]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/gpt-auto-generator/gpt-auto-generator.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gpt-auto-generator: rework/simplify logic for picking /efi or /boot
[thirdparty/systemd.git] / src / gpt-auto-generator / gpt-auto-generator.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <stdlib.h>
4 #include <sys/file.h>
5 #include <unistd.h>
6
7 #include "sd-device.h"
8 #include "sd-id128.h"
9
10 #include "alloc-util.h"
11 #include "blkid-util.h"
12 #include "blockdev-util.h"
13 #include "btrfs-util.h"
14 #include "device-util.h"
15 #include "devnum-util.h"
16 #include "dirent-util.h"
17 #include "dissect-image.h"
18 #include "dropin.h"
19 #include "efi-loader.h"
20 #include "fd-util.h"
21 #include "fileio.h"
22 #include "fs-util.h"
23 #include "fstab-util.h"
24 #include "generator.h"
25 #include "gpt.h"
26 #include "image-policy.h"
27 #include "initrd-util.h"
28 #include "mountpoint-util.h"
29 #include "parse-util.h"
30 #include "path-util.h"
31 #include "proc-cmdline.h"
32 #include "special.h"
33 #include "specifier.h"
34 #include "stat-util.h"
35 #include "string-util.h"
36 #include "strv.h"
37 #include "unit-name.h"
38 #include "virt.h"
39
40 static const char *arg_dest = NULL;
41 static bool arg_enabled = true;
42 static bool arg_root_enabled = true;
43 static bool arg_swap_enabled = true;
44 static char *arg_root_fstype = NULL;
45 static char *arg_root_options = NULL;
46 static int arg_root_rw = -1;
47 static ImagePolicy *arg_image_policy = NULL;
48
49 STATIC_DESTRUCTOR_REGISTER(arg_image_policy, image_policy_freep);
50
51 STATIC_DESTRUCTOR_REGISTER(arg_root_fstype, freep);
52 STATIC_DESTRUCTOR_REGISTER(arg_root_options, freep);
53
54 static int add_cryptsetup(
55 const char *id,
56 const char *what,
57 bool rw,
58 bool require,
59 bool measure,
60 char **ret_device) {
61
62 #if HAVE_LIBCRYPTSETUP
63 _cleanup_free_ char *e = NULL, *n = NULL, *d = NULL, *options = NULL;
64 _cleanup_fclose_ FILE *f = NULL;
65 int r;
66
67 assert(id);
68 assert(what);
69
70 r = unit_name_from_path(what, ".device", &d);
71 if (r < 0)
72 return log_error_errno(r, "Failed to generate unit name: %m");
73
74 e = unit_name_escape(id);
75 if (!e)
76 return log_oom();
77
78 r = unit_name_build("systemd-cryptsetup", e, ".service", &n);
79 if (r < 0)
80 return log_error_errno(r, "Failed to generate unit name: %m");
81
82 r = generator_open_unit_file(arg_dest, NULL, n, &f);
83 if (r < 0)
84 return r;
85
86 r = generator_write_cryptsetup_unit_section(f, NULL);
87 if (r < 0)
88 return r;
89
90 fprintf(f,
91 "Before=umount.target cryptsetup.target\n"
92 "Conflicts=umount.target\n"
93 "BindsTo=%s\n"
94 "After=%s\n",
95 d, d);
96
97 if (!rw) {
98 options = strdup("read-only");
99 if (!options)
100 return log_oom();
101 }
102
103 if (measure) {
104 /* We only measure the root volume key into PCR 15 if we are booted with sd-stub (i.e. in a
105 * UKI), and sd-stub measured the UKI. We do this in order not to step into people's own PCR
106 * assignment, under the assumption that people who are fine to use sd-stub with its PCR
107 * assignments are also OK with our PCR 15 use here. */
108
109 r = efi_stub_measured(LOG_WARNING);
110 if (r == 0)
111 log_debug("Will not measure volume key of volume '%s', not booted via systemd-stub with measurements enabled.", id);
