ukify: Remove special casing for .linux section

Now that we properly leave sufficient space for inline execution of
the .linux section, let's remove the special casing of the .linux
section as it doesn't need to be the last section anymore now.

diff --git a/src/ukify/ukify.py b/src/ukify/ukify.py
index 86117cd56318bd435b637a07ddb596e85c0710ae..55c40164ae94f8ba01c1f9df3826cfc0a94e64c8 100755 (executable)
--- a/src/ukify/ukify.py
+++ b/src/ukify/ukify.py
@@ -502,7 +502,7 @@ def pe_strip_section_name(name):
     return name.rstrip(b"\x00").decode()
 
 
-def call_systemd_measure(uki, linux, opts):
+def call_systemd_measure(uki, opts):
 
     if not opts.measure and not opts.pcr_private_keys:
         return
@@ -528,14 +528,10 @@ def call_systemd_measure(uki, linux, opts):
             continue
 
         if s.content is not None:
-            assert(s.name != ".linux" or linux is None)
             to_measure.append(f"--{s.name.removeprefix('.')}={s.content}")
         else:
             raise ValueError(f"Don't know how to measure section {s.name}");
 
-    if linux is not None:
-        to_measure.append(f'--linux={linux}')
-
     # And now iterate through the base profile and measure what we haven't measured above
     if opts.measure_base is not None:
         pe = pefile.PE(opts.measure_base, fast_load=True)
@@ -952,9 +948,6 @@ def make_uki(opts):
         ('.pcrpkey', pcrpkey,         True ),
         ('.initrd',  initrd,          True ),
         ('.ucode',   opts.microcode,  True ),
-
-        # linux shall be last to leave breathing room for decompression.
-        # We'll add it later.
     ]
 
     for name, content, measure in sections:
@@ -965,6 +958,15 @@ def make_uki(opts):
     for section in opts.sections:
         uki.add_section(section)
 
+    if linux is not None:
+        try:
+            virtual_size = pefile.PE(linux, fast_load=True).OPTIONAL_HEADER.SizeOfImage
+        except pefile.PEFormatError:
+            print(f"{linux} is not a valid PE file, not using SizeOfImage.")
+            virtual_size = None
+
+        uki.add_section(Section.create('.linux', linux, measure=True, virtual_size=virtual_size))
+
     if opts.extend is None:
         if linux is not None:
             # Merge the .sbat sections from stub, kernel and parameter, so that revocation can be done on either.
@@ -984,22 +986,10 @@ uki-addon,1,UKI Addon,addon,1,https://www.freedesktop.org/software/systemd/man/l
 
     # PCR measurement and signing
 
-    # We pass in the contents for .linux separately because we need them to do the measurement but can't add
-    # the section yet because we want .linux to be the last section. Make sure any other sections are added
-    # before this function is called.
-    call_systemd_measure(uki, linux, opts=opts)
+    call_systemd_measure(uki, opts=opts)
 
     # UKI creation
 
-    if linux is not None:
-        try:
-            virtual_size = pefile.PE(linux, fast_load=True).OPTIONAL_HEADER.SizeOfImage
-        except pefile.PEFormatError:
-            print(f"{f} is not a valid PE file, not using SizeOfImage.")
-            virtual_size = None
-
-        uki.add_section(Section.create('.linux', linux, measure=True, virtual_size=virtual_size))
-
     if sign_args_present:
         unsigned = tempfile.NamedTemporaryFile(prefix='uki')
         unsigned_output = unsigned.name