[thirdparty/systemd.git] / src / basic / os-util.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <stdlib.h>

#include "alloc-util.h"
#include "chase.h"
#include "dirent-util.h"
#include "env-file.h"
#include "errno-util.h"
#include "fd-util.h"
#include "fs-util.h"
#include "glyph-util.h"
#include "log.h"
#include "os-util.h"
#include "path-util.h"
#include "stat-util.h"
#include "string-table.h"
#include "string-util.h"
#include "strv.h"
#include "time-util.h"
#include "utf8.h"
#include "xattr-util.h"

static const char* const image_class_table[_IMAGE_CLASS_MAX] = {
        [IMAGE_MACHINE]  = "machine",
        [IMAGE_PORTABLE] = "portable",
        [IMAGE_SYSEXT]   = "sysext",
        [IMAGE_CONFEXT]  = "confext",
};

DEFINE_STRING_TABLE_LOOKUP(image_class, ImageClass);

/* Helper struct for naming simplicity and reusability */
static const struct {
        const char *release_file_directory;
        const char *release_file_path_prefix;
} image_class_release_info[_IMAGE_CLASS_MAX] = {
        [IMAGE_SYSEXT] = {
                .release_file_directory = "/usr/lib/extension-release.d/",
                .release_file_path_prefix = "/usr/lib/extension-release.d/extension-release.",
        },
        [IMAGE_CONFEXT] = {
                .release_file_directory = "/etc/extension-release.d/",
                .release_file_path_prefix = "/etc/extension-release.d/extension-release.",
        }
};

bool image_name_is_valid(const char *s) {
        if (!filename_is_valid(s))
                return false;

        if (string_has_cc(s, NULL))
                return false;

        if (!utf8_is_valid(s))
                return false;

        /* Temporary files for atomically creating new files */
        if (startswith(s, ".#"))
                return false;

        return true;
}

int path_extract_image_name(const char *path, char **ret) {
        _cleanup_free_ char *fn = NULL;
        int r;

        assert(path);
        assert(ret);

        /* Extract last component from path, without any "/" suffixes. */
        r = path_extract_filename(path, &fn);
        if (r < 0)
                return r;
        if (r != O_DIRECTORY) {
                /* Chop off any image suffixes we recognize (unless we already know this must refer to some dir) */
                char *m = ENDSWITH_SET(fn, ".sysext.raw", ".confext.raw", ".raw");
                if (m)
                        *m = 0;
        }

        /* Truncate the version/counting suffixes */
        fn[strcspn(fn, "_+")] = 0;

        if (!image_name_is_valid(fn))
                return -EINVAL;

        *ret = TAKE_PTR(fn);
        return 0;
}

int path_is_extension_tree(ImageClass image_class, const char *path, const char *extension, bool relax_extension_release_check) {
        int r;

        assert(path);

        /* Does the path exist at all? If not, generate an error immediately. This is useful so that a missing root dir
         * always results in -ENOENT, and we can properly distinguish the case where the whole root doesn't exist from
         * the case where just the os-release file is missing. */
        r = access_nofollow(path, F_OK);
        if (r < 0)
                return r;

        /* We use /usr/lib/extension-release.d/extension-release[.NAME] as flag for something being a system extension,
         * /etc/extension-release.d/extension-release[.NAME] as flag for something being a system configuration, and finally,
         * and {/etc|/usr/lib}/os-release as a flag for something being an OS (when not an extension). */
        r = open_extension_release(path, image_class, extension, relax_extension_release_check, NULL, NULL);
        if (r == -ENOENT) /* We got nothing */
                return 0;
        if (r < 0)
                return r;

        return 1;
}

static int extension_release_strict_xattr_value(int extension_release_fd, const char *extension_release_dir_path, const char *filename) {
        int r;

        assert(extension_release_fd >= 0);
        assert(extension_release_dir_path);
        assert(filename);

        /* No xattr or cannot parse it? Then skip this. */
        r = getxattr_at_bool(extension_release_fd, /* path= */ NULL, "user.extension-release.strict", /* at_flags= */ 0);
        if (ERRNO_IS_NEG_XATTR_ABSENT(r))
                return log_debug_errno(r, "%s/%s does not have user.extension-release.strict xattr, ignoring.",
                                       extension_release_dir_path, filename);
        if (r < 0)
                return log_debug_errno(r, "%s/%s: Failed to read 'user.extension-release.strict' extended attribute from file, ignoring: %m",
                                       extension_release_dir_path, filename);

