diff options
29 files changed, 86 insertions, 471 deletions
diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh index c90044c9a8..2c7177b27b 100755 --- a/.github/workflows/build_test.sh +++ b/.github/workflows/build_test.sh @@ -9,7 +9,7 @@ success() { echo >&2 -e "\033[32;1m$1\033[0m"; } ARGS=( "--optimization=0" - "--optimization=s -Dgnu-efi=true -Defi-cflags=-m32 -Defi-libdir=/usr/lib32" + "--optimization=s -Dbootloader=true -Defi-cflags=-m32" "--optimization=3 -Db_lto=true -Ddns-over-tls=false" "--optimization=3 -Db_lto=false" "--optimization=3 -Ddns-over-tls=openssl" @@ -216,7 +216,6 @@ REQUIREMENTS: awk, sed, grep, and similar tools clang >= 10.0, llvm >= 10.0 (optional, required to build BPF programs from source code in C) - gnu-efi >= 3.0.5 (optional, required for systemd-boot) During runtime, you need the following additional dependencies: diff --git a/man/bootctl.xml b/man/bootctl.xml index 84d6b7756f..a6f1fc1c4c 100644 --- a/man/bootctl.xml +++ b/man/bootctl.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="bootctl" conditional='HAVE_GNU_EFI' +<refentry id="bootctl" conditional='ENABLE_BOOTLOADER' xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> <title>bootctl</title> diff --git a/man/loader.conf.xml b/man/loader.conf.xml index b002227032..a0fc278c2a 100644 --- a/man/loader.conf.xml +++ b/man/loader.conf.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="loader.conf" conditional='HAVE_GNU_EFI' +<refentry id="loader.conf" conditional='ENABLE_BOOTLOADER' xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> <title>loader.conf</title> diff --git a/man/rules/meson.build b/man/rules/meson.build index 4c92da359c..39cc55a929 100644 --- a/man/rules/meson.build +++ b/man/rules/meson.build @@ -5,7 +5,7 @@ # ninja -C build update-man-rules manpages = [ ['binfmt.d', '5', [], 'ENABLE_BINFMT'], - ['bootctl', '1', [], 'HAVE_GNU_EFI'], + ['bootctl', '1', [], 'ENABLE_BOOTLOADER'], ['bootup', '7', [], ''], ['busctl', '1', [], ''], ['coredump.conf', '5', ['coredump.conf.d'], 'ENABLE_COREDUMP'], @@ -31,7 +31,7 @@ manpages = [ ['kernel-command-line', '7', [], ''], ['kernel-install', '8', [], 'ENABLE_KERNEL_INSTALL'], ['libudev', '3', [], ''], - ['loader.conf', '5', [], 'HAVE_GNU_EFI'], + ['loader.conf', '5', [], 'ENABLE_BOOTLOADER'], ['locale.conf', '5', [], ''], ['localectl', '1', [], 'ENABLE_LOCALED'], ['localtime', '5', [], ''], @@ -877,14 +877,17 @@ manpages = [ ['systemd-ask-password', '1', [], ''], ['systemd-backlight@.service', '8', ['systemd-backlight'], 'ENABLE_BACKLIGHT'], ['systemd-binfmt.service', '8', ['systemd-binfmt'], 'ENABLE_BINFMT'], - ['systemd-bless-boot-generator', '8', [], 'HAVE_GNU_EFI'], - ['systemd-bless-boot.service', '8', ['systemd-bless-boot'], 'HAVE_GNU_EFI'], + ['systemd-bless-boot-generator', '8', [], 'ENABLE_BOOTLOADER'], + ['systemd-bless-boot.service', + '8', + ['systemd-bless-boot'], + 'ENABLE_BOOTLOADER'], ['systemd-boot-check-no-failures.service', '8', ['systemd-boot-check-no-failures'], ''], - ['systemd-boot-random-seed.service', '8', [], 'HAVE_GNU_EFI'], - ['systemd-boot', '7', ['sd-boot'], 'HAVE_GNU_EFI'], + ['systemd-boot-random-seed.service', '8', [], 'ENABLE_BOOTLOADER'], + ['systemd-boot', '7', ['sd-boot'], 'ENABLE_BOOTLOADER'], ['systemd-cat', '1', [], ''], ['systemd-cgls', '1', [], ''], ['systemd-cgtop', '1', [], ''], @@ -971,7 +974,7 @@ manpages = [ 'systemd-makefs', 'systemd-mkswap@.service'], ''], - ['systemd-measure', '1', [], 'HAVE_GNU_EFI'], + ['systemd-measure', '1', [], 'ENABLE_BOOTLOADER'], ['systemd-modules-load.service', '8', ['systemd-modules-load'], 'HAVE_KMOD'], ['systemd-mount', '1', ['systemd-umount'], ''], ['systemd-network-generator.service', '8', ['systemd-network-generator'], ''], @@ -992,7 +995,7 @@ manpages = [ 'systemd-pcrphase', 'systemd-pcrphase-initrd.service', 'systemd-pcrphase-sysinit.service'], - 'HAVE_GNU_EFI'], + 'ENABLE_BOOTLOADER'], ['systemd-portabled.service', '8', ['systemd-portabled'], 'ENABLE_PORTABLED'], ['systemd-poweroff.service', '8', @@ -1027,7 +1030,7 @@ manpages = [ ['systemd-stub', '7', ['linuxaa64.efi.stub', 'linuxia32.efi.stub', 'linuxx64.efi.stub', 'sd-stub'], - 'HAVE_GNU_EFI'], + 