1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
3 #include "alloc-util.h"
4 #include "efi-loader.h"
6 #include "parse-util.h"
15 static int read_usec(const char *variable
, usec_t
*ret
) {
16 _cleanup_free_
char *j
= NULL
;
23 r
= efi_get_variable_string(variable
, &j
);
27 r
= safe_atou64(j
, &x
);
35 int efi_loader_get_boot_usec(usec_t
*ret_firmware
, usec_t
*ret_loader
) {
45 r
= read_usec(EFI_LOADER_VARIABLE(LoaderTimeInitUSec
), &x
);
47 return log_debug_errno(r
, "Failed to read LoaderTimeInitUSec: %m");
49 r
= read_usec(EFI_LOADER_VARIABLE(LoaderTimeExecUSec
), &y
);
51 return log_debug_errno(r
, "Failed to read LoaderTimeExecUSec: %m");
53 if (y
== 0 || y
< x
|| y
- x
> USEC_PER_HOUR
)
54 return log_debug_errno(SYNTHETIC_ERRNO(EIO
),
55 "Bad LoaderTimeInitUSec=%"PRIu64
", LoaderTimeExecUSec=%" PRIu64
"; refusing.",
63 int efi_loader_get_device_part_uuid(sd_id128_t
*ret
) {
64 _cleanup_free_
char *p
= NULL
;
71 r
= efi_get_variable_string(EFI_LOADER_VARIABLE(LoaderDevicePartUUID
), &p
);
75 if (sscanf(p
, SD_ID128_UUID_FORMAT_STR
,
76 &parsed
[0], &parsed
[1], &parsed
[2], &parsed
[3],
77 &parsed
[4], &parsed
[5], &parsed
[6], &parsed
[7],
78 &parsed
[8], &parsed
[9], &parsed
[10], &parsed
[11],
79 &parsed
[12], &parsed
[13], &parsed
[14], &parsed
[15]) != 16)
83 for (unsigned i
= 0; i
< ELEMENTSOF(parsed
); i
++)
84 ret
->bytes
[i
] = parsed
[i
];
89 int efi_loader_get_entries(char ***ret
) {
90 _cleanup_free_ char16_t
*entries
= NULL
;
91 _cleanup_strv_free_
char **l
= NULL
;
100 r
= efi_get_variable(EFI_LOADER_VARIABLE(LoaderEntries
), NULL
, (void**) &entries
, &size
);
104 /* The variable contains a series of individually NUL terminated UTF-16 strings. */
106 for (size_t i
= 0, start
= 0;; i
++) {
107 _cleanup_free_
char *decoded
= NULL
;
110 /* Is this the end of the variable's data? */
111 end
= i
* sizeof(char16_t
) >= size
;
113 /* Are we in the middle of a string? (i.e. not at the end of the variable, nor at a NUL terminator?) If
114 * so, let's go to the next entry. */
115 if (!end
&& entries
[i
] != 0)
118 /* We reached the end of a string, let's decode it into UTF-8 */
119 decoded
= utf16_to_utf8(entries
+ start
, (i
- start
) * sizeof(char16_t
));
123 if (efi_loader_entry_name_valid(decoded
)) {
124 r
= strv_consume(&l
, TAKE_PTR(decoded
));
128 log_debug("Ignoring invalid loader entry '%s'.", decoded
);
130 /* We reached the end of the variable */
134 /* Continue after the NUL byte */
142 int efi_loader_get_features(uint64_t *ret
) {
143 _cleanup_free_
void *v
= NULL
;
149 if (!is_efi_boot()) {
154 r
= efi_get_variable(EFI_LOADER_VARIABLE(LoaderFeatures
), NULL
, &v
, &s
);
156 _cleanup_free_
char *info
= NULL
;
158 /* The new (v240+) LoaderFeatures variable is not supported, let's see if it's systemd-boot at all */
159 r
= efi_get_variable_string(EFI_LOADER_VARIABLE(LoaderInfo
), &info
);
164 /* Variable not set, definitely means not systemd-boot */
166 } else if (first_word(info
, "systemd-boot")) {
168 /* An older systemd-boot version. Let's hardcode the feature set, since it was pretty
169 * static in all its versions. */
171 *ret
= EFI_LOADER_FEATURE_CONFIG_TIMEOUT
|
172 EFI_LOADER_FEATURE_ENTRY_DEFAULT
|
173 EFI_LOADER_FEATURE_ENTRY_ONESHOT
;
178 /* No features supported */
185 if (s
!= sizeof(uint64_t))
186 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL
),
187 "LoaderFeatures EFI variable doesn't have the right size.");
189 memcpy(ret
, v
, sizeof(uint64_t));
193 int efi_stub_get_features(uint64_t *ret
) {
194 _cleanup_free_
void *v
= NULL
;
200 if (!is_efi_boot()) {
205 r
= efi_get_variable(EFI_LOADER_VARIABLE(StubFeatures
), NULL
, &v
, &s
);
207 _cleanup_free_
char *info
= NULL
;
209 /* The new (v252+) StubFeatures variable is not supported, let's see if it's systemd-stub at all */
210 r
= efi_get_variable_string(EFI_LOADER_VARIABLE(StubInfo
), &info
);
215 /* Variable not set, definitely means not systemd-stub */
217 } else if (first_word(info
, "systemd-stub")) {
219 /* An older systemd-stub version. Let's hardcode the feature set, since it was pretty
220 * static in all its versions. */
222 *ret
= EFI_STUB_FEATURE_REPORT_BOOT_PARTITION
;
226 /* No features supported */
233 if (s
!= sizeof(uint64_t))
234 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL
),
235 "StubFeatures EFI variable doesn't have the right size.");
237 memcpy(ret
, v
, sizeof(uint64_t));
241 int efi_stub_measured(int log_level
) {
242 _cleanup_free_
char *pcr_string
= NULL
;
246 /* Checks if we are booted on a kernel with sd-stub which measured the kernel into PCR 11. Or in
247 * other words, if we are running on a TPM enabled UKI.