        /* Explicitly set to request strict matching? Skip it. */
        if (r > 0) {
                log_debug("%s/%s: 'user.extension-release.strict' attribute is true, ignoring file.",
                          extension_release_dir_path, filename);
                return true;
        }

        log_debug("%s/%s: 'user.extension-release.strict' attribute is false%s",
                  extension_release_dir_path, filename,
                  glyph(GLYPH_ELLIPSIS));

        return false;
}

int open_os_release_at(int rfd, char **ret_path, int *ret_fd) {
        const char *e;
        int r;

        assert(rfd >= 0 || rfd == AT_FDCWD);

        e = secure_getenv("SYSTEMD_OS_RELEASE");
        if (e)
                return chaseat(rfd, e, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);

        FOREACH_STRING(path, "/etc/os-release", "/usr/lib/os-release") {
                r = chaseat(rfd, path, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
                if (r != -ENOENT)
                        return r;
        }

        return -ENOENT;
}

int open_os_release(const char *root, char **ret_path, int *ret_fd) {
        _cleanup_close_ int rfd = -EBADF, fd = -EBADF;
        _cleanup_free_ char *p = NULL;
        int r;

        rfd = open(empty_to_root(root), O_CLOEXEC | O_DIRECTORY | O_PATH);
        if (rfd < 0)
                return -errno;

        r = open_os_release_at(rfd, ret_path ? &p : NULL, ret_fd ? &fd : NULL);
        if (r < 0)
                return r;

        if (ret_path) {
                r = chaseat_prefix_root(p, root, ret_path);
                if (r < 0)
                        return r;
        }

        if (ret_fd)
                *ret_fd = TAKE_FD(fd);

        return 0;
}

int open_extension_release_at(
                int rfd,
                ImageClass image_class,
                const char *extension,
                bool relax_extension_release_check,
                char **ret_path,
                int *ret_fd) {

        _cleanup_free_ char *dir_path = NULL, *path_found = NULL;
        _cleanup_close_ int fd_found = -EBADF;
        _cleanup_closedir_ DIR *dir = NULL;
        bool found = false;
        const char *p;
        int r;

        assert(rfd >= 0 || rfd == AT_FDCWD);
        assert(!extension || (image_class >= 0 && image_class < _IMAGE_CLASS_MAX));

        if (!extension)
                return open_os_release_at(rfd, ret_path, ret_fd);

        if (!IN_SET(image_class, IMAGE_SYSEXT, IMAGE_CONFEXT))
                return -EINVAL;

        if (!image_name_is_valid(extension))
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "The extension name %s is invalid.", extension);

        p = strjoina(image_class_release_info[image_class].release_file_path_prefix, extension);
        r = chaseat(rfd, p, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
        log_full_errno_zerook(LOG_DEBUG, MIN(r, 0), "Checking for %s: %m", p);
        if (r != -ENOENT)
                return r;

        /* Cannot find the expected extension-release file? The image filename might have been mangled on
         * deployment, so fallback to checking for any file in the extension-release.d directory, and return
         * the first one with a user.extension-release xattr instead. The user.extension-release.strict
         * xattr is checked to ensure the author of the image considers it OK if names do not match. */

        p = image_class_release_info[image_class].release_file_directory;
        r = chase_and_opendirat(rfd, p, CHASE_AT_RESOLVE_IN_ROOT, &dir_path, &dir);
        if (r < 0)
                return log_debug_errno(r, "Cannot open %s, ignoring: %m", p);

        FOREACH_DIRENT(de, dir, return -errno) {
                _cleanup_close_ int fd = -EBADF;
                const char *image_name;

                if (!IN_SET(de->d_type, DT_REG, DT_UNKNOWN))
                        continue;

                image_name = startswith(de->d_name, "extension-release.");
                if (!image_name)
                        continue;

                if (!image_name_is_valid(image_name)) {
                        log_debug("%s/%s is not a valid release file name, ignoring.", dir_path, de->d_name);
                        continue;
                }