'ENABLE_BOOTLOADER'], ['systemd-suspend.service', '8', ['systemd-hibernate.service', diff --git a/man/systemd-bless-boot-generator.xml b/man/systemd-bless-boot-generator.xml index 992e0e90cc..173d5ae98f 100644 --- a/man/systemd-bless-boot-generator.xml +++ b/man/systemd-bless-boot-generator.xml @@ -3,7 +3,7 @@ <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="systemd-bless-boot-generator" conditional='HAVE_GNU_EFI'> +<refentry id="systemd-bless-boot-generator" conditional='ENABLE_BOOTLOADER'> <refentryinfo> <title>systemd-bless-boot-generator</title> diff --git a/man/systemd-bless-boot.service.xml b/man/systemd-bless-boot.service.xml index 484f072352..dcbad20495 100644 --- a/man/systemd-bless-boot.service.xml +++ b/man/systemd-bless-boot.service.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="systemd-bless-boot.service" conditional='HAVE_GNU_EFI' +<refentry id="systemd-bless-boot.service" conditional='ENABLE_BOOTLOADER' xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> diff --git a/man/systemd-boot-random-seed.service.xml b/man/systemd-boot-random-seed.service.xml index 49f33668aa..ad3477a97a 100644 --- a/man/systemd-boot-random-seed.service.xml +++ b/man/systemd-boot-random-seed.service.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="systemd-boot-random-seed.service" conditional='HAVE_GNU_EFI' +<refentry id="systemd-boot-random-seed.service" conditional='ENABLE_BOOTLOADER' xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> diff --git a/man/systemd-boot.xml b/man/systemd-boot.xml index 64ded052e1..a64281b919 100644 --- a/man/systemd-boot.xml +++ b/man/systemd-boot.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="systemd-boot" conditional='HAVE_GNU_EFI' +<refentry id="systemd-boot" conditional='ENABLE_BOOTLOADER' xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> <title>systemd-boot</title> diff --git a/man/systemd-measure.xml b/man/systemd-measure.xml index 05966f264f..24134a6d31 100644 --- a/man/systemd-measure.xml +++ b/man/systemd-measure.xml @@ -3,7 +3,7 @@ <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="systemd-measure" xmlns:xi="http://www.w3.org/2001/XInclude" conditional='HAVE_GNU_EFI'> +<refentry id="systemd-measure" xmlns:xi="http://www.w3.org/2001/XInclude" conditional='ENABLE_BOOTLOADER'> <refentryinfo> <title>systemd-measure</title> diff --git a/man/systemd-pcrphase.service.xml b/man/systemd-pcrphase.service.xml index 643dbe60ce..24c7560468 100644 --- a/man/systemd-pcrphase.service.xml +++ b/man/systemd-pcrphase.service.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="systemd-pcrphase.service" conditional='HAVE_GNU_EFI' +<refentry id="systemd-pcrphase.service" conditional='ENABLE_BOOTLOADER' xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> diff --git a/man/systemd-stub.xml b/man/systemd-stub.xml index 7934f344f8..21b79cd35f 100644 --- a/man/systemd-stub.xml +++ b/man/systemd-stub.xml @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> -<refentry id="systemd-stub" conditional='HAVE_GNU_EFI' +<refentry id="systemd-stub" conditional='ENABLE_BOOTLOADER' xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> <title>systemd-stub</title> diff --git a/meson.build b/meson.build index 8b298ca335..8c4e50de73 100644 --- a/meson.build +++ b/meson.build @@ -1869,6 +1869,7 @@ conf.set10('ENABLE_REMOTE', have) foreach term : ['analyze', 'backlight', 'binfmt', + 'compat-mutable-uid-boundaries', 'coredump', 'efi', 'environment-d', @@ -1880,23 +1881,22 @@ foreach term : ['analyze', 'idn', 'ima', 'initrd', - 'compat-mutable-uid-boundaries', - 'nscd', 'ldconfig', 'localed', 'logind', 'machined', 'networkd', + 'nscd', 'nss-myhostname', 'nss-systemd', 'portabled', - 'sysext', 'pstore', 'quotacheck', 'randomseed', 'resolve', 'rfkill', 'smack', + 'sysext', 'sysusers', 'timedated', 'timesyncd', @@ -1953,20 +1953,36 @@ catalogs = [] ############################################################ -# Include these now as they provide gnu-efi detection. -subdir('src/fundamental') -subdir('src/boot/efi') - -############################################################ - pymod = import('python') python = pymod.find_installation('python3', required : true, modules : ['jinja2']) python_39 = python.language_version().version_compare('>=3.9') +##################################################################### + +efi_arch = { + 'aarch64' : 'aa64', + 'arm' : 'arm', + 'riscv64' : 'riscv64', + 'x86_64' : 'x64', + 'x86' : 'ia32', +}.get(host_machine.cpu_family(), '') + +if get_option('bootloader') != 'false' and efi_arch != '' + conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch) +elif get_option('bootloader') == 'true' and efi_arch == '' + error('EFI not supported for this arch.') +endif +conf.set10( + 'ENABLE_BOOTLOADER', + get_option('efi') and + get_option('bootloader') in ['auto', 'true'] and + efi_arch != '', +) + if get_option('ukify') == 'auto' - want_ukify = python_39 and conf.get('HAVE_GNU_EFI') == 1 -elif get_option('ukify') == 'true' and (not python_39 or conf.get('HAVE_GNU_EFI') != 1) - error('ukify requires Python >= 3.9 and GNU EFI') + want_ukify = python_39 and conf.get('ENABLE_BOOTLOADER') == 1 +elif get_option('ukify') == 'true' and (not python_39 or conf.get('ENABLE_BOOTLOADER') != 1) + error('ukify requires Python >= 3.9 and -Dbootloader=true') else want_ukify = get_option('ukify') == 'true' endif @@ -2038,6 +2054,7 @@ includes = [libsystemd_includes, include_directories('src/shared')] subdir('po') subdir('catalog') +subdir('src/fundamental') subdir('src/basic') subdir('src/libsystemd') subdir('src/shared') @@ -2202,6 +2219,7 @@ subdir('src/libsystemd-network') subdir('src/analyze') subdir('src/boot') +subdir('src/boot/efi') subdir('src/busctl') subdir('src/coredump') subdir('src/cryptenroll') @@ -2655,7 +2673,7 @@ if conf.get('HAVE_PAM') == 1 install_dir : rootlibexecdir) endif -if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 +if conf.get('HAVE_BLKID') == 1 and conf.get('ENABLE_BOOTLOADER') == 1 if get_option('link-boot-shared') boot_link_with = [libshared] else @@ -4730,11 +4748,11 @@ foreach tuple : [ # components ['backlight'], ['binfmt'], + ['bootloader'], ['bpf-framework', conf.get('BPF_FRAMEWORK') == 1], ['coredump'], - ['environment.d'], ['efi'], - ['gnu-efi'], + ['environment.d'], ['firstboot'], ['hibernate'], ['homed'], diff --git a/meson_options.txt b/meson_options.txt index 95b1162249..d3af35e7ef 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -93,7 +93,7 @@ option('ldconfig', type : 'boolean', option('resolve', type : 'boolean', description : 'systemd-resolved stack') option('efi', type : 'boolean', - description : 'enable systemd-boot and bootctl') + description : 'enable EFI support') option('tpm', type : 'boolean', description : 'TPM should be used to log events and extend the registers') option('environment-d', type : 'boolean', @@ -436,18 +436,8 @@ option('glib', type : 'combo', choices : ['auto', 'true', 'false'], option('dbus', type : 'combo', choices : ['auto', 'true', 'false'], description : 'libdbus support (for tests only)') -option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'], - description : 'gnu-efi support for sd-boot') -option('efi-cflags', type : 'array', - description : 'additional flags for EFI compiler') -# Note that LLD does not support PE/COFF relocations -# https://lists.llvm.org/pipermail/llvm-dev/2021-March/149234.html -option('efi-ld', type : 'combo', choices : ['auto', 'bfd', 'gold'], - description : 'the linker to use for EFI modules') -option('efi-libdir', type : 'string', - description : 'path to the EFI lib directory') -option('efi-includedir', type : 'string', value : '/usr/include/efi', - description : 'path to the EFI header directory') +option('bootloader', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'sd-boot/stub and userspace tools') option('sbat-distro', type : 'string', value : 'auto', description : 'SBAT distribution ID, e.g. fedora, or auto for autodetection') option('sbat-distro-generation', type : 'integer', value : 1, diff --git a/mkosi.build b/mkosi.build index 7968051289..33b864e211 100755 --- a/mkosi.build +++ b/mkosi.build @@ -139,7 +139,7 @@ if [ ! -f "$BUILDDIR"/build.ninja ] ; then -D pcre2=true \ -D glib=true \ -D dbus=true \ - -D gnu-efi=true \ + -D bootloader=true \ -D