249 * Returns == 0 and > 0 depending on the result of the test. Returns -EREMOTE if we detected a stub
250 * being used, but it measured things into a different PCR than we are configured for in
251 * userspace. (i.e. we expect PCR 11 being used for this by both sd-stub and us) */
253 r
= getenv_bool_secure("SYSTEMD_FORCE_MEASURE"); /* Give user a chance to override the variable test,
254 * for debugging purposes */
258 log_debug_errno(r
, "Failed to parse $SYSTEMD_FORCE_MEASURE, ignoring: %m");
263 r
= efi_get_variable_string(EFI_LOADER_VARIABLE(StubPcrKernelImage
), &pcr_string
);
267 return log_full_errno(log_level
, r
,
268 "Failed to get StubPcrKernelImage EFI variable: %m");
270 r
= safe_atou(pcr_string
, &pcr_nr
);
272 return log_full_errno(log_level
, r
,
273 "Failed to parse StubPcrKernelImage EFI variable: %s", pcr_string
);
274 if (pcr_nr
!= TPM_PCR_INDEX_KERNEL_IMAGE
)
275 return log_full_errno(log_level
, SYNTHETIC_ERRNO(EREMOTE
),
276 "Kernel stub measured kernel image into PCR %u, which is different than expected %u.",
277 pcr_nr
, TPM_PCR_INDEX_KERNEL_IMAGE
);
282 int efi_loader_get_config_timeout_one_shot(usec_t
*ret
) {
283 _cleanup_free_
char *v
= NULL
;
284 static struct stat cache_stat
= {};
285 struct stat new_stat
;
292 /* stat() the EFI variable, to see if the mtime changed. If it did, we need to cache again. */
293 if (stat(EFIVAR_PATH(EFI_LOADER_VARIABLE(LoaderConfigTimeoutOneShot
)), &new_stat
) < 0)
296 if (stat_inode_unmodified(&new_stat
, &cache_stat
)) {
301 r
= efi_get_variable_string(EFI_LOADER_VARIABLE(LoaderConfigTimeoutOneShot
), &v
);
305 r
= safe_atou64(v
, &sec
);
308 if (sec
> USEC_INFINITY
/ USEC_PER_SEC
)
311 cache_stat
= new_stat
;
312 *ret
= cache
= sec
* USEC_PER_SEC
; /* return in µs */
316 int efi_loader_update_entry_one_shot_cache(char **cache
, struct stat
*cache_stat
) {
317 _cleanup_free_
char *v
= NULL
;
318 struct stat new_stat
;
324 /* stat() the EFI variable, to see if the mtime changed. If it did we need to cache again. */
325 if (stat(EFIVAR_PATH(EFI_LOADER_VARIABLE(LoaderEntryOneShot
)), &new_stat
) < 0)
328 if (stat_inode_unmodified(&new_stat
, cache_stat
))
331 r
= efi_get_variable_string(EFI_LOADER_VARIABLE(LoaderEntryOneShot
), &v
);
335 if (!efi_loader_entry_name_valid(v
))
338 *cache_stat
= new_stat
;
339 free_and_replace(*cache
, v
);
346 bool efi_loader_entry_name_valid(const char *s
) {
347 if (!filename_is_valid(s
)) /* Make sure entry names fit in filenames */
350 return in_charset(s
, ALPHANUMERICAL
"+-_.");