• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

systemd / systemd / 15057632786

15 May 2025 09:01PM UTC coverage: 72.267% (+0.02%) from 72.244%
15057632786

push

github

bluca
man: document how to hook stuff into system wakeup

Fixes: #6364

298523 of 413084 relevant lines covered (72.27%)

738132.88 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

66.11
/src/bootctl/bootctl-install.c
1
/* SPDX-License-Identifier: LGPL-2.1-or-later */
2

3
#include "alloc-util.h"
4
#include "bootctl.h"
5
#include "bootctl-install.h"
6
#include "bootctl-random-seed.h"
7
#include "bootctl-util.h"
8
#include "chase.h"
9
#include "copy.h"
10
#include "dirent-util.h"
11
#include "efi-api.h"
12
#include "efi-fundamental.h"
13
#include "env-file.h"
14
#include "fd-util.h"
15
#include "fileio.h"
16
#include "fs-util.h"
17
#include "glyph-util.h"
18
#include "id128-util.h"
19
#include "io-util.h"
20
#include "kernel-config.h"
21
#include "os-util.h"
22
#include "parse-argument.h"
23
#include "path-util.h"
24
#include "rm-rf.h"
25
#include "stat-util.h"
26
#include "sync-util.h"
27
#include "tmpfile-util.h"
28
#include "umask-util.h"
29
#include "utf8.h"
30

31
static int load_etc_machine_id(void) {
146✔
32
        int r;
146✔
33

34
        r = sd_id128_get_machine(&arg_machine_id);
146✔
35
        if (ERRNO_IS_NEG_MACHINE_ID_UNSET(r)) /* Not set or empty */
146✔
36
                return 0;
37
        if (r < 0)
146✔
38
                return log_error_errno(r, "Failed to get machine-id: %m");
×
39

40
        log_debug("Loaded machine ID %s from /etc/machine-id.", SD_ID128_TO_STRING(arg_machine_id));
146✔
41
        return 0;
146✔
42
}
43

44
static int load_etc_machine_info(void) {
146✔
45
        /* systemd v250 added support to store the kernel-install layout setting and the machine ID to use
46
         * for setting up the ESP in /etc/machine-info. The newer /etc/kernel/entry-token file, as well as
47
         * the $layout field in /etc/kernel/install.conf are better replacements for this though, hence this
48
         * has been deprecated and is only returned for compatibility. */
49
        _cleanup_free_ char *p = NULL, *s = NULL, *layout = NULL;
146✔
50
        int r;
146✔
51

52
        p = path_join(arg_root, "/etc/machine-info");
146✔
53
        if (!p)
146✔
54
                return log_oom();
×
55

56
        r = parse_env_file(NULL, p,
146✔
57
                           "KERNEL_INSTALL_LAYOUT", &layout,
58
                           "KERNEL_INSTALL_MACHINE_ID", &s);
59
        if (r == -ENOENT)
146✔
60
                return 0;
61
        if (r < 0)
×
62
                return log_error_errno(r, "Failed to parse /etc/machine-info: %m");
×
63

64
        if (!isempty(s)) {
×
65
                if (!arg_quiet)
×
66
                        log_notice("Read $KERNEL_INSTALL_MACHINE_ID from /etc/machine-info. "
×
67
                                   "Please move it to /etc/kernel/entry-token.");
68

69
                r = sd_id128_from_string(s, &arg_machine_id);
×
70
                if (r < 0)
×
71
                        return log_error_errno(r, "Failed to parse KERNEL_INSTALL_MACHINE_ID=%s in /etc/machine-info: %m", s);
×
72

73
                log_debug("Loaded KERNEL_INSTALL_MACHINE_ID=%s from /etc/machine-info.",
×
74
                          SD_ID128_TO_STRING(arg_machine_id));
75
        }
76

77
        if (!isempty(layout)) {
146✔
78
                if (!arg_quiet)
×
79
                        log_notice("Read $KERNEL_INSTALL_LAYOUT from /etc/machine-info. "
×
80
                                   "Please move it to the layout= setting of /etc/kernel/install.conf.");
81

82
                log_debug("KERNEL_INSTALL_LAYOUT=%s is specified in /etc/machine-info.", layout);
×
83
                free_and_replace(arg_install_layout, layout);
×
84
        }
85

86
        return 0;
87
}
88

89
static int load_kernel_install_layout(void) {
146✔
90
        _cleanup_free_ char *layout = NULL;
146✔
91
        int r;
146✔
92

93
        r = load_kernel_install_conf(arg_root,
146✔
94
                                     getenv("KERNEL_INSTALL_CONF_ROOT"),
146✔
95
                                     /* ret_machine_id= */ NULL,
96
                                     /* ret_boot_root= */ NULL,
97
                                     &layout,
98
                                     /* ret_initrd_generator= */ NULL,
99
                                     /* ret_uki_generator= */ NULL);
100
        if (r <= 0)
146✔
101
                return r;
102

103
        if (!isempty(layout)) {
146✔
104
                log_debug("layout=%s is specified in config.", layout);
×
105
                free_and_replace(arg_install_layout, layout);
×
106
        }
107

108
        return 0;
109
}
110

111
static bool use_boot_loader_spec_type1(void) {
146✔
112
        /* If the layout is not specified, or if it is set explicitly to "bls" we assume Boot Loader
113
         * Specification Type #1 is the chosen format for our boot loader entries */
114
        return !arg_install_layout || streq(arg_install_layout, "bls");
146✔
115
}
116

117
static int settle_make_entry_directory(void) {
146✔
118
        int r;
146✔
119

120
        r = load_etc_machine_id();
146✔
121
        if (r < 0)
146✔
122
                return r;
123

124
        r = load_etc_machine_info();
146✔
125
        if (r < 0)
146✔
126
                return r;
127

128
        r = load_kernel_install_layout();
146✔
129
        if (r < 0)
146✔
130
                return r;
131

132
        r = settle_entry_token();
146✔
133
        if (r < 0)
146✔
134
                return r;
135

136
        bool layout_type1 = use_boot_loader_spec_type1();
146✔
137
        if (arg_make_entry_directory < 0) { /* Automatic mode */
146✔
138
                if (layout_type1) {
×
139
                        if (arg_entry_token_type == BOOT_ENTRY_TOKEN_MACHINE_ID) {
×
140
                                r = path_is_temporary_fs("/etc/machine-id");
×
141
                                if (r < 0)
×
142
                                        return log_debug_errno(r, "Couldn't determine whether /etc/machine-id is on a temporary file system: %m");
×
143

144
                                arg_make_entry_directory = r == 0;
×
145
                        } else
146
                                arg_make_entry_directory = true;
×
147
                } else
148
                        arg_make_entry_directory = false;
×
149
        }
150

151
        if (arg_make_entry_directory > 0 && !layout_type1)
146✔
152
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
×
153
                                       "KERNEL_INSTALL_LAYOUT=%s is configured, but Boot Loader Specification Type #1 entry directory creation was requested.",
154
                                       arg_install_layout);
155

156
        return 0;
157
}
158

159
static int compare_product(const char *a, const char *b) {
474✔
160
        size_t x, y;
474✔
161

162
        assert(a);
474✔
163
        assert(b);
474✔
164

165
        x = strcspn(a, " ");
474✔
166
        y = strcspn(b, " ");
474✔
167
        if (x != y)
474✔
168
                return x < y ? -1 : x > y ? 1 : 0;
×
169