kernel-install=true \ -D analyze=true \ -D bpf-framework=true \ diff --git a/mkosi.conf.d/10-systemd.conf b/mkosi.conf.d/10-systemd.conf index 0eeee89052..2ae33d0f59 100644 --- a/mkosi.conf.d/10-systemd.conf +++ b/mkosi.conf.d/10-systemd.conf @@ -53,7 +53,6 @@ BuildPackages= gcc gettext git - gnu-efi gperf lld llvm diff --git a/mkosi.conf.d/centos/10-centos.conf b/mkosi.conf.d/centos/10-centos.conf index 15075f7260..e19efc7d4a 100644 --- a/mkosi.conf.d/centos/10-centos.conf +++ b/mkosi.conf.d/centos/10-centos.conf @@ -59,7 +59,6 @@ BuildPackages= glibc-devel.i686 glibc-static glibc-static.i686 - gnu-efi-devel libgcrypt-devel # CentOS Stream 8 libgcrypt-devel doesn't ship a pkg-config file. libxslt pam-devel diff --git a/mkosi.conf.d/fedora/10-fedora.conf b/mkosi.conf.d/fedora/10-fedora.conf index 2cd9bc1d44..f300572121 100644 --- a/mkosi.conf.d/fedora/10-fedora.conf +++ b/mkosi.conf.d/fedora/10-fedora.conf @@ -50,7 +50,6 @@ BuildPackages= docbook-xsl dwarves glibc-static - gnu-efi-devel libcap-static pam-devel pkgconfig # pkgconf shim to provide /usr/bin/pkg-config diff --git a/shell-completion/bash/meson.build b/shell-completion/bash/meson.build index 0446be7302..5fe7611b71 100644 --- a/shell-completion/bash/meson.build +++ b/shell-completion/bash/meson.build @@ -31,7 +31,7 @@ items = [['busctl', ''], ['systemd-path', ''], ['systemd-run', ''], ['udevadm', ''], - ['bootctl', 'HAVE_GNU_EFI'], + ['bootctl', 'ENABLE_BOOTLOADER'], ['coredumpctl', 'ENABLE_COREDUMP'], ['homectl', 'ENABLE_HOMED'], ['hostnamectl', 'ENABLE_HOSTNAMED'], diff --git a/shell-completion/zsh/meson.build b/shell-completion/zsh/meson.build index b39f933ea4..6703204ec2 100644 --- a/shell-completion/zsh/meson.build +++ b/shell-completion/zsh/meson.build @@ -27,7 +27,7 @@ items = [['_busctl', ''], ['_sd_outputmodes', ''], ['_sd_unit_files', ''], ['_sd_machines', ''], - ['_bootctl', 'HAVE_GNU_EFI'], + ['_bootctl', 'ENABLE_BOOTLOADER'], ['_coredumpctl', 'ENABLE_COREDUMP'], ['_hostnamectl', 'ENABLE_HOSTNAMED'], ['_localectl', 'ENABLE_LOCALED'], diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c index ee507e379a..ff249c8a2e 100644 --- a/src/boot/efi/boot.c +++ b/src/boot/efi/boot.c @@ -23,13 +23,6 @@ #include "util.h" #include "vmm.h" -#ifndef GNU_EFI_USE_MS_ABI - /* We do not use uefi_call_wrapper() in systemd-boot. As such, we rely on the - * compiler to do the calling convention conversion for us. This is check is - * to make sure the -DGNU_EFI_USE_MS_ABI was passed to the compiler. */ - #error systemd-boot requires compilation with GNU_EFI_USE_MS_ABI defined. -#endif - /* Magic string for recognizing our own binaries */ _used_ _section_(".sdmagic") static const char magic[] = "#### LoaderInfo: systemd-boot " GIT_VERSION " ####"; @@ -2735,8 +2728,3 @@ out: } DEFINE_EFI_MAIN_FUNCTION(run, "systemd-boot", /*wait_for_debugger=*/false); - -/* Fedora has a heavily patched gnu-efi that supports elf constructors. It calls into _entry instead. */ -EFI_STATUS _entry(EFI_HANDLE image, EFI_SYSTEM_TABLE *system_table) { - return efi_main(image, system_table); -} diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build index ea55f1c9fa..6677dc65d8 100644 --- a/src/boot/efi/meson.build +++ b/src/boot/efi/meson.build @@ -1,129 +1,12 @@ # SPDX-License-Identifier: LGPL-2.1-or-later -conf.set10('ENABLE_EFI', get_option('efi')) -conf.set10('HAVE_GNU_EFI', false) - efi_config_h_dir = meson.current_build_dir() -if not get_option('efi') or get_option('gnu-efi') == 'false' - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but general efi support is disabled') - endif - subdir_done() -endif - -efi_arch = host_machine.cpu_family() -if efi_arch == 'x86' and '-m64' in get_option('efi-cflags') - efi_arch = 'x86_64' -elif efi_arch == 'x86_64' and '-m32' in get_option('efi-cflags') - efi_arch = 'x86' -endif -efi_arch = { - # host_cc_arch: [efi_arch (see Table 3-2 in UEFI spec), obsolete gnu_efi_inc_arch] - 'x86': ['ia32', 'ia32'], - 'x86_64': ['x64', 'x86_64'], - 'arm': ['arm', 'arm'], - 'aarch64': ['aa64', 'aarch64'], - 'riscv64': ['riscv64', 'riscv64'], -}.get(efi_arch, []) - -efi_incdir = get_option('efi-includedir') -found = false -foreach