From: Lennart Poettering Date: Mon, 21 Aug 2023 20:56:07 +0000 (+0200) Subject: boot: explain why we refuse to edit kernel cmdline when we do so X-Git-Tag: v255-rc1~676 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c4d281fa1a6a99208daef2b80f57bcad37a6eaab;p=thirdparty%2Fsystemd.git boot: explain why we refuse to edit kernel cmdline when we do so --- diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c index 6c2c488c742..b1c88142864 100644 --- a/src/boot/efi/boot.c +++ b/src/boot/efi/boot.c @@ -918,17 +918,21 @@ static bool menu_run( case KEYPRESS(0, 0, 'e'): case KEYPRESS(0, 0, 'E'): /* only the options of configured entries can be edited */ - if (!config->editor || !IN_SET(config->entries[idx_highlight]->type, - LOADER_EFI, LOADER_LINUX, LOADER_UNIFIED_LINUX)) + if (!config->editor || + !IN_SET(config->entries[idx_highlight]->type, LOADER_EFI, LOADER_LINUX, LOADER_UNIFIED_LINUX)) { + status = xstrdup16(u"Entry does not support editing the command line."); break; + } /* Unified kernels that are signed as a whole will not accept command line options * when secure boot is enabled unless there is none embedded in the image. Do not try * to pretend we can edit it to only have it be ignored. */ if (config->entries[idx_highlight]->type == LOADER_UNIFIED_LINUX && secure_boot_enabled() && - config->entries[idx_highlight]->options) + config->entries[idx_highlight]->options) { + status = xstrdup16(u"Entry not editable in SecureBoot mode."); break; + } /* The edit line may end up on the last line of the screen. And even though we're * not telling the firmware to advance the line, it still does in this one case,