170
        return strncmp(a, b, x);
474✔
171
}
172

173
static int compare_version(const char *a, const char *b) {
474✔
174
        assert(a);
474✔
175
        assert(b);
474✔
176

177
        a += strcspn(a, " ");
474✔
178
        a += strspn(a, " ");
474✔
179
        b += strcspn(b, " ");
474✔
180
        b += strspn(b, " ");
474✔
181

182
        return strverscmp_improved(a, b);
474✔
183
}
184

185
static int version_check(int fd_from, const char *from, int fd_to, const char *to) {
474✔
186
        _cleanup_free_ char *a = NULL, *b = NULL;
474✔
187
        int r;
474✔
188

189
        assert(fd_from >= 0);
474✔
190
        assert(from);
474✔
191
        assert(fd_to >= 0);
474✔
192
        assert(to);
474✔
193

194
        r = get_file_version(fd_from, &a);
474✔
195
        if (r == -ESRCH)
474✔
196
                return log_notice_errno(r, "Source file \"%s\" does not carry version information!", from);
×
197
        if (r < 0)
474✔
198
                return r;
199

200
        r = get_file_version(fd_to, &b);
474✔
201
        if (r == -ESRCH)
474✔
202
                return log_notice_errno(r, "Skipping \"%s\", it's owned by another boot loader (no version info found).",
×
203
                                        to);
204
        if (r < 0)
474✔
205
                return r;
206
        if (compare_product(a, b) != 0)
474✔
207
                return log_notice_errno(SYNTHETIC_ERRNO(ESRCH),
×
208
                                        "Skipping \"%s\", it's owned by another boot loader.", to);
209

210
        r = compare_version(a, b);
474✔
211
        log_debug("Comparing versions: \"%s\" %s \"%s", a, comparison_operator(r), b);
930✔
212
        if (r < 0)
474✔
213
                return log_warning_errno(SYNTHETIC_ERRNO(ESTALE),
×
214
                                         "Skipping \"%s\", newer boot loader version in place already.", to);
215
        if (r == 0)
474✔
216
                return log_info_errno(SYNTHETIC_ERRNO(ESTALE),
474✔
217
                                      "Skipping \"%s\", same boot loader version in place already.", to);
218

219
        return 0;
220
}
221

222
static int copy_file_with_version_check(const char *from, const char *to, bool force) {
512✔
223
        _cleanup_close_ int fd_from = -EBADF, fd_to = -EBADF;
512✔
224
        _cleanup_free_ char *t = NULL;
512✔
225
        int r;
512✔
226

227
        fd_from = open(from, O_RDONLY|O_CLOEXEC|O_NOCTTY);
512✔
228
        if (fd_from < 0)
512✔
229
                return log_error_errno(errno, "Failed to open \"%s\" for reading: %m", from);
×
230

231
        if (!force) {
512✔
232
                fd_to = open(to, O_RDONLY|O_CLOEXEC|O_NOCTTY);
474✔
233
                if (fd_to < 0) {
474✔
234
                        if (errno != ENOENT)
×
235
                                return log_error_errno(errno, "Failed to open \"%s\" for reading: %m", to);
×
236
                } else {
237
                        r = version_check(fd_from, from, fd_to, to);
474✔
238
                        if (r < 0)
474✔
239
                                return r;
240

241
                        if (lseek(fd_from, 0, SEEK_SET) < 0)
×
242
                                return log_error_errno(errno, "Failed to seek in \"%s\": %m", from);
×
243

244
                        fd_to = safe_close(fd_to);
×
245
                }
246
        }
247

248
        r = tempfn_random(to, NULL, &t);
38✔
249
        if (r < 0)
38✔
250
                return log_oom();
×
251

252
        WITH_UMASK(0000) {
76✔
253
                fd_to = open(t, O_WRONLY|O_CREAT|O_CLOEXEC|O_EXCL|O_NOFOLLOW, 0644);
38✔
254
                if (fd_to < 0)
38✔
255
                        return log_error_errno(errno, "Failed to open \"%s\" for writing: %m", t);
×
256
        }
257

258
        r = copy_bytes(fd_from, fd_to, UINT64_MAX, COPY_REFLINK);
38✔
259
        if (r < 0) {
38✔
260
                (void) unlink(t);
×
261
                return log_error_errno(r, "Failed to copy data from \"%s\" to \"%s\": %m", from, t);
×
262
        }
263

264
        (void) copy_times(fd_from, fd_to, 0);
38✔
265

266
        r = fsync_full(fd_to);
38✔
267
        if (r < 0) {
38✔
268
                (void) unlink(t);
×
269
                return log_error_errno(r, "Failed to copy data from \"%s\" to \"%s\": %m", from, t);
×
270
        }
271

272
        r = RET_NERRNO(renameat(AT_FDCWD, t, AT_FDCWD, to));
38✔
273
        if (r < 0) {
×
274
                (void) unlink(t);
×
275
                return log_error_errno(r, "Failed to rename \"%s\" to \"%s\": %m", t, to);
×
276
        }
277

278
        log_info("Copied \"%s\" to \"%s\".", from, to);
38✔
279

280
        return 0;
281
}
282

283
static int mkdir_one(const char *prefix, const char *suffix) {
125✔
284
        _cleanup_free_ char *p = NULL;
125✔
285

286
        p = path_join(prefix, suffix);
125✔
287
        if (mkdir(p, 0700) < 0) {
125✔
288
                if (errno != EEXIST)
25✔
289
                        return log_error_errno(errno, "Failed to create \"%s\": %m", p);
×
290
        } else
291
                log_info("Created \"%s\".", p);
100✔
292

293
        return 0;
294
}
295

296
static const char *const esp_subdirs[] = {
297
        /* The directories to place in the ESP */
298
        "EFI",
299
        "EFI/systemd",
300
        "EFI/BOOT",
301
        "loader",
302
        "loader/keys",
303
        NULL
304
};
305

306
static const char *const dollar_boot_subdirs[] = {
307
        /* The directories to place in the XBOOTLDR partition or the ESP, depending what exists */
308
        "loader",
309
        "loader/entries",  /* Type #1 entries */
310
        "EFI",
311
        "EFI/Linux",       /* Type #2 entries */
312
        NULL
313
};
314

315
static int create_subdirs(const char *root, const char * const *subdirs) {
26✔
316
        int r;
26✔
317

318
        STRV_FOREACH(i, subdirs) {
143✔
319
                r = mkdir_one(root, *i);
117✔
320
                if (r < 0)
117✔
321
                        return r;
322
        }
323

324
        return 0;
325
}
326

327
static int update_efi_boot_binaries(const char *esp_path, const char *source_path) {
120✔
328
        _cleanup_closedir_ DIR *d = NULL;
120✔
329
        _cleanup_free_ char *p = NULL;
120✔
330
        int r, ret = 0;
120✔
331

332
        r = chase_and_opendir("/EFI/BOOT", esp_path, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, &p, &d);
120✔
333
        if (r == -ENOENT)
120✔
334
                return 0;
335
        if (r < 0)
120✔
336
                return log_error_errno(r, "Failed to open directory \"%s/EFI/BOOT\": %m", esp_path);
×
337

338
        FOREACH_DIRENT(de, d, break) {
594✔
339
                _cleanup_close_ int fd = -EBADF;
234✔
340
                _cleanup_free_ char *v = NULL;
234✔
341

342
                if (!endswith_no_case(de->d_name, ".efi"))
234✔
343
                        continue;
×
344

345
                fd = openat(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC);
234✔
346
                if (fd < 0)
234✔
347
                        return log_error_errno(errno, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
×
348