112 else if (r > 0) {
113 if (!strextend_with_separator(&options, ",", "tpm2-measure-pcr=yes"))
114 return log_oom();
115 }
116 }
117
118 r = generator_write_cryptsetup_service_section(f, id, what, NULL, options);
119 if (r < 0)
120 return r;
121
122 r = fflush_and_check(f);
123 if (r < 0)
124 return log_error_errno(r, "Failed to write file %s: %m", n);
125
126 r = generator_add_symlink(arg_dest, d, "wants", n);
127 if (r < 0)
128 return r;
129
130 const char *dmname = strjoina("dev-mapper-", e, ".device");
131
132 if (require) {
133 r = generator_add_symlink(arg_dest, "cryptsetup.target", "requires", n);
134 if (r < 0)
135 return r;
136
137 r = generator_add_symlink(arg_dest, dmname, "requires", n);
138 if (r < 0)
139 return r;
140 }
141
142 r = write_drop_in_format(arg_dest, dmname, 50, "job-timeout",
143 "# Automatically generated by systemd-gpt-auto-generator\n\n"
144 "[Unit]\n"
145 "JobTimeoutSec=0"); /* the binary handles timeouts anyway */
146 if (r < 0)
147 log_warning_errno(r, "Failed to write device timeout drop-in, ignoring: %m");
148
149 if (ret_device) {
150 char *s;
151
152 s = path_join("/dev/mapper", id);
153 if (!s)
154 return log_oom();
155
156 *ret_device = s;
157 }
158
159 return 0;
160 #else
161 return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
162 "Partition is encrypted, but systemd-gpt-auto-generator was compiled without libcryptsetup support");
163 #endif
164 }
165
166 static int add_mount(
167 const char *id,
168 const char *what,
169 const char *where,
170 const char *fstype,
171 bool rw,
172 bool growfs,
173 bool measure,
174 const char *options,
175 const char *description,
176 const char *post) {
177
178 _cleanup_free_ char *unit = NULL, *crypto_what = NULL, *p = NULL;
179 _cleanup_fclose_ FILE *f = NULL;
180 int r;
181
182 /* Note that we don't apply specifier escaping on the input strings here, since we know they are not configured
183 * externally, but all originate from our own sources here, and hence we know they contain no % characters that
184 * could potentially be understood as specifiers. */
185
186 assert(id);
187 assert(what);
188 assert(where);
189 assert(description);
190
191 log_debug("Adding %s: %s fstype=%s", where, what, fstype ?: "(any)");
192
193 if (streq_ptr(fstype, "crypto_LUKS")) {
194 r = add_cryptsetup(id, what, rw, /* require= */ true, measure, &crypto_what);
195 if (r < 0)
196 return r;
197
198 what = crypto_what;
199 fstype = NULL;
200 } else if (fstype) {
201 r = dissect_fstype_ok(fstype);
202 if (r < 0)
203 return log_error_errno(r, "Unable to determine of dissected file system type '%s' is permitted: %m", fstype);
204 if (!r)
205 return log_error_errno(
206 SYNTHETIC_ERRNO(EIDRM),
207 "Refusing to automatically mount uncommon file system '%s' to '%s'.",
208 fstype, where);
209 }
210
211 r = unit_name_from_path(where, ".mount", &unit);
212 if (r < 0)
213 return log_error_errno(r, "Failed to generate unit name: %m");
214
215 p = path_join(empty_to_root(arg_dest), unit);
216 if (!p)
217 return log_oom();
218
219 f = fopen(p, "wxe");
220 if (!f)
221 return log_error_errno(errno, "Failed to create unit file %s: %m", unit);
222
223 fprintf(f,
224 "# Automatically generated by systemd-gpt-auto-generator\n\n"
225 "[Unit]\n"
226 "Description=%s\n"
227 "Documentation=man:systemd-gpt-auto-generator(8)\n",
228 description);
229
230 if (post)