                /* We already chased the directory, and checked that this is a real file, so we shouldn't
                 * fail to open it. */
                fd = openat(dirfd(dir), de->d_name, O_PATH|O_CLOEXEC|O_NOFOLLOW);
                if (fd < 0)
                        return log_debug_errno(errno, "Failed to open release file %s/%s: %m", dir_path, de->d_name);

                /* Really ensure it is a regular file after we open it. */
                r = fd_verify_regular(fd);
                if (r < 0) {
                        log_debug_errno(r, "%s/%s is not a regular file, ignoring: %m", dir_path, de->d_name);
                        continue;
                }

                if (!relax_extension_release_check) {
                        _cleanup_free_ char *base_extension = NULL;

                        r = path_extract_image_name(extension, &base_extension);
                        if (r < 0) {
                                log_debug_errno(r, "Failed to extract image name from %s, ignoring: %m", extension);
                                continue;
                        }

                        if (!streq(image_name, base_extension) &&
                            extension_release_strict_xattr_value(fd, dir_path, image_name) != 0)
                                continue;
                }

                /* We already found what we were looking for, but there's another candidate? We treat this as
                 * an error, as we want to enforce that there are no ambiguities in case we are in the
                 * fallback path. */
                if (found)
                        return -ENOTUNIQ;

                found = true;

                if (ret_fd)
                        fd_found = TAKE_FD(fd);

                if (ret_path) {
                        path_found = path_join(dir_path, de->d_name);
                        if (!path_found)
                                return -ENOMEM;
                }
        }
        if (!found)
                return -ENOENT;

        if (ret_fd)
                *ret_fd = TAKE_FD(fd_found);
        if (ret_path)
                *ret_path = TAKE_PTR(path_found);

        return 0;
}

int open_extension_release(
                const char *root,
                ImageClass image_class,
                const char *extension,
                bool relax_extension_release_check,
                char **ret_path,
                int *ret_fd) {

        _cleanup_close_ int rfd = -EBADF, fd = -EBADF;
        _cleanup_free_ char *p = NULL;
        int r;

        rfd = open(empty_to_root(root), O_CLOEXEC | O_DIRECTORY | O_PATH);
        if (rfd < 0)
                return -errno;

        r = open_extension_release_at(rfd, image_class, extension, relax_extension_release_check,
                                      ret_path ? &p : NULL, ret_fd ? &fd : NULL);
        if (r < 0)
                return r;

        if (ret_path) {
                r = chaseat_prefix_root(p, root, ret_path);
                if (r < 0)
                        return r;
        }

        if (ret_fd)
                *ret_fd = TAKE_FD(fd);

        return 0;
}

static int parse_extension_release_atv(
                int rfd,
                ImageClass image_class,
                const char *extension,
                bool relax_extension_release_check,
                va_list ap) {

        _cleanup_close_ int fd = -EBADF;
        _cleanup_free_ char *p = NULL;
        int r;

        assert(rfd >= 0 || rfd == AT_FDCWD);

        r = open_extension_release_at(rfd, image_class, extension, relax_extension_release_check, &p, &fd);
        if (r < 0)
                return r;

        return parse_env_file_fdv(fd, p, ap);
}

int parse_extension_release_at_sentinel(
                int rfd,
                ImageClass image_class,
                bool relax_extension_release_check,
                const char *extension,
                ...) {

        va_list ap;
        int r;

        assert(rfd >= 0 || rfd == AT_FDCWD);

        va_start(ap, extension);
        r = parse_extension_release_atv(rfd, image_class, extension, relax_extension_release_check, ap);
        va_end(ap);
        return r;
}

int parse_extension_release_sentinel(
                const char *root,
                ImageClass image_class,
                bool relax_extension_release_check,
                const char *extension,
                ...) {

        _cleanup_close_ int rfd = -EBADF;
        va_list ap;
        int r;

        rfd = open(empty_to_root(root), O_CLOEXEC | O_DIRECTORY | O_PATH);
        if (rfd < 0)
                return -errno;

        va_start(ap, extension);
        r = parse_extension_release_atv(rfd, image_class, extension, relax_extension_release_check, ap);
        va_end(ap);
        return r;
}

int load_os_release_pairs_with_prefix(const char *root, const char *prefix, char ***ret) {
        _cleanup_strv_free_ char **os_release_pairs = NULL, **os_release_pairs_prefixed = NULL;
        int r;

        r = load_os_release_pairs(root, &os_release_pairs);
        if (r < 0)
                return r;