349
                r = get_file_version(fd, &v);
234✔
350
                if (r == -ESRCH)
234✔
351
                        continue;  /* No version information */
×
352
                if (r < 0)
234✔
353
                        return r;
354
                if (startswith(v, "systemd-boot ")) {
234✔
355
                        _cleanup_free_ char *dest_path = NULL;
234✔
356

357
                        dest_path = path_join(p, de->d_name);
234✔
358
                        if (!dest_path)
234✔
359
                                return log_oom();
×
360

361
                        RET_GATHER(ret, copy_file_with_version_check(source_path, dest_path, /* force = */ false));
234✔
362
                }
363
        }
364

365
        return ret;
366
}
367

368
static int copy_one_file(const char *esp_path, const char *name, bool force) {
139✔
369
        char *root = IN_SET(arg_install_source, ARG_INSTALL_SOURCE_AUTO, ARG_INSTALL_SOURCE_IMAGE) ? arg_root : NULL;
139✔
370
        _cleanup_free_ char *source_path = NULL, *dest_path = NULL, *p = NULL, *q = NULL;
139✔
371
        const char *e;
139✔
372
        char *dest_name, *s;
139✔
373
        int r, ret;
139✔
374

375
        dest_name = strdupa_safe(name);
139✔
376
        s = endswith_no_case(dest_name, ".signed");
139✔
377
        if (s)
139✔
378
                *s = 0;
×
379

380
        p = path_join(BOOTLIBDIR, name);
139✔
381
        if (!p)
139✔
382
                return log_oom();
×
383

384
        r = chase(p, root, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, &source_path, NULL);
139✔
385
        /* If we had a root directory to try, we didn't find it and we are in auto mode, retry on the host */
386
        if (r == -ENOENT && root && arg_install_source == ARG_INSTALL_SOURCE_AUTO)
139✔
387
                r = chase(p, NULL, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, &source_path, NULL);
16✔
388
        if (r < 0)
139✔
389
                return log_error_errno(r,
×
390
                                       "Failed to resolve path %s%s%s: %m",
391
                                       p,
392
                                       root ? " under directory " : "",
393
                                       strempty(root));
394

395
        q = path_join("/EFI/systemd/", dest_name);
139✔
396
        if (!q)
139✔
397
                return log_oom();
×
398

399
        r = chase(q, esp_path, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS|CHASE_NONEXISTENT, &dest_path, NULL);
139✔
400
        if (r < 0)
139✔
401
                return log_error_errno(r, "Failed to resolve path %s under directory %s: %m", q, esp_path);
×
402

403
        /* Note that if this fails we do the second copy anyway, but return this error code,
404
         * so we stash it away in a separate variable. */
405
        ret = copy_file_with_version_check(source_path, dest_path, force);
139✔
406

407
        e = startswith(dest_name, "systemd-boot");
139✔
408
        if (e) {
139✔
409
                _cleanup_free_ char *default_dest_path = NULL;
139✔
410
                char *v;
139✔
411

412
                /* Create the EFI default boot loader name (specified for removable devices) */
413
                v = strjoina("/EFI/BOOT/BOOT", e);
695✔
414
                ascii_strupper(strrchr(v, '/') + 1);
139✔
415

416
                r = chase(v, esp_path, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS|CHASE_NONEXISTENT, &default_dest_path, NULL);
139✔
417
                if (r < 0)
139✔
418
                        return log_error_errno(r, "Failed to resolve path %s under directory %s: %m", v, esp_path);
×
419

420
                RET_GATHER(ret, copy_file_with_version_check(source_path, default_dest_path, force));
139✔
421

422
                /* If we were installed under any other name in /EFI/BOOT, make sure we update those binaries
423
                 * as well. */
424
                if (!force)
139✔
425
                        RET_GATHER(ret, update_efi_boot_binaries(esp_path, source_path));
120✔
426
        }
427

428
        return ret;
429
}
430

431
static int install_binaries(const char *esp_path, const char *arch, bool force) {
133✔
432
        char *root = IN_SET(arg_install_source, ARG_INSTALL_SOURCE_AUTO, ARG_INSTALL_SOURCE_IMAGE) ? arg_root : NULL;
133✔
433
        _cleanup_closedir_ DIR *d = NULL;
133✔
434
        _cleanup_free_ char *path = NULL;
133✔
435
        int r;
133✔
436

437
        r = chase_and_opendir(BOOTLIBDIR, root, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, &path, &d);
133✔
438
        /* If we had a root directory to try, we didn't find it and we are in auto mode, retry on the host */
439
        if (r == -ENOENT && root && arg_install_source == ARG_INSTALL_SOURCE_AUTO)
133✔
440
                r = chase_and_opendir(BOOTLIBDIR, NULL, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, &path, &d);
12✔
441
        if (r == -ENOENT && arg_graceful) {
133✔
442
                log_debug("Source directory does not exist, ignoring.");
×
443
                return 0;
×
444
        }
445
        if (r < 0)
133✔
446
                return log_error_errno(r, "Failed to open boot loader directory %s%s: %m", strempty(root), BOOTLIBDIR);
×
447

448
        const char *suffix = strjoina(arch, ".efi");
665✔
449
        const char *suffix_signed = strjoina(arch, ".efi.signed");
665✔
450

451
        FOREACH_DIRENT(de, d, return log_error_errno(errno, "Failed to read \"%s\": %m", path)) {
1,197✔
452
                int k;
798✔
453

454
                if (!endswith_no_case(de->d_name, suffix) && !endswith_no_case(de->d_name, suffix_signed))
798✔
455
                        continue;
659✔
456

457
                /* skip the .efi file, if there's a .signed version of it */
458
                if (endswith_no_case(de->d_name, ".efi")) {
139✔
459
                        _cleanup_free_ const char *s = strjoin(de->d_name, ".signed");
278✔
460
                        if (!s)
139✔
461
                                return log_oom();
×
462
                        if (faccessat(dirfd(d), s, F_OK, 0) >= 0)
139✔
463
                                continue;
×
464
                }
465

466
                k = copy_one_file(esp_path, de->d_name, force);
139✔
467
                /* Don't propagate an error code if no update necessary, installed version already equal or
468
                 * newer version, or other boot loader in place. */
469
                if (arg_graceful && IN_SET(k, -ESTALE, -ESRCH))
139✔
470
                        continue;
117✔
471
                RET_GATHER(r, k);
22✔
472
        }
473

474
        return r;
475
}
476

477
static int install_loader_config(const char *esp_path) {
13✔
478
        _cleanup_(unlink_and_freep) char *t = NULL;
×
479
        _cleanup_fclose_ FILE *f = NULL;
13✔
480
        _cleanup_free_ char *p = NULL;
13✔
481
        int r;
13✔
482

483
        assert(arg_make_entry_directory >= 0);
13✔
484

485
        p = path_join(esp_path, "/loader/loader.conf");
13✔
486
        if (!p)
13✔
487
                return log_oom();
×
488
        if (access(p, F_OK) >= 0) /* Silently skip creation if the file already exists (early check) */
13✔
489
                return 0;
490

491
        r = fopen_tmpfile_linkable(p, O_WRONLY|O_CLOEXEC, &t, &f);
12✔
492
        if (r < 0)
12✔
493
                return log_error_errno(r, "Failed to open \"%s\" for writing: %m", p);
×
494

495
        fprintf(f, "#timeout 3\n"
12✔
496
                   "#console-mode keep\n");
497

