[thirdparty/systemd.git] / src / shared / dissect-image.h

/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once

/***
  This file is part of systemd.

  Copyright 2016 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stdbool.h>

#include "macro.h"

typedef struct DissectedImage DissectedImage;
typedef struct DissectedPartition DissectedPartition;
typedef struct DecryptedImage DecryptedImage;

struct DissectedPartition {
        bool found:1;
        bool rw:1;
        int partno;        /* -1 if there was no partition and the images contains a file system directly */
        int architecture;  /* Intended architecture: either native, secondary or unset (-1). */
        sd_id128_t uuid;   /* Partition entry UUID as reported by the GPT */
        char *fstype;
        char *node;
        char *decrypted_node;
        char *decrypted_fstype;
};

enum  {
        PARTITION_ROOT,
        PARTITION_ROOT_SECONDARY,  /* Secondary architecture */
        PARTITION_HOME,
        PARTITION_SRV,
        PARTITION_ESP,
        PARTITION_SWAP,
        PARTITION_ROOT_VERITY, /* verity data for the PARTITION_ROOT partition */
        PARTITION_ROOT_SECONDARY_VERITY, /* verity data for the PARTITION_ROOT_SECONDARY partition */
        _PARTITION_DESIGNATOR_MAX,
        _PARTITION_DESIGNATOR_INVALID = -1
};

static inline int PARTITION_VERITY_OF(int p) {
        if (p == PARTITION_ROOT)
                return PARTITION_ROOT_VERITY;
        if (p == PARTITION_ROOT_SECONDARY)
                return PARTITION_ROOT_SECONDARY_VERITY;
        return _PARTITION_DESIGNATOR_INVALID;
}

typedef enum DissectImageFlags {
        DISSECT_IMAGE_READ_ONLY           = 1 << 0,
        DISSECT_IMAGE_DISCARD_ON_LOOP     = 1 << 1,  /* Turn on "discard" if on a loop device and file system supports it */
        DISSECT_IMAGE_DISCARD             = 1 << 2,  /* Turn on "discard" if file system supports it, on all block devices */
        DISSECT_IMAGE_DISCARD_ON_CRYPTO   = 1 << 3,  /* Turn on "discard" also on crypto devices */
        DISSECT_IMAGE_DISCARD_ANY = DISSECT_IMAGE_DISCARD_ON_LOOP |
                                    DISSECT_IMAGE_DISCARD |
                                    DISSECT_IMAGE_DISCARD_ON_CRYPTO,
        DISSECT_IMAGE_GPT_ONLY            = 1 << 4,  /* Only recognize images with GPT partition tables */
        DISSECT_IMAGE_REQUIRE_ROOT        = 1 << 5,  /* Don't accept disks without root partition */
        DISSECT_IMAGE_MOUNT_ROOT_ONLY     = 1 << 6,  /* Mount only the root partition */
        DISSECT_IMAGE_MOUNT_NON_ROOT_ONLY = 1 << 7,  /* Mount only non-root partitions */
} DissectImageFlags;

struct DissectedImage {
        bool encrypted:1;
        bool verity:1;     /* verity available and usable */
        bool can_verity:1; /* verity available, but not necessarily used */

        DissectedPartition partitions[_PARTITION_DESIGNATOR_MAX];

        char *hostname;
        sd_id128_t machine_id;
        char **machine_info;
        char **os_release;
};

int probe_filesystem(const char *node, char **ret_fstype);
int dissect_image(int fd, const void *root_hash, size_t root_hash_size, DissectImageFlags flags, DissectedImage **ret);

DissectedImage* dissected_image_unref(DissectedImage *m);
DEFINE_TRIVIAL_CLEANUP_FUNC(DissectedImage*, dissected_image_unref);

int dissected_image_decrypt(DissectedImage *m, const char *passphrase, const void *root_hash, size_t root_hash_size, DissectImageFlags flags, DecryptedImage **ret);
int dissected_image_decrypt_interactively(DissectedImage *m, const char *passphrase, const void *root_hash, size_t root_hash_size, DissectImageFlags flags, DecryptedImage **ret);
int dissected_image_mount(DissectedImage *m, const char *dest, uid_t uid_shift, DissectImageFlags flags);

int dissected_image_acquire_metadata(DissectedImage *m);

DecryptedImage* decrypted_image_unref(DecryptedImage *p);
DEFINE_TRIVIAL_CLEANUP_FUNC(DecryptedImage*, decrypted_image_unref);
int decrypted_image_relinquish(DecryptedImage *d);

const char* partition_designator_to_string(int i) _const_;
int partition_designator_from_string(const char *name) _pure_;

