1 /* SPDX-License-Identifier: LGPL-2.1+ */
6 #include "alloc-util.h"
12 #include "parse-util.h"
13 #include "path-util.h"
18 static char *arg_path
= NULL
;
20 static int help(int argc
, char *argv
[], void *userdata
) {
22 printf("%s [COMMAND] [OPTIONS...]\n"
24 "Mark the boot process as good or bad.\n\n"
25 " -h --help Show this help\n"
26 " --version Print version\n"
27 " --path=PATH Path to the EFI System Partition (ESP)\n"
30 " good Mark this boot as good\n"
31 " bad Mark this boot as bad\n"
32 " indeterminate Undo any marking as good or bad\n",
33 program_invocation_short_name
);
38 static int parse_argv(int argc
, char *argv
[]) {
44 static const struct option options
[] = {
45 { "help", no_argument
, NULL
, 'h' },
46 { "version", no_argument
, NULL
, ARG_VERSION
},
47 { "path", required_argument
, NULL
, ARG_PATH
},
56 while ((c
= getopt_long(argc
, argv
, "h", options
, NULL
)) >= 0)
67 r
= free_and_strdup(&arg_path
, optarg
);
76 assert_not_reached("Unknown option");
82 static int acquire_esp(void) {
83 _cleanup_free_
char *np
= NULL
;
86 r
= find_esp_and_warn(arg_path
, false, &np
, NULL
, NULL
, NULL
, NULL
);
87 if (r
== -ENOKEY
) /* find_esp_and_warn() doesn't warn in this one error case, but in all others */
88 return log_error_errno(r
,
89 "Couldn't find EFI system partition. It is recommended to mount it to /boot or /efi.\n"
90 "Alternatively, use --path= to specify path to mount point.");
94 free_and_replace(arg_path
, np
);
95 log_debug("Using EFI System Partition at %s.", arg_path
);
100 static int parse_counter(
104 uint64_t *ret_done
) {
120 k
= strspn(e
, DIGITS
);
122 log_error("Can't parse empty 'tries left' counter from LoaderBootCountPath: %s", path
);
127 r
= safe_atou64(z
, &left
);
129 return log_error_errno(r
, "Failed to parse 'tries left' counter from LoaderBootCountPath: %s", path
);
136 k
= strspn(e
, DIGITS
);
137 if (k
== 0) { /* If there's a "-" there also needs to be at least one digit */
138 log_error("Can't parse empty 'tries done' counter from LoaderBootCountPath: %s", path
);
143 r
= safe_atou64(z
, &done
);
145 return log_error_errno(r
, "Failed to parse 'tries done' counter from LoaderBootCountPath: %s", path
);
152 log_warning("The 'tries done' counter is currently at zero. This can't really be, after all we are running, and this boot must hence count as one. Proceeding anyway.");
165 static int acquire_boot_count_path(
172 _cleanup_free_
char *path
= NULL
, *prefix
= NULL
, *suffix
= NULL
;
173 const char *last
, *e
;
177 r
= efi_get_variable_string(EFI_VENDOR_LOADER
, "LoaderBootCountPath", &path
);
179 return -EUNATCH
; /* in this case, let the caller print a message */
181 return log_error_errno(r
, "Failed to read LoaderBootCountPath EFI variable: %m");
183 efi_tilt_backslashes(path
);
185 if (!path_is_normalized(path
)) {
186 log_error("Path read from LoaderBootCountPath is not normalized, refusing: %s", path
);
190 if (!path_is_absolute(path
)) {
191 log_error("Path read from LoaderBootCountPath is not absolute, refusing: %s", path
);
195 last
= last_path_component(path
);
196 e
= strrchr(last
, '+');
198 log_error("Path read from LoaderBootCountPath does not contain a counter, refusing: %s", path
);
203 prefix
= strndup(path
, e
- path
);
208 r
= parse_counter(path
, &e
, &left
, &done
);
217 *ret_suffix
= TAKE_PTR(suffix
);
221 *ret_path
= TAKE_PTR(path
);
223 *ret_prefix
= TAKE_PTR(prefix
);
232 static int make_good(const char *prefix
, const char *suffix
, char **ret
) {
233 _cleanup_free_
char *good
= NULL
;
239 /* Generate the path we'd use on good boots. This one is easy. If we are successful, we simple drop the counter
240 * pair entirely from the name. After all, we know all is good, and the logs will contain information about the
241 * tries we needed to come here, hence it's safe to drop the counters from the name. */
243 good
= strjoin(prefix
, suffix
);
247 *ret
= TAKE_PTR(good
);
251 static int make_bad(const char *prefix
, uint64_t done
, const char *suffix
, char **ret
) {
252 _cleanup_free_
char *bad
= NULL
;
258 /* Generate the path we'd use on bad boots. Let's simply set the 'left' counter to zero, and keep the 'done'
259 * counter. The information might be interesting to boot loaders, after all. */
262 bad
= strjoin(prefix
, "+0", suffix
);
266 if (asprintf(&bad
, "%s+0-%" PRIu64
"%s", prefix
, done
, suffix
) < 0)
270 *ret
= TAKE_PTR(bad
);
274 static const char *skip_slash(const char *path
) {
276 assert(path
[0] == '/');
