<varlistentry id='mac-address'>
<term><varname>MACAddress=</varname></term>
<listitem>
- <para>A whitespace-separated list of hardware addresses. Use full colon-, hyphen- or dot-delimited hexadecimal. See the example below.
- This option may appear more than once, in which case the lists are merged. If the empty string is assigned to this option, the list
- of hardware addresses defined prior to this is reset.</para>
+ <para>A whitespace-separated list of hardware addresses. The acceptable formats are:</para>
- <para>Example:
- <programlisting>MACAddress=01:23:45:67:89:ab 00-11-22-33-44-55 AABB.CCDD.EEFF</programlisting></para>
+ <variablelist>
+ <varlistentry>
+ <term><option>colon-delimited hexadecimal</option></term>
+ <listitem><para>
+ Each field must be one byte.
+ E.g. <literal>12:34:56:78:90:ab</literal> or <literal>AA:BB:CC:DD:EE:FF</literal>.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>hyphen-delimited hexadecimal</option></term>
+ <listitem><para>
+ Each field must be one byte.
+ E.g. <literal>12-34-56-78-90-ab</literal> or <literal>AA-BB-CC-DD-EE-FF</literal>.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>dot-delimited hexadecimal</option></term>
+ <listitem><para>
+ Each field must be two bytes.
+ E.g. <literal>1234.5678.90ab</literal> or <literal>AABB.CCDD.EEFF</literal>.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>IPv4 address format</option></term>
+ <listitem><para>
+ E.g. <literal>127.0.0.1</literal> or <literal>192.168.0.1</literal>.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>IPv6 address format</option></term>
+ <listitem><para>
+ E.g. <literal>2001:0db8:85a3::8a2e:0370:7334</literal> or <literal>::1</literal>.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>The total length of each MAC address must be 4 (for IPv4 tunnel), 6 (for Ethernet), 16
+ (for IPv6 tunnel), or 20 (for InfiniBand). This option may appear more than once, in which
+ case the lists are merged. If the empty string is assigned to this option, the list of
+ hardware addresses defined prior to this is reset. Defaults to unset.</para>
</listitem>
</varlistentry>
<para>A whitespace-separated list of hardware's permanent addresses. While
<varname>MACAddress=</varname> matches the device's current MAC address, this matches the
device's permanent MAC address, which may be different from the current one. Use full
- colon-, hyphen- or dot-delimited hexadecimal. This option may appear more than once, in
- which case the lists are merged. If the empty string is assigned to this option, the list
- of hardware addresses defined prior to this is reset.</para>
+ colon-, hyphen- or dot-delimited hexadecimal, or IPv4 or IPv6 address format. This option may
+ appear more than once, in which case the lists are merged. If the empty string is assigned to
+ this option, the list of hardware addresses defined prior to this is reset. Defaults to
+ unset.</para>
</listitem>
</varlistentry>
cat /tmp/os-release.tmp > "$DESTDIR"/usr/lib/os-release
rm /tmp/os-release.tmp
fi
-
-# Manually update the boot loader from the one we just built
-mkdir -p "$DESTDIR"/boot/efi/EFI/systemd "$DESTDIR"/boot/efi/EFI/BOOT
-cp "$DESTDIR"/usr/lib/systemd/boot/efi/systemd-bootx64.efi "$DESTDIR"/boot/efi/EFI/systemd/systemd-bootx64.efi
-cp "$DESTDIR"/usr/lib/systemd/boot/efi/systemd-bootx64.efi "$DESTDIR"/boot/efi/EFI/BOOT/bootx64.efi
-
-mkdir -p "$DESTDIR"/efi/EFI/systemd "$DESTDIR"/efi/EFI/BOOT
-cp "$DESTDIR"/usr/lib/systemd/boot/efi/systemd-bootx64.efi "$DESTDIR"/efi/EFI/systemd/systemd-bootx64.efi
-cp "$DESTDIR"/usr/lib/systemd/boot/efi/systemd-bootx64.efi "$DESTDIR"/efi/EFI/BOOT/bootx64.efi
--- /dev/null
+#!/bin/sh
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+if [ "$1" = "final" ] && command -v bootctl > /dev/null; then
+ bootctl install
+fi
* processor features, models, generations or even ABIs. Hence we
* focus on general family, and distinguish word width and endianness. */
-enum {
+typedef enum {
ARCHITECTURE_ALPHA,
ARCHITECTURE_ARC,
ARCHITECTURE_ARC_BE,
ARCHITECTURE_X86_64,
_ARCHITECTURE_MAX,
_ARCHITECTURE_INVALID = -EINVAL,
-};
+} Architecture;
int uname_architecture(void);
# else
# define LIB_ARCH_TUPLE "x86_64-linux-gnu"
# endif
-# define SECONDARY_ARCHITECTURE ARCHITECTURE_X86
+# define ARCHITECTURE_SECONDARY ARCHITECTURE_X86
#elif defined(__i386__)
# define native_architecture() ARCHITECTURE_X86
# define LIB_ARCH_TUPLE "i386-linux-gnu"
# if __BYTE_ORDER == __BIG_ENDIAN
# define native_architecture() ARCHITECTURE_PPC64
# define LIB_ARCH_TUPLE "ppc64-linux-gnu"
-# define SECONDARY_ARCHITECTURE ARCHITECTURE_PPC
+# define ARCHITECTURE_SECONDARY ARCHITECTURE_PPC
# else
# define native_architecture() ARCHITECTURE_PPC64_LE
# define LIB_ARCH_TUPLE "powerpc64le-linux-gnu"
-# define SECONDARY_ARCHITECTURE ARCHITECTURE_PPC_LE
+# define ARCHITECTURE_SECONDARY ARCHITECTURE_PPC_LE
# endif
#elif defined(__powerpc__)
# if __BYTE_ORDER == __BIG_ENDIAN
#elif defined(__s390x__)
# define native_architecture() ARCHITECTURE_S390X
# define LIB_ARCH_TUPLE "s390x-linux-gnu"
-# define SECONDARY_ARCHITECTURE ARCHITECTURE_S390
+# define ARCHITECTURE_SECONDARY ARCHITECTURE_S390
#elif defined(__s390__)
# define native_architecture() ARCHITECTURE_S390
# define LIB_ARCH_TUPLE "s390-linux-gnu"
# else
# define native_architecture() ARCHITECTURE_ARM64
# define LIB_ARCH_TUPLE "aarch64-linux-gnu"
-# define SECONDARY_ARCHITECTURE ARCHITECTURE_ARM
+# define ARCHITECTURE_SECONDARY ARCHITECTURE_ARM
# endif
#elif defined(__arm__)
# if __BYTE_ORDER == __BIG_ENDIAN
if (architecture == native_architecture())
return PER_LINUX;
-#ifdef SECONDARY_ARCHITECTURE
- if (architecture == SECONDARY_ARCHITECTURE)
+#ifdef ARCHITECTURE_SECONDARY
+ if (architecture == ARCHITECTURE_SECONDARY)
return PER_LINUX32;
#endif
if (p == PER_LINUX)
architecture = native_architecture();
-#ifdef SECONDARY_ARCHITECTURE
+#ifdef ARCHITECTURE_SECONDARY
else if (p == PER_LINUX32)
- architecture = SECONDARY_ARCHITECTURE;
+ architecture = ARCHITECTURE_SECONDARY;
#endif
if (architecture < 0)
JSON_BUILD_PAIR("userName", JSON_BUILD_STRING(user_name)),
JSON_BUILD_PAIR("uid", JSON_BUILD_UNSIGNED(uid)),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(uid)),
- JSON_BUILD_PAIR("realName", JSON_BUILD_STRING("Dynamic User")),
- JSON_BUILD_PAIR("homeDirectory", JSON_BUILD_STRING("/")),
- JSON_BUILD_PAIR("shell", JSON_BUILD_STRING(NOLOGIN)),
+ JSON_BUILD_PAIR("realName", JSON_BUILD_CONST_STRING("Dynamic User")),
+ JSON_BUILD_PAIR("homeDirectory", JSON_BUILD_CONST_STRING("/")),
+ JSON_BUILD_PAIR("shell", JSON_BUILD_CONST_STRING(NOLOGIN)),
JSON_BUILD_PAIR("locked", JSON_BUILD_BOOLEAN(true)),
- JSON_BUILD_PAIR("service", JSON_BUILD_STRING("io.systemd.DynamicUser")),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("dynamic"))))));
+ JSON_BUILD_PAIR("service", JSON_BUILD_CONST_STRING("io.systemd.DynamicUser")),
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("dynamic"))))));
}
static bool user_match_lookup_parameters(LookupParameters *p, const char *name, uid_t uid) {
return json_build(ret, JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("record", JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(group_name)),
- JSON_BUILD_PAIR("description", JSON_BUILD_STRING("Dynamic Group")),
+ JSON_BUILD_PAIR("description", JSON_BUILD_CONST_STRING("Dynamic Group")),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(gid)),
- JSON_BUILD_PAIR("service", JSON_BUILD_STRING("io.systemd.DynamicUser")),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("dynamic"))))));
+ JSON_BUILD_PAIR("service", JSON_BUILD_CONST_STRING("io.systemd.DynamicUser")),
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("dynamic"))))));
}
static bool group_match_lookup_parameters(LookupParameters *p, const char *name, gid_t gid) {
r = json_build(&v,
JSON_BUILD_OBJECT(
- JSON_BUILD_PAIR("type", JSON_BUILD_STRING("systemd-fido2")),
+ JSON_BUILD_PAIR("type", JSON_BUILD_CONST_STRING("systemd-fido2")),
JSON_BUILD_PAIR("keyslots", JSON_BUILD_ARRAY(JSON_BUILD_STRING(keyslot_as_string))),
JSON_BUILD_PAIR("fido2-credential", JSON_BUILD_BASE64(cid, cid_size)),
JSON_BUILD_PAIR("fido2-salt", JSON_BUILD_BASE64(salt, salt_size)),
- JSON_BUILD_PAIR("fido2-rp", JSON_BUILD_STRING("io.systemd.cryptsetup")),
+ JSON_BUILD_PAIR("fido2-rp", JSON_BUILD_CONST_STRING("io.systemd.cryptsetup")),
JSON_BUILD_PAIR("fido2-clientPin-required", JSON_BUILD_BOOLEAN(FLAGS_SET(lock_with, FIDO2ENROLL_PIN))),
JSON_BUILD_PAIR("fido2-up-required", JSON_BUILD_BOOLEAN(FLAGS_SET(lock_with, FIDO2ENROLL_UP))),
JSON_BUILD_PAIR("fido2-uv-required", JSON_BUILD_BOOLEAN(FLAGS_SET(lock_with, FIDO2ENROLL_UV)))));
r = json_build(&v,
JSON_BUILD_OBJECT(
- JSON_BUILD_PAIR("type", JSON_BUILD_STRING("systemd-pkcs11")),
+ JSON_BUILD_PAIR("type", JSON_BUILD_CONST_STRING("systemd-pkcs11")),
JSON_BUILD_PAIR("keyslots", JSON_BUILD_ARRAY(JSON_BUILD_STRING(keyslot_as_string))),
