sd_id128_t fsuuid, vuuid;
/* If a root hash is supplied, then we use the root partition that has a UUID that match the
- * first 128bit of the root hash. And we use the verity partition that has a UUID that match
- * the final 128bit. */
+ * first 128-bit of the root hash. And we use the verity partition that has a UUID that match
+ * the final 128-bit. */
if (verity->root_hash_size < sizeof(sd_id128_t))
return -EINVAL;
}
if (m->partitions[type.designator].found) {
+ int c;
+
/* For most partition types the first one we see wins. Except for the
* rootfs and /usr, where we do a version compare of the label, and
* let the newest version win. This permits a simple A/B versioning
* scheme in OS images. */
- if (compare_arch(type.arch, m->partitions[type.designator].architecture) <= 0)
+ c = compare_arch(type.arch, m->partitions[type.designator].architecture);
+ if (c < 0) /* the arch we already found is better than the one we found now */
continue;
-
- if (!partition_designator_is_versioned(type.designator) ||
- strverscmp_improved(m->partitions[type.designator].label, label) >= 0)
+ if (c == 0 && /* same arch? then go by version in label */
+ (!partition_designator_is_versioned(type.designator) ||
+ strverscmp_improved(label, m->partitions[type.designator].label) <= 0))
continue;
dissected_partition_done(m->partitions + type.designator);
try_again:
/* Device is being removed by another process. Let's wait for a while. */
- (void) usleep(2 * USEC_PER_MSEC);
+ (void) usleep_safe(2 * USEC_PER_MSEC);
}
/* All trials failed or a conflicting verity device exists. Let's try to activate with a unique name. */
return -EINVAL;
if (p->size > 4*1024*1024) /* Signature data cannot possible be larger than 4M, refuse that */
- return -EFBIG;
+ return log_debug_errno(SYNTHETIC_ERRNO(EFBIG), "Verity signature partition is larger than 4M, refusing.");
buf = new(char, p->size+1);
if (!buf)