/* how many times to wait for the device nodes to appear */
#define N_DEVICE_NODE_LIST_ATTEMPTS 10
-int probe_filesystem_full(int fd, const char *path, char **ret_fstype) {
+int probe_filesystem_full(
+ int fd,
+ const char *path,
+ uint64_t offset,
+ uint64_t size,
+ char **ret_fstype) {
+
/* Try to find device content type and return it in *ret_fstype. If nothing is found,
- * 0/NULL will be returned. -EUCLEAN will be returned for ambiguous results, and an
+ * 0/NULL will be returned. -EUCLEAN will be returned for ambiguous results, and a
* different error otherwise. */
#if HAVE_BLKID
_cleanup_(blkid_free_probep) blkid_probe b = NULL;
_cleanup_free_ char *path_by_fd = NULL;
- _cleanup_close_ int fd_close = -1;
+ _cleanup_close_ int fd_close = -EBADF;
const char *fstype;
int r;
path = path_by_fd;
}
+ if (size == 0) /* empty size? nothing found! */
+ goto not_found;
+
b = blkid_new_probe();
if (!b)
return -ENOMEM;
errno = 0;
- r = blkid_probe_set_device(b, fd, 0, 0);
+ r = blkid_probe_set_device(
+ b,
+ fd,
+ offset,
+ size == UINT64_MAX ? 0 : size); /* when blkid sees size=0 it understands "everything". We prefer using UINT64_MAX for that */
if (r != 0)
return errno_or_else(ENOMEM);
errno = 0;
r = blkid_do_safeprobe(b);
- if (r == 1)
+ if (r == _BLKID_SAFEPROBE_NOT_FOUND)
goto not_found;
- if (r == -2)
+ if (r == _BLKID_SAFEPROBE_AMBIGUOUS)
return log_debug_errno(SYNTHETIC_ERRNO(EUCLEAN),
"Results ambiguous for partition %s", path);
- if (r != 0)
+ if (r == _BLKID_SAFEPROBE_ERROR)
return log_debug_errno(errno_or_else(EIO), "Failed to probe partition %s: %m", path);
+ assert(r == _BLKID_SAFEPROBE_FOUND);
+
(void) blkid_probe_lookup_value(b, "TYPE", &fstype, NULL);
if (fstype) {
}
#if HAVE_BLKID
-static int dissected_image_probe_filesystem(DissectedImage *m) {
+static int dissected_image_probe_filesystems(DissectedImage *m, int fd) {
int r;
assert(m);
if (!p->found)
continue;
- if (!p->fstype && p->mount_node_fd >= 0 && !p->decrypted_node) {
- r = probe_filesystem_full(p->mount_node_fd, p->node, &p->fstype);
- if (r < 0 && r != -EUCLEAN)
+ if (!p->fstype) {
+ /* If we have an fd referring to the partition block device, use that. Otherwise go
+ * via the whole block device or backing regular file, and read via offset. */
+ if (p->mount_node_fd >= 0)
+ r = probe_filesystem_full(p->mount_node_fd, p->node, 0, UINT64_MAX, &p->fstype);
+ else
+ r = probe_filesystem_full(fd, p->node, p->offset, p->size, &p->fstype);
+ if (r < 0)
return r;
}
static int open_partition(const char *node, bool is_partition, const LoopDevice *loop) {
_cleanup_(sd_device_unrefp) sd_device *dev = NULL;
- _cleanup_close_ int fd = -1;
+ _cleanup_close_ int fd = -EBADF;
dev_t devnum;
int r;
errno = 0;
r = blkid_do_safeprobe(b);
- if (IN_SET(r, -2, 1))
- return log_debug_errno(SYNTHETIC_ERRNO(ENOPKG), "Failed to identify any partition table.");
- if (r != 0)
+ if (r == _BLKID_SAFEPROBE_ERROR)
return errno_or_else(EIO);
+ if (IN_SET(r, _BLKID_SAFEPROBE_AMBIGUOUS, _BLKID_SAFEPROBE_NOT_FOUND))
+ return log_debug_errno(SYNTHETIC_ERRNO(ENOPKG), "Failed to identify any partition table.");
+
+ assert(r == _BLKID_SAFEPROBE_FOUND);
if ((!(flags & DISSECT_IMAGE_GPT_ONLY) &&
(flags & DISSECT_IMAGE_GENERIC_ROOT)) ||
if (STRPTR_IN_SET(usage, "filesystem", "crypto")) {