JSON_BUILD_PAIR("pkcs11-uri", JSON_BUILD_STRING(uri)),
JSON_BUILD_PAIR("pkcs11-key", JSON_BUILD_BASE64(encrypted_key, encrypted_key_size))));
r = json_build(&v,
JSON_BUILD_OBJECT(
- JSON_BUILD_PAIR("type", JSON_BUILD_STRING("systemd-recovery")),
+ JSON_BUILD_PAIR("type", JSON_BUILD_CONST_STRING("systemd-recovery")),
JSON_BUILD_PAIR("keyslots", JSON_BUILD_ARRAY(JSON_BUILD_STRING(keyslot_as_string)))));
if (r < 0) {
log_error_errno(r, "Failed to prepare recovery key JSON token object: %m");
assert(hashed);
r = json_build(&e, JSON_BUILD_OBJECT(
- JSON_BUILD_PAIR("type", JSON_BUILD_STRING("modhex64")),
+ JSON_BUILD_PAIR("type", JSON_BUILD_CONST_STRING("modhex64")),
JSON_BUILD_PAIR("hashedPassword", JSON_BUILD_STRING(hashed))));
if (r < 0)
return log_error_errno(r, "Failed to build recover key JSON object: %m");
r = json_build(&status,
JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("state", JSON_BUILD_STRING(home_state_to_string(state))),
- JSON_BUILD_PAIR("service", JSON_BUILD_STRING("io.systemd.Home")),
+ JSON_BUILD_PAIR("service", JSON_BUILD_CONST_STRING("io.systemd.Home")),
JSON_BUILD_PAIR_CONDITION(disk_size != UINT64_MAX, "diskSize", JSON_BUILD_UNSIGNED(disk_size)),
JSON_BUILD_PAIR_CONDITION(disk_usage != UINT64_MAX, "diskUsage", JSON_BUILD_UNSIGNED(disk_usage)),
JSON_BUILD_PAIR_CONDITION(disk_free != UINT64_MAX, "diskFree", JSON_BUILD_UNSIGNED(disk_free)),
if (r < 0)
return r;
+ r = bus_log_control_api_register(m->bus);
+ if (r < 0)
+ return r;
+
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
if (suffix)
busname = strjoina("org.freedesktop.home1.", suffix);
r = json_build(&v,
JSON_BUILD_OBJECT(
- JSON_BUILD_PAIR("type", JSON_BUILD_STRING("systemd-homed")),
+ JSON_BUILD_PAIR("type", JSON_BUILD_CONST_STRING("systemd-homed")),
JSON_BUILD_PAIR("keyslots", JSON_BUILD_EMPTY_ARRAY),
JSON_BUILD_PAIR("record", JSON_BUILD_BASE64(encrypted, encrypted_size_out1 + encrypted_size_out2)),
JSON_BUILD_PAIR("iv", JSON_BUILD_BASE64(iv, iv_size))));
JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("userName", JSON_BUILD_STRING(user_name)),
JSON_BUILD_PAIR_CONDITION(!!rr, "realm", JSON_BUILD_STRING(realm)),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("regular")),
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("regular")),
JSON_BUILD_PAIR("binding", JSON_BUILD_OBJECT(
JSON_BUILD_PAIR(SD_ID128_TO_STRING(mid), JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("imagePath", JSON_BUILD_STRING(image_path)),
JSON_BUILD_PAIR_CONDITION(h->disposition >= 0, "disposition", JSON_BUILD_STRING(user_disposition_to_string(user_record_disposition(h)))),
JSON_BUILD_PAIR("status", JSON_BUILD_OBJECT(
JSON_BUILD_PAIR(SD_ID128_TO_STRING(mid), JSON_BUILD_OBJECT(
- JSON_BUILD_PAIR("service", JSON_BUILD_STRING("io.systemd.Home"))))))));
+ JSON_BUILD_PAIR("service", JSON_BUILD_CONST_STRING("io.systemd.Home"))))))));
if (r < 0)
return r;
return ret;
}
-static void journal_file_revert_entry_seqnum(
- JournalFile *f,
- uint64_t *seqnum,
- uint64_t revert_seqnum) {
-
- assert(f);
- assert(f->header);
-
- if (revert_seqnum == 0) /* sequence number 0? can't go back */
- return;
-
- /* Undoes the effect of journal_file_entry_seqnum() above: if we fail to append an entry to a file,
- * let's revert the seqnum we were about to use, so that we can use it on the next entry. */
-
- if (le64toh(f->header->tail_entry_seqnum) == revert_seqnum)
- f->header->tail_entry_seqnum = htole64(revert_seqnum - 1);
-
- if (le64toh(f->header->head_entry_seqnum) == revert_seqnum)
- f->header->head_entry_seqnum = 0;
-
- if (seqnum && *seqnum == revert_seqnum)
- *seqnum = revert_seqnum - 1;
-}
-
int journal_file_append_object(
JournalFile *f,
ObjectType type,
#if HAVE_GCRYPT
r = journal_file_hmac_put_object(f, OBJECT_ENTRY, o, np);
if (r < 0)
- goto fail;
+ return r;
#endif
r = journal_file_link_entry(f, o, np);
if (r < 0)
- goto fail;
+ return r;
if (ret)
*ret = o;
if (ret_offset)
*ret_offset = np;
- return 0;
-
-fail:
- journal_file_revert_entry_seqnum(f, seqnum, le64toh(o->entry.seqnum));
return r;
}
if ((o->object.flags & OBJECT_COMPRESSED_XZ) &&
o->object.type != OBJECT_DATA) {
- error(offset, "Found compressed object that isn't of type DATA, which is not allowed.");
+ error(offset,
+ "Found compressed object of type %s that isn't of type data, which is not allowed.",
+ journal_object_type_to_string(o->object.type));
return -EBADMSG;
}
if ((le64toh(o->object.size) - offsetof(HashTableObject, items)) % sizeof(HashItem) != 0 ||
(le64toh(o->object.size) - offsetof(HashTableObject, items)) / sizeof(HashItem) <= 0) {
error(offset,
- "Invalid %s hash table size: %"PRIu64,
- o->object.type == OBJECT_DATA_HASH_TABLE ? "data" : "field",
+ "Invalid %s size: %"PRIu64,
+ journal_object_type_to_string(o->object.type),
le64toh(o->object.size));
return -EBADMSG;
}
!VALID64(le64toh(o->hash_table.items[i].head_hash_offset))) {
error(offset,
"Invalid %s hash table item (%"PRIu64"/%"PRIu64") head_hash_offset: "OFSfmt,
- o->object.type == OBJECT_DATA_HASH_TABLE ? "data" : "field",
+ journal_object_type_to_string(o->object.type),
i, journal_file_hash_table_n_items(o),
le64toh(o->hash_table.items[i].head_hash_offset));
return -EBADMSG;
!VALID64(le64toh(o->hash_table.items[i].tail_hash_offset))) {
error(offset,
"Invalid %s hash table item (%"PRIu64"/%"PRIu64") tail_hash_offset: "OFSfmt,
- o->object.type == OBJECT_DATA_HASH_TABLE ? "data" : "field",
+ journal_object_type_to_string(o->object.type),
i, journal_file_hash_table_n_items(o),
le64toh(o->hash_table.items[i].tail_hash_offset));
return -EBADMSG;
(o->hash_table.items[i].tail_hash_offset != 0)) {
error(offset,
"Invalid %s hash table item (%"PRIu64"/%"PRIu64"): head_hash_offset="OFSfmt" tail_hash_offset="OFSfmt,
- o->object.type == OBJECT_DATA_HASH_TABLE ? "data" : "field",
+ journal_object_type_to_string(o->object.type),
i, journal_file_hash_table_n_items(o),
le64toh(o->hash_table.items[i].head_hash_offset),
le64toh(o->hash_table.items[i].tail_hash_offset));
q = le64toh(o->entry_array.items[j]);
if (q <= last) {
- error(p, "Data object's entry array not sorted");
+ error(p, "Data object's entry array not sorted (%"PRIu64" <= %"PRIu64")", q, last);
return -EBADMSG;
}
last = q;
}
if (last != le64toh(f->data_hash_table[i].tail_hash_offset)) {
- error(p, "Tail hash pointer mismatch in hash table");
+ error(p,
+ "Tail hash pointer mismatch in hash table (%"PRIu64" != %"PRIu64")",
+ last,
+ le64toh(f->data_hash_table[i].tail_hash_offset));
return -EBADMSG;
}
}
r = journal_file_move_to_object(f, OBJECT_UNUSED, p, &o);
if (r < 0) {
- error(p, "Invalid object");
+ error_errno(p, r, "Invalid object: %m");
goto fail;
}
if (p > le64toh(f->header->tail_object_offset)) {
- error(offsetof(Header, tail_object_offset), "Invalid tail object pointer");
+ error(offsetof(Header, tail_object_offset),
+ "Invalid tail object pointer (%"PRIu64" > %"PRIu64")",
+ p,
+ le64toh(f->header->tail_object_offset));
r = -EBADMSG;
goto fail;
}
if (!!(o->object.flags & OBJECT_COMPRESSED_XZ) +
!!(o->object.flags & OBJECT_COMPRESSED_LZ4) +
!!(o->object.flags & OBJECT_COMPRESSED_ZSTD) > 1) {
- error(p, "Object has multiple compression flags set");
+ error(p, "Object has multiple compression flags set (flags: 0x%x)", o->object.flags);
r = -EINVAL;
goto fail;
}
goto fail;
if (le64toh(o->entry.realtime) < last_tag_realtime) {
- error(p, "Older entry after newer tag");
+ error(p,
+ "Older entry after newer tag (%"PRIu64" < %"PRIu64")",
+ le64toh(o->entry.realtime),
+ last_tag_realtime);
r = -EBADMSG;
goto fail;
}
if (!entry_seqnum_set &&
le64toh(o->entry.seqnum) != le64toh(f->header->head_entry_seqnum)) {
- error(p, "Head entry sequence number incorrect");
+ error(p,
+ "Head entry sequence number incorrect (%"PRIu64" != %"PRIu64")",
+ le64toh(o->entry.seqnum),
+ le64toh(f->header->head_entry_seqnum));
r = -EBADMSG;
goto fail;
}
if (entry_seqnum_set &&
entry_seqnum >= le64toh(o->entry.seqnum)) {
- error(p, "Entry sequence number out of synchronization");
+ error(p,
+ "Entry sequence number out of synchronization (%"PRIu64" >= %"PRIu64")",
+ entry_seqnum,
+ le64toh(o->entry.seqnum));
r = -EBADMSG;
goto fail;
}
if (entry_monotonic_set &&
sd_id128_equal(entry_boot_id, o->entry.boot_id) &&
entry_monotonic > le64toh(o->entry.monotonic)) {
- error(p, "Entry timestamp out of synchronization");
+ error(p,
+ "Entry timestamp out of synchronization (%"PRIu64" > %"PRIu64")",
+ entry_monotonic,
+ le64toh(o->entry.monotonic));
r = -EBADMSG;
goto fail;
}
if (!entry_realtime_set &&
le64toh(o->entry.realtime) != le64toh(f->header->head_entry_realtime)) {
- error(p, "Head entry realtime timestamp incorrect");
+ error(p,
+ "Head entry realtime timestamp incorrect (%"PRIu64" != %"PRIu64")",
+ le64toh(o->entry.realtime),
+ le64toh(f->header->head_entry_realtime));
r = -EBADMSG;
goto fail;
}
}
if (le64toh(o->tag.seqnum) != n_tags + 1) {
- error(p, "Tag sequence number out of synchronization");