efi_arch_candidate : efi_arch - efi_archdir = efi_incdir / efi_arch_candidate - if cc.has_header(efi_archdir / 'efibind.h', - args: get_option('efi-cflags')) - found = true - break - endif -endforeach - -if not found - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but headers not found or efi arch is unknown') - endif - warning('gnu-efi headers not found or efi arch is unknown, disabling gnu-efi support') - subdir_done() -endif - -if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64', - args: ['-nostdlib', '-ffreestanding', '-fshort-wchar'] + get_option('efi-cflags'), - include_directories: include_directories(efi_incdir, - efi_archdir)) - - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but found headers are too old (3.0.5+ required)') - endif - warning('gnu-efi headers are too old (3.0.5+ required), disabling gnu-efi support') - subdir_done() -endif - -objcopy = run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip() -objcopy_2_38 = find_program('objcopy', version: '>=2.38', required: false) - -efi_ld = get_option('efi-ld') -if efi_ld == 'auto' - efi_ld = cc.get_linker_id().split('.')[1] - if efi_ld not in ['bfd', 'gold'] - message('Not using @0@ as efi-ld, falling back to bfd'.format(efi_ld)) - efi_ld = 'bfd' - endif -endif - -efi_multilib = run_command( - cc.cmd_array(), '-print-multi-os-directory', get_option('efi-cflags'), - check: false -).stdout().strip() -efi_multilib = run_command( - 'realpath', '-e', '/usr/lib' / efi_multilib, - check: false -).stdout().strip() - -efi_libdir = '' -foreach dir : [get_option('efi-libdir'), - '/usr/lib/gnuefi' / efi_arch[0], - efi_multilib] - if dir != '' and fs.is_dir(dir) - efi_libdir = dir - break - endif -endforeach -if efi_libdir == '' - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but efi-libdir was not found') - endif - warning('efi-libdir was not found, disabling gnu-efi support') - subdir_done() -endif - -efi_lds = '' -foreach location : [ # New locations first introduced with gnu-efi 3.0.11 - [efi_libdir / 'efi.lds', - efi_libdir / 'crt0.o'], - # Older locations... - [efi_libdir / 'gnuefi' / 'elf_@0@_efi.lds'.format(efi_arch[1]), - efi_libdir / 'gnuefi' / 'crt0-efi-@0@.o'.format(efi_arch[1])], - [efi_libdir / 'elf_@0@_efi.lds'.format(efi_arch[1]), - efi_libdir / 'crt0-efi-@0@.o'.format(efi_arch[1])]] - if fs.is_file(location[0]) and fs.is_file(location[1]) - efi_lds = location[0] - efi_crt0 = location[1] - break - endif -endforeach -if efi_lds == '' - if get_option('gnu-efi') == 'true' - error('gnu-efi support requested, but cannot find efi.lds') - endif - warning('efi.lds was not found, disabling gnu-efi support') +if conf.get('ENABLE_BOOTLOADER') != 1 subdir_done() endif -conf.set10('HAVE_GNU_EFI', true) -conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch[0]) - efi_conf = configuration_data() -efi_conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch[0]) efi_conf.set10('ENABLE_TPM', get_option('tpm')) foreach ctype : ['color-normal', 'color-entry', 'color-highlight', 'color-edit'] @@ -174,151 +57,8 @@ elif get_option('sbat-distro') != '' endif endif -efi_config_h = configure_file( - output : 'efi_config.h', - configuration : efi_conf) - -efi_cflags = [ - '-DGNU_EFI_USE_MS_ABI', - '-DSD_BOOT=1', - '-ffreestanding', - '-fshort-wchar', - '-fvisibility=hidden', - '-I', fundamental_path, - '-I', meson.current_source_dir(), - '-include', efi_config_h, - '-include', version_h, - '-std=gnu11', - '-Wall', - '-Wextra', -] + cc.get_supported_arguments( - basic_disabled_warnings + - possible_common_cc_flags + [ - '-fno-stack-protector', - '-fno-strict-aliasing', - '-fpic', - '-fwide-exec-charset=UCS2', - ] -) - -efi_cflags += cc.get_supported_arguments({ - 'ia32': ['-mno-sse', '-mno-mmx'], - 'x86_64': ['-mno-red-zone', '-mno-sse', '-mno-mmx'], - 'arm': ['-mgeneral-regs-only', '-mfpu=none'], -}.get(efi_arch[1], [])) - -# We are putting the efi_cc command line together ourselves, so make sure to pull any -# relevant compiler flags from meson/CFLAGS as povided by the user or distro. - -if get_option('werror') - efi_cflags += ['-Werror'] -endif -if get_option('debug') and get_option('mode') == 