+ if (cmd && cmd->initrd_file) {
+ initrd = pb_url_parse(opt, cmd->initrd_file);
+ } else if (opt && opt->initrd) {
+ initrd = opt->initrd->url;
+ }
+
+ if (cmd && cmd->dtb_file) {
+ dtb = pb_url_parse(opt, cmd->dtb_file);
+ } else if (opt && opt->dtb) {
+ dtb = opt->dtb->url;
+ }
+
+ if (opt && opt->proxy) {
+ setenv("http_proxy", opt->proxy, 1);
+ setenv("https_proxy", opt->proxy, 1);
+ }
+
+ boot_task = talloc_zero(ctx, struct boot_task);
+ boot_task->dry_run = dry_run;
+ boot_task->status_fn = status_fn;
+ boot_task->status_arg = status_arg;
+
+ lockdown_type = lockdown_status();
+ boot_task->verify_signature = (lockdown_type == PB_LOCKDOWN_SIGN);
+ boot_task->decrypt_files = (lockdown_type == PB_LOCKDOWN_DECRYPT);
+
+ if (cmd && cmd->boot_args) {
+ boot_task->args = talloc_strdup(boot_task, cmd->boot_args);
+ } else if (opt && opt->option->boot_args) {
+ boot_task->args = talloc_strdup(boot_task,
+ opt->option->boot_args);
+ } else {
+ boot_task->args = NULL;
+ }
+
+ if (cmd && cmd->console && !config->manual_console)
+ boot_task->boot_console = talloc_strdup(boot_task, cmd->console);
+ else
+ boot_task->boot_console = config ? config->boot_console : NULL;
+
+ if (boot_task->verify_signature || boot_task->decrypt_files) {
+ if (cmd && cmd->args_sig_file) {
+ cmdline_sig = pb_url_parse(opt, cmd->args_sig_file);
+ } else if (opt && opt->args_sig_file) {
+ cmdline_sig = opt->args_sig_file->url;
+ } else {
+ pb_log("%s: no command line signature file"
+ " specified\n", __func__);
+ update_status(status_fn, status_arg, STATUS_INFO,
+ _("Boot failed: no command line"
+ " signature file specified"));
+ talloc_free(boot_task);
+ return NULL;
+ }
+ }
+
+ /* start async loads for boot resources */
+ rc = start_url_load(boot_task, _("kernel image"),
+ image, &boot_task->image)
+ || start_url_load(boot_task, _("initrd"), initrd, &boot_task->initrd)
+ || start_url_load(boot_task, _("dtb"), dtb, &boot_task->dtb);
+
+ if (boot_task->verify_signature) {
+ /* Generate names of associated signature files and load */
+ if (image) {
+ image_sig = gpg_get_signature_url(ctx, image);
+ rc |= start_url_load(boot_task,
+ _("kernel image signature"), image_sig,
+ &boot_task->image_signature);
+ }
+ if (initrd) {
+ initrd_sig = gpg_get_signature_url(ctx, initrd);
+ rc |= start_url_load(boot_task, _("initrd signature"),
+ initrd_sig, &boot_task->initrd_signature);
+ }
+ if (dtb) {
+ dtb_sig = gpg_get_signature_url(ctx, dtb);
+ rc |= start_url_load(boot_task, _("dtb signature"),
+ dtb_sig, &boot_task->dtb_signature);
+ }
+ }
+
+ if (boot_task->verify_signature || boot_task->decrypt_files) {
+ rc |= start_url_load(boot_task,
+ _("kernel command line signature"), cmdline_sig,
+ &boot_task->cmdline_signature);
+ }
+
+ /* If all URLs are local, we may be done. */
+ if (rc) {
+ /* Don't call boot_cancel() to preserve the status update */
+ boot_task->cancelled = true;
+ cleanup_cancellations(boot_task, NULL);
+ return NULL;
+ }
+
+ boot_process(NULL, boot_task);
+
+ return boot_task;
+}
+
+void boot_cancel(struct boot_task *task)
+{
+ task->cancelled = true;
+
+ update_status(task->status_fn, task->status_arg, STATUS_INFO,
+ _("Boot cancelled"));
+
+ cleanup_cancellations(task, NULL);