+ error(p,
+ "Tag sequence number out of synchronization (%"PRIu64" != %"PRIu64")",
+ le64toh(o->tag.seqnum),
+ n_tags + 1);
r = -EBADMSG;
goto fail;
}
if (le64toh(o->tag.epoch) < last_epoch) {
- error(p, "Epoch sequence out of synchronization");
+ error(p,
+ "Epoch sequence out of synchronization (%"PRIu64" < %"PRIu64")",
+ le64toh(o->tag.epoch),
+ last_epoch);
r = -EBADMSG;
goto fail;
}
rt = f->fss_start_usec + le64toh(o->tag.epoch) * f->fss_interval_usec;
if (entry_realtime_set && entry_realtime >= rt + f->fss_interval_usec) {
- error(p, "tag/entry realtime timestamp out of synchronization");
+ error(p,
+ "tag/entry realtime timestamp out of synchronization (%"PRIu64" >= %"PRIu64")",
+ entry_realtime,
+ rt + f->fss_interval_usec);
r = -EBADMSG;
goto fail;
}
};
if (!found_last && le64toh(f->header->tail_object_offset) != 0) {
- error(le64toh(f->header->tail_object_offset), "Tail object pointer dead");
+ error(le64toh(f->header->tail_object_offset),
+ "Tail object pointer dead (%"PRIu64" != 0)",
+ le64toh(f->header->tail_object_offset));
r = -EBADMSG;
goto fail;
}
if (n_objects != le64toh(f->header->n_objects)) {
- error(offsetof(Header, n_objects), "Object number mismatch");
+ error(offsetof(Header, n_objects),
+ "Object number mismatch (%"PRIu64" != %"PRIu64")",
+ n_objects,
+ le64toh(f->header->n_objects));
r = -EBADMSG;
goto fail;
}
if (n_entries != le64toh(f->header->n_entries)) {
- error(offsetof(Header, n_entries), "Entry number mismatch");
+ error(offsetof(Header, n_entries),
+ "Entry number mismatch (%"PRIu64" != %"PRIu64")",
+ n_entries,
+ le64toh(f->header->n_entries));
r = -EBADMSG;
goto fail;
}
if (JOURNAL_HEADER_CONTAINS(f->header, n_data) &&
n_data != le64toh(f->header->n_data)) {
- error(offsetof(Header, n_data), "Data number mismatch");
+ error(offsetof(Header, n_data),
+ "Data number mismatch (%"PRIu64" != %"PRIu64")",
+ n_data,
+ le64toh(f->header->n_data));
r = -EBADMSG;
goto fail;
}
if (JOURNAL_HEADER_CONTAINS(f->header, n_fields) &&
n_fields != le64toh(f->header->n_fields)) {
- error(offsetof(Header, n_fields), "Field number mismatch");
+ error(offsetof(Header, n_fields),
+ "Field number mismatch (%"PRIu64" != %"PRIu64")",
+ n_fields,
+ le64toh(f->header->n_fields));
r = -EBADMSG;
goto fail;
}
if (JOURNAL_HEADER_CONTAINS(f->header, n_tags) &&
n_tags != le64toh(f->header->n_tags)) {
- error(offsetof(Header, n_tags), "Tag number mismatch");
+ error(offsetof(Header, n_tags),
+ "Tag number mismatch (%"PRIu64" != %"PRIu64")",
+ n_tags,
+ le64toh(f->header->n_tags));
r = -EBADMSG;
goto fail;
}
if (JOURNAL_HEADER_CONTAINS(f->header, n_entry_arrays) &&
n_entry_arrays != le64toh(f->header->n_entry_arrays)) {
- error(offsetof(Header, n_entry_arrays), "Entry array number mismatch");
+ error(offsetof(Header, n_entry_arrays),
+ "Entry array number mismatch (%"PRIu64" != %"PRIu64")",
+ n_entry_arrays,
+ le64toh(f->header->n_entry_arrays));
r = -EBADMSG;
goto fail;
}
if (!found_main_entry_array && le64toh(f->header->entry_array_offset) != 0) {
- error(0, "Missing entry array");
+ error(0, "Missing main entry array");
r = -EBADMSG;
goto fail;
}
if (entry_seqnum_set &&
entry_seqnum != le64toh(f->header->tail_entry_seqnum)) {
- error(offsetof(Header, tail_entry_seqnum), "Invalid tail seqnum");
+ error(offsetof(Header, tail_entry_seqnum),
+ "Tail entry sequence number incorrect (%"PRIu64" != %"PRIu64")",
+ entry_seqnum,
+ le64toh(f->header->tail_entry_seqnum));
r = -EBADMSG;
goto fail;
}
if (entry_monotonic_set &&
(sd_id128_equal(entry_boot_id, f->header->boot_id) &&
entry_monotonic != le64toh(f->header->tail_entry_monotonic))) {
- error(0, "Invalid tail monotonic timestamp");
+ error(0,
+ "Invalid tail monotonic timestamp (%"PRIu64" != %"PRIu64")",
+ entry_monotonic,
+ le64toh(f->header->tail_entry_monotonic));
r = -EBADMSG;
goto fail;
}
if (entry_realtime_set && entry_realtime != le64toh(f->header->tail_entry_realtime)) {
- error(0, "Invalid tail realtime timestamp");
+ error(0,
+ "Invalid tail realtime timestamp (%"PRIu64" != %"PRIu64")",
+ entry_realtime,
+ le64toh(f->header->tail_entry_realtime));
r = -EBADMSG;
goto fail;
}
JSON_BUILD_PAIR("uid", JSON_BUILD_UNSIGNED(uid)),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(GID_NOBODY)),
JSON_BUILD_PAIR_CONDITION(!isempty(real_name), "realName", JSON_BUILD_STRING(real_name)),
- JSON_BUILD_PAIR("homeDirectory", JSON_BUILD_STRING("/")),
+ JSON_BUILD_PAIR("homeDirectory", JSON_BUILD_CONST_STRING("/")),
JSON_BUILD_PAIR("shell", JSON_BUILD_STRING(NOLOGIN)),
JSON_BUILD_PAIR("locked", JSON_BUILD_BOOLEAN(true)),
- JSON_BUILD_PAIR("service", JSON_BUILD_STRING("io.systemd.Machine")),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("container"))))));
+ JSON_BUILD_PAIR("service", JSON_BUILD_CONST_STRING("io.systemd.Machine")),
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("container"))))));
}
static bool user_match_lookup_parameters(LookupParameters *p, const char *name, uid_t uid) {
JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(group_name)),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(gid)),
JSON_BUILD_PAIR_CONDITION(!isempty(description), "description", JSON_BUILD_STRING(description)),
- JSON_BUILD_PAIR("service", JSON_BUILD_STRING("io.systemd.Machine")),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("container"))))));
+ JSON_BUILD_PAIR("service", JSON_BUILD_CONST_STRING("io.systemd.Machine")),
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("container"))))));
}
static bool group_match_lookup_parameters(LookupParameters *p, const char *name, gid_t gid) {
r = net_match_config(
&network->match,
link->sd_device,
- link->hw_addr.length == ETH_ALEN ? &link->hw_addr.ether : NULL,
- link->permanent_hw_addr.length == ETH_ALEN ? &link->permanent_hw_addr.ether : NULL,
+ &link->hw_addr,
+ &link->permanent_hw_addr,
link->driver,
link->iftype,
link->ifname,
#include "string-util.h"
#include "strv.h"
-static int property_get_ether_addrs(
+static int property_get_hw_addrs(
sd_bus *bus,
const char *path,
const char *interface,
void *userdata,
sd_bus_error *error) {
- const struct ether_addr *p;
+ const struct hw_addr_data *p;
Set *s;
int r;
return r;
SET_FOREACH(p, s) {
- r = sd_bus_message_append(reply, "s", ETHER_ADDR_TO_STR(p));
+ r = sd_bus_message_append(reply, "s", HW_ADDR_TO_STR(p));
if (r < 0)
return r;
}
SD_BUS_PROPERTY("Description", "s", NULL, offsetof(Network, description), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SourcePath", "s", NULL, offsetof(Network, filename), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MatchMAC", "as", property_get_ether_addrs, offsetof(Network, match.mac), SD_BUS_VTABLE_PROPERTY_CONST),
+ SD_BUS_PROPERTY("MatchMAC", "as", property_get_hw_addrs, offsetof(Network, match.hw_addr), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("MatchPath", "as", NULL, offsetof(Network, match.path), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("MatchDriver", "as", NULL, offsetof(Network, match.driver), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("MatchType", "as", NULL, offsetof(Network, match.iftype), SD_BUS_VTABLE_PROPERTY_CONST),
%struct-type
%includes
%%
-Match.MACAddress, config_parse_ether_addrs, 0, offsetof(Network, match.mac)
-Match.PermanentMACAddress, config_parse_ether_addrs, 0, offsetof(Network, match.permanent_mac)
+Match.MACAddress, config_parse_hw_addrs, 0, offsetof(Network, match.hw_addr)
+Match.PermanentMACAddress, config_parse_hw_addrs, 0, offsetof(Network, match.permanent_hw_addr)
Match.Path, config_parse_match_strv, 0, offsetof(Network, match.path)
Match.Driver, config_parse_match_strv, 0, offsetof(Network, match.driver)
Match.Type, config_parse_match_strv, 0, offsetof(Network, match.iftype)
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(allocate_uid)),
JSON_BUILD_PAIR_CONDITION(u->disposition >= 0, "disposition", JSON_BUILD_STRING(user_disposition_to_string(u->disposition))),
JSON_BUILD_PAIR("homeDirectory", JSON_BUILD_STRING(h)),
- JSON_BUILD_PAIR("service", JSON_BUILD_STRING("io.systemd.NSpawn")),
+ JSON_BUILD_PAIR("service", JSON_BUILD_CONST_STRING("io.systemd.NSpawn")),
JSON_BUILD_PAIR_CONDITION(!strv_isempty(u->hashed_password), "privileged", JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("hashedPassword", JSON_BUILD_VARIANT(hp))))));
if (r < 0)
JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(g->group_name)),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(allocate_uid)),
JSON_BUILD_PAIR_CONDITION(g->disposition >= 0, "disposition", JSON_BUILD_STRING(user_disposition_to_string(g->disposition))),
- JSON_BUILD_PAIR("service", JSON_BUILD_STRING("io.systemd.NSpawn"))));
+ JSON_BUILD_PAIR("service", JSON_BUILD_CONST_STRING("io.systemd.NSpawn"))));
if (r < 0)
return log_error_errno(r, "Failed to build container group record: %m");
designator = PARTITION_XBOOTLDR;
rw = !(pflags & GPT_FLAG_READ_ONLY);
growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS);
- }
-#ifdef GPT_ROOT_NATIVE
- else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE)) {
+
+ } else if (gpt_partition_type_is_root(type_id)) {
check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY|GPT_FLAG_GROWFS);
if (!sd_id128_is_null(root_uuid) && !sd_id128_equal(root_uuid, id))
continue;
- designator = PARTITION_ROOT;
- architecture = native_architecture();
+ assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0);
+ designator = PARTITION_ROOT_OF_ARCH(architecture);
rw = !(pflags & GPT_FLAG_READ_ONLY);
growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS);
- } else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE_VERITY)) {
+ } else if (gpt_partition_type_is_root_verity(type_id)) {
check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY);
if (!sd_id128_is_null(root_verity_uuid) && !sd_id128_equal(root_verity_uuid, id))
continue;
- designator = PARTITION_ROOT_VERITY;
+ assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0);
+ designator = PARTITION_VERITY_OF(PARTITION_ROOT_OF_ARCH(architecture));
fstype = "DM_verity_hash";
- architecture = native_architecture();
rw = false;
- } else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE_VERITY_SIG)) {
+ } else if (gpt_partition_type_is_root_verity_sig(type_id)) {
check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY);
if (verity->root_hash)
continue;
- designator = PARTITION_ROOT_VERITY_SIG;
+ assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0);
+ designator = PARTITION_VERITY_SIG_OF(PARTITION_ROOT_OF_ARCH(architecture));
fstype = "verity_hash_signature";
- architecture = native_architecture();
- rw = false;
- }
-#endif
-#ifdef GPT_ROOT_SECONDARY
- else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY)) {
-
- check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY|GPT_FLAG_GROWFS);
-
- if (pflags & GPT_FLAG_NO_AUTO)
- continue;
-
- /* If a root ID is specified, ignore everything but the root id */
- if (!sd_id128_is_null(root_uuid) && !sd_id128_equal(root_uuid, id))
- continue;
-
- designator = PARTITION_ROOT_SECONDARY;
- architecture = SECONDARY_ARCHITECTURE;
- rw = !(pflags & GPT_FLAG_READ_ONLY);
- growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS);
-
- } else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY_VERITY)) {
-
- check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY);
-
- if (pflags & GPT_FLAG_NO_AUTO)
- continue;
-
- m->has_verity = true;
-
- /* Don't do verity if no verity config is passed in */
- if (!verity)
- continue;
- if (verity->designator >= 0 && verity->designator != PARTITION_ROOT)
- continue;
-
- /* If root hash is specified, then ignore everything but the root id */
- if (!sd_id128_is_null(root_verity_uuid) && !sd_id128_equal(root_verity_uuid, id))
- continue;
-
- designator = PARTITION_ROOT_SECONDARY_VERITY;
- fstype = "DM_verity_hash";
- architecture = SECONDARY_ARCHITECTURE;
rw = false;
- } else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY_VERITY_SIG)) {
-
- check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY);
-
- if (pflags & GPT_FLAG_NO_AUTO)
- continue;
-
- m->has_verity_sig = true;
-
- /* If root hash is specified explicitly, then ignore any embedded signature */
- if (!verity)
- continue;
- if (verity->designator >= 0 && verity->designator != PARTITION_ROOT)
- continue;
- if (verity->root_hash)
- continue;
-
- designator = PARTITION_ROOT_SECONDARY_VERITY_SIG;
- fstype = "verity_hash_signature";
- architecture = native_architecture();
- rw = false;
- }
-#endif
-#ifdef GPT_USR_NATIVE
- else if (sd_id128_equal(type_id, GPT_USR_NATIVE)) {
+ } else if (gpt_partition_type_is_usr(type_id)) {
check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY|GPT_FLAG_GROWFS);
if (!sd_id128_is_null(usr_uuid) && !sd_id128_equal(usr_uuid, id))
continue;
- designator = PARTITION_USR;
- architecture = native_architecture();
+ assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0);
+ designator = PARTITION_USR_OF_ARCH(architecture);
rw = !(pflags & GPT_FLAG_READ_ONLY);
growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS);
- } else if (sd_id128_equal(type_id, GPT_USR_NATIVE_VERITY)) {
+ } else if (gpt_partition_type_is_usr_verity(type_id)) {
check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY);
if (!sd_id128_is_null(usr_verity_uuid) && !sd_id128_equal(usr_verity_uuid, id))
continue;
- designator = PARTITION_USR_VERITY;
+ assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0);
+ designator = PARTITION_VERITY_OF(PARTITION_USR_OF_ARCH(architecture));
fstype = "DM_verity_hash";
- architecture = native_architecture();
rw = false;
- } else if (sd_id128_equal(type_id, GPT_USR_NATIVE_VERITY_SIG)) {
+ } else if (gpt_partition_type_is_usr_verity_sig(type_id)) {
check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY);
if (verity->root_hash)
continue;
- designator = PARTITION_USR_VERITY_SIG;
+ assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0);
+ designator = PARTITION_VERITY_SIG_OF(PARTITION_USR_OF_ARCH(architecture));
fstype = "verity_hash_signature";
- architecture = native_architecture();
- rw = false;
- }
-#endif
-#ifdef GPT_USR_SECONDARY
- else if (sd_id128_equal(type_id, GPT_USR_SECONDARY)) {
-
- check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY|GPT_FLAG_GROWFS);
-
- if (pflags & GPT_FLAG_NO_AUTO)
- continue;
-
- /* If a usr ID is specified, ignore everything but the usr id */
- if (!sd_id128_is_null(usr_uuid) && !sd_id128_equal(usr_uuid, id))
- continue;
-
- designator = PARTITION_USR_SECONDARY;
- architecture = SECONDARY_ARCHITECTURE;
- rw = !(pflags & GPT_FLAG_READ_ONLY);
- growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS);
-
- } else if (sd_id128_equal(type_id, GPT_USR_SECONDARY_VERITY)) {
-
- check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY);
-
- if (pflags & GPT_FLAG_NO_AUTO)
- continue;
-
- m->has_verity = true;
-
- if (!verity)
- continue;
- if (verity->designator >= 0 && verity->designator != PARTITION_USR)
- continue;
-
- /* If usr hash is specified, then ignore everything but the root id */
- if (!sd_id128_is_null(usr_verity_uuid) && !sd_id128_equal(usr_verity_uuid, id))
- continue;
-
- designator = PARTITION_USR_SECONDARY_VERITY;
- fstype = "DM_verity_hash";
- architecture = SECONDARY_ARCHITECTURE;
rw = false;
- } else if (sd_id128_equal(type_id, GPT_USR_SECONDARY_VERITY_SIG)) {
-
- check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY);
-
- if (pflags & GPT_FLAG_NO_AUTO)
- continue;
-
- m->has_verity_sig = true;
-
- /* If usr hash is specified explicitly, then ignore any embedded signature */
- if (!verity)
- continue;
- if (verity->designator >= 0 && verity->designator != PARTITION_USR)
- continue;
- if (verity->root_hash)
- continue;
-
- designator = PARTITION_USR_SECONDARY_VERITY_SIG;
- fstype = "verity_hash_signature";
- architecture = native_architecture();
- rw = false;
- }
-#endif
- else if (sd_id128_equal(type_id, GPT_SWAP)) {
+ } else if (sd_id128_equal(type_id, GPT_SWAP)) {
check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO);
}
if (m->partitions[PARTITION_ROOT].found) {
- /* If we found the primary arch, then invalidate the secondary arch to avoid any ambiguities,
- * since we never want to mount the secondary arch in this case. */
+ /* If we found the primary arch, then invalidate the secondary and other arch to avoid any
+ * ambiguities, since we never want to mount the secondary or other arch in this case. */
m->partitions[PARTITION_ROOT_SECONDARY].found = false;
m->partitions[PARTITION_ROOT_SECONDARY_VERITY].found = false;
m->partitions[PARTITION_ROOT_SECONDARY_VERITY_SIG].found = false;
m->partitions[PARTITION_USR_SECONDARY_VERITY].found = false;
m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG].found = false;
+ m->partitions[PARTITION_ROOT_OTHER].found = false;
+ m->partitions[PARTITION_ROOT_OTHER_VERITY].found = false;
+ m->partitions[PARTITION_ROOT_OTHER_VERITY_SIG].found = false;
+ m->partitions[PARTITION_USR_OTHER].found = false;
+ m->partitions[PARTITION_USR_OTHER_VERITY].found = false;
+ m->partitions[PARTITION_USR_OTHER_VERITY_SIG].found = false;
+
} else if (m->partitions[PARTITION_ROOT_VERITY].found ||
m->partitions[PARTITION_ROOT_VERITY_SIG].found)
return -EADDRNOTAVAIL; /* Verity found but no matching rootfs? Something is off, refuse. */
else if (m->partitions[PARTITION_ROOT_SECONDARY].found) {
/* No root partition found but there's one for the secondary architecture? Then upgrade
- * secondary arch to first */
+ * secondary arch to first and invalidate the other arch. */
+
+ log_debug("No root partition found of the native architecture, falling back to a root "
+ "partition of the secondary architecture.");
m->partitions[PARTITION_ROOT] = m->partitions[PARTITION_ROOT_SECONDARY];
zero(m->partitions[PARTITION_ROOT_SECONDARY]);