_cleanup_free_ char *t = NULL, *n = NULL, *o = NULL;
const char *fstype = NULL, *options = NULL, *suuid = NULL;
- _cleanup_close_ int mount_node_fd = -1;
+ _cleanup_close_ int mount_node_fd = -EBADF;
sd_id128_t uuid = SD_ID128_NULL;
- if (FLAGS_SET(flags, DISSECT_IMAGE_OPEN_PARTITION_DEVICES)) {
+ if (FLAGS_SET(flags, DISSECT_IMAGE_PIN_PARTITION_DEVICES)) {
mount_node_fd = open_partition(devname, /* is_partition = */ false, m->loop);
if (mount_node_fd < 0)
return mount_node_fd;
m->encrypted = streq_ptr(fstype, "crypto_LUKS");
m->has_verity = verity && verity->data_path;
- m->verity_ready = m->has_verity &&
- verity->root_hash &&
- (verity->designator < 0 || verity->designator == PARTITION_ROOT);
+ m->verity_ready = verity_settings_data_covers(verity, PARTITION_ROOT);
m->has_verity_sig = false; /* signature not embedded, must be specified */
- m->verity_sig_ready = m->verity_ready &&
- verity->root_hash_sig;
+ m->verity_sig_ready = m->verity_ready && verity->root_hash_sig;
m->image_uuid = uuid;
if (verity && verity->data_path)
return -EBADR;
- if (FLAGS_SET(flags, DISSECT_IMAGE_MANAGE_PARTITION_DEVICES)) {
+ if (FLAGS_SET(flags, DISSECT_IMAGE_ADD_PARTITION_DEVICES)) {
/* Safety check: refuse block devices that carry a partition table but for which the kernel doesn't
* do partition scanning. */
r = blockdev_partscan_enabled(fd);
* Kernel returns EBUSY if there's already a partition by that number or an overlapping
* partition already existent. */
- if (FLAGS_SET(flags, DISSECT_IMAGE_MANAGE_PARTITION_DEVICES)) {
+ if (FLAGS_SET(flags, DISSECT_IMAGE_ADD_PARTITION_DEVICES)) {
r = block_device_add_partition(fd, node, nr, (uint64_t) start * 512, (uint64_t) size * 512);
if (r < 0) {
if (r != -EBUSY)
}
if (is_gpt) {
- const char *stype, *sid, *fstype = NULL, *label;
+ const char *fstype = NULL, *label;
sd_id128_t type_id, id;
GptPartitionType type;
bool rw = true, growfs = false;
- sid = blkid_partition_get_uuid(pp);
- if (!sid)
- continue;
- if (sd_id128_from_string(sid, &id) < 0)
+ r = blkid_partition_get_uuid_id128(pp, &id);
+ if (r < 0) {
+ log_debug_errno(r, "Failed to read partition UUID, ignoring: %m");
continue;
+ }
- stype = blkid_partition_get_type_string(pp);
- if (!stype)
- continue;
- if (sd_id128_from_string(stype, &type_id) < 0)
+ r = blkid_partition_get_type_id128(pp, &type_id);
+ if (r < 0) {
+ log_debug_errno(r, "Failed to read partition type UUID, ignoring: %m");
continue;
+ }
type = gpt_partition_type_from_uuid(type_id);
label = blkid_partition_get_name(pp); /* libblkid returns NULL here if empty */
- if (type.designator == PARTITION_HOME) {
-
- check_partition_flags(node, pflags,
- SD_GPT_FLAG_NO_AUTO | SD_GPT_FLAG_READ_ONLY | SD_GPT_FLAG_GROWFS);
-
- if (pflags & SD_GPT_FLAG_NO_AUTO)
- continue;
-
- rw = !(pflags & SD_GPT_FLAG_READ_ONLY);
- growfs = FLAGS_SET(pflags, SD_GPT_FLAG_GROWFS);
-
- } else if (type.designator == PARTITION_SRV) {
+ if (IN_SET(type.designator,
+ PARTITION_HOME,
+ PARTITION_SRV,
+ PARTITION_XBOOTLDR,
+ PARTITION_TMP)) {
check_partition_flags(node, pflags,
SD_GPT_FLAG_NO_AUTO | SD_GPT_FLAG_READ_ONLY | SD_GPT_FLAG_GROWFS);
fstype = "vfat";
- } else if (type.designator == PARTITION_XBOOTLDR) {
-
- check_partition_flags(node, pflags,
