From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 0B6B89D251 for ; Thu, 23 Nov 2023 14:10:11 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id E860F37A08 for ; Thu, 23 Nov 2023 14:09:40 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Thu, 23 Nov 2023 14:09:40 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 2299A43321 for ; Thu, 23 Nov 2023 14:09:40 +0100 (CET) From: Gabriel Goller To: pbs-devel@lists.proxmox.com Date: Thu, 23 Nov 2023 14:09:34 +0100 Message-Id: <20231123130935.207013-2-g.goller@proxmox.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20231123130935.207013-1-g.goller@proxmox.com> References: <20231123130935.207013-1-g.goller@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.238 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pbs-devel] [PATCH proxmox-backup 1/2] node: status: added bootmode X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2023 13:10:11 -0000 Added field that shows the bootmode of the node. The bootmode is either Legacy Bios, EFI, or EFI (Secure Boot). To detect the mode we use the exact same method as in pve: We check if the `/sys/firmware/efi` folder exists, then check if the `SecureBoot-xx...` file in the `efivars` directory has the SecureBoot flag enabled. Signed-off-by: Gabriel Goller --- pbs-api-types/src/node.rs | 20 ++++++++++++++++++-- src/api2/node/status.rs | 28 +++++++++++++++++++++++++++- www/panel/NodeInfo.js | 17 +++++++++++++++++ 3 files changed, 62 insertions(+), 3 deletions(-) diff --git a/pbs-api-types/src/node.rs b/pbs-api-types/src/node.rs index 704215bb..6d1fa7f0 100644 --- a/pbs-api-types/src/node.rs +++ b/pbs-api-types/src/node.rs @@ -1,9 +1,8 @@ -use serde::{Deserialize, Serialize}; use proxmox_schema::*; +use serde::{Deserialize, Serialize}; use crate::StorageStatus; - #[api] #[derive(Serialize, Deserialize, Default)] #[serde(rename_all = "kebab-case")] @@ -39,6 +38,21 @@ pub struct NodeInformation { pub fingerprint: String, } + +#[api] +#[derive(Serialize, Deserialize, Default)] +#[serde(rename_all = "lowercase")] +/// The possible BootModes +pub enum BootModeInformation { + /// The BootMode is EFI/UEFI + Efi, + /// The BootMode is EFI/UEFI with Secure Boot enabled + EfiSecureBoot, + /// The BootMode is Legacy BIOS + #[default] + Bios, +} + #[api] #[derive(Serialize, Deserialize, Default)] #[serde(rename_all = "kebab-case")] @@ -97,4 +111,6 @@ pub struct NodeStatus { pub wait: f64, pub cpuinfo: NodeCpuInformation, pub info: NodeInformation, + /// Current boot mode + pub boot_info: BootModeInformation, } diff --git a/src/api2/node/status.rs b/src/api2/node/status.rs index 639d7211..1b3b9e33 100644 --- a/src/api2/node/status.rs +++ b/src/api2/node/status.rs @@ -1,4 +1,7 @@ +use std::fs::File; +use std::io::Read; use std::os::unix::prelude::OsStrExt; +use std::path::Path; use std::process::Command; use anyhow::{bail, format_err, Error}; @@ -10,7 +13,8 @@ use proxmox_router::{ApiMethod, Permission, Router, RpcEnvironment}; use proxmox_schema::api; use pbs_api_types::{ - NodePowerCommand, StorageStatus, NODE_SCHEMA, PRIV_SYS_AUDIT, PRIV_SYS_POWER_MANAGEMENT, + BootModeInformation, NodePowerCommand, StorageStatus, NODE_SCHEMA, PRIV_SYS_AUDIT, + PRIV_SYS_POWER_MANAGEMENT, }; use pbs_api_types::{ @@ -79,6 +83,27 @@ async fn get_status( let disk = crate::tools::fs::fs_info_static(proxmox_lang::c_str!("/")).await?; + let boot_info: BootModeInformation; + if Path::new("/sys/firmware/efi").exists() { + // Check if SecureBoot is enabled + // Attention: this file is not seekable! + let efivar = + File::open("/sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c"); + if let Ok(mut file) = efivar { + let mut buf = [0; 5]; + file.read_exact(&mut buf)?; + if buf[4..] == [1] { + boot_info = BootModeInformation::EfiSecureBoot; + } else { + boot_info = BootModeInformation::Efi; + } + } else { + boot_info = BootModeInformation::Efi; + } + } else { + boot_info = BootModeInformation::Bios; + } + Ok(NodeStatus { memory, swap, @@ -96,6 +121,7 @@ async fn get_status( info: NodeInformation { fingerprint: crate::cert_info()?.fingerprint()?, }, + boot_info, }) } diff --git a/www/panel/NodeInfo.js b/www/panel/NodeInfo.js index 2551c9a5..14f84a2e 100644 --- a/www/panel/NodeInfo.js +++ b/www/panel/NodeInfo.js @@ -147,6 +147,23 @@ Ext.define('PBS.NodeInfoPanel', { textField: 'kversion', value: '', }, + { + colspan: 2, + title: gettext('Boot Mode'), + printBar: false, + textField: 'boot-info', + renderer: boot_mode => { + if (boot_mode === 'bios') { + return 'Legacy BIOS'; + } else if (boot_mode === 'efi') { + return 'EFI'; + } else if (boot_mode === 'efisecureboot') { + return 'EFI (Secure Boot)'; + } + return Proxmox.Utils.unknownText; + }, + value: '', + }, { xtype: 'pmxNodeInfoRepoStatus', itemId: 'repositoryStatus', -- 2.39.2