From: Daan De Meyer Date: Sun, 10 Mar 2024 15:24:37 +0000 (+0100) Subject: systemd-boot: Add support for reading extra kernel cmdline from SMBIOS X-Git-Tag: v256-rc1~583^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=365e90b946250c5e1aa6b845592b35bab3553db6;p=thirdparty%2Fsystemd.git systemd-boot: Add support for reading extra kernel cmdline from SMBIOS Same as io.systemd.stub.kernel-cmdline-extra, but for type 1 entries booted by systemd-boot. --- diff --git a/man/smbios-type-11.xml b/man/smbios-type-11.xml index 93252274da1..2fc215ecbd4 100644 --- a/man/smbios-type-11.xml +++ b/man/smbios-type-11.xml @@ -64,6 +64,16 @@ + + + io.systemd.boot.kernel-cmdline-extra=CMDLINE + + This allows configuration of additional kernel command line options for Boot Loader + Specification Type 1 entries, and is read by systemd-boot. For details see + systemd-boot1. + + + diff --git a/man/systemd-boot.xml b/man/systemd-boot.xml index 74514fb5d06..9ada3f20916 100644 --- a/man/systemd-boot.xml +++ b/man/systemd-boot.xml @@ -561,6 +561,26 @@ url="https://systemd.io/BOOT_LOADER_INTERFACE">Boot Loader Interface. + + SMBIOS Type 11 Strings + + systemd-boot can be configured using SMBIOS Type 11 strings. Applicable strings + consist of a name, followed by =, followed by the value. + systemd-boot will search the table for a string with a specific name, and if found, + use its value. The following strings are read: + + + + io.systemd.boot.kernel-cmdline-extra + If set, the value of this string is added to the list of kernel command line + arguments for Boot Loader Specification Type 1 entries that are measured in PCR12 and passed to the + kernel. + + + + + + Boot Counting diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c index eba8b40e2ff..d64e560a527 100644 --- a/src/boot/efi/boot.c +++ b/src/boot/efi/boot.c @@ -2374,7 +2374,16 @@ static EFI_STATUS image_start( /* If we had to append an initrd= entry to the command line, we have to pass it, and measure it. * Otherwise, only pass/measure it if it is not implicit anyway (i.e. embedded into the UKI or * so). */ - char16_t *options = options_initrd ?: entry->options_implied ? NULL : entry->options; + _cleanup_free_ char16_t *options = xstrdup16(options_initrd ?: entry->options_implied ? NULL : entry->options); + + if (!is_confidential_vm()) { + const char *extra = smbios_find_oem_string("io.systemd.boot.kernel-cmdline-extra"); + if (extra) { + _cleanup_free_ char16_t *tmp = TAKE_PTR(options), *extra16 = xstr8_to_16(extra); + options = xasprintf("%ls %ls", tmp, extra16); + } + } + if (options) { loaded_image->LoadOptions = options; loaded_image->LoadOptionsSize = strsize16(options); diff --git a/src/vmspawn/vmspawn.c b/src/vmspawn/vmspawn.c index 6197f00a3c1..967f701e05c 100644 --- a/src/vmspawn/vmspawn.c +++ b/src/vmspawn/vmspawn.c @@ -1570,6 +1570,10 @@ static int run_virtual_machine(int kvm_device_fd, int vhost_device_fd) { r = strv_extendf(&cmdline, "type=11,value=io.systemd.stub.kernel-cmdline-extra=%s", escaped_kcl); if (r < 0) return log_oom(); + + r = strv_extendf(&cmdline, "type=11,value=io.systemd.boot.kernel-cmdline-extra=%s", escaped_kcl); + if (r < 0) + return log_oom(); } else log_warning("Cannot append extra args to kernel cmdline, native architecture doesn't support SMBIOS, ignoring"); }