- SD_GPT_FLAG_NO_AUTO | SD_GPT_FLAG_READ_ONLY | SD_GPT_FLAG_GROWFS);
-
- if (pflags & SD_GPT_FLAG_NO_AUTO)
- continue;
-
- rw = !(pflags & SD_GPT_FLAG_READ_ONLY);
- growfs = FLAGS_SET(pflags, SD_GPT_FLAG_GROWFS);
-
} else if (type.designator == PARTITION_ROOT) {
check_partition_flags(node, pflags,
if (pflags & SD_GPT_FLAG_NO_AUTO)
continue;
+ fstype = "swap";
+
/* We don't have a designator for SD_GPT_LINUX_GENERIC so check the UUID instead. */
} else if (sd_id128_equal(type.uuid, SD_GPT_LINUX_GENERIC)) {
return -ENOMEM;
}
- } else if (type.designator == PARTITION_TMP) {
-
- check_partition_flags(node, pflags,
- SD_GPT_FLAG_NO_AUTO | SD_GPT_FLAG_READ_ONLY | SD_GPT_FLAG_GROWFS);
-
- if (pflags & SD_GPT_FLAG_NO_AUTO)
- continue;
-
- rw = !(pflags & SD_GPT_FLAG_READ_ONLY);
- growfs = FLAGS_SET(pflags, SD_GPT_FLAG_GROWFS);
-
} else if (type.designator == PARTITION_VAR) {
check_partition_flags(node, pflags,
return r;
if (!sd_id128_equal(var_uuid, id)) {
- log_debug("Found a /var/ partition, but its UUID didn't match our expectations, ignoring.");
+ log_debug("Found a /var/ partition, but its UUID didn't match our expectations "
+ "(found: " SD_ID128_UUID_FORMAT_STR ", expected: " SD_ID128_UUID_FORMAT_STR "), ignoring.",
+ SD_ID128_FORMAT_VAL(id), SD_ID128_FORMAT_VAL(var_uuid));
continue;
}
}
if (type.designator != _PARTITION_DESIGNATOR_INVALID) {
_cleanup_free_ char *t = NULL, *o = NULL, *l = NULL;
- _cleanup_close_ int mount_node_fd = -1;
+ _cleanup_close_ int mount_node_fd = -EBADF;
const char *options = NULL;
if (m->partitions[type.designator].found) {
dissected_partition_done(m->partitions + type.designator);
}
- if (FLAGS_SET(flags, DISSECT_IMAGE_OPEN_PARTITION_DEVICES) &&
+ if (FLAGS_SET(flags, DISSECT_IMAGE_PIN_PARTITION_DEVICES) &&
type.designator != PARTITION_SWAP) {
mount_node_fd = open_partition(node, /* is_partition = */ true, m->loop);
if (mount_node_fd < 0)
.mount_node_fd = TAKE_FD(mount_node_fd),
.offset = (uint64_t) start * 512,
.size = (uint64_t) size * 512,
+ .gpt_flags = pflags,
};
}
break;
case 0xEA: { /* Boot Loader Spec extended $BOOT partition */
- _cleanup_close_ int mount_node_fd = -1;
+ _cleanup_close_ int mount_node_fd = -EBADF;
_cleanup_free_ char *o = NULL;
sd_id128_t id = SD_ID128_NULL;
- const char *sid, *options = NULL;
+ const char *options = NULL;
/* First one wins */
if (m->partitions[PARTITION_XBOOTLDR].found)
continue;
- if (FLAGS_SET(flags, DISSECT_IMAGE_OPEN_PARTITION_DEVICES)) {
+ if (FLAGS_SET(flags, DISSECT_IMAGE_PIN_PARTITION_DEVICES)) {
mount_node_fd = open_partition(node, /* is_partition = */ true, m->loop);
if (mount_node_fd < 0)
return mount_node_fd;
}
- sid = blkid_partition_get_uuid(pp);
- if (sid)
- (void) sd_id128_from_string(sid, &id);
+ (void) blkid_partition_get_uuid_id128(pp, &id);
options = mount_options_from_designator(mount_options, PARTITION_XBOOTLDR);
if (options) {
/* If we didn't find a generic node, then we can't fix this up either */
if (generic_node) {
- _cleanup_close_ int mount_node_fd = -1;
+ _cleanup_close_ int mount_node_fd = -EBADF;
_cleanup_free_ char *o = NULL;
const char *options;
- if (FLAGS_SET(flags, DISSECT_IMAGE_OPEN_PARTITION_DEVICES)) {
+ if (FLAGS_SET(flags, DISSECT_IMAGE_PIN_PARTITION_DEVICES)) {
mount_node_fd = open_partition(generic_node, /* is_partition = */ true, m->loop);
