measure: separate out PE section options in --help text
Let's separate the PE section options in the --help text to make clearer
that they are about PE sections, and thus make things less confusing
regarding the cryptic names. Specifically, there's now a separate
section in the --help text that looks like this:
<snip>
UKI PE Section Options: UKI PE Section
--linux=PATH Path Linux kernel image → .linux
--osrel=PATH Path to os-release file → .osrel
--cmdline=PATH Path to file with kernel command line → .cmdline
--initrd=PATH Path to initrd image → .initrd
--splash=PATH Path to splash bitmap → .splash
--dtb=PATH Path to Devicetree file → .dtb
--pcrpkey=PATH Path to public key for PCR signatures → .pcrpkey
</snipe>
(The section title is underlined, like we usually do it)
I think separating this out, and organizing the section name in tabular
form emphasizes nicely where this switches get their name from and what
they mean.
Hopefully addresses concerns from
https://github.com/systemd/systemd/pull/24458#discussion_r967052720 in a
diferent way.
(Also dropped a hint regarding DER format for public key. it's simply
wrong, we use PEM like everyone else on Linux. Outside of Java land DER
isn't popular, so we don't need to mention it here in the --help text,
man page should be enough.)
Luca BRUNO [Mon, 19 Sep 2022 10:09:17 +0000 (10:09 +0000)]
docs: add a note about selectively overriding default dependencies
This documents that explicit `Before=`/`After=` dependencies can be
used to selectively override implicit ordering coming from default
dependencies. That allows for more granular control compared to the
already documented `DefaultDependencies=no` option.
The alternative approach came up in a discussion around the ordering
of `boot-complete.target`, so this also adds an explicit suggestion
in that direction to the "Automatic Boot Assessment" documentation.
find-esp: rework verify_fsroot_dir() around statx()
Let's rework verify_fsroot_dir() around two statx() calls, which should
usually give us all information we need. Let's then add a call to the
btrfs ioctl only if the caller actually wants to know the backing block
device (which it generally only wants if it then intends to verify
partition type, and similar).
This makes things more robust on new kernels, and bypasses the btrfs
ioctls in environments where we cannot actually interpret the results
properly (since they reference btrfs devices via /dev/ paths, which we
likely cannot resolve in containers)
Note, this also makes synthesize_change() propagate the error from
synthesize_change_one(). However, the caller of synthesize_change()
ignores the failure anyway, hence the change does not take any effect.
William Roberts [Mon, 19 Sep 2022 18:50:03 +0000 (13:50 -0500)]
cryptsetup: use TPM flags over bool
This works becuase TPM2_FLAGS_USE_PIN is 1 and bool is a 1 so the bits
line up as expected, however if for some reason flags change values and
for clarity check if the boolean indicates this flag and pass the flag
value.
Signed-off-by: William Roberts <william.c.roberts@intel.com>
As usual, it seems to be mostly additions and corrections. Sadly, it seems a
bit of mojibake has crept in in various places. But it's hard to correct, in
particular because it's hard to detect all cases automatically. I think we can
ignore this for now.
When I run this a few weeks ago, ma-large.txt was gutted and 20-OUI.hwdb was
siginificantly smaller. For whatever reasons, it's back to normal now.
Systemd's credential interface is not yet natively supported by all
programs yet. Hence it's often required to run scripts to massage
secrets in the way the programs expect it.
This commit allows the ExecStartPre commands to access credentials.
udev: do not ignore -ENOENT from sd_device_get_devname() for block device
We already checked that the sd_device object 'dev' is for a whole block
device. So, -ENOENT should not be triggeered here, and if it is, there
exists something spurious. Hence we should not ignore the failure.
udev-node: use symlink_atomic_full_label() to create devlink
If the filename of a device symlink is too long, then the temporary
filename may become invalid, and we fail to create symlink.
The function `tempfn_random()` used in symlink_atomic_full() generates
a safe temporary filename.
Note that, thanks to the PR #23043, now only one worker can handle
the same symlink simultaneously. Hence, the device ID based temporary
filename is not necessary.
In the context of a table, both would be generally understood to have the same
meaning. "n/a" is a strange beast. It was useful when tables were produced on
the typewriter with "---------" used to separate rows. It is visually more
pleasing to use "-", and there is no risk of it being mistaken for a row
separator.
We have free_and_replace() and friends, they are all named with lower
letters, even they are macros, not functions.
For consistency, let's rename CLOSE_AND_REPLACE() with lower letters.
Seeding RNG via SMBIOS is bad idea, since often measurement of SMBIOS
tables is used for TPM policies, under the assumption SMBIOS remains
static after a certain point.
udev-node: do not create symlink to a non-existing device node
Previously, the stack directory contains empty regular files named with
device ID, and we create sd_device object from the device name.
Hence, we implicitly checked the existence of the device node.
However, now the files in the stack directory are symlink, and we
retrieve the path to the device node and its priority from the symlink.
Hence, the existence of the device node is not checked.
Let's check if the device node is still exist.
uid-range: tie up number and array of uid range entries
This renames UidRange -> UidRangeEntry, and reintroduces UidRange which
contains the array of UidRangeEntry and its size.
No fucntional changes, just refactoring.
projects / thirdparty / systemd.git / log