231 fprintf(f, "Before=%s\n", post);
232
233 r = generator_write_fsck_deps(f, arg_dest, what, where, fstype);
234 if (r < 0)
235 return r;
236
237 r = generator_write_blockdev_dependency(f, what);
238 if (r < 0)
239 return r;
240
241 fprintf(f,
242 "\n"
243 "[Mount]\n"
244 "What=%s\n"
245 "Where=%s\n",
246 what, where);
247
248 if (fstype)
249 fprintf(f, "Type=%s\n", fstype);
250
251 if (options)
252 fprintf(f, "Options=%s\n", options);
253
254 r = fflush_and_check(f);
255 if (r < 0)
256 return log_error_errno(r, "Failed to write unit file %s: %m", p);
257
258 if (growfs) {
259 r = generator_hook_up_growfs(arg_dest, where, post);
260 if (r < 0)
261 return r;
262 }
263
264 if (measure) {
265 r = generator_hook_up_pcrfs(arg_dest, where, post);
266 if (r < 0)
267 return r;
268 }
269
270 if (post) {
271 r = generator_add_symlink(arg_dest, post, "requires", unit);
272 if (r < 0)
273 return r;
274 }
275
276 return 0;
277 }
278
279 static int path_is_busy(const char *where) {
280 int r;
281
282 assert(where);
283
284 /* already a mountpoint; generators run during reload */
285 r = path_is_mount_point(where, NULL, AT_SYMLINK_FOLLOW);
286 if (r > 0)
287 return false;
288 /* The directory will be created by the mount or automount unit when it is started. */
289 if (r == -ENOENT)
290 return false;
291
292 if (r < 0)
293 return log_warning_errno(r, "Cannot check if \"%s\" is a mount point: %m", where);
294
295 /* not a mountpoint but it contains files */
296 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
297 if (r == -ENOTDIR) {
298 log_debug("\"%s\" is not a directory, ignoring.", where);
299 return true;
300 } else if (r < 0)
301 return log_warning_errno(r, "Cannot check if \"%s\" is empty: %m", where);
302 else if (r == 0) {
303 log_debug("\"%s\" already populated, ignoring.", where);
304 return true;
305 }
306
307 return false;
308 }
309
310 static int add_partition_mount(
311 PartitionDesignator d,
312 DissectedPartition *p,
313 const char *id,
314 const char *where,
315 const char *description) {
316
317 _cleanup_free_ char *options = NULL;
318 int r;
319
320 assert(p);
321
322 r = path_is_busy(where);
323 if (r != 0)
324 return r < 0 ? r : 0;
325
326 r = partition_pick_mount_options(
327 d,
328 dissected_partition_fstype(p),
329 p->rw,
330 /* discard= */ true,
331 &options,
332 /* ret_ms_flags= */ NULL);
333 if (r < 0)
334 return r;
335
336 return add_mount(
337 id,
338 p->node,
339 where,
340 p->fstype,
341 p->rw,
342 p->growfs,
343 /* measure= */ STR_IN_SET(id, "root", "var"), /* by default measure rootfs and /var, since they contain the "identity" of the system */
344 options,
345 description,
346 SPECIAL_LOCAL_FS_TARGET);
347 }
348
349 static int add_partition_swap(DissectedPartition *p) {
350 const char *what;
351 _cleanup_free_ char *name = NULL, *unit = NULL, *crypto_what = NULL;
352 _cleanup_fclose_ FILE *f = NULL;
353 int r;
354
355 assert(p);
356 assert(p->node);
357
358 if (!arg_swap_enabled)
359 return 0;
360
361 /* Disable the swap auto logic if at least one swap is defined in /etc/fstab, see #6192. */
362 r = fstab_has_fstype("swap");
363 if (r < 0)
364 return log_error_errno(r, "Failed to parse fstab: %m");
365 if (r > 0) {
366 log_debug("swap specified in fstab, ignoring.");
367 return 0;
368 }
369
370 if (streq_ptr(p->fstype, "crypto_LUKS")) {
