This is a purely mechanical change because it touches so many files, the real
interesting parts we need that prompted this will be followups.
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Now SetNextBoot() will return a RebootInfo struct that will include a
bootloader.RebootBootloader interface, instead of just a bool
indicating if rebooting is required. This allows to obtain additional
information from the bootloader while rebooting.
Observe when boot config gets update and reseal the keys as needed for both the
curre and candidate kernel command lines if those are different.
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Add bootstate handling for observing a successful command line update. At the
same time, provide backwards compatibility for the systems built before tracking
of current kernel command lines was introduced in modeenv and set one on
successful boot.
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Analyze which trusted assets we booted with and update the modeenv so that only
the assets on disk are listed in the boot assets map. Unused assets are dropped
form the cache.
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
introduce bootloader.Options.Role to cover more generically
what was covered before by the Recovery and ExtractedRunKernelImage
flags
the default is RoleSole = "" which applies to the sole bootloader
for UC16/18
adjust tests and comments
Refactor the various structs in bootstate20.go to use a common bootStateUpdate
implementation with a single commit() method that is used for all scenarios.
This is necessary because we will soon need to reseal against the TPM when
we commit boot state changes, so having that happen in one place will greatly
simplify things.
This unification allows us to remove one of the structs,
bootState20MarkSuccessful entirely, and allows us to greatly reduce the
amount of state that the bootState20Kernel and bootState20Base structs
carry around.
Also fix a typo in the comment for revisions(), as isTrySnapError is not
exported anymore.
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