498
        if (arg_make_entry_directory) {
12✔
499
                assert(arg_entry_token);
6✔
500
                fprintf(f, "default %s-*\n", arg_entry_token);
6✔
501
        }
502

503
        r = flink_tmpfile(f, t, p, LINK_TMPFILE_SYNC);
12✔
504
        if (r == -EEXIST)
12✔
505
                return 0; /* Silently skip creation if the file exists now (recheck) */
506
        if (r < 0)
12✔
507
                return log_error_errno(r, "Failed to move \"%s\" into place: %m", p);
×
508

509
        t = mfree(t);
12✔
510
        return 1;
12✔
511
}
512

513
static int install_loader_specification(const char *root) {
130✔
514
        _cleanup_(unlink_and_freep) char *t = NULL;
×
515
        _cleanup_fclose_ FILE *f = NULL;
130✔
516
        _cleanup_free_ char *p = NULL;
130✔
517
        int r;
130✔
518

519
        p = path_join(root, "/loader/entries.srel");
130✔
520
        if (!p)
130✔
521
                return log_oom();
×
522

523
        if (access(p, F_OK) >= 0) /* Silently skip creation if the file already exists (early check) */
130✔
524
                return 0;
525

526
        r = fopen_tmpfile_linkable(p, O_WRONLY|O_CLOEXEC, &t, &f);
12✔
527
        if (r < 0)
12✔
528
                return log_error_errno(r, "Failed to open \"%s\" for writing: %m", p);
×
529

530
        fprintf(f, "type1\n");
12✔
531

532
        r = flink_tmpfile(f, t, p, LINK_TMPFILE_SYNC);
12✔
533
        if (r == -EEXIST)
12✔
534
                return 0; /* Silently skip creation if the file exists now (recheck) */
535
        if (r < 0)
12✔
536
                return log_error_errno(r, "Failed to move \"%s\" into place: %m", p);
×
537

538
        t = mfree(t);
12✔
539
        return 1;
12✔
540
}
541

542
static int install_entry_directory(const char *root) {
13✔
543
        assert(root);
13✔
544
        assert(arg_make_entry_directory >= 0);
13✔
545

546
        if (!arg_make_entry_directory)
13✔
547
                return 0;
548

549
        assert(arg_entry_token);
7✔
550
        return mkdir_one(root, arg_entry_token);
7✔
551
}
552

553
static int install_entry_token(void) {
13✔
554
        _cleanup_free_ char* p = NULL;
13✔
555
        int r;
13✔
556

557
        assert(arg_make_entry_directory >= 0);
13✔
558
        assert(arg_entry_token);
13✔
559

560
        /* Let's save the used entry token in /etc/kernel/entry-token if we used it to create the entry
561
         * directory, or if anything else but the machine ID */
562

563
        if (!arg_make_entry_directory && arg_entry_token_type == BOOT_ENTRY_TOKEN_MACHINE_ID)
13✔
564
                return 0;
565

566
        p = path_join(arg_root, getenv("KERNEL_INSTALL_CONF_ROOT") ?: "/etc/kernel/", "entry-token");
26✔
567
        if (!p)
13✔
568
                return log_oom();
×
569

570
        r = write_string_file(p, arg_entry_token, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC|WRITE_STRING_FILE_MKDIR_0755);
13✔
571
        if (r < 0)
13✔
572
                return log_error_errno(r, "Failed to write entry token '%s' to %s: %m", arg_entry_token, p);
×
573

574
        return 0;
575
}
576

577
#if HAVE_OPENSSL
578
static int efi_timestamp(EFI_TIME *ret) {
1✔
579
        uint64_t epoch = UINT64_MAX;
1✔
580
        struct tm tm = {};
1✔
581
        int r;
1✔
582

583
        assert(ret);
1✔
584

585
        r = secure_getenv_uint64("SOURCE_DATE_EPOCH", &epoch);
1✔
586
        if (r != -ENXIO)
1✔
587
                log_debug_errno(r, "Failed to parse $SOURCE_DATE_EPOCH, ignoring: %m");
×
588

589
        r = localtime_or_gmtime_usec(epoch != UINT64_MAX ? epoch : now(CLOCK_REALTIME), /*utc=*/ true, &tm);
1✔
590
        if (r < 0)
1✔
591
                return log_error_errno(r, "Failed to convert timestamp to calendar time: %m");
×
592

593
        *ret = (EFI_TIME) {
1✔
594
                .Year = 1900 + tm.tm_year,
1✔
595
                /* tm_mon starts at 0, EFI_TIME months start at 1. */
596
                .Month = tm.tm_mon + 1,
1✔
597
                .Day = tm.tm_mday,
1✔
598
                .Hour = tm.tm_hour,
1✔
599
                .Minute = tm.tm_min,
1✔
600
                .Second = tm.tm_sec,
1✔
601
        };
602

603
        return 0;
1✔
604
}
605
#endif
606

607
static int install_secure_boot_auto_enroll(const char *esp, X509 *certificate, EVP_PKEY *private_key) {
1✔
608
#if HAVE_OPENSSL
609
        int r;
1✔
610

611
        _cleanup_free_ uint8_t *dercert = NULL;
1✔
612
        int dercertsz;
1✔
613
        dercertsz = i2d_X509(certificate, &dercert);
1✔
614
        if (dercertsz < 0)
1✔
615
                return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to convert X.509 certificate to DER: %s",
×
616
                                       ERR_error_string(ERR_get_error(), NULL));
617

618
        r = mkdir_one(esp, "loader/keys/auto");
1✔
619
        if (r < 0)
1✔
620
                return r;
621

622
        _cleanup_close_ int keys_fd = chase_and_open("loader/keys/auto", esp, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, O_DIRECTORY, NULL);
2✔
623
        if (keys_fd < 0)
1✔
624
                return log_error_errno(keys_fd, "Failed to chase loader/keys/auto in the ESP: %m");
×
625

626
        uint32_t siglistsz = offsetof(EFI_SIGNATURE_LIST, Signatures) + offsetof(EFI_SIGNATURE_DATA, SignatureData) + dercertsz;
1✔
627
        /* We use malloc0() to zero-initialize the SignatureOwner field of Signatures[0]. */
628
        _cleanup_free_ EFI_SIGNATURE_LIST *siglist = malloc0(siglistsz);
2✔
629
        if (!siglist)
1✔
630
                return log_oom();
×
631

632
        *siglist = (EFI_SIGNATURE_LIST) {
1✔
633
                .SignatureType = EFI_CERT_X509_GUID,
634
                .SignatureListSize = siglistsz,
635
                .SignatureSize = offsetof(EFI_SIGNATURE_DATA, SignatureData) + dercertsz,
1✔
636
        };
637

638
        memcpy(siglist->Signatures[0].SignatureData, dercert, dercertsz);
1✔
639

640
        EFI_TIME timestamp;
1✔
641
        r = efi_timestamp(&timestamp);
1✔
642
        if (r < 0)
1✔
643
                return r;
644

645
        uint32_t attrs =
1✔
646
                EFI_VARIABLE_NON_VOLATILE|
647
                EFI_VARIABLE_BOOTSERVICE_ACCESS|
648
                EFI_VARIABLE_RUNTIME_ACCESS|
649
                EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
650

651
        FOREACH_STRING(db, "PK", "KEK", "db") {
4✔
652
                _cleanup_(BIO_freep) BIO *bio = NULL;
3✔
653

654
                bio = BIO_new(BIO_s_mem());
3✔
655
                if (!bio)
3✔
656
                        return log_oom();
×
657