371 r = add_cryptsetup("swap", p->node, /* rw= */ true, /* require= */ true, /* measure= */ false, &crypto_what);
372 if (r < 0)
373 return r;
374 what = crypto_what;
375 } else
376 what = p->node;
377
378 log_debug("Adding swap: %s", what);
379
380 r = unit_name_from_path(what, ".swap", &name);
381 if (r < 0)
382 return log_error_errno(r, "Failed to generate unit name: %m");
383
384 unit = path_join(empty_to_root(arg_dest), name);
385 if (!unit)
386 return log_oom();
387
388 f = fopen(unit, "wxe");
389 if (!f)
390 return log_error_errno(errno, "Failed to create unit file %s: %m", unit);
391
392 fprintf(f,
393 "# Automatically generated by systemd-gpt-auto-generator\n\n"
394 "[Unit]\n"
395 "Description=Swap Partition\n"
396 "Documentation=man:systemd-gpt-auto-generator(8)\n");
397
398 r = generator_write_blockdev_dependency(f, what);
399 if (r < 0)
400 return r;
401
402 fprintf(f,
403 "\n"
404 "[Swap]\n"
405 "What=%s\n",
406 what);
407
408 r = fflush_and_check(f);
409 if (r < 0)
410 return log_error_errno(r, "Failed to write unit file %s: %m", unit);
411
412 return generator_add_symlink(arg_dest, SPECIAL_SWAP_TARGET, "wants", name);
413 }
414
415 static int add_automount(
416 const char *id,
417 const char *what,
418 const char *where,
419 const char *fstype,
420 bool rw,
421 bool growfs,
422 const char *options,
423 const char *description,
424 usec_t timeout) {
425
426 _cleanup_free_ char *unit = NULL, *p = NULL;
427 _cleanup_fclose_ FILE *f = NULL;
428 int r;
429
430 assert(id);
431 assert(where);
432 assert(description);
433
434 r = add_mount(id,
435 what,
436 where,
437 fstype,
438 rw,
439 growfs,
440 /* measure= */ false,
441 options,
442 description,
443 NULL);
444 if (r < 0)
445 return r;
446
447 r = unit_name_from_path(where, ".automount", &unit);
448 if (r < 0)
449 return log_error_errno(r, "Failed to generate unit name: %m");
450
451 p = path_join(arg_dest, unit);
452 if (!p)
453 return log_oom();
454
455 f = fopen(p, "wxe");
456 if (!f)
457 return log_error_errno(errno, "Failed to create unit file %s: %m", unit);
458
459 fprintf(f,
460 "# Automatically generated by systemd-gpt-auto-generator\n\n"
461 "[Unit]\n"
462 "Description=%s\n"
463 "Documentation=man:systemd-gpt-auto-generator(8)\n"
464 "[Automount]\n"
465 "Where=%s\n"
466 "TimeoutIdleSec="USEC_FMT"\n",
467 description,
468 where,
469 timeout / USEC_PER_SEC);
470
471 r = fflush_and_check(f);
472 if (r < 0)
473 return log_error_errno(r, "Failed to write unit file %s: %m", p);
474
475 return generator_add_symlink(arg_dest, SPECIAL_LOCAL_FS_TARGET, "wants", unit);
476 }
477
478 static int slash_boot_in_fstab(void) {
479 static int cache = -1;
480
481 if (cache >= 0)
482 return cache;
483
484 cache = fstab_is_mount_point("/boot");
485 if (cache < 0)
486 return log_error_errno(cache, "Failed to parse fstab: %m");
487 return cache;
488 }
489
490 static int slash_efi_in_fstab(void) {
491 static int cache = -1;
492
493 if (cache >= 0)
494 return cache;
495
496 cache = fstab_is_mount_point("/efi");
497 if (cache < 0)
498 return log_error_errno(cache, "Failed to parse fstab: %m");
499 return cache;
500 }
501
502 static bool slash_boot_exists(void) {
503 static int cache = -1;
504
505 if (cache >= 0)
506 return cache;
507
508 if (access("/boot", F_OK) >= 0)
509 return (cache = true);
510 if (errno != ENOENT)