281 static int verb_status(int argc
, char *argv
[], void *userdata
) {
283 _cleanup_free_
char *path
= NULL
, *prefix
= NULL
, *suffix
= NULL
, *good
= NULL
, *bad
= NULL
;
284 _cleanup_close_
int fd
= -1;
288 r
= acquire_boot_count_path(&path
, &prefix
, &left
, &done
, &suffix
);
289 if (r
== -EUNATCH
) { /* No boot count in place, then let's consider this a "clean" boot, as "good", "bad" or "indeterminate" don't apply. */
300 r
= make_good(prefix
, suffix
, &good
);
304 r
= make_bad(prefix
, done
, suffix
, &bad
);
308 log_debug("Booted file: %s%s\n"
309 "The same modified for 'good': %s%s\n"
310 "The same modified for 'bad': %s%s\n",
315 log_debug("Tries left: %" PRIu64
"\n"
316 "Tries done: %" PRIu64
"\n",
319 fd
= open(arg_path
, O_DIRECTORY
|O_CLOEXEC
|O_RDONLY
);
321 return log_error_errno(errno
, "Failed to open ESP '%s': %m", arg_path
);
323 if (faccessat(fd
, skip_slash(path
), F_OK
, 0) >= 0) {
324 puts("indeterminate");
328 return log_error_errno(errno
, "Failed to check if '%s' exists: %m", path
);
330 if (faccessat(fd
, skip_slash(good
), F_OK
, 0) >= 0) {
335 return log_error_errno(errno
, "Failed to check if '%s' exists: %m", good
);
337 if (faccessat(fd
, skip_slash(bad
), F_OK
, 0) >= 0) {
342 return log_error_errno(errno
, "Failed to check if '%s' exists: %m", bad
);
344 return log_error_errno(errno
, "Couldn't determine boot state: %m");
347 static int verb_set(int argc
, char *argv
[], void *userdata
) {
348 _cleanup_free_
char *path
= NULL
, *prefix
= NULL
, *suffix
= NULL
, *good
= NULL
, *bad
= NULL
, *parent
= NULL
;
349 const char *target
, *source1
, *source2
;
350 _cleanup_close_
int fd
= -1;
354 r
= acquire_boot_count_path(&path
, &prefix
, NULL
, &done
, &suffix
);
355 if (r
== -EUNATCH
) /* acquire_boot_count_path() won't log on its own for this specific error */
356 return log_error_errno(r
, "Not booted with boot counting in effect.");
364 r
= make_good(prefix
, suffix
, &good
);
368 r
= make_bad(prefix
, done
, suffix
, &bad
);
372 fd
= open(arg_path
, O_DIRECTORY
|O_CLOEXEC
|O_RDONLY
);
374 return log_error_errno(errno
, "Failed to open ESP '%s': %m", arg_path
);
376 /* Figure out what rename to what */
377 if (streq(argv
[0], "good")) {
380 source2
= bad
; /* Maybe this boot was previously marked as 'bad'? */
381 } else if (streq(argv
[0], "bad")) {
384 source2
= good
; /* Maybe this boot was previously marked as 'good'? */
386 assert(streq(argv
[0], "indeterminate"));
392 r
= rename_noreplace(fd
, skip_slash(source1
), fd
, skip_slash(target
));
395 else if (r
== -ENOENT
) {
397 r
= rename_noreplace(fd
, skip_slash(source2
), fd
, skip_slash(target
));
400 else if (r
== -ENOENT
) {
402 if (access(target
, F_OK
) >= 0) /* Hmm, if we can't find either source file, maybe the destination already exists? */
405 return log_error_errno(r
, "Can't find boot counter source file for '%s': %m", target
);
407 return log_error_errno(r
, "Failed to rename '%s' to '%s': %m", source2
, target
);
409 log_debug("Successfully renamed '%s' to '%s'.", source2
, target
);
412 return log_error_errno(r
, "Failed to rename '%s' to '%s': %m", source1
, target
);
414 log_debug("Successfully renamed '%s' to '%s'.", source1
, target
);
416 /* First, fsync() the directory these files are located in */
417 parent
= dirname_malloc(path
);
421 r
= fsync_path_at(fd
, skip_slash(parent
));
423 log_debug_errno(errno
, "Failed to synchronize image directory, ignoring: %m");
425 /* Secondly, syncfs() the whole file system these files are located in */
427 log_debug_errno(errno
, "Failed to synchronize ESP, ignoring: %m");
429 log_info("Marked boot as '%s'. (Boot attempt counter is at %" PRIu64
".)", argv
[0], done
);
434 log_debug("Operation already executed before, not doing anything.");
438 int main(int argc
, char *argv
[]) {
440 static const Verb verbs
[] = {
441 { "help", VERB_ANY
, VERB_ANY
, 0, help
},
442 { "status", VERB_ANY
, 1, VERB_DEFAULT
, verb_status
},
443 { "good", VERB_ANY
, 1, VERB_MUST_BE_ROOT
, verb_set
},
444 { "bad", VERB_ANY
, 1, VERB_MUST_BE_ROOT
, verb_set
},
445 { "indeterminate", VERB_ANY
, 1, VERB_MUST_BE_ROOT
, verb_set
},
451 log_parse_environment();
454 r
= parse_argv(argc
, argv
);
458 if (detect_container() > 0) {
459 log_error("Marking a boot is not supported in containers.");
464 if (!is_efi_boot()) {
465 log_error("Marking a boot is only supported on EFI systems.");
470 r
= dispatch_verb(argc
, argv
, verbs
, NULL
);
475 return r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
;