host_os_release_id,
host_os_release_version_id,
host_os_release_level,
- NULL);
+ /* required_sysext_scope= */ NULL,
+ /* ret_image= */ NULL);
if (r == -ENOENT && m->ignore)
return 0;
if (r == -ESTALE && host_os_release_id)
const char *required_host_os_release_id,
const char *required_host_os_release_version_id,
const char *required_host_os_release_sysext_level,
- const char *required_sysext_scope) {
+ const char *required_sysext_scope,
+ DissectedImage **ret_image) {
_cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL;
_cleanup_(dissected_image_unrefp) DissectedImage *dissected_image = NULL;
int r;
assert(src);
- assert(dest);
+ /* Verifying release metadata requires mounted image for now, so ensure the check is skipped when
+ * opening an image without mounting it immediately (i.e.: 'dest' is NULL). */
+ assert(!required_host_os_release_id || dest);
relax_extension_release_check = mount_options_relax_extension_release_checks(options);
if (r < 0)
return log_debug_errno(r, "Failed to decrypt dissected image: %m");
- r = mkdir_p_label(dest, 0755);
- if (r < 0)
- return log_debug_errno(r, "Failed to create destination directory %s: %m", dest);
- r = umount_recursive(dest, 0);
- if (r < 0)
- return log_debug_errno(r, "Failed to umount under destination directory %s: %m", dest);
+ if (dest) {
+ r = mkdir_p_label(dest, 0755);
+ if (r < 0)
+ return log_debug_errno(r, "Failed to create destination directory %s: %m", dest);
+ r = umount_recursive(dest, 0);
+ if (r < 0)
+ return log_debug_errno(r, "Failed to umount under destination directory %s: %m", dest);
+ }
r = dissected_image_mount(
dissected_image,
if (r < 0)
return log_debug_errno(r, "Failed to relinquish dissected image: %m");
+ if (ret_image)
+ *ret_image = TAKE_PTR(dissected_image);
+
return 0;
}
int mount_image_privately_interactively(const char *path, const ImagePolicy *image_policy, DissectImageFlags flags, char **ret_directory, int *ret_dir_fd, LoopDevice **ret_loop_device);
-int verity_dissect_and_mount(int src_fd, const char *src, const char *dest, const MountOptions *options, const ImagePolicy *image_policy, const char *required_host_os_release_id, const char *required_host_os_release_version_id, const char *required_host_os_release_sysext_level, const char *required_sysext_scope);
+int verity_dissect_and_mount(int src_fd, const char *src, const char *dest, const MountOptions *options, const ImagePolicy *image_policy, const char *required_host_os_release_id, const char *required_host_os_release_version_id, const char *required_host_os_release_sysext_level, const char *required_sysext_scope, DissectedImage **ret_image);
int dissect_fstype_ok(const char *fstype);
mount_tmp_created = true;
if (is_image)
- r = verity_dissect_and_mount(chased_src_fd, chased_src_path, mount_tmp, options, image_policy, NULL, NULL, NULL, NULL);
+ r = verity_dissect_and_mount(
+ chased_src_fd,
+ chased_src_path,
+ mount_tmp,
+ options,
+ image_policy,
+ /* required_host_os_release_id= */ NULL,
+ /* required_host_os_release_version_id= */ NULL,
+ /* required_host_os_release_sysext_level= */ NULL,
+ /* required_sysext_scope= */ NULL,
+ /* ret_image= */ NULL);
else
r = mount_follow_verbose(LOG_DEBUG, FORMAT_PROC_FD_PATH(chased_src_fd), mount_tmp, NULL, MS_BIND, NULL);
if (r < 0)