511 log_error_errno(errno, "Failed to determine whether /boot/ exists, assuming no: %m");
512 else
513 log_debug_errno(errno, "/boot/: %m");
514 return (cache = false);
515 }
516
517 static int add_partition_xbootldr(DissectedPartition *p) {
518 _cleanup_free_ char *options = NULL;
519 int r;
520
521 assert(p);
522
523 if (in_initrd()) {
524 log_debug("In initrd, ignoring the XBOOTLDR partition.");
525 return 0;
526 }
527
528 r = slash_boot_in_fstab();
529 if (r < 0)
530 return r;
531 if (r > 0) {
532 log_debug("/boot/ specified in fstab, ignoring XBOOTLDR partition.");
533 return 0;
534 }
535
536 r = path_is_busy("/boot");
537 if (r < 0)
538 return r;
539 if (r > 0)
540 return 0;
541
542 r = partition_pick_mount_options(
543 PARTITION_XBOOTLDR,
544 dissected_partition_fstype(p),
545 /* rw= */ true,
546 /* discard= */ false,
547 &options,
548 /* ret_ms_flags= */ NULL);
549 if (r < 0)
550 return log_error_errno(r, "Failed to determine default mount options for /boot/: %m");
551
552 return add_automount(
553 "boot",
554 p->node,
555 "/boot",
556 p->fstype,
557 /* rw= */ true,
558 /* growfs= */ false,
559 options,
560 "Boot Loader Partition",
561 120 * USEC_PER_SEC);
562 }
563
564 #if ENABLE_EFI
565 static int add_partition_esp(DissectedPartition *p, bool has_xbootldr) {
566 const char *esp_path = NULL, *id = NULL;
567 _cleanup_free_ char *options = NULL;
568 int r;
569
570 assert(p);
571
572 if (in_initrd()) {
573 log_debug("In initrd, ignoring the ESP.");
574 return 0;
575 }
576
577 /* If /boot/ is present, unused, and empty, we'll take that.
578 * Otherwise, if /efi/ is unused and empty (or missing), we'll take that.
579 * Otherwise, we do nothing.
580 */
581 if (!has_xbootldr && slash_boot_exists()) {
582 r = slash_boot_in_fstab();
583 if (r < 0)
584 return r;
585 if (r == 0) {
586 r = path_is_busy("/boot");
587 if (r < 0)
588 return r;
589 if (r == 0) {
590 esp_path = "/boot";
591 id = "boot";
592 }
593 }
594 }
595
596 if (!esp_path) {
597 r = slash_efi_in_fstab();
598 if (r < 0)
599 return r;
600 if (r > 0)
601 return 0;
602
603 r = path_is_busy("/efi");
604 if (r < 0)
605 return r;
606 if (r > 0)
607 return 0;
608
609 esp_path = "/efi";
610 id = "efi";
611 }
612
613 if (is_efi_boot()) {
614 sd_id128_t loader_uuid;
615
616 /* If this is an EFI boot, be extra careful, and only mount the ESP if it was the ESP used for booting. */
617
618 r = efi_loader_get_device_part_uuid(&loader_uuid);
619 if (r == -ENOENT) {
620 log_debug("EFI loader partition unknown.");
621 return 0;
622 }
623 if (r < 0)
624 return log_error_errno(r, "Failed to read ESP partition UUID: %m");
625
626 if (!sd_id128_equal(p->uuid, loader_uuid)) {
627 log_debug("Partition for %s does not appear to be the partition we are booted from.", p->node);
628 return 0;
629 }
630 } else
631 log_debug("Not an EFI boot, skipping ESP check.");
632
633 r = partition_pick_mount_options(
634 PARTITION_ESP,
635 dissected_partition_fstype(p),
636 /* rw= */ true,
637 /* discard= */ false,
638 &options,
639 /* ret_ms_flags= */ NULL);
640 if (r < 0)
641 return log_error_errno(r, "Failed to determine default mount options for %s: %m", esp_path);
642
643 return add_automount(
644 id,
645 p->node,
646 esp_path,
647 p->fstype,
648 /* rw= */ true,
649 /* growfs= */ false,
650 options,
651 "EFI System Partition Automount",
652 120 * USEC_PER_SEC);
653 }
654 #else
