1 /* SPDX-License-Identifier: LGPL-2.1+ */
5 #include <linux/loop.h>
8 #include "architecture.h"
9 #include "dissect-image.h"
10 #include "hexdecoct.h"
12 #include "loop-util.h"
13 #include "main-func.h"
14 #include "parse-util.h"
15 #include "path-util.h"
16 #include "string-util.h"
18 #include "user-util.h"
24 } arg_action
= ACTION_DISSECT
;
25 static const char *arg_image
= NULL
;
26 static const char *arg_path
= NULL
;
27 static DissectImageFlags arg_flags
= DISSECT_IMAGE_REQUIRE_ROOT
|DISSECT_IMAGE_DISCARD_ON_LOOP
|DISSECT_IMAGE_RELAX_VAR_CHECK
|DISSECT_IMAGE_FSCK
;
28 static void *arg_root_hash
= NULL
;
29 static char *arg_verity_data
= NULL
;
30 static size_t arg_root_hash_size
= 0;
32 STATIC_DESTRUCTOR_REGISTER(arg_root_hash
, freep
);
33 STATIC_DESTRUCTOR_REGISTER(arg_verity_data
, freep
);
35 static void help(void) {
36 printf("%s [OPTIONS...] IMAGE\n"
37 "%s [OPTIONS...] --mount IMAGE PATH\n"
38 "Dissect a file system OS image.\n\n"
39 " -h --help Show this help\n"
40 " --version Show package version\n"
41 " -m --mount Mount the image to the specified directory\n"
42 " -r --read-only Mount read-only\n"
43 " --fsck=BOOL Run fsck before mounting\n"
44 " --discard=MODE Choose 'discard' mode (disabled, loop, all, crypto)\n"
45 " --root-hash=HASH Specify root hash for verity\n"
46 " --verity-data=PATH Specify data file with hash tree for verity if it is\n"
47 " not embedded in IMAGE\n",
48 program_invocation_short_name
,
49 program_invocation_short_name
);
52 static int parse_argv(int argc
, char *argv
[]) {
62 static const struct option options
[] = {
63 { "help", no_argument
, NULL
, 'h' },
64 { "version", no_argument
, NULL
, ARG_VERSION
},
65 { "mount", no_argument
, NULL
, 'm' },
66 { "read-only", no_argument
, NULL
, 'r' },
67 { "discard", required_argument
, NULL
, ARG_DISCARD
},
68 { "root-hash", required_argument
, NULL
, ARG_ROOT_HASH
},
69 { "fsck", required_argument
, NULL
, ARG_FSCK
},
70 { "verity-data", required_argument
, NULL
, ARG_VERITY_DATA
},
79 while ((c
= getopt_long(argc
, argv
, "hmr", options
, NULL
)) >= 0) {
91 arg_action
= ACTION_MOUNT
;
95 arg_flags
|= DISSECT_IMAGE_READ_ONLY
;
99 DissectImageFlags flags
;
101 if (streq(optarg
, "disabled"))
103 else if (streq(optarg
, "loop"))
104 flags
= DISSECT_IMAGE_DISCARD_ON_LOOP
;
105 else if (streq(optarg
, "all"))
106 flags
= DISSECT_IMAGE_DISCARD_ON_LOOP
| DISSECT_IMAGE_DISCARD
;
107 else if (streq(optarg
, "crypt"))
108 flags
= DISSECT_IMAGE_DISCARD_ANY
;
110 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
111 "Unknown --discard= parameter: %s",
113 arg_flags
= (arg_flags
& ~DISSECT_IMAGE_DISCARD_ANY
) | flags
;
118 case ARG_ROOT_HASH
: {
122 r
= unhexmem(optarg
, strlen(optarg
), &p
, &l
);
124 return log_error_errno(r
, "Failed to parse root hash '%s': %m", optarg
);
125 if (l
< sizeof(sd_id128_t
)) {
126 log_error("Root hash must be at least 128bit long: %s", optarg
);
133 arg_root_hash_size
= l
;
137 case ARG_VERITY_DATA
:
138 r
= parse_path_argument_and_warn(optarg
, false, &arg_verity_data
);
144 r
= parse_boolean(optarg
);
146 return log_error_errno(r
, "Failed to parse --fsck= parameter: %s", optarg
);
148 SET_FLAG(arg_flags
, DISSECT_IMAGE_FSCK
, r
);
155 assert_not_reached("Unhandled option");
160 switch (arg_action
) {
163 if (optind
+ 1 != argc
