const char *root_directory,
const ImagePolicy *image_policy) {
- _cleanup_free_ char *host_os_release_id = NULL, *host_os_release_version_id = NULL,
- *host_os_release_sysext_level = NULL, *host_os_release_confext_level = NULL,
- *extension_name = NULL;
+ _cleanup_(extension_release_data_done) ExtensionReleaseData rdata = {};
+ _cleanup_free_ char *extension_name = NULL;
int r;
assert(m);
if (m->mode == MOUNT_EXTENSION_IMAGE) {
r = parse_os_release(
empty_to_root(root_directory),
- "ID", &host_os_release_id,
- "VERSION_ID", &host_os_release_version_id,
- image_class_info[IMAGE_SYSEXT].level_env, &host_os_release_sysext_level,
- image_class_info[IMAGE_CONFEXT].level_env, &host_os_release_confext_level,
+ "ID", &rdata.os_release_id,
+ "VERSION_ID", &rdata.os_release_version_id,
+ image_class_info[IMAGE_SYSEXT].level_env, &rdata.os_release_sysext_level,
+ image_class_info[IMAGE_CONFEXT].level_env, &rdata.os_release_confext_level,
NULL);
if (r < 0)
return log_debug_errno(r, "Failed to acquire 'os-release' data of OS tree '%s': %m", empty_to_root(root_directory));
- if (isempty(host_os_release_id))
+ if (isempty(rdata.os_release_id))
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "'ID' field not found or empty in 'os-release' data of OS tree '%s'.", empty_to_root(root_directory));
}
m->image_options_const,
image_policy,
/* image_filter= */ NULL,
- host_os_release_id,
- host_os_release_version_id,
- host_os_release_sysext_level,
- host_os_release_confext_level,
- /* required_sysext_scope= */ NULL,
+ &rdata,
&m->verity,
/* ret_image= */ NULL);
if (r == -ENOENT && m->ignore)
return 0;
- if (r == -ESTALE && host_os_release_id)
+ if (r == -ESTALE && rdata.os_release_id)
return log_error_errno(r, // FIXME: this should not be logged ad LOG_ERR, as it will result in duplicate logging.
"Failed to mount image %s, extension-release metadata does not match the lower layer's: ID=%s%s%s%s%s%s%s",
mount_entry_source(m),
- host_os_release_id,
- host_os_release_version_id ? " VERSION_ID=" : "",
- strempty(host_os_release_version_id),
- host_os_release_sysext_level ? image_class_info[IMAGE_SYSEXT].level_env_print : "",
- strempty(host_os_release_sysext_level),
- host_os_release_confext_level ? image_class_info[IMAGE_CONFEXT].level_env_print : "",
- strempty(host_os_release_confext_level));
+ rdata.os_release_id,
+ rdata.os_release_version_id ? " VERSION_ID=" : "",
+ strempty(rdata.os_release_version_id),
+ rdata.os_release_sysext_level ? image_class_info[IMAGE_SYSEXT].level_env_print : "",
+ strempty(rdata.os_release_sysext_level),
+ rdata.os_release_confext_level ? image_class_info[IMAGE_CONFEXT].level_env_print : "",
+ strempty(rdata.os_release_confext_level));
if (r < 0)
return log_debug_errno(r, "Failed to mount image %s on %s: %m", mount_entry_source(m), mount_entry_path(m));
const MountOptions *options,
const ImagePolicy *image_policy,
const ImageFilter *image_filter,
- const char *required_host_os_release_id,
- const char *required_host_os_release_version_id,
- const char *required_host_os_release_sysext_level,
- const char *required_host_os_release_confext_level,
- const char *required_sysext_scope,
+ const ExtensionReleaseData *extension_release_data,
VeritySettings *verity,
DissectedImage **ret_image) {
assert(src);
/* Verifying release metadata requires mounted image for now, so ensure the check is skipped when
* opening an image without mounting it immediately (i.e.: 'dest' is NULL). */
- assert(!required_host_os_release_id || dest);
+ assert(!extension_release_data || dest);
relax_extension_release_check = mount_options_relax_extension_release_checks(options);
* First, check the distro ID. If that matches, then check the new SYSEXT_LEVEL value if
* available, or else fallback to VERSION_ID. If neither is present (eg: rolling release),
* then a simple match on the ID will be performed. */
- if (required_host_os_release_id) {
+ if (extension_release_data && extension_release_data->os_release_id) {
_cleanup_strv_free_ char **extension_release = NULL;
ImageClass class = IMAGE_SYSEXT;