655 static int add_partition_esp(DissectedPartition *p, bool has_xbootldr) {
656 return 0;
657 }
658 #endif
659
660 static int add_partition_root_rw(DissectedPartition *p) {
661 const char *path;
662 int r;
663
664 assert(p);
665
666 if (in_initrd()) {
667 log_debug("In initrd, not generating drop-in for systemd-remount-fs.service.");
668 return 0;
669 }
670
671 if (arg_root_rw >= 0) {
672 log_debug("Parameter ro/rw specified on kernel command line, not generating drop-in for systemd-remount-fs.service.");
673 return 0;
674 }
675
676 if (!p->rw) {
677 log_debug("Root partition marked read-only in GPT partition table, not generating drop-in for systemd-remount-fs.service.");
678 return 0;
679 }
680
681 (void) generator_enable_remount_fs_service(arg_dest);
682
683 path = strjoina(arg_dest, "/systemd-remount-fs.service.d/50-remount-rw.conf");
684
685 r = write_string_file(path,
686 "# Automatically generated by systemd-gpt-auto-generator\n\n"
687 "[Service]\n"
688 "Environment=SYSTEMD_REMOUNT_ROOT_RW=1\n",
689 WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_NOFOLLOW|WRITE_STRING_FILE_MKDIR_0755);
690 if (r < 0)
691 return log_error_errno(r, "Failed to write drop-in file %s: %m", path);
692
693 return 0;
694 }
695
696 #if ENABLE_EFI
697 static int add_root_cryptsetup(void) {
698 #if HAVE_LIBCRYPTSETUP
699
700 /* If a device /dev/gpt-auto-root-luks appears, then make it pull in systemd-cryptsetup-root.service, which
701 * sets it up, and causes /dev/gpt-auto-root to appear which is all we are looking for. */
702
703 return add_cryptsetup("root", "/dev/gpt-auto-root-luks", /* rw= */ true, /* require= */ false, /* measure= */ true, NULL);
704 #else
705 return 0;
706 #endif
707 }
708 #endif
709
710 static int add_root_mount(void) {
711 #if ENABLE_EFI
712 _cleanup_free_ char *options = NULL;
713 int r;
714
715 if (!is_efi_boot()) {
716 log_debug("Not an EFI boot, not creating root mount.");
717 return 0;
718 }
719
720 r = efi_loader_get_device_part_uuid(NULL);
721 if (r == -ENOENT) {
722 log_notice("EFI loader partition unknown, exiting.\n"
723 "(The boot loader did not set EFI variable LoaderDevicePartUUID.)");
724 return 0;
725 } else if (r < 0)
726 return log_error_errno(r, "Failed to read ESP partition UUID: %m");
727
728 /* OK, we have an ESP partition, this is fantastic, so let's wait for a root device to show up. A
729 * udev rule will create the link for us under the right name. */
730
731 if (in_initrd()) {
732 r = generator_write_initrd_root_device_deps(arg_dest, "/dev/gpt-auto-root");
733 if (r < 0)
734 return 0;
735
736 r = add_root_cryptsetup();
737 if (r < 0)
738 return r;
739 }
740
741 /* Note that we do not need to enable systemd-remount-fs.service here. If
742 * /etc/fstab exists, systemd-fstab-generator will pull it in for us. */
743
744 r = partition_pick_mount_options(
745 PARTITION_ROOT,
746 arg_root_fstype,
747 arg_root_rw > 0,
748 /* discard= */ true,
749 &options,
750 /* ret_ms_flags= */ NULL);
751 if (r < 0)
752 return log_error_errno(r, "Failed to pick root mount options: %m");
753
754 if (arg_root_options)
755 if (!strextend_with_separator(&options, ",", arg_root_options))
756 return log_oom();
757
758 return add_mount(
759 "root",
760 "/dev/gpt-auto-root",
761 in_initrd() ? "/sysroot" : "/",
762 arg_root_fstype,
763 /* rw= */ arg_root_rw > 0,
764 /* growfs= */ false,
765 /* measure= */ true,
