boot: add new bls type #1 stanza "uki"

This one is between "efi" and "linux": we'll recognize such entries as
linux, but we'll just invoke them as EFI binaries.

This creates a high-level concept for invoking UKIs via indirection of a
bls type #1 entry, for example to permit invocation from a non-standard
path or for giving entries a different name.

Companion BLS spec PR:

https://github.com/uapi-group/specifications/pull/135

(Let's rename LOADER_UNIFIED_LINUX to LOADER_TYPE2_UKI at the same time
to reduce confusion what is what)

diff --git a/src/boot/boot.c b/src/boot/boot.c
index 8a1224a45b345deae4989f9b27d0f0a148f81380..e57c5986541b617c699dec0691e1867267848509 100644 (file)
--- a/src/boot/boot.c
+++ b/src/boot/boot.c
@@ -49,7 +49,8 @@ typedef enum LoaderType {
         LOADER_AUTO,
         LOADER_EFI,           /* Boot loader spec type #1 entries with "efi" line */
         LOADER_LINUX,         /* Boot loader spec type #1 entries with "linux" line */
-        LOADER_UNIFIED_LINUX, /* Boot loader spec type #2 entries */
+        LOADER_UKI,           /* Boot loader spec type #1 entries with "uki" line */
+        LOADER_TYPE2_UKI,     /* Boot loader spec type #2 entries */
         LOADER_SECURE_BOOT_KEYS,
         LOADER_BAD,           /* Marker: this boot loader spec type #1 entry is invalid */
         LOADER_IGNORE,        /* Marker: this boot loader spec type #1 entry does not match local host */
@@ -57,13 +58,13 @@ typedef enum LoaderType {
 } LoaderType;
 
 /* Which loader types permit command line editing */
-#define LOADER_TYPE_ALLOW_EDITOR(t) IN_SET(t, LOADER_EFI, LOADER_LINUX, LOADER_UNIFIED_LINUX)
+#define LOADER_TYPE_ALLOW_EDITOR(t) IN_SET(t, LOADER_EFI, LOADER_LINUX, LOADER_UKI, LOADER_TYPE2_UKI)
 
 /* Which loader types allow command line editing in SecureBoot mode */
 #define LOADER_TYPE_ALLOW_EDITOR_IN_SB(t) IN_SET(t, LOADER_EFI, LOADER_LINUX)
 
 /* Which loader types shall be considered for automatic selection */
-#define LOADER_TYPE_MAY_AUTO_SELECT(t) IN_SET(t, LOADER_EFI, LOADER_LINUX, LOADER_UNIFIED_LINUX)
+#define LOADER_TYPE_MAY_AUTO_SELECT(t) IN_SET(t, LOADER_EFI, LOADER_LINUX, LOADER_UKI, LOADER_TYPE2_UKI)
 
 typedef struct {
         char16_t *id;         /* The unique identifier for this entry (typically the filename of the file defining the entry, possibly suffixed with a profile id) */
@@ -1495,6 +1496,18 @@ static void boot_entry_add_type1(
                         entry->loader = xstr8_to_path(value);
                         entry->key = 'l';
 
+                } else if (streq8(key, "uki")) {
+
+                        if (!IN_SET(entry->type, LOADER_UNDEFINED, LOADER_UKI)) {
+                                entry->type = LOADER_BAD;
+                                break;
+                        }
+
+                        free(entry->loader);
+                        entry->type = LOADER_UKI;
+                        entry->loader = xstr8_to_path(value);
+                        entry->key = 'l';
+
                 } else if (streq8(key, "efi")) {
 
                         if (!IN_SET(entry->type, LOADER_UNDEFINED, LOADER_EFI)) {
@@ -2347,7 +2360,7 @@ static void boot_entry_add_type2(
                 *entry = (BootEntry) {
                         .id = strtolower16(TAKE_PTR(id)),
                         .id_without_profile = profile > 0 ? strtolower16(xstrdup16(filename)) : NULL,
-                        .type = LOADER_UNIFIED_LINUX,
+                        .type = LOADER_TYPE2_UKI,
                         .title = TAKE_PTR(title),
                         .version = xstrdup16(good_version),
                         .device = device,
@@ -2789,6 +2802,7 @@ static void export_loader_variables(
                 EFI_LOADER_FEATURE_MENU_DISABLE |
                 EFI_LOADER_FEATURE_MULTI_PROFILE_UKI |
                 EFI_LOADER_FEATURE_REPORT_URL |
+                EFI_LOADER_FEATURE_TYPE1_UKI |
                 0;
 
         assert(loaded_image);

diff --git a/src/bootctl/bootctl-status.c b/src/bootctl/bootctl-status.c
index 03ebea38dfdea38f54519be6df54bc03937a5f51..541f7f25ccefc998883c935bba7beb7f832aed74 100644 (file)
--- a/src/bootctl/bootctl-status.c
+++ b/src/bootctl/bootctl-status.c
@@ -391,6 +391,7 @@ int verb_status(int argc, char *argv[], void *userdata) {
                         { EFI_LOADER_FEATURE_MENU_DISABLE,            "Menu can be disabled"                  },
                         { EFI_LOADER_FEATURE_MULTI_PROFILE_UKI,       "Multi-Profile UKIs are supported"      },
                         { EFI_LOADER_FEATURE_REPORT_URL,              "Loader reports network boot URL"       },
+                        { EFI_LOADER_FEATURE_TYPE1_UKI,               "Support Type #1 uki field"             },
                 };
                 static const struct {
                         uint64_t flag;

diff --git a/src/fundamental/efivars-fundamental.h b/src/fundamental/efivars-fundamental.h
index 678cdeeff84fbb747d565e4da555e048b578a901..b7197a874eddeb8d3956824bab496a9d1035a6d9 100644 (file)
--- a/src/fundamental/efivars-fundamental.h
+++ b/src/fundamental/efivars-fundamental.h
@@ -25,6 +25,7 @@
 #define EFI_LOADER_FEATURE_MENU_DISABLE            (UINT64_C(1) << 13)
 #define EFI_LOADER_FEATURE_MULTI_PROFILE_UKI       (UINT64_C(1) << 14)
 #define EFI_LOADER_FEATURE_REPORT_URL              (UINT64_C(1) << 15)
+#define EFI_LOADER_FEATURE_TYPE1_UKI               (UINT64_C(1) << 16)
 
 /* Features of the stub, i.e. systemd-stub */
 #define EFI_STUB_FEATURE_REPORT_BOOT_PARTITION     (UINT64_C(1) << 0)