support s390 secure boot (jsc#SLE-9425) #592
Conversation
This extends the existing secure boot logic to s390. A number of system-dependend logic has been moved into a new Systeminfo class.
src/lib/bootloader/grub2.rb
Outdated
| ) | ||
| ] | ||
|
|
||
| result.push secure_boot_summary if Systeminfo.secure_boot_available?(name) |
There was a problem hiding this comment.
just style, usually it is used << instead of use.
That is needed as ProposalClient expects a unified view of the bootloader class it works on.
| def validate | ||
| return true if Yast::Mode.config || | ||
| !Yast::Arch.s390 || | ||
| value == Systeminfo.secure_boot_active? |
There was a problem hiding this comment.
NP: I find a bit more readable to have it each on separate line and separate return as it is not related. So something like
| value == Systeminfo.secure_boot_active? | |
| return true if Yast::Mode.config | |
| return true unless Yast::Arch.s390 | |
| return true if value == Systeminfo.secure_boot_active? |
There was a problem hiding this comment.
I personally wouldn't have formatted it this way. But this is what our rubocop rules allow/enforce. To completely reformat it might even run into some complexity check failures.
| Yast::Popup.ContinueCancel( | ||
| _( | ||
| "Make sure the Secure Boot setting matches the configuration of the HMC.\n\n" \ | ||
| "Otherwise this system will not boot." |
There was a problem hiding this comment.
Well, buttons are continue/cancel. So I expect here a bit hint to user what when they click it. Like Cancel to edit it or Continue to use setting.
There was a problem hiding this comment.
You mean like here?:
https://github.com/yast/yast-bootloader/blob/master/src/lib/bootloader/grub2_widgets.rb#L388-L390
I've never seen a dialog like 'continue to continue' or 'cancel to cancel'. That's why there's a button text.
| "Make sure the Secure Boot setting matches the configuration of the HMC.\n\n" \ | ||
| "Otherwise this system will not boot." | ||
| ) | ||
| ) |
There was a problem hiding this comment.
One more usability note. There is method focus which is often used in validate to "highlight" given widget. So here it can be something like
res = Yast::Popup.ContinueCancel(...)
focus unless res
res
https://github.com/yast/yast-yast2/blob/master/library/cwm/src/lib/cwm/abstract_widget.rb#L187
There was a problem hiding this comment.
Again, this just mirrors the trusted boot dialog. Consistency across a UI is an important point. It doesn't help to do similar things in a completely different way.
| # @!attribute console | ||
| # @return [::Bootloader::SerialConsole] serial console or nil if none | ||
| attr_reader :console | ||
|
|
||
| # @!attribute stage1 | ||
| # @return [::Bootloader::Stage1, nil] bootloader stage1, if one is needed | ||
| attr_reader :stage1 |
There was a problem hiding this comment.
this is a bit strange as grub2EFI does not have stage1. So original intention is to have it only in grub2.rb and if something needs to depend on it, it should check bootloader or ask if method is defined.
There was a problem hiding this comment.
That's a valid point and I considered doing it that way. The usage is here:
https://github.com/yast/yast-bootloader/blob/master/src/lib/bootloader/proposal_client.rb#L338-L339
I my view this is a matter of class design. This proposal client code should work with any bootloader. So, basically with Grub2Base. That's why I decided to move the stage1 method.
Inconsistent class interfaces are imho one of the reasons yast code so easily runs into exceptions.
| log.info "single_click_action #{option} #{value.inspect} #{devices}" | ||
|
|
||
| devices.each do |device| | ||
| devices&.each do |device| |
There was a problem hiding this comment.
this starting to feel a bit too hacky, as it is related only to "boot_" arguments. What about moving it inside case like:
| devices&.each do |device| | |
| bootloader = ::Bootloader::BootloaderFactory.current | |
| case option | |
| when /boot_/ | |
| stage1 = bootloader.stage1 | |
| devices = option == "boot_mbr" ? stage1.boot_disk_names : stage1.boot_partition_names | |
| log.info "single_click_action #{option} #{value.inspect} #{devices}" | |
| devices.each do |device| | |
| value ? stage1.add_udev_device(device) : stage1.remove_device(device) | |
| end | |
| when "trusted_boot" | |
| bootloader.trusted_boot = value | |
| when "secure_boot" | |
| bootloader.secure_boot = value | |
| end | |
| Yast::Bootloader.proposed_cfg_changed = true | |
| end |
| ::Bootloader::BootloaderFactory.current.trusted_boot = value | ||
| when "secure_boot" | ||
| ::Bootloader::BootloaderFactory.current.secure_boot = value | ||
| if value && Yast::Arch.s390 |
There was a problem hiding this comment.
in validation it checks when there is a mismatch, but here it shows always when enabling. Why conditions are different?
There was a problem hiding this comment.
Because it is initially always off. Note also the different texts.
| # | ||
| # @return [Boolean] true if 390x machine has secure boot enabled | ||
| def s390_secure_boot_active? | ||
| # FIXME: this is just a stub - replace with real code later |
There was a problem hiding this comment.
well, I am not sure I want to approve with stub as I worry it will live here for another 20 years :)
There was a problem hiding this comment.
This is what was agreed on for the current task. There will be another PBI once we get the missing info.
This extends the existing secure boot logic to s390. A number of system-dependend logic has been moved into a new Systeminfo class.
That is needed as ProposalClient expects a unified view of the bootloader class it works on.
|
✔️ Internal Jenkins job #20 successfully finished |
|
✔️ Public Jenkins job #46 successfully finished |
Task
Implement secure boot handling for s390.
Implementation
Systeminfoclass/etc/sysconfig/bootloader::SECURE_BOOTto store the setting;grub2-installis expected to read it from thereadjust the HMC
Note
The implementation is incomplete as there's no info on the tools to use to handle secure boot
from the s390 side so far. So the current implementation does
offNotes on
autosettingTodo
Screenshots