1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
https://gitlab.com/kraxel/virt-firmware/-/merge_requests/11
diff --git a/man/kernel-bootcfg.1 b/man/kernel-bootcfg.1
index 089d4dc..121304e 100644
--- a/man/kernel-bootcfg.1
+++ b/man/kernel-bootcfg.1
@@ -38,6 +38,9 @@ update boot entry for UKI image FILE
\fB\-\-remove\-uki\fR FILE
remove boot entry for UKI image FILE
.TP
+\fB\-\-cmdline\fR CMDLINE
+override UKIs cmdline when adding boot entry (ignored when Secure Boot is enabled) CMDLINE
+.TP
\fB\-\-boot\-ok\fR, \fB\-\-boot\-successful\fR
boot is successful, update BootOrder to have current
entry listed first.
diff --git a/virt/firmware/bootcfg/main.py b/virt/firmware/bootcfg/main.py
index 65f2ad3..b809380 100644
--- a/virt/firmware/bootcfg/main.py
+++ b/virt/firmware/bootcfg/main.py
@@ -71,6 +71,8 @@ def add_uki(cfg, options):
if not options.title:
logging.error('entry title not specified')
sys.exit(1)
+ if options.cmdline and cfg.secureboot:
+ logging.warning("Overriding built-in UKI cmdline is not possible when Secure Boot is enabled")
efiuki = linuxcfg.LinuxEfiFile(options.adduki)
nr = cfg.find_uki_entry(efiuki.efi_filename())
@@ -84,15 +86,25 @@ def add_uki(cfg, options):
if efishim.device != efiuki.device:
logging.error('shim and uki are on different filesystems')
sys.exit(1)
- optdata = ucs16.from_string(efiuki.efi_filename())
+ if options.cmdline:
+ optdata = ucs16.from_string(efiuki.efi_filename() + ' ' + options.cmdline)
+ else:
+ optdata = ucs16.from_string(efiuki.efi_filename())
entry = bootentry.BootEntry(title = ucs16.from_string(options.title),
attr = bootentry.LOAD_OPTION_ACTIVE,
devicepath = efishim.dev_path_file(),
optdata = bytes(optdata))
else:
- entry = bootentry.BootEntry(title = ucs16.from_string(options.title),
- attr = bootentry.LOAD_OPTION_ACTIVE,
- devicepath = efiuki.dev_path_file())
+ if options.cmdline:
+ optdata = ucs16.from_string(options.cmdline)
+ entry = bootentry.BootEntry(title = ucs16.from_string(options.title),
+ attr = bootentry.LOAD_OPTION_ACTIVE,
+ devicepath = efiuki.dev_path_file(),
+ optdata = bytes(optdata))
+ else:
+ entry = bootentry.BootEntry(title = ucs16.from_string(options.title),
+ attr = bootentry.LOAD_OPTION_ACTIVE,
+ devicepath = efiuki.dev_path_file())
logging.info('Create new entry: %s', str(entry))
nr = cfg.add_entry(entry)
@@ -229,6 +241,9 @@ def main():
help = 'update boot entry for UKI image FILE', metavar = 'FILE')
group.add_argument('--remove-uki', dest = 'removeuki', type = str,
help = 'remove boot entry for UKI image FILE', metavar = 'FILE')
+ group.add_argument('--cmdline', dest = 'cmdline', type = str,
+ help = 'override UKIs cmdline when adding boot entry '
+ '(ignored when Secure Boot is enabled)', metavar = 'CMDLINE')
group.add_argument('--boot-ok', '--boot-successful', dest = 'bootok',
action = 'store_true', default = False,
help = 'boot is successful, update BootOrder to have '
|