m->partitions[PARTITION_USR_VERITY_SIG] = m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG];
zero(m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG]);
+ m->partitions[PARTITION_ROOT_OTHER].found = false;
+ m->partitions[PARTITION_ROOT_OTHER_VERITY].found = false;
+ m->partitions[PARTITION_ROOT_OTHER_VERITY_SIG].found = false;
+ m->partitions[PARTITION_USR_OTHER].found = false;
+ m->partitions[PARTITION_USR_OTHER_VERITY].found = false;
+ m->partitions[PARTITION_USR_OTHER_VERITY_SIG].found = false;
+
} else if (m->partitions[PARTITION_ROOT_SECONDARY_VERITY].found ||
m->partitions[PARTITION_ROOT_SECONDARY_VERITY_SIG].found)
return -EADDRNOTAVAIL; /* as above */
+ else if (m->partitions[PARTITION_ROOT_OTHER].found) {
+
+ /* No root or secondary partition found but there's one for another architecture? Then
+ * upgrade the other architecture to first. */
+
+ log_debug("No root partition found of the native architecture or the secondary architecture, "
+ "falling back to a root partition of a non-native architecture (%s).",
+ architecture_to_string(m->partitions[PARTITION_ROOT_OTHER].architecture));
+
+ m->partitions[PARTITION_ROOT] = m->partitions[PARTITION_ROOT_OTHER];
+ zero(m->partitions[PARTITION_ROOT_OTHER]);
+ m->partitions[PARTITION_ROOT_VERITY] = m->partitions[PARTITION_ROOT_OTHER_VERITY];
+ zero(m->partitions[PARTITION_ROOT_OTHER_VERITY]);
+ m->partitions[PARTITION_ROOT_VERITY_SIG] = m->partitions[PARTITION_ROOT_OTHER_VERITY_SIG];
+ zero(m->partitions[PARTITION_ROOT_OTHER_VERITY_SIG]);
+
+ m->partitions[PARTITION_USR] = m->partitions[PARTITION_USR_OTHER];
+ zero(m->partitions[PARTITION_USR_OTHER]);
+ m->partitions[PARTITION_USR_VERITY] = m->partitions[PARTITION_USR_OTHER_VERITY];
+ zero(m->partitions[PARTITION_USR_OTHER_VERITY]);
+ m->partitions[PARTITION_USR_VERITY_SIG] = m->partitions[PARTITION_USR_OTHER_VERITY_SIG];
+ zero(m->partitions[PARTITION_USR_OTHER_VERITY_SIG]);
+ }
+
/* Hmm, we found a signature partition but no Verity data? Something is off. */
if (m->partitions[PARTITION_ROOT_VERITY_SIG].found && !m->partitions[PARTITION_ROOT_VERITY].found)
return -EADDRNOTAVAIL;
if (m->partitions[PARTITION_USR].found) {
- /* Invalidate secondary arch /usr/ if we found the primary arch */
+ /* Invalidate secondary and other arch /usr/ if we found the primary arch */
m->partitions[PARTITION_USR_SECONDARY].found = false;
m->partitions[PARTITION_USR_SECONDARY_VERITY].found = false;
m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG].found = false;
+ m->partitions[PARTITION_USR_OTHER].found = false;
+ m->partitions[PARTITION_USR_OTHER_VERITY].found = false;
+ m->partitions[PARTITION_USR_OTHER_VERITY_SIG].found = false;
+
} else if (m->partitions[PARTITION_USR_VERITY].found ||
m->partitions[PARTITION_USR_VERITY_SIG].found)
return -EADDRNOTAVAIL; /* as above */
else if (m->partitions[PARTITION_USR_SECONDARY].found) {
+ log_debug("No usr partition found of the native architecture, falling back to a usr "
+ "partition of the secondary architecture.");
+
/* Upgrade secondary arch to primary */
m->partitions[PARTITION_USR] = m->partitions[PARTITION_USR_SECONDARY];
zero(m->partitions[PARTITION_USR_SECONDARY]);
m->partitions[PARTITION_USR_VERITY_SIG] = m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG];
zero(m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG]);
+ m->partitions[PARTITION_USR_OTHER].found = false;
+ m->partitions[PARTITION_USR_OTHER_VERITY].found = false;
+ m->partitions[PARTITION_USR_OTHER_VERITY_SIG].found = false;
+
} else if (m->partitions[PARTITION_USR_SECONDARY_VERITY].found ||
m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG].found)
return -EADDRNOTAVAIL; /* as above */
+ else if (m->partitions[PARTITION_USR_OTHER].found) {
+
+ log_debug("No usr partition found of the native architecture or the secondary architecture, "
+ "falling back to a usr partition of a non-native architecture (%s).",
+ architecture_to_string(m->partitions[PARTITION_ROOT_OTHER].architecture));
+
+ /* Upgrade other arch to primary */
+ m->partitions[PARTITION_USR] = m->partitions[PARTITION_USR_OTHER];
+ zero(m->partitions[PARTITION_USR_OTHER]);
+ m->partitions[PARTITION_USR_VERITY] = m->partitions[PARTITION_USR_OTHER_VERITY];
+ zero(m->partitions[PARTITION_USR_OTHER_VERITY]);
+ m->partitions[PARTITION_USR_VERITY_SIG] = m->partitions[PARTITION_USR_OTHER_VERITY_SIG];
+ zero(m->partitions[PARTITION_USR_OTHER_VERITY_SIG]);
+ }
+
/* Hmm, we found a signature partition but no Verity data? Something is off. */
if (m->partitions[PARTITION_USR_VERITY_SIG].found && !m->partitions[PARTITION_USR_VERITY].found)
return -EADDRNOTAVAIL;
static const char *const partition_designator_table[] = {
[PARTITION_ROOT] = "root",
[PARTITION_ROOT_SECONDARY] = "root-secondary",
+ [PARTITION_ROOT_OTHER] = "root-other",
[PARTITION_USR] = "usr",
[PARTITION_USR_SECONDARY] = "usr-secondary",
+ [PARTITION_USR_OTHER] = "usr-other",
[PARTITION_HOME] = "home",
[PARTITION_SRV] = "srv",
[PARTITION_ESP] = "esp",
[PARTITION_SWAP] = "swap",
[PARTITION_ROOT_VERITY] = "root-verity",
[PARTITION_ROOT_SECONDARY_VERITY] = "root-secondary-verity",
+ [PARTITION_ROOT_OTHER_VERITY] = "root-other-verity",
[PARTITION_USR_VERITY] = "usr-verity",
[PARTITION_USR_SECONDARY_VERITY] = "usr-secondary-verity",
+ [PARTITION_USR_OTHER_VERITY] = "usr-other-verity",
[PARTITION_ROOT_VERITY_SIG] = "root-verity-sig",
[PARTITION_ROOT_SECONDARY_VERITY_SIG] = "root-secondary-verity-sig",
+ [PARTITION_ROOT_OTHER_VERITY_SIG] = "root-other-verity-sig",
[PARTITION_USR_VERITY_SIG] = "usr-verity-sig",
[PARTITION_USR_SECONDARY_VERITY_SIG] = "usr-secondary-verity-sig",
+ [PARTITION_USR_OTHER_VERITY_SIG] = "usr-other-verity-sig",
[PARTITION_TMP] = "tmp",
[PARTITION_VAR] = "var",
};
#include "sd-id128.h"
+#include "architecture.h"
#include "list.h"
#include "loop-util.h"
#include "macro.h"
typedef enum PartitionDesignator {
PARTITION_ROOT,
PARTITION_ROOT_SECONDARY, /* Secondary architecture */
+ PARTITION_ROOT_OTHER,
PARTITION_USR,
PARTITION_USR_SECONDARY,
+ PARTITION_USR_OTHER,
PARTITION_HOME,
PARTITION_SRV,
PARTITION_ESP,
PARTITION_SWAP,
PARTITION_ROOT_VERITY, /* verity data for the PARTITION_ROOT partition */
PARTITION_ROOT_SECONDARY_VERITY, /* verity data for the PARTITION_ROOT_SECONDARY partition */
+ PARTITION_ROOT_OTHER_VERITY,
PARTITION_USR_VERITY,
PARTITION_USR_SECONDARY_VERITY,
+ PARTITION_USR_OTHER_VERITY,
PARTITION_ROOT_VERITY_SIG, /* PKCS#7 signature for root hash for the PARTITION_ROOT partition */
PARTITION_ROOT_SECONDARY_VERITY_SIG, /* ditto for the PARTITION_ROOT_SECONDARY partition */
+ PARTITION_ROOT_OTHER_VERITY_SIG,
PARTITION_USR_VERITY_SIG,
PARTITION_USR_SECONDARY_VERITY_SIG,
+ PARTITION_USR_OTHER_VERITY_SIG,
PARTITION_TMP,
PARTITION_VAR,
_PARTITION_DESIGNATOR_MAX,
return IN_SET(d,
PARTITION_ROOT,
PARTITION_ROOT_SECONDARY,
+ PARTITION_ROOT_OTHER,
PARTITION_USR,
PARTITION_USR_SECONDARY,
+ PARTITION_USR_OTHER,
PARTITION_ROOT_VERITY,
PARTITION_ROOT_SECONDARY_VERITY,
+ PARTITION_ROOT_OTHER_VERITY,
PARTITION_USR_VERITY,
PARTITION_USR_SECONDARY_VERITY,
+ PARTITION_USR_OTHER_VERITY,
PARTITION_ROOT_VERITY_SIG,
PARTITION_ROOT_SECONDARY_VERITY_SIG,
+ PARTITION_ROOT_OTHER_VERITY_SIG,
PARTITION_USR_VERITY_SIG,
- PARTITION_USR_SECONDARY_VERITY_SIG);
+ PARTITION_USR_SECONDARY_VERITY_SIG,
+ PARTITION_USR_OTHER_VERITY_SIG);
}
static inline PartitionDesignator PARTITION_VERITY_OF(PartitionDesignator p) {
case PARTITION_ROOT_SECONDARY:
return PARTITION_ROOT_SECONDARY_VERITY;
+ case PARTITION_ROOT_OTHER:
+ return PARTITION_ROOT_OTHER_VERITY;
+
case PARTITION_USR:
return PARTITION_USR_VERITY;
case PARTITION_USR_SECONDARY:
return PARTITION_USR_SECONDARY_VERITY;
+ case PARTITION_USR_OTHER:
+ return PARTITION_USR_OTHER_VERITY;
+
default:
return _PARTITION_DESIGNATOR_INVALID;
}
case PARTITION_ROOT_SECONDARY:
return PARTITION_ROOT_SECONDARY_VERITY_SIG;
+ case PARTITION_ROOT_OTHER:
+ return PARTITION_ROOT_OTHER_VERITY_SIG;
+
case PARTITION_USR:
return PARTITION_USR_VERITY_SIG;
case PARTITION_USR_SECONDARY:
return PARTITION_USR_SECONDARY_VERITY_SIG;
+ case PARTITION_USR_OTHER:
+ return PARTITION_USR_OTHER_VERITY_SIG;
+
default:
return _PARTITION_DESIGNATOR_INVALID;
}
}
+static inline PartitionDesignator PARTITION_ROOT_OF_ARCH(Architecture arch) {
+ switch (arch) {
+
+ case native_architecture():
+ return PARTITION_ROOT;
+
+#ifdef ARCHITECTURE_SECONDARY
+ case ARCHITECTURE_SECONDARY:
+ return PARTITION_ROOT_SECONDARY;
+#endif
+
+ default:
+ return PARTITION_ROOT_OTHER;
+ }
+}
+
+static inline PartitionDesignator PARTITION_USR_OF_ARCH(Architecture arch) {
+ switch (arch) {
+
+ case native_architecture():
+ return PARTITION_USR;
+
+#ifdef ARCHITECTURE_SECONDARY
+ case ARCHITECTURE_SECONDARY:
+ return PARTITION_USR_SECONDARY;
+#endif
+
+ default:
+ return PARTITION_USR_OTHER;
+ }
+}
+
typedef enum DissectImageFlags {
DISSECT_IMAGE_DEVICE_READ_ONLY = 1 << 0, /* Make device read-only */
