measure: introduce support for a new ".profile" section

This introduces the concept, and makes sure systemd-measure covers it.
See a later commit for details on the new section.

man/systemd-measure.xml

@@ -76,9 +76,9 @@
         kernel image consisting of the components specified with <option>--linux=</option>,
         <option>--osrel=</option>, <option>--cmdline=</option>, <option>--initrd=</option>,
         <option>--ucode=</option>, <option>--splash=</option>, <option>--dtb=</option>,
-        <option>--uname=</option>, <option>--sbat=</option>, <option>--pcrpkey=</option> see below.  Only
-        <option>--linux=</option> is mandatory. (Alternatively, specify <option>--current</option> to use the
-        current values of PCR register 11 instead.)</para>
+        <option>--uname=</option>, <option>--sbat=</option>, <option>--pcrpkey=</option>,
+        <option>--profile=</option>, see below.  Only <option>--linux=</option> is mandatory. (Alternatively,
+        specify <option>--current</option> to use the current values of PCR register 11 instead.)</para>
 
         <xi:include href="version-info.xml" xpointer="v252"/>
         </listitem>
@@ -124,6 +124,7 @@
         <term><option>--uname=<replaceable>PATH</replaceable></option></term>
         <term><option>--sbat=<replaceable>PATH</replaceable></option></term>
         <term><option>--pcrpkey=<replaceable>PATH</replaceable></option></term>
+        <term><option>--profile=<replaceable>PATH</replaceable></option></term>
 
         <listitem><para>When used with the <command>calculate</command> or <command>sign</command> verb,
         configures the files to read the unified kernel image components from. Each option corresponds with
@@ -131,7 +132,10 @@
         the path to the ELF kernel file that the unified PE kernel will wrap. All switches except
         <option>--linux=</option> are optional. Each option may be used at most once.</para>
 
-        <xi:include href="version-info.xml" xpointer="v252"/></listitem>
+        <xi:include href="version-info.xml" xpointer="v252"/>
+
+        <para id="v257">With the exception of <option>--profile=</option>, which has been added in version
+        257.</para></listitem>
       </varlistentry>
 
       <varlistentry>

src/boot/measure.c

@@ -100,6 +100,7 @@ static int help(int argc, char *argv[], void *userdata) {
                "     --uname=PATH        Path to 'uname -r' file                %7$s .uname\n"
                "     --sbat=PATH         Path to SBAT file                      %7$s .sbat\n"
                "     --pcrpkey=PATH      Path to public key for PCR signatures  %7$s .pcrpkey\n"
+               "     --profile=PATH      Path to profile file                   %7$s .profile\n"
                "\nSee the %2$s for details.\n",
                program_invocation_short_name,
                link,
@@ -142,8 +143,9 @@ static int parse_argv(int argc, char *argv[]) {
                 ARG_UNAME,
                 ARG_SBAT,
                 _ARG_PCRSIG, /* the .pcrsig section is not input for signing, hence not actually an argument here */
+                ARG_PCRPKEY,
                 _ARG_SECTION_LAST,
-                ARG_PCRPKEY = _ARG_SECTION_LAST,
+                ARG_PROFILE = _ARG_SECTION_LAST,
                 ARG_BANK,
                 ARG_PRIVATE_KEY,
                 ARG_PRIVATE_KEY_SOURCE,
@@ -169,6 +171,7 @@ static int parse_argv(int argc, char *argv[]) {
                 { "uname",              required_argument, NULL, ARG_UNAME              },
                 { "sbat",               required_argument, NULL, ARG_SBAT               },
                 { "pcrpkey",            required_argument, NULL, ARG_PCRPKEY            },
+                { "profile",            required_argument, NULL, ARG_PROFILE            },
                 { "current",            no_argument,       NULL, 'c'                    },
                 { "bank",               required_argument, NULL, ARG_BANK               },
                 { "tpm2-device",        required_argument, NULL, ARG_TPM2_DEVICE        },
@@ -188,7 +191,7 @@ static int parse_argv(int argc, char *argv[]) {
         assert(argv);
 
         /* Make sure the arguments list and the section list, stays in sync */
-        //assert_cc(_ARG_SECTION_FIRST + _UNIFIED_SECTION_MAX == _ARG_SECTION_LAST + 1);
+        assert_cc(_ARG_SECTION_FIRST + _UNIFIED_SECTION_MAX == _ARG_SECTION_LAST + 1);
 
         while ((c = getopt_long(argc, argv, "hjc", options, NULL)) >= 0)
                 switch (c) {

tools/command_ignorelist

@@ -568,3 +568,4 @@ file-hierarchy.xml /refsect1[title="Home Directory"]/variablelist/varlistentry[t
 file-hierarchy.xml /refsect1[title="Home Directory"]/variablelist/varlistentry[term="~/.local/lib/arch-id/"]
 file-hierarchy.xml /refsect1[title="Home Directory"]/variablelist/varlistentry[term="~/.local/share/"]
 file-hierarchy.xml /refsect1[title="Home Directory"]/variablelist/varlistentry[term="~/.local/state/"]
+systemd-measure.xml /refsect1[title="Options"]/variablelist/varlistentry[term="--linux=PATH"]