- assert(!isempty(required_host_os_release_id));
+ assert(!isempty(extension_release_data->os_release_id));
r = load_extension_release_pairs(dest, IMAGE_SYSEXT, dissected_image->image_name, relax_extension_release_check, &extension_release);
if (r == -ENOENT) {
r = extension_release_validate(
dissected_image->image_name,
- required_host_os_release_id,
- required_host_os_release_version_id,
- class == IMAGE_SYSEXT ? required_host_os_release_sysext_level : required_host_os_release_confext_level,
- required_sysext_scope,
+ extension_release_data->os_release_id,
+ extension_release_data->os_release_version_id,
+ class == IMAGE_SYSEXT ? extension_release_data->os_release_sysext_level : extension_release_data->os_release_confext_level,
+ extension_release_data->os_release_extension_scope,
extension_release,
class);
if (r == 0)
return 0;
}
+void extension_release_data_done(ExtensionReleaseData *data) {
+ assert(data);
+
+ data->os_release_id = mfree(data->os_release_id);
+ data->os_release_version_id = mfree(data->os_release_version_id);
+ data->os_release_sysext_level = mfree(data->os_release_sysext_level);
+ data->os_release_confext_level = mfree(data->os_release_confext_level);
+ data->os_release_extension_scope = mfree(data->os_release_extension_scope);
+}
+
int get_common_dissect_directory(char **ret) {
_cleanup_free_ char *t = NULL;
int r;
typedef struct MountOptions MountOptions;
typedef struct VeritySettings VeritySettings;
typedef struct ImageFilter ImageFilter;
+typedef struct ExtensionReleaseData ExtensionReleaseData;
struct DissectedPartition {
bool found:1;
char *pattern[_PARTITION_DESIGNATOR_MAX];
};
+struct ExtensionReleaseData {
+ char *os_release_id;
+ char *os_release_version_id;
+ char *os_release_sysext_level;
+ char *os_release_confext_level;
+ char *os_release_extension_scope;
+};
+
/* We include image-policy.h down here, since ImagePolicy wants a complete definition of PartitionDesignator first. */
#include "image-policy.h"
int mount_image_privately_interactively(const char *path, const ImagePolicy *image_policy, DissectImageFlags flags, char **ret_directory, int *ret_dir_fd, LoopDevice **ret_loop_device);
-int verity_dissect_and_mount(int src_fd, const char *src, const char *dest, const MountOptions *options, const ImagePolicy *image_policy, const ImageFilter *image_filter, const char *required_host_os_release_id, const char *required_host_os_release_version_id, const char *required_host_os_release_sysext_level, const char *required_host_os_release_confext_level, const char *required_sysext_scope, VeritySettings *verity, DissectedImage **ret_image);
+int verity_dissect_and_mount(int src_fd, const char *src, const char *dest, const MountOptions *options, const ImagePolicy *image_policy, const ImageFilter *image_filter, const ExtensionReleaseData *required_release_data, VeritySettings *verity, DissectedImage **ret_image);
int dissect_fstype_ok(const char *fstype);
int partition_pick_mount_options(PartitionDesignator d, const char *fstype, bool rw, bool discard, char **ret_options, unsigned long *ret_ms_flags);
+void extension_release_data_done(ExtensionReleaseData *data);
+
static inline const char* dissected_partition_fstype(const DissectedPartition *m) {
assert(m);
options,
image_policy,
/* image_filter= */ NULL,
- /* required_host_os_release_id= */ NULL,
- /* required_host_os_release_version_id= */ NULL,
- /* required_host_os_release_sysext_level= */ NULL,
- /* required_host_os_release_confext_level= */ NULL,
- /* required_sysext_scope= */ NULL,
+ /* extension_release_data= */ NULL,
/* verity= */ NULL,
/* ret_image= */ NULL);
else
options,
image_policy,
/* image_filter= */ NULL,
- /* required_host_os_release_id= */ NULL,
- /* required_host_os_release_version_id= */ NULL,
- /* required_host_os_release_sysext_level= */ NULL,
- /* required_host_os_release_confext_level= */ NULL,
- /* required_sysext_scope= */ NULL,
+ /* extension_release_data= */ NULL,
/* verity= */ NULL,
&img);
if (r < 0)
projects / thirdparty / systemd.git / commitdiff