'developer' - efi_cflags += ['-ggdb', '-DEFI_DEBUG'] -endif -if get_option('optimization') in ['1', '2', '3', 's', 'g'] - efi_cflags += ['-O' + get_option('optimization')] -endif -if get_option('b_ndebug') == 'true' or ( - get_option('b_ndebug') == 'if-release' and get_option('buildtype') in ['plain', 'release']) - efi_cflags += ['-DNDEBUG'] -endif -if get_option('b_lto') - efi_cflags += cc.has_argument('-flto=auto') ? ['-flto=auto'] : ['-flto'] -endif - -foreach arg : get_option('c_args') - if arg in [ - '-DNDEBUG', - '-fno-lto', - '-O1', '-O2', '-O3', '-Og', '-Os', - '-Werror', - ] or arg.split('=')[0] in [ - '-ffile-prefix-map', - '-flto', - ] or (get_option('mode') == 'developer' and arg in [ - '-DEFI_DEBUG', - '-g', '-ggdb', - ]) - - message('Using "@0@" from c_args for EFI compiler'.format(arg)) - efi_cflags += arg - endif -endforeach - -efi_cflags += get_option('efi-cflags') - -efi_ldflags = [ - '-fuse-ld=' + efi_ld, - '-L', efi_libdir, - '-nostdlib', - '-T', efi_lds, - '-Wl,--build-id=sha1', - '-Wl,--fatal-warnings', - '-Wl,--no-undefined', - '-Wl,--warn-common', - '-Wl,-Bsymbolic', - '-z', 'nocombreloc', - '-z', 'noexecstack', - efi_crt0, -] - -foreach arg : ['-Wl,--no-warn-execstack', - '-Wl,--no-warn-rwx-segments'] - # We need to check the correct linker for supported args. This is what - # cc.has_multi_link_arguments() is for, but it helpfully overrides our - # choice of linker by putting its own -fuse-ld= arg after ours. - if run_command('bash', '-c', - 'exec "$@" -x c -o/dev/null <(echo "int main(void){return 0;}")' + - ' -fuse-ld=' + efi_ld + ' -Wl,--fatal-warnings ' + arg, - 'bash', cc.cmd_array(), - check : false).returncode() == 0 - efi_ldflags += arg - endif -endforeach - -# If using objcopy, crt0 must not include the PE/COFF header -if run_command('grep', '-q', 'coff_header', efi_crt0, check: false).returncode() == 0 - coff_header_in_crt0 = true -else - coff_header_in_crt0 = false -endif - -if efi_arch[1] in ['arm', 'riscv64'] or (efi_arch[1] == 'aarch64' and (not objcopy_2_38.found() or coff_header_in_crt0)) - efi_ldflags += ['-shared'] - # ARM32 and 64bit RISC-V don't have an EFI capable objcopy. - # Older objcopy doesn't support Aarch64 either. - # Use 'binary' instead, and add required symbols manually. - efi_ldflags += ['-Wl,--defsym=EFI_SUBSYSTEM=0xa'] - efi_format = ['-O', 'binary'] -else - efi_ldflags += ['-pie'] - if efi_ld == 'bfd' - efi_ldflags += '-Wl,--no-dynamic-linker' - endif - efi_format = ['--target=efi-app-@0@'.format(efi_arch[1])] -endif - -if efi_arch[1] == 'arm' - # On arm, the compiler (correctly) warns about wchar_t size mismatch. This - # is because libgcc is not compiled with -fshort-wchar, but it does not - # have any occurrences of wchar_t in its sources or the documentation, so - # it is safe to assume that we can ignore this warning. - efi_ldflags += ['-Wl,--no-wchar-size-warning'] -endif - -if cc.get_id() == 'clang' and cc.version().split('.')[0].to_int() <= 10 - # clang <= 10 doesn't pass -T to the linker and then even complains about it being unused - efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument'] -endif - -summary({ - 'EFI machine type' : efi_arch[0], - 'EFI LD' : efi_ld, - 'EFI lds' : efi_lds, - 'EFI crt0' : efi_crt0, - 'EFI include directory' : efi_archdir}, - section : 'Extensible Firmware Interface') +summary({'UEFI architecture' : efi_arch}, + section : 'UEFI') if efi_conf.get('SBAT_DISTRO', '') != '' summary({ @@ -327,49 +67,16 @@ if efi_conf.get('SBAT_DISTRO', '') != '' 'SBAT distro version': sbat_distro_version_display, 'SBAT distro summary': efi_conf.get('SBAT_DISTRO_SUMMARY'), 'SBAT distro URL': efi_conf.get('SBAT_DISTRO_URL')}, - section : 'Extensible Firmware Interface') + section : 'UEFI') endif -############################################################ +configure_file( + output : 'efi_config.h', + configuration : efi_conf) -efi_headers = files( - 'bcd.h', - 'console.h', - 'cpio.h', - 'device-path-util.h', - 'devicetree.h', - 'drivers.h', - 'efi-string.h', - 'efi.h', - 'graphics.h', - 'initrd.h', - 'linux.h', - 'log.h', - 'measure.h', - 'part-discovery.h', - 'pe.h', - 'proto/block-io.h', - 