From: Valentin David <me@valentindavid.com>
Date: Thu, 19 Oct 2023 21:13:45 +0000 (+0200)
Subject: stub: Ignore the boot counter when looking for .extra.d directory
X-Git-Tag: v255-rc1~175
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7a876307bb64cb4cd20388229f79cf5da3fa3ec2;p=thirdparty%2Fsystemd.git

stub: Ignore the boot counter when looking for .extra.d directory

If `foo+3-0.efi` is booted when there are some files in `foo.efi.extra.d`,
those files are ignored. But after the boot is blessed and the system rebooted,
those file are taken into account, and the boot is different from first
boot. This behavior is a bit puzzling.

Instead we now ignore the counter and always look for the extra files in
`foo.efi.extra.d` and always boot the same way.
---

diff --git a/man/systemd-stub.xml b/man/systemd-stub.xml
index 5650c53f021..337759a0c3c 100644
--- a/man/systemd-stub.xml
+++ b/man/systemd-stub.xml
@@ -135,7 +135,12 @@
     <itemizedlist>
       <listitem><para>For a kernel binary called <filename><replaceable>foo</replaceable>.efi</filename>, it
       will look for files with the <filename>.cred</filename> suffix in a directory named
-      <filename><replaceable>foo</replaceable>.efi.extra.d/</filename> next to it. A <command>cpio</command>
+      <filename><replaceable>foo</replaceable>.efi.extra.d/</filename> next to it. If the kernel binary
+      uses a counter for the purpose of
+      <ulink url="https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT">Automatic Boot Assessment</ulink>, this
+      counter will be ignored. For example, <filename><replaceable>foo</replaceable>+3-0.efi</filename>
+      will look in directory <filename><replaceable>foo</replaceable>.efi.extra.d/</filename>.
+      A <command>cpio</command>
       archive is generated from all files found that way, placing them in the
       <filename>/.extra/credentials/</filename> directory of the initrd file hierarchy. The main initrd may
       then access them in this directory. This is supposed to be used to store auxiliary, encrypted,
diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c
index 32796f9ff2e..25f5e0f0324 100644
--- a/src/boot/efi/util.c
+++ b/src/boot/efi/util.c
@@ -646,6 +646,34 @@ void *find_configuration_table(const EFI_GUID *guid) {
         return NULL;
 }
 
+static void remove_boot_count(char16_t *path) {
+        char16_t *prefix_end;
+        const char16_t *tail;
+        uint64_t ignored;
+
+        assert(path);
+
+        prefix_end = strchr16(path, '+');
+        if (!prefix_end)
+                return;
+
+        tail = prefix_end + 1;
+
+        if (!parse_number16(tail, &ignored, &tail))
+                return;
+
+        if (*tail == '-') {
+                ++tail;
+                if (!parse_number16(tail, &ignored, &tail))
+                        return;
+        }
+
+        if (!IN_SET(*tail, '\0', '.'))
+                return;
+
+        strcpy16(prefix_end, tail);
+}
+
 char16_t *get_extra_dir(const EFI_DEVICE_PATH *file_path) {
         if (!file_path)
                 return NULL;
@@ -666,5 +694,6 @@ char16_t *get_extra_dir(const EFI_DEVICE_PATH *file_path) {
                 return NULL;
 
         convert_efi_path(file_path_str);
+        remove_boot_count(file_path_str);
         return xasprintf("%ls.extra.d", file_path_str);
 }