DISSECT_IMAGE_DISCARD_ON_LOOP = 1 << 1, /* Turn on "discard" if on a loop device and file system supports it */
#endif
#define _GPT_ARCH_SEXTET(arch, name) \
- { GPT_ROOT_##arch, "root-" name }, \
- { GPT_ROOT_##arch##_VERITY, "root-" name "-verity" }, \
- { GPT_ROOT_##arch##_VERITY_SIG, "root-" name "-verity-sig" }, \
- { GPT_USR_##arch, "usr-" name }, \
- { GPT_USR_##arch##_VERITY, "usr-" name "-verity" }, \
- { GPT_USR_##arch##_VERITY_SIG, "usr-" name "-verity-sig" }
+ { GPT_ROOT_##arch, "root-" name, ARCHITECTURE_##arch, .is_root = true }, \
+ { GPT_ROOT_##arch##_VERITY, "root-" name "-verity", ARCHITECTURE_##arch, .is_root_verity = true }, \
+ { GPT_ROOT_##arch##_VERITY_SIG, "root-" name "-verity-sig", ARCHITECTURE_##arch, .is_root_verity_sig = true }, \
+ { GPT_USR_##arch, "usr-" name, ARCHITECTURE_##arch, .is_usr = true }, \
+ { GPT_USR_##arch##_VERITY, "usr-" name "-verity", ARCHITECTURE_##arch, .is_usr_verity = true }, \
+ { GPT_USR_##arch##_VERITY_SIG, "usr-" name "-verity-sig", ARCHITECTURE_##arch, .is_usr_verity_sig = true }
const GptPartitionType gpt_partition_type_table[] = {
_GPT_ARCH_SEXTET(ALPHA, "alpha"),
_GPT_ARCH_SEXTET(ARM, "arm"),
_GPT_ARCH_SEXTET(ARM64, "arm64"),
_GPT_ARCH_SEXTET(IA64, "ia64"),
- _GPT_ARCH_SEXTET(LOONGARCH64, "loongarch64"),
+
+ // TODO: Replace with `_GPT_ARCH_SEXTET(LOONGARCH64, "loongarch64")` once
+ // https://github.com/systemd/systemd/pull/21288 is merged. */
+ { GPT_ROOT_LOONGARCH64, "root-loongarch64", _ARCHITECTURE_INVALID, .is_root = true },
+ { GPT_ROOT_LOONGARCH64_VERITY, "root-loongarch64-verity", _ARCHITECTURE_INVALID, .is_root_verity = true },
+ { GPT_ROOT_LOONGARCH64_VERITY_SIG, "root-loongarch64-verity-sig", _ARCHITECTURE_INVALID, .is_root_verity_sig = true },
+ { GPT_USR_LOONGARCH64, "usr-loongarch64", _ARCHITECTURE_INVALID, .is_usr = true },
+ { GPT_USR_LOONGARCH64_VERITY, "usr-loongarch64-verity", _ARCHITECTURE_INVALID, .is_usr_verity = true },
+ { GPT_USR_LOONGARCH64_VERITY_SIG, "usr-loongarch64-verity-sig", _ARCHITECTURE_INVALID, .is_usr_verity_sig = true },
+
_GPT_ARCH_SEXTET(MIPS_LE, "mips-le"),
_GPT_ARCH_SEXTET(MIPS64_LE, "mips64-le"),
_GPT_ARCH_SEXTET(PPC, "ppc"),
_GPT_ARCH_SEXTET(PPC64, "ppc64"),
- _GPT_ARCH_SEXTET(PPC64LE, "ppc64-le"),
+ _GPT_ARCH_SEXTET(PPC64_LE, "ppc64-le"),
_GPT_ARCH_SEXTET(RISCV32, "riscv32"),
_GPT_ARCH_SEXTET(RISCV64, "riscv64"),
_GPT_ARCH_SEXTET(S390, "s390"),
_GPT_ARCH_SEXTET(X86, "x86"),
_GPT_ARCH_SEXTET(X86_64, "x86-64"),
#ifdef GPT_ROOT_NATIVE
- { GPT_ROOT_NATIVE, "root" },
- { GPT_ROOT_NATIVE_VERITY, "root-verity" },
- { GPT_ROOT_NATIVE_VERITY_SIG, "root-verity-sig" },
- { GPT_USR_NATIVE, "usr" },
- { GPT_USR_NATIVE_VERITY, "usr-verity" },
- { GPT_USR_NATIVE_VERITY_SIG, "usr-verity-sig" },
+ { GPT_ROOT_NATIVE, "root", native_architecture(), .is_root = true },
+ { GPT_ROOT_NATIVE_VERITY, "root-verity", native_architecture(), .is_root_verity = true },
+ { GPT_ROOT_NATIVE_VERITY_SIG, "root-verity-sig", native_architecture(), .is_root_verity_sig = true },
+ { GPT_USR_NATIVE, "usr", native_architecture(), .is_usr = true },
+ { GPT_USR_NATIVE_VERITY, "usr-verity", native_architecture(), .is_usr_verity = true },
+ { GPT_USR_NATIVE_VERITY_SIG, "usr-verity-sig", native_architecture(), .is_usr_verity_sig = true },
#endif
#ifdef GPT_ROOT_SECONDARY
_GPT_ARCH_SEXTET(SECONDARY, "secondary"),
#endif
- { GPT_ESP, "esp" },
- { GPT_XBOOTLDR, "xbootldr" },
- { GPT_SWAP, "swap" },
- { GPT_HOME, "home" },
- { GPT_SRV, "srv" },
- { GPT_VAR, "var" },
- { GPT_TMP, "tmp" },
- { GPT_USER_HOME, "user-home" },
- { GPT_LINUX_GENERIC, "linux-generic" },
+ { GPT_ESP, "esp", _ARCHITECTURE_INVALID },
+ { GPT_XBOOTLDR, "xbootldr", _ARCHITECTURE_INVALID },
+ { GPT_SWAP, "swap", _ARCHITECTURE_INVALID },
+ { GPT_HOME, "home", _ARCHITECTURE_INVALID },
+ { GPT_SRV, "srv", _ARCHITECTURE_INVALID },
+ { GPT_VAR, "var", _ARCHITECTURE_INVALID },
+ { GPT_TMP, "tmp", _ARCHITECTURE_INVALID },
+ { GPT_USER_HOME, "user-home", _ARCHITECTURE_INVALID },
+ { GPT_LINUX_GENERIC, "linux-generic", _ARCHITECTURE_INVALID },
{}
};
-#define _GPT_ALL_ARCHES(type,suffix) \
- GPT_##type##_ALPHA##suffix, \
- GPT_##type##_ARC##suffix, \
- GPT_##type##_ARM##suffix, \
- GPT_##type##_ARM64##suffix, \
- GPT_##type##_IA64##suffix, \
- GPT_##type##_LOONGARCH64##suffix, \
- GPT_##type##_MIPS_LE##suffix, \
- GPT_##type##_MIPS64_LE##suffix, \
- GPT_##type##_PPC##suffix, \
- GPT_##type##_PPC64##suffix, \
- GPT_##type##_PPC64LE##suffix, \
- GPT_##type##_RISCV32##suffix, \
- GPT_##type##_RISCV64##suffix, \
- GPT_##type##_S390##suffix, \
- GPT_##type##_S390X##suffix, \
- GPT_##type##_TILEGX##suffix, \
- GPT_##type##_X86##suffix, \
- GPT_##type##_X86_64##suffix
-
const char *gpt_partition_type_uuid_to_string(sd_id128_t id) {
for (size_t i = 0; i < ELEMENTSOF(gpt_partition_type_table) - 1; i++)
if (sd_id128_equal(id, gpt_partition_type_table[i].uuid))
return sd_id128_from_string(s, ret);
}
+Architecture gpt_partition_type_uuid_to_arch(sd_id128_t id) {
+ for (size_t i = 0; i < ELEMENTSOF(gpt_partition_type_table) - 1; i++)
+ if (sd_id128_equal(id, gpt_partition_type_table[i].uuid))
+ return gpt_partition_type_table[i].arch;
+
+ return _ARCHITECTURE_INVALID;
+}
+
int gpt_partition_label_valid(const char *s) {
_cleanup_free_ char16_t *recoded = NULL;
return char16_strlen(recoded) <= GPT_LABEL_MAX;
}
+static GptPartitionType gpt_partition_type_from_uuid(sd_id128_t id) {
+ for (size_t i = 0; i < ELEMENTSOF(gpt_partition_type_table) - 1; i++)
+ if (sd_id128_equal(id, gpt_partition_type_table[i].uuid))
+ return gpt_partition_type_table[i];
+
+ return (GptPartitionType) { .uuid = id, .arch = _ARCHITECTURE_INVALID };
+}
+
bool gpt_partition_type_is_root(sd_id128_t id) {
- return sd_id128_in_set(id, _GPT_ALL_ARCHES(ROOT,));
+ return gpt_partition_type_from_uuid(id).is_root;
}
bool gpt_partition_type_is_root_verity(sd_id128_t id) {
- return sd_id128_in_set(id, _GPT_ALL_ARCHES(ROOT, _VERITY));
+ return gpt_partition_type_from_uuid(id).is_root_verity;
+}
+
+bool gpt_partition_type_is_root_verity_sig(sd_id128_t id) {
+ return gpt_partition_type_from_uuid(id).is_root_verity_sig;
}
bool gpt_partition_type_is_usr(sd_id128_t id) {
- return sd_id128_in_set(id, _GPT_ALL_ARCHES(USR,));
+ return gpt_partition_type_from_uuid(id).is_usr;
}
bool gpt_partition_type_is_usr_verity(sd_id128_t id) {
- return sd_id128_in_set(id, _GPT_ALL_ARCHES(USR, _VERITY));
+ return gpt_partition_type_from_uuid(id).is_usr_verity;
+}
+
+bool gpt_partition_type_is_usr_verity_sig(sd_id128_t id) {
+ return gpt_partition_type_from_uuid(id).is_usr_verity_sig;
}
bool gpt_partition_type_knows_read_only(sd_id128_t id) {
#include "sd-id128.h"
+#include "architecture.h"
#include "id128-util.h"
#define GPT_ROOT_ALPHA SD_ID128_MAKE(65,23,f8,ae,3e,b1,4e,2a,a0,5a,18,b6,95,ae,65,6f)
#define GPT_ROOT_MIPS64_LE SD_ID128_MAKE(70,0b,da,43,7a,34,45,07,b1,79,ee,b9,3d,7a,7c,a3)
#define GPT_ROOT_PPC SD_ID128_MAKE(1d,e3,f1,ef,fa,98,47,b5,8d,cd,4a,86,0a,65,4d,78)
#define GPT_ROOT_PPC64 SD_ID128_MAKE(91,2a,de,1d,a8,39,49,13,89,64,a1,0e,ee,08,fb,d2)
-#define GPT_ROOT_PPC64LE SD_ID128_MAKE(c3,1c,45,e6,3f,39,41,2e,80,fb,48,09,c4,98,05,99)
+#define GPT_ROOT_PPC64_LE SD_ID128_MAKE(c3,1c,45,e6,3f,39,41,2e,80,fb,48,09,c4,98,05,99)
#define GPT_ROOT_RISCV32 SD_ID128_MAKE(60,d5,a7,fe,8e,7d,43,5c,b7,14,3d,d8,16,21,44,e1)
#define GPT_ROOT_RISCV64 SD_ID128_MAKE(72,ec,70,a6,cf,74,40,e6,bd,49,4b,da,08,e8,f2,24)
#define GPT_ROOT_S390 SD_ID128_MAKE(08,a7,ac,ea,62,4c,4a,20,91,e8,6e,0f,a6,7d,23,f9)
#define GPT_USR_MIPS64_LE SD_ID128_MAKE(c9,7c,1f,32,ba,06,40,b4,9f,22,23,60,61,b0,8a,a8)
#define GPT_USR_PPC SD_ID128_MAKE(7d,14,fe,c5,cc,71,41,5d,9d,6c,06,bf,0b,3c,3e,af)
#define GPT_USR_PPC64 SD_ID128_MAKE(2c,97,39,e2,f0,68,46,b3,9f,d0,01,c5,a9,af,bc,ca)
-#define GPT_USR_PPC64LE SD_ID128_MAKE(15,bb,03,af,77,e7,4d,4a,b1,2b,c0,d0,84,f7,49,1c)
+#define GPT_USR_PPC64_LE SD_ID128_MAKE(15,bb,03,af,77,e7,4d,4a,b1,2b,c0,d0,84,f7,49,1c)
#define GPT_USR_RISCV32 SD_ID128_MAKE(b9,33,fb,22,5c,3f,4f,91,af,90,e2,bb,0f,a5,07,02)
#define GPT_USR_RISCV64 SD_ID128_MAKE(be,ae,c3,4b,84,42,43,9b,a4,0b,98,43,81,ed,09,7d)
#define GPT_USR_S390 SD_ID128_MAKE(cd,0f,86,9b,d0,fb,4c,a0,b1,41,9e,a8,7c,c7,8d,66)
#define GPT_ROOT_LOONGARCH64_VERITY SD_ID128_MAKE(f3,39,3b,22,e9,af,46,13,a9,48,9d,3b,fb,d0,c5,35)
#define GPT_ROOT_MIPS_LE_VERITY SD_ID128_MAKE(d7,d1,50,d2,2a,04,4a,33,8f,12,16,65,12,05,ff,7b)
#define GPT_ROOT_MIPS64_LE_VERITY SD_ID128_MAKE(16,b4,17,f8,3e,06,4f,57,8d,d2,9b,52,32,f4,1a,a6)
-#define GPT_ROOT_PPC64LE_VERITY SD_ID128_MAKE(90,6b,d9,44,45,89,4a,ae,a4,e4,dd,98,39,17,44,6a)
+#define GPT_ROOT_PPC64_LE_VERITY SD_ID128_MAKE(90,6b,d9,44,45,89,4a,ae,a4,e4,dd,98,39,17,44,6a)
#define GPT_ROOT_PPC64_VERITY SD_ID128_MAKE(92,25,a9,a3,3c,19,4d,89,b4,f6,ee,ff,88,f1,76,31)
#define GPT_ROOT_PPC_VERITY SD_ID128_MAKE(98,cf,e6,49,15,88,46,dc,b2,f0,ad,d1,47,42,49,25)
#define GPT_ROOT_RISCV32_VERITY SD_ID128_MAKE(ae,02,53,be,11,67,40,07,ac,68,43,92,6c,14,c5,de)