        STRV_FOREACH_PAIR(p, q, os_release_pairs) {
                char *line;

                /* We strictly return only the four main ID fields and ignore the rest */
                if (!STR_IN_SET(*p, "ID", "VERSION_ID", "BUILD_ID", "VARIANT_ID"))
                        continue;

                ascii_strlower(*p);
                line = strjoin(prefix, *p, "=", *q);
                if (!line)
                        return -ENOMEM;
                r = strv_consume(&os_release_pairs_prefixed, line);
                if (r < 0)
                        return r;
        }

        *ret = TAKE_PTR(os_release_pairs_prefixed);

        return 0;
}

int load_extension_release_pairs(const char *root, ImageClass image_class, const char *extension, bool relax_extension_release_check, char ***ret) {
        _cleanup_close_ int fd = -EBADF;
        _cleanup_free_ char *p = NULL;
        int r;

        r = open_extension_release(root, image_class, extension, relax_extension_release_check, &p, &fd);
        if (r < 0)
                return r;

        return load_env_file_pairs_fd(fd, p, ret);
}

int os_release_support_ended(const char *support_end, bool quiet, usec_t *ret_eol) {
        _cleanup_free_ char *_support_end_alloc = NULL;
        int r;

        if (!support_end) {
                /* If the caller has the variably handy, they can pass it in. If not, we'll read it
                 * ourselves. */

                r = parse_os_release(NULL,
                                     "SUPPORT_END", &_support_end_alloc);
                if (r < 0 && r != -ENOENT)
                        return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, r,
                                              "Failed to read os-release file, ignoring: %m");

                support_end = _support_end_alloc;
        }

        if (isempty(support_end)) { /* An empty string is a explicit way to say "no EOL exists" */
                if (ret_eol)
                        *ret_eol = USEC_INFINITY;

                return false;  /* no end date defined */
        }

        struct tm tm = {};
        const char *k = strptime(support_end, "%Y-%m-%d", &tm);
        if (!k || *k)
                return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, SYNTHETIC_ERRNO(EINVAL),
                                      "Failed to parse SUPPORT_END= from os-release file, ignoring: %s", support_end);

        usec_t eol;
        r = mktime_or_timegm_usec(&tm, /* utc= */ true, &eol);
        if (r < 0)
                return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, r,
                                      "Failed to convert SUPPORT_END= time from os-release file, ignoring: %m");

        if (ret_eol)
                *ret_eol = eol;

        return now(CLOCK_REALTIME) > eol;
}

const char* os_release_pretty_name(const char *pretty_name, const char *name) {
        /* Distills a "pretty" name to show from os-release data. First argument is supposed to be the
         * PRETTY_NAME= field, the second one the NAME= field. This function is trivial, of course, and
         * exists mostly to ensure we use the same logic wherever possible. */