)
164 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
165 "Expected a file path as only argument.");
167 arg_image
= argv
[optind
];
168 arg_flags
|= DISSECT_IMAGE_READ_ONLY
;
172 if (optind
+ 2 != argc
)
173 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
174 "Expected a file path and mount point path as only arguments.");
176 arg_image
= argv
[optind
];
177 arg_path
= argv
[optind
+ 1];
181 assert_not_reached("Unknown action.");
187 static int run(int argc
, char *argv
[]) {
188 _cleanup_(loop_device_unrefp
) LoopDevice
*d
= NULL
;
189 _cleanup_(decrypted_image_unrefp
) DecryptedImage
*di
= NULL
;
190 _cleanup_(dissected_image_unrefp
) DissectedImage
*m
= NULL
;
193 log_parse_environment();
196 r
= parse_argv(argc
, argv
);
200 r
= loop_device_make_by_path(arg_image
, (arg_flags
& DISSECT_IMAGE_READ_ONLY
) ? O_RDONLY
: O_RDWR
, LO_FLAGS_PARTSCAN
, &d
);
202 return log_error_errno(r
, "Failed to set up loopback device: %m");
204 r
= verity_metadata_load(arg_image
, NULL
, arg_root_hash
? NULL
: &arg_root_hash
, &arg_root_hash_size
,
205 arg_verity_data
? NULL
: &arg_verity_data
);
207 return log_error_errno(r
, "Failed to read verity artefacts for %s: %m", arg_image
);
208 arg_flags
|= arg_verity_data
? DISSECT_IMAGE_NO_PARTITION_TABLE
: 0;
210 r
= dissect_image_and_warn(d
->fd
, arg_image
, arg_root_hash
, arg_root_hash_size
, arg_verity_data
, arg_flags
, &m
);
214 switch (arg_action
) {
216 case ACTION_DISSECT
: {
219 for (i
= 0; i
< _PARTITION_DESIGNATOR_MAX
; i
++) {
220 DissectedPartition
*p
= m
->partitions
+ i
;
225 printf("Found %s '%s' partition",
226 p
->rw
? "writable" : "read-only",
227 partition_designator_to_string(i
));
229 if (!sd_id128_is_null(p
->uuid
))
230 printf(" (UUID " SD_ID128_FORMAT_STR
")", SD_ID128_FORMAT_VAL(p
->uuid
));
233 printf(" of type %s", p
->fstype
);
235 if (p
->architecture
!= _ARCHITECTURE_INVALID
)
236 printf(" for %s", architecture_to_string(p
->architecture
));
238 if (dissected_image_can_do_verity(m
, i
))
239 printf(" %s verity", dissected_image_has_verity(m
, i
) ? "with" : "without");
242 printf(" on partition #%i", p
->partno
);
245 printf(" (%s)", p
->node
);
250 r
= dissected_image_acquire_metadata(m
);
252 return log_error_errno(r
, "Failed to acquire image metadata: %m");
255 printf(" Hostname: %s\n", m
->hostname
);
257 if (!sd_id128_is_null(m
->machine_id
))
258 printf("Machine ID: " SD_ID128_FORMAT_STR
"\n", SD_ID128_FORMAT_VAL(m
->machine_id
));
260 if (!strv_isempty(m
->machine_info
)) {
263 STRV_FOREACH_PAIR(p
, q
, m
->machine_info
)
265 p
== m
->machine_info
? "Mach. Info:" : " ",
269 if (!strv_isempty(m
->os_release
)) {
272 STRV_FOREACH_PAIR(p
, q
, m
->os_release
)
274 p
== m
->os_release
? "OS Release:" : " ",
282 r
= dissected_image_decrypt_interactively(m
, NULL
, arg_root_hash
, arg_root_hash_size
, arg_verity_data
, arg_flags
, &di
);
286 r
= dissected_image_mount(m
, arg_path
, UID_INVALID
, arg_flags
);
288 return log_error_errno(r
, "File system check on image failed: %m");
290 return log_error_errno(r
, "Failed to mount image: %m");
293 r
= decrypted_image_relinquish(di
);
295 return log_error_errno(r
, "Failed to relinquish DM devices: %m");
298 loop_device_relinquish(d
);
302 assert_not_reached("Unknown action.");
308 DEFINE_MAIN_FUNCTION(run
);