#define GPT_USR_LOONGARCH64_VERITY SD_ID128_MAKE(f4,6b,2c,26,59,ae,48,f0,91,06,c5,0e,d4,7f,67,3d)
#define GPT_USR_MIPS_LE_VERITY SD_ID128_MAKE(46,b9,8d,8d,b5,5c,4e,8f,aa,b3,37,fc,a7,f8,07,52)
#define GPT_USR_MIPS64_LE_VERITY SD_ID128_MAKE(3c,3d,61,fe,b5,f3,41,4d,bb,71,87,39,a6,94,a4,ef)
-#define GPT_USR_PPC64LE_VERITY SD_ID128_MAKE(ee,2b,99,83,21,e8,41,53,86,d9,b6,90,1a,54,d1,ce)
+#define GPT_USR_PPC64_LE_VERITY SD_ID128_MAKE(ee,2b,99,83,21,e8,41,53,86,d9,b6,90,1a,54,d1,ce)
#define GPT_USR_PPC64_VERITY SD_ID128_MAKE(bd,b5,28,a5,a2,59,47,5f,a8,7d,da,53,fa,73,6a,07)
#define GPT_USR_PPC_VERITY SD_ID128_MAKE(df,76,5d,00,27,0e,49,e5,bc,75,f4,7b,b2,11,8b,09)
#define GPT_USR_RISCV32_VERITY SD_ID128_MAKE(cb,1e,e4,e3,8c,d0,41,36,a0,a4,aa,61,a3,2e,87,30)
#define GPT_ROOT_LOONGARCH64_VERITY_SIG SD_ID128_MAKE(5a,fb,67,eb,ec,c8,4f,85,ae,8e,ac,1e,7c,50,e7,d0)
#define GPT_ROOT_MIPS_LE_VERITY_SIG SD_ID128_MAKE(c9,19,cc,1f,44,56,4e,ff,91,8c,f7,5e,94,52,5c,a5)
#define GPT_ROOT_MIPS64_LE_VERITY_SIG SD_ID128_MAKE(90,4e,58,ef,5c,65,4a,31,9c,57,6a,f5,fc,7c,5d,e7)
-#define GPT_ROOT_PPC64LE_VERITY_SIG SD_ID128_MAKE(d4,a2,36,e7,e8,73,4c,07,bf,1d,bf,6c,f7,f1,c3,c6)
+#define GPT_ROOT_PPC64_LE_VERITY_SIG SD_ID128_MAKE(d4,a2,36,e7,e8,73,4c,07,bf,1d,bf,6c,f7,f1,c3,c6)
#define GPT_ROOT_PPC64_VERITY_SIG SD_ID128_MAKE(f5,e2,c2,0c,45,b2,4f,fa,bc,e9,2a,60,73,7e,1a,af)
#define GPT_ROOT_PPC_VERITY_SIG SD_ID128_MAKE(1b,31,b5,aa,ad,d9,46,3a,b2,ed,bd,46,7f,c8,57,e7)
#define GPT_ROOT_RISCV32_VERITY_SIG SD_ID128_MAKE(3a,11,2a,75,87,29,43,80,b4,cf,76,4d,79,93,44,48)
#define GPT_USR_LOONGARCH64_VERITY_SIG SD_ID128_MAKE(b0,24,f3,15,d3,30,44,4c,84,61,44,bb,de,52,4e,99)
#define GPT_USR_MIPS_LE_VERITY_SIG SD_ID128_MAKE(3e,23,ca,0b,a4,bc,4b,4e,80,87,5a,b6,a2,6a,a8,a9)
#define GPT_USR_MIPS64_LE_VERITY_SIG SD_ID128_MAKE(f2,c2,c7,ee,ad,cc,43,51,b5,c6,ee,98,16,b6,6e,16)
-#define GPT_USR_PPC64LE_VERITY_SIG SD_ID128_MAKE(c8,bf,bd,1e,26,8e,45,21,8b,ba,bf,31,4c,39,95,57)
+#define GPT_USR_PPC64_LE_VERITY_SIG SD_ID128_MAKE(c8,bf,bd,1e,26,8e,45,21,8b,ba,bf,31,4c,39,95,57)
#define GPT_USR_PPC64_VERITY_SIG SD_ID128_MAKE(0b,88,88,63,d7,f8,4d,9e,97,66,23,9f,ce,4d,58,af)
#define GPT_USR_PPC_VERITY_SIG SD_ID128_MAKE(70,07,89,1d,d3,71,4a,80,86,a4,5c,b8,75,b9,30,2e)
#define GPT_USR_RISCV32_VERITY_SIG SD_ID128_MAKE(c3,83,6a,13,31,37,45,ba,b5,83,b1,6c,50,fe,5e,b4)
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_LOONGARCH64_VERITY_SIG
#elif defined(__powerpc__) && defined(__PPC64__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
-# define GPT_ROOT_NATIVE GPT_ROOT_PPC64LE
-# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC64LE_VERITY
-# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_PPC64LE_VERITY_SIG
-# define GPT_USR_NATIVE GPT_USR_PPC64LE
-# define GPT_USR_NATIVE_VERITY GPT_USR_PPC64LE_VERITY
-# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_PPC64LE_VERITY_SIG
+# define GPT_ROOT_NATIVE GPT_ROOT_PPC64_LE
+# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC64_LE_VERITY
+# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_PPC64_LE_VERITY_SIG
+# define GPT_USR_NATIVE GPT_USR_PPC64_LE
+# define GPT_USR_NATIVE_VERITY GPT_USR_PPC64_LE_VERITY
+# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_PPC64_LE_VERITY_SIG
#elif defined(__powerpc__) && defined(__powerpc64__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
# define GPT_ROOT_NATIVE GPT_ROOT_PPC64
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC64_VERITY
char buffer[static ID128_UUID_STRING_MAX]);
int gpt_partition_type_uuid_from_string(const char *s, sd_id128_t *ret);
+Architecture gpt_partition_type_uuid_to_arch(sd_id128_t id);
+
typedef struct GptPartitionType {
sd_id128_t uuid;
const char *name;
+ Architecture arch;
+
+ bool is_root:1;
+ bool is_root_verity:1;
+ bool is_root_verity_sig:1;
+ bool is_usr:1;
+ bool is_usr_verity:1;
+ bool is_usr_verity_sig:1;
} GptPartitionType;
extern const GptPartitionType gpt_partition_type_table[];
bool gpt_partition_type_is_root(sd_id128_t id);
bool gpt_partition_type_is_root_verity(sd_id128_t id);
+bool gpt_partition_type_is_root_verity_sig(sd_id128_t id);
bool gpt_partition_type_is_usr(sd_id128_t id);
bool gpt_partition_type_is_usr_verity(sd_id128_t id);
+bool gpt_partition_type_is_usr_verity_sig(sd_id128_t id);
bool gpt_partition_type_knows_read_only(sd_id128_t id);
bool gpt_partition_type_knows_growfs(sd_id128_t id);
static void json_variant_copy_source(JsonVariant *v, JsonVariant *from) {
assert(v);
- assert(from);
if (!json_variant_is_regular(from))
return;
#define JSON_BUILD_HEX(p, n) _JSON_BUILD_HEX, (const void*) { p }, (size_t) { n }
#define JSON_BUILD_ID128(id) _JSON_BUILD_ID128, (const sd_id128_t*) { &(id) }
#define JSON_BUILD_BYTE_ARRAY(v, n) _JSON_BUILD_BYTE_ARRAY, (const void*) { v }, (size_t) { n }
+#define JSON_BUILD_CONST_STRING(s) _JSON_BUILD_VARIANT, JSON_VARIANT_STRING_CONST(s)
int json_build(JsonVariant **ret, ...);
int json_buildv(JsonVariant **ret, va_list ap);
if (!match)
return;
- match->mac = set_free(match->mac);
- match->permanent_mac = set_free(match->permanent_mac);
+ match->hw_addr = set_free(match->hw_addr);
+ match->permanent_hw_addr = set_free(match->permanent_hw_addr);
match->path = strv_free(match->path);
match->driver = strv_free(match->driver);
match->iftype = strv_free(match->iftype);
assert(match);
return
- set_isempty(match->mac) &&
- set_isempty(match->permanent_mac) &&
+ set_isempty(match->hw_addr) &&
+ set_isempty(match->permanent_hw_addr) &&
strv_isempty(match->path) &&
strv_isempty(match->driver) &&
strv_isempty(match->iftype) &&
int net_match_config(
const NetMatch *match,
sd_device *device,
- const struct ether_addr *mac,
- const struct ether_addr *permanent_mac,
+ const struct hw_addr_data *hw_addr,
+ const struct hw_addr_data *permanent_hw_addr,
const char *driver,
unsigned short iftype,
const char *ifname,
(void) sd_device_get_sysname(device, &ifname);
}
- if (match->mac && (!mac || !set_contains(match->mac, mac)))
+ if (match->hw_addr && (!hw_addr || !set_contains(match->hw_addr, hw_addr)))
return false;
- if (match->permanent_mac &&
- (!permanent_mac ||
- ether_addr_is_null(permanent_mac) ||
- !set_contains(match->permanent_mac, permanent_mac)))
+ if (match->permanent_hw_addr &&
+ (!permanent_hw_addr ||
+ !set_contains(match->permanent_hw_addr, permanent_hw_addr)))
return false;
if (!net_condition_test_strv(match->path, path))
#include "set.h"
typedef struct NetMatch {
- Set *mac;
- Set *permanent_mac;
+ Set *hw_addr;
+ Set *permanent_hw_addr;
char **path;
char **driver;
char **iftype;
int net_match_config(
const NetMatch *match,
sd_device *device,
- const struct ether_addr *mac,
- const struct ether_addr *permanent_mac,
+ const struct hw_addr_data *hw_addr,
+ const struct hw_addr_data *permanent_hw_addr,
const char *driver,
unsigned short iftype,
const char *ifname,
r = json_build(&v,
JSON_BUILD_OBJECT(
- JSON_BUILD_PAIR("type", JSON_BUILD_STRING("systemd-tpm2")),
+ JSON_BUILD_PAIR("type", JSON_BUILD_CONST_STRING("systemd-tpm2")),
JSON_BUILD_PAIR("keyslots", JSON_BUILD_ARRAY(JSON_BUILD_STRING(keyslot_as_string))),
JSON_BUILD_PAIR("tpm2-blob", JSON_BUILD_BASE64(blob, blob_size)),
JSON_BUILD_PAIR("tpm2-pcrs", JSON_BUILD_VARIANT(a)),
static int synthetic_root_user_build(UserRecord **ret) {
return user_record_build(
ret,
- JSON_BUILD_OBJECT(JSON_BUILD_PAIR("userName", JSON_BUILD_STRING("root")),
+ JSON_BUILD_OBJECT(JSON_BUILD_PAIR("userName", JSON_BUILD_CONST_STRING("root")),
JSON_BUILD_PAIR("uid", JSON_BUILD_UNSIGNED(0)),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(0)),
- JSON_BUILD_PAIR("homeDirectory", JSON_BUILD_STRING("/root")),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("intrinsic"))));
+ JSON_BUILD_PAIR("homeDirectory", JSON_BUILD_CONST_STRING("/root")),
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("intrinsic"))));
}
static int synthetic_nobody_user_build(UserRecord **ret) {
return user_record_build(
ret,
- JSON_BUILD_OBJECT(JSON_BUILD_PAIR("userName", JSON_BUILD_STRING(NOBODY_USER_NAME)),
+ JSON_BUILD_OBJECT(JSON_BUILD_PAIR("userName", JSON_BUILD_CONST_STRING(NOBODY_USER_NAME)),
JSON_BUILD_PAIR("uid", JSON_BUILD_UNSIGNED(UID_NOBODY)),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(GID_NOBODY)),
- JSON_BUILD_PAIR("shell", JSON_BUILD_STRING(NOLOGIN)),
+ JSON_BUILD_PAIR("shell", JSON_BUILD_CONST_STRING(NOLOGIN)),
JSON_BUILD_PAIR("locked", JSON_BUILD_BOOLEAN(true)),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("intrinsic"))));
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("intrinsic"))));
}
int userdb_by_name(const char *name, UserDBFlags flags, UserRecord **ret) {
static int synthetic_root_group_build(GroupRecord **ret) {
return group_record_build(
ret,
- JSON_BUILD_OBJECT(JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING("root")),
