4$s                                         %3$sUKI PE Section%4$s\n"
+               "     --linux=PATH        Path to Linux kernel image file        %7$s .linux\n"
+               "     --osrel=PATH        Path to os-release file                %7$s .osrel\n"
+               "     --cmdline=PATH      Path to file with kernel command line  %7$s .cmdline\n"
+               "     --initrd=PATH       Path to initrd image file              %7$s .initrd\n"
+               "     --splash=PATH       Path to splash bitmap file             %7$s .splash\n"
+               "     --dtb=PATH          Path to Devicetree file                %7$s .dtb\n"
+               "     --pcrpkey=PATH      Path to public key for PCR signatures  %7$s .pcrpkey\n"
                "\nSee the %2$s for details.\n",
                program_invocation_short_name,
                link,
                ansi_underline(),
                ansi_normal(),
                ansi_highlight(),
-               ansi_normal());
+               ansi_normal(),
+               special_glyph(SPECIAL_GLYPH_ARROW_RIGHT));
 
         return 0;
 }