766 options,
767 "Root Partition",
768 in_initrd() ? SPECIAL_INITRD_ROOT_FS_TARGET : SPECIAL_LOCAL_FS_TARGET);
769 #else
770 return 0;
771 #endif
772 }
773
774 static int enumerate_partitions(dev_t devnum) {
775 _cleanup_(dissected_image_unrefp) DissectedImage *m = NULL;
776 _cleanup_(loop_device_unrefp) LoopDevice *loop = NULL;
777 _cleanup_free_ char *devname = NULL;
778 int r, k;
779
780 r = block_get_whole_disk(devnum, &devnum);
781 if (r < 0)
782 return log_debug_errno(r, "Failed to get whole block device for " DEVNUM_FORMAT_STR ": %m",
783 DEVNUM_FORMAT_VAL(devnum));
784
785 r = devname_from_devnum(S_IFBLK, devnum, &devname);
786 if (r < 0)
787 return log_debug_errno(r, "Failed to get device node of " DEVNUM_FORMAT_STR ": %m",
788 DEVNUM_FORMAT_VAL(devnum));
789
790 /* Let's take a LOCK_SH lock on the block device, in case udevd is already running. If we don't take
791 * the lock, udevd might end up issuing BLKRRPART in the middle, and we don't want that, since that
792 * might remove all partitions while we are operating on them. */
793 r = loop_device_open_from_path(devname, O_RDONLY, LOCK_SH, &loop);
794 if (r < 0)
795 return log_debug_errno(r, "Failed to open %s: %m", devname);
796
797 r = dissect_loop_device(
798 loop,
799 /* verity= */ NULL,
800 /* mount_options= */ NULL,
801 arg_image_policy ?: &image_policy_host,
802 DISSECT_IMAGE_GPT_ONLY|
803 DISSECT_IMAGE_USR_NO_ROOT|
804 DISSECT_IMAGE_DISKSEQ_DEVNODE|
805 DISSECT_IMAGE_ALLOW_EMPTY,
806 /* NB! Unlike most other places where we dissect block devices we do not use
807 * DISSECT_IMAGE_ADD_PARTITION_DEVICES here: we want that the kernel finds the
808 * devices, and udev probes them before we mount them via .mount units much later
809 * on. And thus we also don't set DISSECT_IMAGE_PIN_PARTITION_DEVICES here, because
810 * we don't actually mount anything immediately. */
811 &m);
812 if (r < 0) {
813 bool ok = r == -ENOPKG;
814 dissect_log_error(ok ? LOG_DEBUG : LOG_ERR, r, devname, NULL);
815 return ok ? 0 : r;
816 }
817
818 if (m->partitions[PARTITION_SWAP].found) {
819 k = add_partition_swap(m->partitions + PARTITION_SWAP);
820 if (k < 0)
821 r = k;
822 }
823
824 if (m->partitions[PARTITION_XBOOTLDR].found) {
825 k = add_partition_xbootldr(m->partitions + PARTITION_XBOOTLDR);
826 if (k < 0)
827 r = k;
828 }
829
830 if (m->partitions[PARTITION_ESP].found) {
831 k = add_partition_esp(m->partitions + PARTITION_ESP, m->partitions[PARTITION_XBOOTLDR].found);
832 if (k < 0)
833 r = k;
834 }
835
836 if (m->partitions[PARTITION_HOME].found) {
837 k = add_partition_mount(PARTITION_HOME, m->partitions + PARTITION_HOME, "home", "/home", "Home Partition");
838 if (k < 0)
839 r = k;
840 }
841
842 if (m->partitions[PARTITION_SRV].found) {
843 k = add_partition_mount(PARTITION_SRV, m->partitions + PARTITION_SRV, "srv", "/srv", "Server Data Partition");
844 if (k < 0)
845 r = k;
846 }
847
848 if (m->partitions[PARTITION_VAR].found) {
849 k = add_partition_mount(PARTITION_VAR, m->partitions + PARTITION_VAR, "var", "/var", "Variable Data Partition");
850 if (k < 0)
851 r = k;
852 }
853
854 if (m->partitions[PARTITION_TMP].found) {
855 k = add_partition_mount(PARTITION_TMP, m->partitions + PARTITION_TMP, "var-tmp", "/var/tmp", "Temporary Data Partition");
856 if (k < 0)
857 r = k;
858 }
859
860 if (m->partitions[PARTITION_ROOT].found) {