658
                _cleanup_free_ char16_t *db16 = utf8_to_utf16(db, SIZE_MAX);
6✔
659
                if (!db16)
3✔
660
                        return log_oom();
×
661

662
                /* Don't count the trailing NUL terminator. */
663
                if (BIO_write(bio, db16, char16_strsize(db16) - sizeof(char16_t)) < 0)
3✔
664
                        return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write variable name to bio");
×
665

666
                EFI_GUID *guid = STR_IN_SET(db, "PK", "KEK") ? &(EFI_GUID) EFI_GLOBAL_VARIABLE : &(EFI_GUID) EFI_IMAGE_SECURITY_DATABASE_GUID;
3✔
667

668
                if (BIO_write(bio, guid, sizeof(*guid)) < 0)
3✔
669
                        return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write variable GUID to bio");
×
670

671
                if (BIO_write(bio, &attrs, sizeof(attrs)) < 0)
3✔
672
                        return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write variable attributes to bio");
×
673

674
                if (BIO_write(bio, &timestamp, sizeof(timestamp)) < 0)
3✔
675
                        return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write timestamp to bio");
×
676

677
                if (BIO_write(bio, siglist, siglistsz) < 0)
3✔
678
                        return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to write signature list to bio");
×
679

680
                _cleanup_(PKCS7_freep) PKCS7 *p7 = NULL;
3✔
681
                p7 = PKCS7_sign(certificate, private_key, /*certs=*/ NULL, bio, PKCS7_DETACHED|PKCS7_NOATTR|PKCS7_BINARY|PKCS7_NOSMIMECAP);
3✔
682
                if (!p7)
3✔
683
                        return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to calculate PKCS7 signature: %s",
×
684
                                               ERR_error_string(ERR_get_error(), NULL));
685

686
                _cleanup_free_ uint8_t *sig = NULL;
×
687
                int sigsz = i2d_PKCS7(p7, &sig);
3✔
688
                if (sigsz < 0)
3✔
689
                        return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to convert PKCS7 signature to DER: %s",
×
690
                                               ERR_error_string(ERR_get_error(), NULL));
691

692
                size_t authsz = offsetof(EFI_VARIABLE_AUTHENTICATION_2, AuthInfo.CertData) + sigsz;
3✔
693
                _cleanup_free_ EFI_VARIABLE_AUTHENTICATION_2 *auth = malloc(authsz);
×
694
                if (!auth)
3✔
695
                        return log_oom();
×
696

697
                *auth = (EFI_VARIABLE_AUTHENTICATION_2) {
3✔
698
                        .TimeStamp = timestamp,
699
                        .AuthInfo = {
700
                                .Hdr = {
701
                                        .dwLength = offsetof(WIN_CERTIFICATE_UEFI_GUID, CertData) + sigsz,
3✔
702
                                        .wRevision = 0x0200,
703
                                        .wCertificateType = 0x0EF1, /* WIN_CERT_TYPE_EFI_GUID */
704
                                },
705
                                .CertType = EFI_CERT_TYPE_PKCS7_GUID,
706
                        }
707
                };
708

709
                memcpy(auth->AuthInfo.CertData, sig, sigsz);
3✔
710

711
                _cleanup_free_ char *filename = strjoin(db, ".auth");
6✔
712
                if (!filename)
3✔
713
                        return log_oom();
×
714

715
                _cleanup_close_ int fd = openat(keys_fd, filename, O_CREAT|O_EXCL|O_NOFOLLOW|O_NOCTTY|O_WRONLY|O_CLOEXEC, 0600);
6✔
716
                if (fd < 0)
3✔
717
                        return log_error_errno(fd, "Failed to open secure boot auto-enrollment file for writing: %m");
×
718

719
                r = loop_write(fd, auth, authsz);
3✔
720
                if (r < 0)
3✔
721
                        return log_error_errno(r, "Failed to write authentication descriptor to secure boot auto-enrollment file: %m");
×
722

723
                r = loop_write(fd, siglist, siglistsz);
3✔
724
                if (r < 0)
3✔
725
                        return log_error_errno(r, "Failed to write signature list to secure boot auto-enrollment file: %m");
×
726

727
                if (fsync(fd) < 0 || fsync(keys_fd) < 0)
3✔
728
                        return log_error_errno(errno, "Failed to sync secure boot auto-enrollment file: %m");
×
729

730
                log_info("Secure boot auto-enrollment file %s/loader/keys/auto/%s successfully written.", esp, filename);
3✔
731
        }
732

733
        return 0;
1✔
734
#else
735
        return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "OpenSSL is not supported, cannot set up secure boot auto-enrollment.");
736
#endif
737
}
738

739
static bool same_entry(uint16_t id, sd_id128_t uuid, const char *path) {
×
740
        _cleanup_free_ char *opath = NULL;
×
741
        sd_id128_t ouuid;
×
742
        int r;
×
743

744
        r = efi_get_boot_option(id, NULL, &ouuid, &opath, NULL);
×
745
        if (r < 0)
×
746
                return false;
747
        if (!sd_id128_equal(uuid, ouuid))
×
748
                return false;
×
749

750
        /* Some motherboards convert the path to uppercase under certain circumstances
751
         * (e.g. after booting into the Boot Menu in the ASUS ROG STRIX B350-F GAMING),
752
         * so use case-insensitive checking */
753
        if (!strcaseeq_ptr(path, opath))
×
754
                return false;
×
755

756
        return true;
757
}
758

759
static int find_slot(sd_id128_t uuid, const char *path, uint16_t *id) {
×
760
        _cleanup_free_ uint16_t *options = NULL;
×
761

762
        int n = efi_get_boot_options(&options);
×
763
        if (n < 0)
×
764
                return n;
765

766
        /* find already existing systemd-boot entry */
767
        for (int i = 0; i < n; i++)
×
768
                if (same_entry(options[i], uuid, path)) {
×
769
                        *id = options[i];
×
770
                        return 1;
×
771
                }
772

773
        /* find free slot in the sorted BootXXXX variable list */
774
        for (int i = 0; i < n; i++)
×
775
                if (i != options[i]) {
×
776
                        *id = i;
×
777
                        return 0;
×
778
                }
779

780
        /* use the next one */
781
        if (n == 0xffff)
×
782
                return -ENOSPC;
783
        *id = n;
×
784
        return 0;
×
785
}
786

787
static int insert_into_order(uint16_t slot, bool first) {
×
788
        _cleanup_free_ uint16_t *order = NULL;
×
789
        uint16_t *t;
×
790
        int n;
×
791

792
        n = efi_get_boot_order(&order);
×
793
        if (n <= 0)
×
794
                /* no entry, add us */
795
                return efi_set_boot_order(&slot, 1);
×
796

797
        /* are we the first and only one? */
798
        if (n == 1 && order[0] == slot)
×
799
                return 0;
800

801
        /* are we already in the boot order? */
802
        for (int i = 0; i < n; i++) {
×
803
                if (order[i] != slot)
×
804
                        continue;
×
805

806
                /* we do not require to be the first one, all is fine */
807
                if (!first)
×
808
                        return 0;
809

810
                /* move us to the first slot */
811
                memmove(order + 1, order, i * sizeof(uint16_t));
×
812
                order[0] = slot;
×
813
                return efi_set_boot_order(order, n);
×
814
        }
815

816
        /* extend array */
817
        t = reallocarray(order, n + 1, sizeof(uint16_t));
×
818
        if (!t)
×
819
                return -ENOMEM;
820
        order = t;
×
821