int root_hash_load(const char *image, void **ret, size_t *ret_size);
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
8c1be37e LP	2	#pragma once
	3
	4	/***
	5	This file is part of systemd.
	6
	7	Copyright 2016 Lennart Poettering
	8
	9	systemd is free software; you can redistribute it and/or modify it
	10	under the terms of the GNU Lesser General Public License as published by
	11	the Free Software Foundation; either version 2.1 of the License, or
	12	(at your option) any later version.
	13
	14	systemd is distributed in the hope that it will be useful, but
	15	WITHOUT ANY WARRANTY; without even the implied warranty of
	16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	Lesser General Public License for more details.
	18
	19	You should have received a copy of the GNU Lesser General Public License
	20	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	21	***/
	22
	23	#include <stdbool.h>
	24
	25	#include "macro.h"
	26
	27	typedef struct DissectedImage DissectedImage;
	28	typedef struct DissectedPartition DissectedPartition;
18b5886e	29	typedef struct DecryptedImage DecryptedImage;
8c1be37e LP	30
	31	struct DissectedPartition {
	32	bool found:1;
	33	bool rw:1;
	34	int partno; /* -1 if there was no partition and the images contains a file system directly */
	35	int architecture; /* Intended architecture: either native, secondary or unset (-1). */
be30ad41	36	sd_id128_t uuid; /* Partition entry UUID as reported by the GPT */
8c1be37e LP	37	char *fstype;
8c1be37e LP	38	char *node;
18b5886e LP	39	char *decrypted_node;
18b5886e LP	40	char *decrypted_fstype;
8c1be37e LP	41	};
	42
	43	enum {
	44	PARTITION_ROOT,
	45	PARTITION_ROOT_SECONDARY, /* Secondary architecture */
	46	PARTITION_HOME,
	47	PARTITION_SRV,
	48	PARTITION_ESP,
	49	PARTITION_SWAP,
4623e8e6 LP	50	PARTITION_ROOT_VERITY, /* verity data for the PARTITION_ROOT partition */
4623e8e6 LP	51	PARTITION_ROOT_SECONDARY_VERITY, /* verity data for the PARTITION_ROOT_SECONDARY partition */
8c1be37e LP	52	_PARTITION_DESIGNATOR_MAX,
	53	_PARTITION_DESIGNATOR_INVALID = -1
	54	};
	55
4623e8e6 LP	56	static inline int PARTITION_VERITY_OF(int p) {
	57	if (p == PARTITION_ROOT)
	58	return PARTITION_ROOT_VERITY;
	59	if (p == PARTITION_ROOT_SECONDARY)
	60	return PARTITION_ROOT_SECONDARY_VERITY;
	61	return _PARTITION_DESIGNATOR_INVALID;
	62	}
	63
18b5886e	64	typedef enum DissectImageFlags {
2d3a5a73 LP	65	DISSECT_IMAGE_READ_ONLY = 1 << 0,
	66	DISSECT_IMAGE_DISCARD_ON_LOOP = 1 << 1, /* Turn on "discard" if on a loop device and file system supports it */
	67	DISSECT_IMAGE_DISCARD = 1 << 2, /* Turn on "discard" if file system supports it, on all block devices */
	68	DISSECT_IMAGE_DISCARD_ON_CRYPTO = 1 << 3, /* Turn on "discard" also on crypto devices */
971e2ef0 ZJS	69	DISSECT_IMAGE_DISCARD_ANY = DISSECT_IMAGE_DISCARD_ON_LOOP \|
	70	DISSECT_IMAGE_DISCARD \|
	71	DISSECT_IMAGE_DISCARD_ON_CRYPTO,
2d3a5a73 LP	72	DISSECT_IMAGE_GPT_ONLY = 1 << 4, /* Only recognize images with GPT partition tables */
	73	DISSECT_IMAGE_REQUIRE_ROOT = 1 << 5, /* Don't accept disks without root partition */
	74	DISSECT_IMAGE_MOUNT_ROOT_ONLY = 1 << 6, /* Mount only the root partition */
	75	DISSECT_IMAGE_MOUNT_NON_ROOT_ONLY = 1 << 7, /* Mount only non-root partitions */
18b5886e	76	} DissectImageFlags;
8c1be37e LP	77
8c1be37e LP	78	struct DissectedImage {
4623e8e6 LP	79	bool encrypted:1;
	80	bool verity:1; /* verity available and usable */
	81	bool can_verity:1; /* verity available, but not necessarily used */
3b925504	82
8c1be37e	83	DissectedPartition partitions[_PARTITION_DESIGNATOR_MAX];
3b925504 LP	84
	85	char *hostname;
	86	sd_id128_t machine_id;
	87	char **machine_info;
	88	char **os_release;
8c1be37e LP	89	};
8c1be37e LP	90
c34b75a1	91	int probe_filesystem(const char node, char *ret_fstype);
9b6deb03	92	int dissect_image(int fd, const void root_hash, size_t root_hash_size, DissectImageFlags flags, DissectedImage *ret);
8c1be37e LP	93
	94	DissectedImage* dissected_image_unref(DissectedImage *m);
	95	DEFINE_TRIVIAL_CLEANUP_FUNC(DissectedImage*, dissected_image_unref);
	96
4623e8e6 LP	97	int dissected_image_decrypt(DissectedImage m, const char passphrase, const void root_hash, size_t root_hash_size, DissectImageFlags flags, DecryptedImage *ret);
4623e8e6 LP	98	int dissected_image_decrypt_interactively(DissectedImage m, const char passphrase, const void root_hash, size_t root_hash_size, DissectImageFlags flags, DecryptedImage *ret);
2d3a5a73	99	int dissected_image_mount(DissectedImage m, const char dest, uid_t uid_shift, DissectImageFlags flags);
18b5886e	100
3b925504 LP	101	int dissected_image_acquire_metadata(DissectedImage *m);
3b925504 LP	102
18b5886e LP	103	DecryptedImage* decrypted_image_unref(DecryptedImage *p);
	104	DEFINE_TRIVIAL_CLEANUP_FUNC(DecryptedImage*, decrypted_image_unref);
	105	int decrypted_image_relinquish(DecryptedImage *d);
8c1be37e LP	106
	107	const char* partition_designator_to_string(int i) _const_;
	108	int partition_designator_from_string(const char *name) _pure_;
78ebe980 LP	109
78ebe980 LP	110	int root_hash_load(const char image, void ret, size_t ret_size);