        return empty_to_null(pretty_name) ?:
                empty_to_null(name) ?: "Linux";
}
Commit	Line	Data
	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
	2
	3	#include <stdlib.h>
	4
	5	#include "alloc-util.h"
	6	#include "chase.h"
	7	#include "dirent-util.h"
	8	#include "env-file.h"
	9	#include "errno-util.h"
	10	#include "fd-util.h"
	11	#include "fs-util.h"
	12	#include "glyph-util.h"
	13	#include "log.h"
	14	#include "os-util.h"
	15	#include "path-util.h"
	16	#include "stat-util.h"
	17	#include "string-table.h"
	18	#include "string-util.h"
	19	#include "strv.h"
	20	#include "time-util.h"
	21	#include "utf8.h"
	22	#include "xattr-util.h"
	23
	24	static const char* const image_class_table[_IMAGE_CLASS_MAX] = {
	25	[IMAGE_MACHINE] = "machine",
	26	[IMAGE_PORTABLE] = "portable",
	27	[IMAGE_SYSEXT] = "sysext",
	28	[IMAGE_CONFEXT] = "confext",
	29	};
	30
	31	DEFINE_STRING_TABLE_LOOKUP(image_class, ImageClass);
	32
	33	/* Helper struct for naming simplicity and reusability */
	34	static const struct {
	35	const char *release_file_directory;
	36	const char *release_file_path_prefix;
	37	} image_class_release_info[_IMAGE_CLASS_MAX] = {
	38	[IMAGE_SYSEXT] = {
	39	.release_file_directory = "/usr/lib/extension-release.d/",
	40	.release_file_path_prefix = "/usr/lib/extension-release.d/extension-release.",
	41	},
	42	[IMAGE_CONFEXT] = {
	43	.release_file_directory = "/etc/extension-release.d/",
	44	.release_file_path_prefix = "/etc/extension-release.d/extension-release.",
	45	}
	46	};
	47
	48	bool image_name_is_valid(const char *s) {
	49	if (!filename_is_valid(s))
	50	return false;
	51
	52	if (string_has_cc(s, NULL))
	53	return false;
	54
	55	if (!utf8_is_valid(s))
	56	return false;
	57
	58	/* Temporary files for atomically creating new files */
	59	if (startswith(s, ".#"))
	60	return false;
	61
	62	return true;
	63	}
	64
	65	int path_extract_image_name(const char path, char *ret) {
	66	_cleanup_free_ char *fn = NULL;
	67	int r;
	68
	69	assert(path);
	70	assert(ret);
	71
	72	/* Extract last component from path, without any "/" suffixes. */
	73	r = path_extract_filename(path, &fn);
	74	if (r < 0)
	75	return r;
	76	if (r != O_DIRECTORY) {
	77	/* Chop off any image suffixes we recognize (unless we already know this must refer to some dir) */
	78	char *m = ENDSWITH_SET(fn, ".sysext.raw", ".confext.raw", ".raw");
	79	if (m)
	80	*m = 0;
	81	}
	82
	83	/* Truncate the version/counting suffixes */
	84	fn[strcspn(fn, "_+")] = 0;
	85
	86	if (!image_name_is_valid(fn))
	87	return -EINVAL;
	88
	89	*ret = TAKE_PTR(fn);
	90	return 0;
	91	}
	92
	93	int path_is_extension_tree(ImageClass image_class, const char path, const char extension, bool relax_extension_release_check) {
	94	int r;
	95
	96	assert(path);
	97
	98	/* Does the path exist at all? If not, generate an error immediately. This is useful so that a missing root dir
	99	* always results in -ENOENT, and we can properly distinguish the case where the whole root doesn't exist from
	100	* the case where just the os-release file is missing. */
	101	r = access_nofollow(path, F_OK);
	102	if (r < 0)
	103	return r;
	104
	105	/* We use /usr/lib/extension-release.d/extension-release[.NAME] as flag for something being a system extension,
	106	* /etc/extension-release.d/extension-release[.NAME] as flag for something being a system configuration, and finally,
	107	* and {/etc\|/usr/lib}/os-release as a flag for something being an OS (when not an extension). */
	108	r = open_extension_release(path, image_class, extension, relax_extension_release_check, NULL, NULL);
	109	if (r == -ENOENT) /* We got nothing */
	110	return 0;
	111	if (r < 0)
	112	return r;
	113
	114	return 1;
	115	}
	116
	117	static int extension_release_strict_xattr_value(int extension_release_fd, const char extension_release_dir_path, const char filename) {
	118	int r;
	119