822
        /* add us to the top or end of the list */
823
        if (first) {
×
824
                memmove(order + 1, order, n * sizeof(uint16_t));
×
825
                order[0] = slot;
×
826
        } else
827
                order[n] = slot;
×
828

829
        return efi_set_boot_order(order, n + 1);
×
830
}
831

832
static int remove_from_order(uint16_t slot) {
×
833
        _cleanup_free_ uint16_t *order = NULL;
×
834
        int n;
×
835

836
        n = efi_get_boot_order(&order);
×
837
        if (n <= 0)
×
838
                return n;
839

840
        for (int i = 0; i < n; i++) {
×
841
                if (order[i] != slot)
×
842
                        continue;
×
843

844
                if (i + 1 < n)
×
845
                        memmove(order + i, order + i+1, (n - i) * sizeof(uint16_t));
×
846
                return efi_set_boot_order(order, n - 1);
×
847
        }
848

849
        return 0;
850
}
851

852
static const char *pick_efi_boot_option_description(void) {
×
853
        return arg_efi_boot_option_description ?: "Linux Boot Manager";
×
854
}
855

856
static int install_variables(
×
857
                const char *esp_path,
858
                uint32_t part,
859
                uint64_t pstart,
860
                uint64_t psize,
861
                sd_id128_t uuid,
862
                const char *path,
863
                bool first,
864
                bool graceful) {
865

866
        uint16_t slot;
×
867
        int r;
×
868

869
        r = chase_and_access(path, esp_path, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, F_OK, NULL);
×
870
        if (r == -ENOENT)
×
871
                return 0;
×
872
        if (r < 0)
×
873
                return log_error_errno(r, "Cannot access \"%s/%s\": %m", esp_path, path);
×
874

875
        r = find_slot(uuid, path, &slot);
×
876
        if (r < 0) {
×
877
                int level = graceful ? arg_quiet ? LOG_DEBUG : LOG_INFO : LOG_ERR;
×
878
                const char *skip = graceful ? ", skipping" : "";
879

880
                log_full_errno(level, r,
×
881
                               r == -ENOENT ?
882
                               "Failed to access EFI variables%s. Is the \"efivarfs\" filesystem mounted?" :
883
                               "Failed to determine current boot order%s: %m", skip);
884

885
                return graceful ? 0 : r;
×
886
        }
887

888
        if (first || r == 0) {
×
889
                r = efi_add_boot_option(slot, pick_efi_boot_option_description(),
×
890
                                        part, pstart, psize,
891
                                        uuid, path);
892
                if (r < 0) {
×
893
                        int level = graceful ? arg_quiet ? LOG_DEBUG : LOG_INFO : LOG_ERR;
×
894
                        const char *skip = graceful ? ", skipping" : "";
895

896
                        log_full_errno(level, r, "Failed to create EFI Boot variable entry%s: %m", skip);
×
897

898
                        return graceful ? 0 : r;
×
899
                }
900

901
                log_info("Created EFI boot entry \"%s\".", pick_efi_boot_option_description());
×
902
        }
903

904
        return insert_into_order(slot, first);
×
905
}
906

907
static int are_we_installed(const char *esp_path) {
132✔
908
        int r;
132✔
909

910
        /* Tests whether systemd-boot is installed. It's not obvious what to use as check here: we could
911
         * check EFI variables, we could check what binary /EFI/BOOT/BOOT*.EFI points to, or whether the
912
         * loader entries directory exists. Here we opted to check whether /EFI/systemd/ is non-empty, which
913
         * should be a suitable and very minimal check for a number of reasons:
914
         *
915
         *  → The check is architecture independent (i.e. we check if any systemd-boot loader is installed,
916
         *    not a specific one.)
917
         *
918
         *  → It doesn't assume we are the only boot loader (i.e doesn't check if we own the main
919
         *    /EFI/BOOT/BOOT*.EFI fallback binary.
920
         *
921
         *  → It specifically checks for systemd-boot, not for other boot loaders (which a check for
922
         *    /boot/loader/entries would do). */
923

924
        _cleanup_free_ char *p = path_join(esp_path, "/EFI/systemd/");
264✔
925
        if (!p)
132✔
926
                return log_oom();
×
927

928
        log_debug("Checking whether %s contains any files%s", p, glyph(GLYPH_ELLIPSIS));
246✔
929
        r = dir_is_empty(p, /* ignore_hidden_or_backup= */ false);
132✔
930
        if (r < 0 && r != -ENOENT)
132✔
931
                return log_error_errno(r, "Failed to check whether %s contains any files: %m", p);
×
932

933
        return r == 0;
132✔
934
}
935

936
int verb_install(int argc, char *argv[], void *userdata) {
133✔
937
        _cleanup_(X509_freep) X509 *certificate = NULL;
133✔
938
        _cleanup_(openssl_ask_password_ui_freep) OpenSSLAskPasswordUI *ui = NULL;
133✔
939
        _cleanup_(EVP_PKEY_freep) EVP_PKEY *private_key = NULL;
133✔
940
        sd_id128_t uuid = SD_ID128_NULL;
133✔
941
        uint64_t pstart = 0, psize = 0;
133✔
942
        uint32_t part = 0;
133✔
943
        bool install, graceful;
133✔
944
        int r;
133✔
945

946
        /* Invoked for both "update" and "install" */
947

948
        install = streq(argv[0], "install");
133✔
949
        graceful = !install && arg_graceful; /* support graceful mode for updates */
133✔
950

951
        if (arg_secure_boot_auto_enroll) {
133✔
952
                if (arg_certificate_source_type == OPENSSL_CERTIFICATE_SOURCE_FILE) {
1✔
953
                        r = parse_path_argument(arg_certificate, /*suppress_root=*/ false, &arg_certificate);
1✔
954
                        if (r < 0)
1✔
955
                                return r;
×
956
                }
957

958
                r = openssl_load_x509_certificate(
1✔
959
                                arg_certificate_source_type,
960
                                arg_certificate_source,
961
                                arg_certificate,
962
                                &certificate);
963
                if (r < 0)
1✔
964
                        return log_error_errno(r, "Failed to load X.509 certificate from %s: %m", arg_certificate);
×
965

966
                if (arg_private_key_source_type == OPENSSL_KEY_SOURCE_FILE) {
1✔
967
                        r = parse_path_argument(arg_private_key, /* suppress_root= */ false, &arg_private_key);
1✔
968
                        if (r < 0)
1✔
969
                                return log_error_errno(r, "Failed to parse private key path %s: %m", arg_private_key);
×
970
                }
971

972
                r = openssl_load_private_key(
2✔
973
                                arg_private_key_source_type,
974
                                arg_private_key_source,
975
                                arg_private_key,
976
                                &(AskPasswordRequest) {
1✔
977
                                        .tty_fd = -EBADF,
978
                                        .id = "bootctl-private-key-pin",
979
                                        .keyring = arg_private_key,
980
                                        .credential = "bootctl.private-key-pin",
981
                                        .until = USEC_INFINITY,
982
                                        .hup_fd = -EBADF,
983
                                },
984
                                &private_key,
985
                                &ui);
986
                if (r < 0)
1✔
987
                        return log_error_errno(r, "Failed to load private key from %s: %m", arg_private_key);
×
988
        }
989

990
        r = acquire_esp(/* unprivileged_mode= */ false, graceful, &part, &pstart, &psize, &uuid, NULL);
133✔
991
        if (graceful && r == -ENOKEY)
133✔
992
                return 0; /* If --graceful is specified and we can't find an ESP, handle this cleanly */
993
        if (r < 0)
133✔
994
                return r;
995