if (mount_node_fd < 0)
return mount_node_fd;
}
}
+ r = dissected_image_probe_filesystems(m, fd);
+ if (r < 0)
+ return r;
+
return 0;
}
#endif
#if HAVE_BLKID
_cleanup_(dissected_image_unrefp) DissectedImage *m = NULL;
- _cleanup_close_ int fd = -1;
+ _cleanup_close_ int fd = -EBADF;
int r;
assert(path);
- assert((flags & DISSECT_IMAGE_BLOCK_DEVICE) == 0);
assert(ret);
fd = open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
}
static int fs_grow(const char *node_path, const char *mount_path) {
- _cleanup_close_ int mount_fd = -1, node_fd = -1;
+ _cleanup_close_ int mount_fd = -EBADF, node_fd = -EBADF;
uint64_t size, newsize;
int r;
_cleanup_free_ char *node = NULL, *name = NULL;
_cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
- _cleanup_close_ int fd = -1;
+ _cleanup_close_ int fd = -EBADF;
int r;
assert(m);
_cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
_cleanup_(dm_deferred_remove_cleanp) char *restore_deferred_remove = NULL;
_cleanup_free_ char *node = NULL, *name = NULL;
- _cleanup_close_ int mount_node_fd = -1;
+ _cleanup_close_ int mount_node_fd = -EBADF;
int r;
assert(m);
* retry a few times before giving up. */
for (unsigned i = 0; i < N_DEVICE_NODE_LIST_ATTEMPTS; i++) {
_cleanup_(sym_crypt_freep) struct crypt_device *existing_cd = NULL;
- _cleanup_close_ int fd = -1;
+ _cleanup_close_ int fd = -EBADF;
/* First, check if the device already exists. */
fd = open(node, O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY);
}
if (!p->decrypted_fstype && p->mount_node_fd >= 0 && p->decrypted_node) {
- r = probe_filesystem_full(p->mount_node_fd, p->decrypted_node, &p->decrypted_fstype);
+ r = probe_filesystem_full(p->mount_node_fd, p->decrypted_node, 0, UINT64_MAX, &p->decrypted_fstype);
if (r < 0 && r != -EUCLEAN)
return r;
}
for (; n_meta_initialized < _META_MAX; n_meta_initialized ++) {
if (!paths[n_meta_initialized]) {
- fds[2*n_meta_initialized] = fds[2*n_meta_initialized+1] = -1;
+ fds[2*n_meta_initialized] = fds[2*n_meta_initialized+1] = -EBADF;
continue;
}
m->loop = loop_device_ref(loop);
- r = dissect_image(m, loop->fd, loop->node, verity, mount_options, flags | DISSECT_IMAGE_BLOCK_DEVICE);
- if (r < 0)
- return r;
-
- r = dissected_image_probe_filesystem(m);
+ r = dissect_image(m, loop->fd, loop->node, verity, mount_options, flags);
if (r < 0)
return r;
assert(ret_directory);
assert(ret_loop_device);
+ /* We intend to mount this right-away, hence add the partitions if needed and pin them*/
+ flags |= DISSECT_IMAGE_ADD_PARTITION_DEVICES |
+ DISSECT_IMAGE_PIN_PARTITION_DEVICES;
+
r = verity_settings_load(&verity, image, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to load root hash data: %m");
return log_debug_errno(r, "Failed to load root hash: %m");
dissect_image_flags = (verity.data_path ? DISSECT_IMAGE_NO_PARTITION_TABLE : 0) |
- (relax_extension_release_check ? DISSECT_IMAGE_RELAX_SYSEXT_CHECK : 0);
+ (relax_extension_release_check ? DISSECT_IMAGE_RELAX_SYSEXT_CHECK : 0) |
+ DISSECT_IMAGE_ADD_PARTITION_DEVICES |
+ DISSECT_IMAGE_PIN_PARTITION_DEVICES;
/* Note that we don't use loop_device_make here, as the FD is most likely O_PATH which would not be
* accepted by LOOP_CONFIGURE, so just let loop_device_make_by_path reopen it as a regular FD. */