+ JSON_BUILD_OBJECT(JSON_BUILD_PAIR("groupName", JSON_BUILD_CONST_STRING("root")),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(0)),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("intrinsic"))));
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("intrinsic"))));
}
static int synthetic_nobody_group_build(GroupRecord **ret) {
return group_record_build(
ret,
- JSON_BUILD_OBJECT(JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(NOBODY_GROUP_NAME)),
+ JSON_BUILD_OBJECT(JSON_BUILD_PAIR("groupName", JSON_BUILD_CONST_STRING(NOBODY_GROUP_NAME)),
JSON_BUILD_PAIR("gid", JSON_BUILD_UNSIGNED(GID_NOBODY)),
- JSON_BUILD_PAIR("disposition", JSON_BUILD_STRING("intrinsic"))));
+ JSON_BUILD_PAIR("disposition", JSON_BUILD_CONST_STRING("intrinsic"))));
}
int groupdb_by_name(const char *name, UserDBFlags flags, GroupRecord **ret) {
assert_se(json_build(&w,
JSON_BUILD_ARRAY(
JSON_BUILD_OBJECT(
- JSON_BUILD_PAIR("foo_bar", JSON_BUILD_STRING("v1")),
+ JSON_BUILD_PAIR("foo_bar", JSON_BUILD_CONST_STRING("v1")),
JSON_BUILD_PAIR("quux", JSON_BUILD_UNSIGNED(4711)),
JSON_BUILD_PAIR("zzz", JSON_BUILD_BOOLEAN(true))),
JSON_BUILD_OBJECT(
assert_se(gpt_partition_type_is_usr(id));
if (streq(prefix, "usr-") && streq(suffix, "-verity"))
assert_se(gpt_partition_type_is_usr_verity(id));
+
+ assert_se(gpt_partition_type_uuid_to_arch(id) == a);
}
}
}
assert_se(json_build(&a, JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("x", JSON_BUILD_STRING("y")),
- JSON_BUILD_PAIR("z", JSON_BUILD_STRING("a")),
- JSON_BUILD_PAIR("b", JSON_BUILD_STRING("c"))
+ JSON_BUILD_PAIR("z", JSON_BUILD_CONST_STRING("a")),
+ JSON_BUILD_PAIR("b", JSON_BUILD_CONST_STRING("c"))
)) >= 0);
assert_se(json_build(&b, JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("x", JSON_BUILD_STRING("y")),
JSON_BUILD_PAIR_CONDITION(false, "p", JSON_BUILD_STRING("q")),
- JSON_BUILD_PAIR_CONDITION(true, "z", JSON_BUILD_STRING("a")),
- JSON_BUILD_PAIR_CONDITION(false, "j", JSON_BUILD_ARRAY(JSON_BUILD_STRING("k"), JSON_BUILD_STRING("u"), JSON_BUILD_STRING("i"))),
- JSON_BUILD_PAIR("b", JSON_BUILD_STRING("c"))
+ JSON_BUILD_PAIR_CONDITION(true, "z", JSON_BUILD_CONST_STRING("a")),
+ JSON_BUILD_PAIR_CONDITION(false, "j", JSON_BUILD_ARRAY(JSON_BUILD_STRING("k"), JSON_BUILD_CONST_STRING("u"), JSON_BUILD_CONST_STRING("i"))),
+ JSON_BUILD_PAIR("b", JSON_BUILD_CONST_STRING("c"))
)) >= 0);
assert_se(json_variant_equal(a, b));
assert_se(json_build(&v, JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("b", JSON_BUILD_STRING("x")),
- JSON_BUILD_PAIR("c", JSON_BUILD_STRING("y")),
- JSON_BUILD_PAIR("a", JSON_BUILD_STRING("z")))) >= 0);
+ JSON_BUILD_PAIR("c", JSON_BUILD_CONST_STRING("y")),
+ JSON_BUILD_PAIR("a", JSON_BUILD_CONST_STRING("z")))) >= 0);
assert_se(!json_variant_is_sorted(v));
assert_se(!json_variant_is_normalized(v));
test_float_match(w);
}
+static void test_equal_text(JsonVariant *v, const char *text) {
+ _cleanup_(json_variant_unrefp) JsonVariant *w = NULL;
+
+ assert_se(json_parse(text, 0, &w, NULL, NULL) >= 0);
+ assert_se(json_variant_equal(v, w) || (!v && json_variant_is_null(w)));
+}
+
+static void test_set_field(void) {
+ _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+
+ log_info("/* %s */", __func__);
+
+ test_equal_text(v, "null");
+ assert_se(json_variant_set_field(&v, "foo", NULL) >= 0);
+ test_equal_text(v, "{\"foo\" : null}");
+ assert_se(json_variant_set_field(&v, "bar", JSON_VARIANT_STRING_CONST("quux")) >= 0);
+ test_equal_text(v, "{\"foo\" : null, \"bar\" : \"quux\"}");
+ assert_se(json_variant_set_field(&v, "foo", JSON_VARIANT_STRING_CONST("quux2")) >= 0);
+ test_equal_text(v, "{\"foo\" : \"quux2\", \"bar\" : \"quux\"}");
+ assert_se(json_variant_set_field(&v, "bar", NULL) >= 0);
+ test_equal_text(v, "{\"foo\" : \"quux2\", \"bar\" : null}");
+}
+
int main(int argc, char *argv[]) {
test_setup_logging(LOG_DEBUG);
test_normalize();
test_bisect();
test_float();
+ test_set_field();
return 0;
}
assert_se(varlink_set_description(c, "overload-client") >= 0);
assert_se(varlink_attach_event(c, e, k) >= 0);
assert_se(varlink_bind_reply(c, overload_reply) >= 0);
- assert_se(varlink_invokeb(c, "io.test.Overload", JSON_BUILD_OBJECT(JSON_BUILD_PAIR("foo", JSON_BUILD_STRING("bar")))) >= 0);
+ assert_se(varlink_invokeb(c, "io.test.Overload", JSON_BUILD_OBJECT(JSON_BUILD_PAIR("foo", JSON_BUILD_CONST_STRING("bar")))) >= 0);
/* Unblock it */
log_debug("Unblocking server...");
%struct-type
%includes
%%
-Match.MACAddress, config_parse_ether_addrs, 0, offsetof(LinkConfig, match.mac)
-Match.PermanentMACAddress, config_parse_ether_addrs, 0, offsetof(LinkConfig, match.permanent_mac)
+Match.MACAddress, config_parse_hw_addrs, 0, offsetof(LinkConfig, match.hw_addr)
+Match.PermanentMACAddress, config_parse_hw_addrs, 0, offsetof(LinkConfig, match.permanent_hw_addr)
Match.OriginalName, config_parse_match_ifnames, 0, offsetof(LinkConfig, match.ifname)
Match.Path, config_parse_match_strv, 0, offsetof(LinkConfig, match.path)
Match.Driver, config_parse_match_strv, 0, offsetof(LinkConfig, match.driver)
(void) link_unsigned_attribute(device, "name_assign_type", &name_assign_type);
LIST_FOREACH(links, link, ctx->links) {
- r = net_match_config(&link->match, device,
- hw_addr.length == ETH_ALEN ? &hw_addr.ether : NULL,
- permanent_hw_addr.length == ETH_ALEN ? &permanent_hw_addr.ether : NULL,
+ r = net_match_config(&link->match, device, &hw_addr, &permanent_hw_addr,
NULL, iftype, NULL, NULL, 0, NULL, NULL);
if (r < 0)
return r;
systemd-analyze log-level debug
systemd-analyze log-target console
+systemctl service-log-level systemd-homed debug
# Create a tmpfs to use as backing store for the home dir. That way we can enforce a size limit nicely.
mkdir -p /home-pool
PASSWORD=xEhErW0ndafV4s homectl activate test-user
inspect test-user
-PASSWORD=xEhErW0ndafV4s homectl deactivate test-user
+homectl deactivate test-user
inspect test-user
PASSWORD=xEhErW0ndafV4s homectl update test-user --real-name="Offline test"
PASSWORD=xEhErW0ndafV4s homectl activate test-user
inspect test-user
-PASSWORD=xEhErW0ndafV4s homectl deactivate test-user
+homectl deactivate test-user
inspect test-user
# Do some resize tests, but only if we run on real kernels, as quota inside of containers will fail
PASSWORD=xEhErW0ndafV4s homectl resize test-user 256M
inspect test-user
- PASSWORD=xEhErW0ndafV4s homectl deactivate test-user
+ homectl deactivate test-user
inspect test-user
fi
systemd-notify --ready
+# Run the stop/kill command
+\$1 &
+
# process tree: systemd -> bash -> sleep
sleep infinity
EOF
# service should be stopped cleanly
systemd-run --wait --unit=one -p Type=notify -p ExitType=cgroup \
- -p ExecStartPost='bash -c "systemctl stop one &"' \
- /tmp/test56-exit-cgroup.sh
+ /tmp/test56-exit-cgroup.sh 'systemctl stop one'
# same thing with a truthy exec condition
systemd-run --wait --unit=two -p Type=notify -p ExitType=cgroup \
-p ExecCondition=true \
- -p ExecStartPost='bash -c "systemctl stop two &"' \
- /tmp/test56-exit-cgroup.sh
+ /tmp/test56-exit-cgroup.sh 'systemctl stop two'
# false exec condition: systemd-run should exit immediately with status code: 1
systemd-run --wait --unit=three -p Type=notify -p ExitType=cgroup \
# service should exit uncleanly (main process exits with SIGKILL)
systemd-run --wait --unit=four -p Type=notify -p ExitType=cgroup \
- -p ExecStartPost='bash -c "systemctl kill --signal 9 four &"' \
- /tmp/test56-exit-cgroup.sh \
+ /tmp/test56-exit-cgroup.sh 'systemctl kill --signal 9 four' \
&& { echo 'unexpected success'; exit 1; }
((sleep infinity); true) &
systemd-notify --ready
+
+# Run the stop/kill command after this bash process exits
+(sleep 1; \$1) &
EOF
chmod +x /tmp/test56-exit-cgroup-parentless.sh
# service should be stopped cleanly
systemd-run --wait --unit=five -p Type=notify -p ExitType=cgroup \
- -p ExecStartPost='bash -c "systemctl stop five &"' \
- /tmp/test56-exit-cgroup-parentless.sh
+ /tmp/test56-exit-cgroup-parentless.sh 'systemctl stop five'
# service should still exit cleanly despite SIGKILL (the main process already exited cleanly)
systemd-run --wait --unit=six -p Type=notify -p ExitType=cgroup \
- -p ExecStartPost='bash -c "systemctl kill --signal 9 six &"' \
- /tmp/test56-exit-cgroup-parentless.sh
+ /tmp/test56-exit-cgroup-parentless.sh 'systemctl kill --signal 9 six'
systemd-analyze log-level info
'MIPS64_LE': '64-bit MIPS LittleEndian (mips64el)',
'PPC': '32-bit PowerPC',
'PPC64': '64-bit PowerPC BigEndian',
- 'PPC64LE': '64-bit PowerPC LittleEndian',
+ 'PPC64_LE': '64-bit PowerPC LittleEndian',
'RISCV32': 'RISC-V 32-bit',
'RISCV64': 'RISC-V 64-bit',
'S390': 's390',
if not m:
continue
- if m2 := re.match(r'^(ROOT|USR)_([A-Z0-9]+|X86_64|MIPS_LE|MIPS64_LE)(|_VERITY|_VERITY_SIG)\s+SD_ID128_MAKE\((.*)\)', m.group(1)):
+ if m2 := re.match(r'^(ROOT|USR)_([A-Z0-9]+|X86_64|PPC64_LE|MIPS_LE|MIPS64_LE)(|_VERITY|_VERITY_SIG)\s+SD_ID128_MAKE\((.*)\)', m.group(1)):
type, arch, suffix, u = m2.groups()
u = uuid.UUID(u.replace(',', ''))
assert arch in ARCHITECTURES