861 k = add_partition_root_rw(m->partitions + PARTITION_ROOT);
862 if (k < 0)
863 r = k;
864 }
865
866 return r;
867 }
868
869 static int add_mounts(void) {
870 dev_t devno;
871 int r;
872
873 r = blockdev_get_root(LOG_ERR, &devno);
874 if (r < 0)
875 return r;
876 if (r == 0) {
877 log_debug("Skipping automatic GPT dissection logic, root file system not backed by a (single) whole block device.");
878 return 0;
879 }
880
881 return enumerate_partitions(devno);
882 }
883
884 static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
885 int r;
886
887 assert(key);
888
889 if (proc_cmdline_key_streq(key, "systemd.gpt_auto") ||
890 proc_cmdline_key_streq(key, "rd.systemd.gpt_auto")) {
891
892 r = value ? parse_boolean(value) : 1;
893 if (r < 0)
894 log_warning_errno(r, "Failed to parse gpt-auto switch \"%s\", ignoring: %m", value);
895 else
896 arg_enabled = r;
897
898 } else if (proc_cmdline_key_streq(key, "root")) {
899
900 if (proc_cmdline_value_missing(key, value))
901 return 0;
902
903 /* Disable root disk logic if there's a root= value
904 * specified (unless it happens to be "gpt-auto") */
905
906 if (!streq(value, "gpt-auto")) {
907 arg_root_enabled = false;
908 log_debug("Disabling root partition auto-detection, root= is defined.");
909 }
910
911 } else if (proc_cmdline_key_streq(key, "roothash")) {
912
913 if (proc_cmdline_value_missing(key, value))
914 return 0;
915
916 /* Disable root disk logic if there's roothash= defined (i.e. verity enabled) */
917
918 arg_root_enabled = false;
919
920 } else if (streq(key, "rootfstype")) {
921
922 if (proc_cmdline_value_missing(key, value))
923 return 0;
924
925 return free_and_strdup_warn(&arg_root_fstype, value);
926
927 } else if (streq(key, "rootflags")) {
928
929 if (proc_cmdline_value_missing(key, value))
930 return 0;
931
932 if (!strextend_with_separator(&arg_root_options, ",", value))
933 return log_oom();
934
935 } else if (proc_cmdline_key_streq(key, "rw") && !value)
936 arg_root_rw = true;
937 else if (proc_cmdline_key_streq(key, "ro") && !value)
938 arg_root_rw = false;
939 else if (proc_cmdline_key_streq(key, "systemd.image_policy"))
940 return parse_image_policy_argument(optarg, &arg_image_policy);
941
942 else if (proc_cmdline_key_streq(key, "systemd.swap")) {
943
944 r = value ? parse_boolean(value) : 1;
945 if (r < 0)
946 log_warning_errno(r, "Failed to parse swap switch \"%s\", ignoring: %m", value);
947 else
948 arg_swap_enabled = r;
949
950 if (!arg_swap_enabled)
951 log_debug("Disabling swap partitions auto-detection, systemd.swap=no is defined.");
952
953 }
954
955 return 0;
956 }
957
958 static int run(const char *dest, const char *dest_early, const char *dest_late) {
959 int r, k;
960
961 assert_se(arg_dest = dest_late);
962
963 if (detect_container() > 0) {
964 log_debug("In a container, exiting.");
965 return 0;
966 }
967
968 r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, 0);
969 if (r < 0)
970 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
971
972 if (!arg_enabled) {
973 log_debug("Disabled, exiting.");
974 return 0;
975 }
976
977 if (arg_root_enabled)
978 r = add_root_mount();
979
980 if (!in_initrd()) {
981 k = add_mounts();
982 if (r >= 0)
983 r = k;
984 }
985
986 return r;
987 }
988
989 DEFINE_MAIN_GENERATOR_FUNCTION(run);
Unnamed repository; edit this file 'description' to name the repository.