	120	assert(extension_release_fd >= 0);
	121	assert(extension_release_dir_path);
	122	assert(filename);
	123
	124	/* No xattr or cannot parse it? Then skip this. */
	125	r = getxattr_at_bool(extension_release_fd, /* path= / NULL, "user.extension-release.strict", / at_flags= */ 0);
	126	if (ERRNO_IS_NEG_XATTR_ABSENT(r))
	127	return log_debug_errno(r, "%s/%s does not have user.extension-release.strict xattr, ignoring.",
	128	extension_release_dir_path, filename);
	129	if (r < 0)
	130	return log_debug_errno(r, "%s/%s: Failed to read 'user.extension-release.strict' extended attribute from file, ignoring: %m",
	131	extension_release_dir_path, filename);
	132
	133	/* Explicitly set to request strict matching? Skip it. */
	134	if (r > 0) {
	135	log_debug("%s/%s: 'user.extension-release.strict' attribute is true, ignoring file.",
	136	extension_release_dir_path, filename);
	137	return true;
	138	}
	139
	140	log_debug("%s/%s: 'user.extension-release.strict' attribute is false%s",
	141	extension_release_dir_path, filename,
	142	glyph(GLYPH_ELLIPSIS));
	143
	144	return false;
	145	}
	146
	147	int open_os_release_at(int rfd, char *ret_path, int ret_fd) {
	148	const char *e;
	149	int r;
	150
	151	assert(rfd >= 0 \|\| rfd == AT_FDCWD);
	152
	153	e = secure_getenv("SYSTEMD_OS_RELEASE");
	154	if (e)
	155	return chaseat(rfd, e, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
	156
	157	FOREACH_STRING(path, "/etc/os-release", "/usr/lib/os-release") {
	158	r = chaseat(rfd, path, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
	159	if (r != -ENOENT)
	160	return r;
	161	}
	162
	163	return -ENOENT;
	164	}
	165
	166	int open_os_release(const char root, char ret_path, int ret_fd) {
	167	_cleanup_close_ int rfd = -EBADF, fd = -EBADF;
	168	_cleanup_free_ char *p = NULL;
	169	int r;
	170
	171	rfd = open(empty_to_root(root), O_CLOEXEC \| O_DIRECTORY \| O_PATH);
	172	if (rfd < 0)
	173	return -errno;
	174
	175	r = open_os_release_at(rfd, ret_path ? &p : NULL, ret_fd ? &fd : NULL);
	176	if (r < 0)
	177	return r;
	178
	179	if (ret_path) {
	180	r = chaseat_prefix_root(p, root, ret_path);
	181	if (r < 0)
	182	return r;
	183	}
	184
	185	if (ret_fd)
	186	*ret_fd = TAKE_FD(fd);
	187
	188	return 0;
	189	}
	190
	191	int open_extension_release_at(
	192	int rfd,
	193	ImageClass image_class,
	194	const char *extension,
	195	bool relax_extension_release_check,
	196	char **ret_path,
	197	int *ret_fd) {
	198
	199	_cleanup_free_ char dir_path = NULL, path_found = NULL;
	200	_cleanup_close_ int fd_found = -EBADF;
	201	_cleanup_closedir_ DIR *dir = NULL;
	202	bool found = false;
	203	const char *p;
	204	int r;
	205
	206	assert(rfd >= 0 \|\| rfd == AT_FDCWD);
	207	assert(!extension \|\| (image_class >= 0 && image_class < _IMAGE_CLASS_MAX));
	208
	209	if (!extension)
	210	return open_os_release_at(rfd, ret_path, ret_fd);
	211
	212	if (!IN_SET(image_class, IMAGE_SYSEXT, IMAGE_CONFEXT))
	213	return -EINVAL;
	214
	215	if (!image_name_is_valid(extension))
	216	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "The extension name %s is invalid.", extension);
	217
	218	p = strjoina(image_class_release_info[image_class].release_file_path_prefix, extension);
	219	r = chaseat(rfd, p, CHASE_AT_RESOLVE_IN_ROOT, ret_path, ret_fd);
	220	log_full_errno_zerook(LOG_DEBUG, MIN(r, 0), "Checking for %s: %m", p);
	221	if (r != -ENOENT)
	222	return r;
	223
	224	/* Cannot find the expected extension-release file? The image filename might have been mangled on
	225	* deployment, so fallback to checking for any file in the extension-release.d directory, and return
	226	* the first one with a user.extension-release xattr instead. The user.extension-release.strict
	227	* xattr is checked to ensure the author of the image considers it OK if names do not match. */
	228
	229	p = image_class_release_info[image_class].release_file_directory;