'proto/console-control.h', - 'proto/device-path.h', - 'proto/dt-fixup.h', - 'proto/file-io.h', - 'proto/graphics-output.h', - 'proto/load-file.h', - 'proto/loaded-image.h', - 'proto/rng.h', - 'proto/security-arch.h', - 'proto/shell-parameters.h', - 'proto/simple-text-io.h', - 'proto/tcg.h', - 'random-seed.h', - 'secure-boot.h', - 'shim.h', - 'splash.h', - 'ticks.h', - 'util.h', -) +############################################################ -common_sources = files( +libefi_sources = files( 'console.c', 'device-path-util.c', 'devicetree.c', @@ -400,7 +107,7 @@ stub_sources = files( 'stub.c', ) -if efi_arch[1] in ['ia32', 'x86_64'] +if host_machine.cpu_family() in ['x86', 'x86_64'] stub_sources += files('linux_x86.c') endif @@ -414,7 +121,7 @@ tests += [ ] # BCD parser only makes sense on arches that Windows supports. -if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64'] +if host_machine.cpu_family() in ['aarch64', 'arm', 'x86_64', 'x86'] systemd_boot_sources += files('bcd.c') tests += [ { @@ -448,63 +155,3 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64'] }, ] endif - -systemd_boot_objects = [] -stub_objects = [] -foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources - # FIXME: replace ''.format(file) with fs.name(file) when meson_version requirement is >= 0.59.0 - o_file = custom_target('@0@.o'.format(file).split('/')[-1], - input : file, - output : '@0@.o'.format(file).split('/')[-1], - command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags], - depend_files : efi_headers + fundamental_headers) - if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file) - systemd_boot_objects += o_file - endif - if (fundamental_source_paths + common_sources + stub_sources).contains(file) - stub_objects += o_file - endif -endforeach - -foreach tuple : [['systemd-boot@0@.@1@', systemd_boot_objects, false, 'systemd-boot'], - ['linux@0@.@1@.stub', stub_objects, true, 'systemd-stub']] - elf = custom_target( - tuple[0].format(efi_arch[0], 'elf'), - input : tuple[1], - output : tuple[0].format(efi_arch[0], 'elf'), - command : [cc.cmd_array(), - '-o', '@OUTPUT@', - efi_cflags, - efi_ldflags, - '@INPUT@', - '-lgnuefi', - '-lgcc'], - install : tuple[2], - install_tag: tuple[3], - install_dir : bootlibdir) - - efi = custom_target( - tuple[0].format(efi_arch[0], 'efi'), - input : elf, - output : tuple[0].format(efi_arch[0], 'efi'), - command : [objcopy, - '-j', '.bss*', - '-j', '.data', - '-j', '.dynamic', - '-j', '.dynsym', - '-j', '.osrel', - '-j', '.rel*', - '-j', '.sbat', - '-j', '.sdata', - '-j', '.sdmagic', - '-j', '.text', - '--strip-all', - '--section-alignment=512', - efi_format, - '@INPUT@', '@OUTPUT@'], - install : true, - install_tag: tuple[3], - install_dir : bootlibdir) - - alias_target(tuple[3], efi) -endforeach diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c index 25c81ca164..5e813a6eb6 100644 --- a/src/boot/efi/stub.c +++ b/src/boot/efi/stub.c @@ -423,8 +423,3 @@ static EFI_STATUS run(EFI_HANDLE image) { } DEFINE_EFI_MAIN_FUNCTION(run, "systemd-stub", /*wait_for_debugger=*/false); - -/* See comment in boot.c. */ -EFI_STATUS _entry(EFI_HANDLE image, EFI_SYSTEM_TABLE *system_table) { - return efi_main(image, system_table); -} diff --git a/src/fundamental/meson.build b/src/fundamental/meson.build index 4b8e32337d..a55a5faa53 100644 --- a/src/fundamental/meson.build +++ b/src/fundamental/meson.build @@ -1,25 +1,11 @@ # SPDX-License-Identifier: LGPL-2.1-or-later -fundamental_path = meson.current_source_dir() +fundamental_include = include_directories('.') -fundamental_headers = files( - 'bootspec-fundamental.h', - 'efivars-fundamental.h', - 'macro-fundamental.h', - 'memory-util-fundamental.h', - 'sha256.h', - 'string-util-fundamental.h', - 'tpm-pcr.h', -) - -# for sd-boot -fundamental_source_paths = files( +fundamental_sources = files( 'bootspec-fundamental.c', 'efivars-fundamental.c', 'sha256.c', 'string-util-fundamental.c', 'tpm-pcr.c', ) - -# for libbasic -fundamental_sources = fundamental_source_paths + fundamental_headers diff --git a/src/test/meson.build b/src/test/meson.build index 55c0881299..afd95cf8dd 100644 --- a/src/test/meson.build +++ b/src/test/meson.build @@ -456,7 +456,7 @@ tests += [ }, { 'sources' : files('test-sbat.c'), - 'condition' : 'HAVE_GNU_EFI', + 'condition' : 'ENABLE_BOOTLOADER', 'c_args' : '-I@0@'.format(efi_config_h_dir), }, { diff --git a/test/meson.build b/test/meson.build index a051f77a52..9f8a314e82 100644 --- a/test/meson.build +++ b/test/meson.build @@ -73,7 +73,7 @@ if install_tests '../-.mount', testsuite08_dir + '/local-fs.target.wants/-.mount') - if conf.get('HAVE_GNU_EFI') == 1 and conf.get('HAVE_ZSTD') == 1 + if conf.get('ENABLE_BOOTLOADER') == 1 and conf.get('HAVE_ZSTD') == 1 install_subdir('test-bcd', exclude_files : '.gitattributes', install_dir : testdata_dir) diff --git a/test/mkosi.default.networkd-test b/test/mkosi.default.networkd-test index ed3604ccdf..fe15f394be 100644 --- a/test/mkosi.default.networkd-test +++ b/test/mkosi.default.networkd-test @@ -33,8 +33,6 @@ BuildPackages= gcc gettext git - gnu-efi - gnu-efi-devel gnutls-devel gperf hostname diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh index 2e64475c6d..b2a5900b1f 100755 --- a/tools/oss-fuzz.sh +++ b/tools/oss-fuzz.sh @@ -35,18 +35,12 @@ else apt-get update apt-get install -y gperf m4 gettext python3-pip \ libcap-dev libmount-dev \ - pkg-config wget python3-jinja2 zipmerge + pkg-config wget python3-jinja2 zipmerge zstd if [[ "$ARCHITECTURE" == i386 ]]; then apt-get install -y pkg-config:i386 libcap-dev:i386 libmount-dev:i386 fi - # gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd - # is hidden. It isn't linked against efi. It doesn't - # even include "efi.h" because "bcd.c" can work in "unit test" mode - # where it isn't necessary. - apt-get install -y gnu-efi zstd - pip3 install -r .github/workflows/requirements.txt --require-hashes # https://github.com/google/oss-fuzz/issues/6868 diff --git a/units/meson.build b/units/meson.build index c7939a10f8..06d68c1d6b 100644 --- a/units/meson.build +++ b/units/meson.build @@ -105,9 +105,9 @@ units = [ ['systemd-ask-password-wall.path', '', 'multi-user.target.wants/'], ['systemd-ask-password-wall.service', ''], - ['systemd-boot-random-seed.service', 'HAVE_GNU_EFI', + ['systemd-boot-random-seed.service', 'ENABLE_BOOTLOADER', 'sysinit.target.wants/'], - ['systemd-boot-update.service', 'HAVE_GNU_EFI'], + ['systemd-boot-update.service', 'ENABLE_BOOTLOADER'], ['systemd-coredump.socket', 'ENABLE_COREDUMP', 'sockets.target.wants/'], ['systemd-exit.service', ''], @@ -187,7 +187,7 @@ in_units = [ ['systemd-backlight@.service', 'ENABLE_BACKLIGHT'], ['systemd-binfmt.service', 'ENABLE_BINFMT', 'sysinit.target.wants/'], - ['systemd-bless-boot.service', 'HAVE_GNU_EFI HAVE_BLKID'], + ['systemd-bless-boot.service', 'ENABLE_BOOTLOADER HAVE_BLKID'], ['systemd-boot-check-no-failures.service', ''], ['systemd-coredump@.service', 'ENABLE_COREDUMP'], ['systemd-pstore.service', 'ENABLE_PSTORE'], @@ -259,16 +259,16 @@ in_units = [ 'sysinit.target.wants/ initrd-root-fs.target.wants/'], ['user-runtime-dir@.service', ''], ['user@.service', ''], - ['systemd-pcrphase-initrd.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2 ENABLE_INITRD', + ['systemd-pcrphase-initrd.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2 ENABLE_INITRD', 'initrd.target.wants/'], - ['systemd-pcrphase-sysinit.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2', + ['systemd-pcrphase-sysinit.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2', 'sysinit.target.wants/'], - ['systemd-pcrphase.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2', + ['systemd-pcrphase.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2', 'sysinit.target.wants/'], - ['systemd-pcrmachine.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2', + ['systemd-pcrmachine.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2', 'sysinit.target.wants/'], - ['systemd-pcrfs-root.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2'], - ['systemd-pcrfs@.service', 'HAVE_GNU_EFI HAVE_OPENSSL HAVE_TPM2'], + ['systemd-pcrfs-root.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2'], + ['systemd-pcrfs@.service', 'ENABLE_BOOTLOADER HAVE_OPENSSL HAVE_TPM2'], ['systemd-growfs-root.service', ''], ['systemd-growfs@.service', ''], ] |