996
        if (!install) {
133✔
997
                /* If we are updating, don't do anything if sd-boot wasn't actually installed. */
998
                r = are_we_installed(arg_esp_path);
120✔
999
                if (r < 0)
120✔
1000
                        return r;
1001
                if (r == 0) {
120✔
1002
                        log_debug("Skipping update because sd-boot is not installed in the ESP.");
×
1003
                        return 0;
×
1004
                }
1005
        }
1006

1007
        r = acquire_xbootldr(/* unprivileged_mode= */ false, NULL, NULL);
133✔
1008
        if (r < 0)
133✔
1009
                return r;
1010

1011
        r = settle_make_entry_directory();
133✔
1012
        if (r < 0)
133✔
1013
                return r;
1014

1015
        const char *arch = arg_arch_all ? "" : get_efi_arch();
133✔
1016

1017
        WITH_UMASK(0002) {
266✔
1018
                if (install) {
133✔
1019
                        /* Don't create any of these directories when we are just updating. When we update
1020
                         * we'll drop-in our files (unless there are newer ones already), but we won't create
1021
                         * the directories for them in the first place. */
1022
                        r = create_subdirs(arg_esp_path, esp_subdirs);
13✔
1023
                        if (r < 0)
13✔
1024
                                return r;
1025

1026
                        r = create_subdirs(arg_dollar_boot_path(), dollar_boot_subdirs);
18✔
1027
                        if (r < 0)
13✔
1028
                                return r;
1029
                }
1030

1031
                r = install_binaries(arg_esp_path, arch, install);
133✔
1032
                if (r < 0)
133✔
1033
                        return r;
1034

1035
                if (install) {
130✔
1036
                        r = install_loader_config(arg_esp_path);
13✔
1037
                        if (r < 0)
13✔
1038
                                return r;
1039

1040
                        r = install_entry_directory(arg_dollar_boot_path());
18✔
1041
                        if (r < 0)
13✔
1042
                                return r;
1043

1044
                        r = install_entry_token();
13✔
1045
                        if (r < 0)
13✔
1046
                                return r;
1047

1048
                        if (arg_install_random_seed) {
13✔
1049
                                r = install_random_seed(arg_esp_path);
13✔
1050
                                if (r < 0)
13✔
1051
                                        return r;
1052
                        }
1053

1054
                        if (arg_secure_boot_auto_enroll) {
13✔
1055
                                r = install_secure_boot_auto_enroll(arg_esp_path, certificate, private_key);
1✔
1056
                                if (r < 0)
1✔
1057
                                        return r;
1058
                        }
1059
                }
1060

1061
                r = install_loader_specification(arg_dollar_boot_path());
196✔
1062
                if (r < 0)
130✔
1063
                        return r;
1064
        }
1065

1066
        (void) sync_everything();
130✔
1067

1068
        if (!touch_variables())
130✔
1069
                return 0;
1070

1071
        if (arg_arch_all) {
×
1072
                log_info("Not changing EFI variables with --all-architectures.");
×
1073
                return 0;
×
1074
        }
1075

1076
        char *path = strjoina("/EFI/systemd/systemd-boot", arch, ".efi");
×
1077
        return install_variables(arg_esp_path, part, pstart, psize, uuid, path, install, graceful);
×
1078
}
1079

1080
static int remove_boot_efi(const char *esp_path) {
13✔
1081
        _cleanup_closedir_ DIR *d = NULL;
13✔
1082
        _cleanup_free_ char *p = NULL;
13✔
1083
        int r, c = 0;
13✔
1084

1085
        r = chase_and_opendir("/EFI/BOOT", esp_path, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, &p, &d);
13✔
1086
        if (r == -ENOENT)
13✔
1087
                return 0;
1088
        if (r < 0)
13✔
1089
                return log_error_errno(r, "Failed to open directory \"%s/EFI/BOOT\": %m", esp_path);
×
1090

1091
        FOREACH_DIRENT(de, d, break) {
59✔
1092
                _cleanup_close_ int fd = -EBADF;
20✔
1093
                _cleanup_free_ char *v = NULL;
20✔
1094

1095
                if (!endswith_no_case(de->d_name, ".efi"))
20✔
1096
                        continue;
×
1097

1098
                fd = openat(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC);
20✔
1099
                if (fd < 0)
20✔
1100
                        return log_error_errno(errno, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
×
1101

1102
                r = get_file_version(fd, &v);
20✔
1103
                if (r == -ESRCH)
20✔
1104
                        continue;  /* No version information */
×
1105
                if (r < 0)
20✔
1106
                        return r;
1107
                if (startswith(v, "systemd-boot ")) {
20✔
1108
                        r = unlinkat(dirfd(d), de->d_name, 0);
20✔
1109
                        if (r < 0)
20✔
1110
                                return log_error_errno(errno, "Failed to remove \"%s/%s\": %m", p, de->d_name);
×
1111

1112
                        log_info("Removed \"%s/%s\".", p, de->d_name);
20✔
1113
                }
1114

1115
                c++;
20✔
1116
        }
1117

1118
        return c;
1119
}
1120

1121
static int rmdir_one(const char *prefix, const char *suffix) {
172✔
1122
        _cleanup_free_ char *p = path_join(prefix, suffix);
344✔
1123
        if (!p)
172✔
1124
                return log_oom();
×
1125

1126
        if (rmdir(p) < 0) {
172✔
1127
                bool ignore = IN_SET(errno, ENOENT, ENOTEMPTY);
81✔
1128

1129
                log_full_errno(ignore ? LOG_DEBUG : LOG_ERR, errno,
81✔
1130
                               "Failed to remove directory \"%s\": %m", p);
1131
                if (!ignore)
81✔
1132
                        return -errno;
×
1133
        } else
1134
                log_info("Removed \"%s\".", p);
91✔
1135

1136
        return 0;
1137
}
1138

1139
static int remove_subdirs(const char *root, const char *const *subdirs) {
183✔
1140
        int r, q;
183✔
1141

1142
        /* We use recursion here to destroy the directories in reverse order. Which should be safe given how
1143
         * short the array is. */
1144

1145
        if (!subdirs[0]) /* A the end of the list */
183✔
1146
                return 0;
1147

1148
        r = remove_subdirs(root, subdirs + 1);
149✔
1149
        q = rmdir_one(root, subdirs[0]);
149✔
1150

1151
        return r < 0 ? r : q;
149✔
1152
}
1153

1154
static int remove_entry_directory(const char *root) {
21✔
1155
        assert(root);
21✔
1156
        assert(arg_make_entry_directory >= 0);
21✔
1157

1158
        if (!arg_make_entry_directory || !arg_entry_token)
21✔
1159
                return 0;
1160

1161
        return rmdir_one(root, arg_entry_token);
10✔
1162
}
1163

1164
static int remove_binaries(const char *esp_path) {
13✔
1165
        int r, q;
13✔
1166

1167
        _cleanup_free_ char *p = path_join(esp_path, "/EFI/systemd");
26✔
1168
        if (!p)
13✔
1169
                return log_oom();
×
1170

1171
        r = rm_rf(p, REMOVE_ROOT|REMOVE_PHYSICAL);
13✔
1172

1173
        q = remove_boot_efi(esp_path);
13✔
1174
        if (q < 0 && r == 0)
13✔
1175
                r = q;
×
1176