	230	r = chase_and_opendirat(rfd, p, CHASE_AT_RESOLVE_IN_ROOT, &dir_path, &dir);
	231	if (r < 0)
	232	return log_debug_errno(r, "Cannot open %s, ignoring: %m", p);
	233
	234	FOREACH_DIRENT(de, dir, return -errno) {
	235	_cleanup_close_ int fd = -EBADF;
	236	const char *image_name;
	237
	238	if (!IN_SET(de->d_type, DT_REG, DT_UNKNOWN))
	239	continue;
	240
	241	image_name = startswith(de->d_name, "extension-release.");
	242	if (!image_name)
	243	continue;
	244
	245	if (!image_name_is_valid(image_name)) {
	246	log_debug("%s/%s is not a valid release file name, ignoring.", dir_path, de->d_name);
	247	continue;
	248	}
	249
	250	/* We already chased the directory, and checked that this is a real file, so we shouldn't
	251	* fail to open it. */
	252	fd = openat(dirfd(dir), de->d_name, O_PATH\|O_CLOEXEC\|O_NOFOLLOW);
	253	if (fd < 0)
	254	return log_debug_errno(errno, "Failed to open release file %s/%s: %m", dir_path, de->d_name);
	255
	256	/* Really ensure it is a regular file after we open it. */
	257	r = fd_verify_regular(fd);
	258	if (r < 0) {
	259	log_debug_errno(r, "%s/%s is not a regular file, ignoring: %m", dir_path, de->d_name);
	260	continue;
	261	}
	262
	263	if (!relax_extension_release_check) {
	264	_cleanup_free_ char *base_extension = NULL;
	265
	266	r = path_extract_image_name(extension, &base_extension);
	267	if (r < 0) {
	268	log_debug_errno(r, "Failed to extract image name from %s, ignoring: %m", extension);
	269	continue;
	270	}
	271
	272	if (!streq(image_name, base_extension) &&
	273	extension_release_strict_xattr_value(fd, dir_path, image_name) != 0)
	274	continue;
	275	}
	276
	277	/* We already found what we were looking for, but there's another candidate? We treat this as
	278	* an error, as we want to enforce that there are no ambiguities in case we are in the
	279	* fallback path. */
	280	if (found)
	281	return -ENOTUNIQ;
	282
	283	found = true;
	284
	285	if (ret_fd)
	286	fd_found = TAKE_FD(fd);
	287
	288	if (ret_path) {
	289	path_found = path_join(dir_path, de->d_name);
	290	if (!path_found)
	291	return -ENOMEM;
	292	}
	293	}
	294	if (!found)
	295	return -ENOENT;
	296
	297	if (ret_fd)
	298	*ret_fd = TAKE_FD(fd_found);
	299	if (ret_path)
	300	*ret_path = TAKE_PTR(path_found);
	301
	302	return 0;
	303	}
	304
	305	int open_extension_release(
	306	const char *root,
	307	ImageClass image_class,
	308	const char *extension,
	309	bool relax_extension_release_check,
	310	char **ret_path,
	311	int *ret_fd) {
	312
	313	_cleanup_close_ int rfd = -EBADF, fd = -EBADF;
	314	_cleanup_free_ char *p = NULL;
	315	int r;
	316
	317	rfd = open(empty_to_root(root), O_CLOEXEC \| O_DIRECTORY \| O_PATH);
	318	if (rfd < 0)
	319	return -errno;
	320
	321	r = open_extension_release_at(rfd, image_class, extension, relax_extension_release_check,
	322	ret_path ? &p : NULL, ret_fd ? &fd : NULL);
	323	if (r < 0)
	324	return r;
	325
	326	if (ret_path) {
	327	r = chaseat_prefix_root(p, root, ret_path);
	328	if (r < 0)
	329	return r;
	330	}
	331
	332	if (ret_fd)
	333	*ret_fd = TAKE_FD(fd);
	334
	335	return 0;
	336	}
	337
	338	static int parse_extension_release_atv(
	339	int rfd,
	340	ImageClass image_class,
	341	const char *extension,
	342	bool relax_extension_release_check,
	343	va_list ap) {
	344
	345	_cleanup_close_ int fd = -EBADF;
	346	_cleanup_free_ char *p = NULL;
	347	int r;
	348
	349	assert(rfd >= 0 \|\| rfd == AT_FDCWD);
	350
	351	r = open_extension_release_at(rfd, image_class, extension, relax_extension_release_check, &p, &fd);
	352	if (r < 0)
	353	return r;
	354
	355	return parse_env_file_fdv(fd, p, ap);
	356	}
	357
	358	int parse_extension_release_at_sentinel(
	359	int rfd,
	360	ImageClass image_class,
	361	bool relax_extension_release_check,
	362	const char *extension,
	363	...) {
	364
	365	va_list ap;
	366	int r;
	367
	368	assert(rfd >= 0 \|\| rfd == AT_FDCWD);
	369
	370	va_start(ap, extension);
	371	r = parse_extension_release_atv(rfd, image_class, extension, relax_extension_release_check, ap);
	372	va_end(ap);
	373	return r;
	374	}
	375
	376	int parse_extension_release_sentinel(
	377	const char *root,
	378	ImageClass image_class,
	379	bool relax_extension_release_check,
	380	const char *extension,
	381	...) {
	382
	383	_cleanup_close_ int rfd = -EBADF;
	384	va_list ap;
	385	int r;
	386
	387	rfd = open(empty_to_root(root), O_CLOEXEC \| O_DIRECTORY \| O_PATH);
	388	if (rfd < 0)
	389	return -errno;
	390
	391	va_start(ap, extension);
	392	r = parse_extension_release_atv(rfd, image_class, extension, relax_extension_release_check, ap);
	393	va_end(ap);
	394	return r;
	395	}
	396
	397	int load_os_release_pairs_with_prefix(const char root, const char prefix, char ***ret) {
	398	_cleanup_strv_free_ char os_release_pairs = NULL, os_release_pairs_prefixed = NULL;
	399	int r;
	400
	401	r = load_os_release_pairs(root, &os_release_pairs);
	402	if (r < 0)
	403	return r;
	404
	405	STRV_FOREACH_PAIR(p, q, os_release_pairs) {
	406	char *line;
	407
	408	/* We strictly return only the four main ID fields and ignore the rest */
	409	if (!STR_IN_SET(*p, "ID", "VERSION_ID", "BUILD_ID", "VARIANT_ID"))
	410	continue;
	411
	412	ascii_strlower(*p);
	413	line = strjoin(prefix, p, "=", q);
	414	if (!line)
	415	return -ENOMEM;
	416	r = strv_consume(&os_release_pairs_prefixed, line);
	417	if (r < 0)
	418	return r;
	419	}
	420
	421	*ret = TAKE_PTR(os_release_pairs_prefixed);
	422
	423	return 0;
	424	}
	425
	426	int load_extension_release_pairs(const char root, ImageClass image_class, const char extension, bool relax_extension_release_check, char ***ret) {
	427	_cleanup_close_ int fd = -EBADF;
	428	_cleanup_free_ char *p = NULL;
	429	int r;
	430
	431	r = open_extension_release(root, image_class, extension, relax_extension_release_check, &p, &fd);
	432	if (r < 0)
	433	return r;
	434
	435	return load_env_file_pairs_fd(fd, p, ret);
	436	}
	437
	438	int os_release_support_ended(const char support_end, bool quiet, usec_t ret_eol) {
	439	_cleanup_free_ char *_support_end_alloc = NULL;
	440	int r;
	441
	442	if (!support_end) {
	443	/* If the caller has the variably handy, they can pass it in. If not, we'll read it
	444	* ourselves. */
	445
	446	r = parse_os_release(NULL,
	447	"SUPPORT_END", &_support_end_alloc);
	448	if (r < 0 && r != -ENOENT)
	449	return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, r,
	450	"Failed to read os-release file, ignoring: %m");
	451
	452	support_end = _support_end_alloc;
	453	}
	454
	455	if (isempty(support_end)) { /* An empty string is a explicit way to say "no EOL exists" */
	456	if (ret_eol)
	457	*ret_eol = USEC_INFINITY;
	458
	459	return false; /* no end date defined */
	460	}
	461
	462	struct tm tm = {};
	463	const char *k = strptime(support_end, "%Y-%m-%d", &tm);
	464	if (!k \|\| *k)
	465	return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, SYNTHETIC_ERRNO(EINVAL),
	466	"Failed to parse SUPPORT_END= from os-release file, ignoring: %s", support_end);
	467
	468	usec_t eol;
	469	r = mktime_or_timegm_usec(&tm, /* utc= */ true, &eol);
	470	if (r < 0)
	471	return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, r,
	472	"Failed to convert SUPPORT_END= time from os-release file, ignoring: %m");
	473
	474	if (ret_eol)
	475	*ret_eol = eol;
	476
	477	return now(CLOCK_REALTIME) > eol;
	478	}
	479
	480	const char* os_release_pretty_name(const char pretty_name, const char name) {
	481	/* Distills a "pretty" name to show from os-release data. First argument is supposed to be the
	482	* PRETTY_NAME= field, the second one the NAME= field. This function is trivial, of course, and
	483	* exists mostly to ensure we use the same logic wherever possible. */
	484
	485	return empty_to_null(pretty_name) ?:
	486	empty_to_null(name) ?: "Linux";
	487	}