1177
        return r;
1178
}
1179

1180
static int remove_file(const char *root, const char *file) {
86✔
1181
        assert(root);
86✔
1182
        assert(file);
86✔
1183

1184
        _cleanup_free_ char *p = path_join(root, file);
172✔
1185
        if (!p)
86✔
1186
                return log_oom();
×
1187

1188
        if (unlink(p) < 0) {
86✔
1189
                log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_ERR, errno,
44✔
1190
                               "Failed to unlink file \"%s\": %m", p);
1191

1192
                return errno == ENOENT ? 0 : -errno;
44✔
1193
        }
1194

1195
        log_info("Removed \"%s\".", p);
42✔
1196
        return 1;
1197
}
1198

1199
static int remove_variables(sd_id128_t uuid, const char *path, bool in_order) {
×
1200
        uint16_t slot;
×
1201
        int r;
×
1202

1203
        r = find_slot(uuid, path, &slot);
×
1204
        if (r != 1)
×
1205
                return 0;
×
1206

1207
        r = efi_remove_boot_option(slot);
×
1208
        if (r < 0)
×
1209
                return r;
1210

1211
        if (in_order)
×
1212
                return remove_from_order(slot);
×
1213

1214
        return 0;
1215
}
1216

1217
static int remove_loader_variables(void) {
×
1218
        int r = 0;
×
1219

1220
        /* Remove all persistent loader variables we define */
1221

1222
        FOREACH_STRING(var,
×
1223
                       EFI_LOADER_VARIABLE_STR("LoaderConfigConsoleMode"),
1224
                       EFI_LOADER_VARIABLE_STR("LoaderConfigTimeout"),
1225
                       EFI_LOADER_VARIABLE_STR("LoaderConfigTimeoutOneShot"),
1226
                       EFI_LOADER_VARIABLE_STR("LoaderEntryDefault"),
1227
                       EFI_LOADER_VARIABLE_STR("LoaderEntrySysFail"),
1228
                       EFI_LOADER_VARIABLE_STR("LoaderEntryLastBooted"),
1229
                       EFI_LOADER_VARIABLE_STR("LoaderEntryOneShot"),
1230
                       EFI_LOADER_VARIABLE_STR("LoaderSystemToken")) {
1231

1232
                int q;
×
1233

1234
                q = efi_set_variable(var, NULL, 0);
×
1235
                if (q == -ENOENT)
×
1236
                        continue;
×
1237
                if (q < 0) {
×
1238
                        log_warning_errno(q, "Failed to remove EFI variable %s: %m", var);
×
1239
                        if (r >= 0)
×
1240
                                r = q;
×
1241
                } else
1242
                        log_info("Removed EFI variable %s.", var);
×
1243
        }
1244

1245
        return r;
×
1246
}
1247

1248
int verb_remove(int argc, char *argv[], void *userdata) {
13✔
1249
        sd_id128_t uuid = SD_ID128_NULL;
13✔
1250
        int r, q;
13✔
1251

1252
        r = acquire_esp(/* unprivileged_mode= */ false, /* graceful= */ false, NULL, NULL, NULL, &uuid, NULL);
13✔
1253
        if (r < 0)
13✔
1254
                return r;
13✔
1255

1256
        r = acquire_xbootldr(/* unprivileged_mode= */ false, NULL, NULL);
13✔
1257
        if (r < 0)
13✔
1258
                return r;
1259

1260
        r = settle_make_entry_directory();
13✔
1261
        if (r < 0)
13✔
1262
                return r;
1263

1264
        r = remove_binaries(arg_esp_path);
13✔
1265

1266
        q = remove_file(arg_esp_path, "/loader/loader.conf");
13✔
1267
        if (q < 0 && r >= 0)
13✔
1268
                r = q;
×
1269

1270
        q = remove_file(arg_esp_path, "/loader/random-seed");
13✔
1271
        if (q < 0 && r >= 0)
13✔
1272
                r = q;
×
1273

1274
        q = remove_file(arg_esp_path, "/loader/entries.srel");
13✔
1275
        if (q < 0 && r >= 0)
13✔
1276
                r = q;
×
1277

1278
        FOREACH_STRING(db, "PK.auth", "KEK.auth", "db.auth") {
52✔
1279
                _cleanup_free_ char *p = path_join("/loader/keys/auto", db);
78✔
1280
                if (!p)
39✔
1281
                        return log_oom();
×
1282

1283
                q = remove_file(arg_esp_path, p);
39✔
1284
                if (q < 0 && r >= 0)
39✔
1285
                        r = q;
×
1286
        }
1287

1288
        q = rmdir_one(arg_esp_path, "/loader/keys/auto");
13✔
1289
        if (q < 0 && r >= 0)
13✔
1290
                r = q;
×
1291

1292
        q = remove_subdirs(arg_esp_path, esp_subdirs);
13✔
1293
        if (q < 0 && r >= 0)
13✔
1294
                r = q;
×
1295

1296
        q = remove_subdirs(arg_esp_path, dollar_boot_subdirs);
13✔
1297
        if (q < 0 && r >= 0)
13✔
1298
                r = q;
×
1299

1300
        q = remove_entry_directory(arg_esp_path);
13✔
1301
        if (q < 0 && r >= 0)
13✔
1302
                r = q;
×
1303

1304
        if (arg_xbootldr_path) {
13✔
1305
                /* Remove a subset of these also from the XBOOTLDR partition if it exists */
1306

1307
                q = remove_file(arg_xbootldr_path, "/loader/entries.srel");
8✔
1308
                if (q < 0 && r >= 0)
8✔
1309
                        r = q;
×
1310

1311
                q = remove_subdirs(arg_xbootldr_path, dollar_boot_subdirs);
8✔
1312
                if (q < 0 && r >= 0)
8✔
1313
                        r = q;
×
1314

1315
                q = remove_entry_directory(arg_xbootldr_path);
8✔
1316
                if (q < 0 && r >= 0)
8✔
1317
                        r = q;
×
1318
        }
1319

1320
        (void) sync_everything();
13✔
1321

1322
        if (!touch_variables())
13✔
1323
                return r;
1324

1325
        if (arg_arch_all) {
×
1326
                log_info("Not changing EFI variables with --all-architectures.");
×
1327
                return r;
×
1328
        }
1329

1330
        char *path = strjoina("/EFI/systemd/systemd-boot", get_efi_arch(), ".efi");
×
1331
        q = remove_variables(uuid, path, true);
×
1332
        if (q < 0 && r >= 0)
×
1333
                r = q;
×
1334

1335
        q = remove_loader_variables();
×
1336
        if (q < 0 && r >= 0)
×
1337
                r = q;
×
1338

1339
        return r;
1340
}
1341

1342
int verb_is_installed(int argc, char *argv[], void *userdata) {
12✔
1343
        int r;
12✔
1344

1345
        r = acquire_esp(/* unprivileged_mode= */ false,
12✔
1346
                        /* graceful= */ arg_graceful,
1347
                        NULL, NULL, NULL, NULL, NULL);
1348
        if (r < 0)
12✔
1349
                return r;
1350

1351
        r = are_we_installed(arg_esp_path);
12✔
1352
        if (r < 0)
12✔
1353
                return r;
1354

1355
        if (r > 0) {
12✔
1356
                if (!arg_quiet)
6✔
1357
                        puts("yes");
6✔
1358
                return EXIT_SUCCESS;
6✔
1359
        } else {
1360
                if (!arg_quiet)
6✔
1361
                        puts("no");
6✔
1362
                return EXIT_FAILURE;
6✔
1363
        }
1364
}
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc