src/veritysetup/veritysetup-generator.c

   1 /* SPDX-License-Identifier: LGPL-2.1+ */
   2 /***
   3   This file is part of systemd.
   4
   5   Copyright 2016 Lennart Poettering
   6
   7   systemd is free software; you can redistribute it and/or modify it
   8   under the terms of the GNU Lesser General Public License as published by
   9   the Free Software Foundation; either version 2.1 of the License, or
  10   (at your option) any later version.
  11
  12   systemd is distributed in the hope that it will be useful, but
  13   WITHOUT ANY WARRANTY; without even the implied warranty of
  14   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  15   Lesser General Public License for more details.
  16
  17   You should have received a copy of the GNU Lesser General Public License
  18   along with systemd; If not, see <http://www.gnu.org/licenses/>.
  19 ***/
  20
  21 #include <stdbool.h>
  22 #include <stdlib.h>
  23 #include <sys/stat.h>
  24 #include <unistd.h>
  25
  26 #include "alloc-util.h"
  27 #include "fd-util.h"
  28 #include "fileio.h"
  29 #include "fstab-util.h"
  30 #include "hexdecoct.h"
  31 #include "id128-util.h"
  32 #include "mkdir.h"
  33 #include "parse-util.h"
  34 #include "proc-cmdline.h"
  35 #include "string-util.h"
  36 #include "unit-name.h"
  37
  38 static char *arg_dest = NULL;
  39 static bool arg_enabled = true;
  40 static char *arg_root_hash = NULL;
  41 static char *arg_data_what = NULL;
  42 static char *arg_hash_what = NULL;
  43
  44 static int create_device(void) {
  45         _cleanup_free_ char *u = NULL, *v = NULL, *d = NULL, *e = NULL;
  46         _cleanup_fclose_ FILE *f = NULL;
  47         const char *p, *to;
  48         int r;
  49
  50         /* If all three pieces of information are missing, then verity is turned off */
  51         if (!arg_root_hash && !arg_data_what && !arg_hash_what)
  52                 return 0;
  53
  54         /* if one of them is missing however, the data is simply incomplete and this is an error */
  55         if (!arg_root_hash)
  56                 log_error("Verity information incomplete, root hash unspecified.");
  57         if (!arg_data_what)
  58                 log_error("Verity information incomplete, root data device unspecified.");
  59         if (!arg_hash_what)
  60                 log_error("Verity information incomplete, root hash device unspecified.");
  61
  62         if (!arg_root_hash || !arg_data_what || !arg_hash_what)
  63                 return -EINVAL;
  64
  65         log_debug("Using root verity data device %s,\n"
  66                   "                  hash device %s,\n"
  67                   "                and root hash %s.", arg_data_what, arg_hash_what, arg_root_hash);
  68
  69         p = strjoina(arg_dest, "/systemd-veritysetup@root.service");
  70
  71         u = fstab_node_to_udev_node(arg_data_what);
  72         if (!u)
  73                 return log_oom();
  74         v = fstab_node_to_udev_node(arg_hash_what);
  75         if (!v)
  76                 return log_oom();
  77
  78         r = unit_name_from_path(u, ".device", &d);
  79         if (r < 0)
  80                 return log_error_errno(r, "Failed to generate unit name: %m");
  81         r = unit_name_from_path(v, ".device", &e);
  82         if (r < 0)
  83                 return log_error_errno(r, "Failed to generate unit name: %m");
  84
  85         f = fopen(p, "wxe");
  86         if (!f)
  87                 return log_error_errno(errno, "Failed to create unit file %s: %m", p);
  88
  89         fprintf(f,
  90                 "# Automatically generated by systemd-veritysetup-generator\n\n"
  91                 "[Unit]\n"
  92                 "Description=Integrity Protection Setup for %%I\n"
  93                 "Documentation=man:systemd-veritysetup-generator(8) man:systemd-veritysetup@.service(8)\n"
  94                 "SourcePath=/proc/cmdline\n"
  95                 "DefaultDependencies=no\n"
  96                 "Conflicts=umount.target\n"
  97                 "BindsTo=%s %s\n"
  98                 "IgnoreOnIsolate=true\n"
  99                 "After=cryptsetup-pre.target %s %s\n"
 100                 "Before=cryptsetup.target umount.target\n"
 101                 "\n[Service]\n"
 102                 "Type=oneshot\n"
 103                 "RemainAfterExit=yes\n"
 104                 "ExecStart=" ROOTLIBEXECDIR "/systemd-veritysetup attach root '%s' '%s' '%s'\n"
 105                 "ExecStop=" ROOTLIBEXECDIR "/systemd-veritysetup detach root\n",
 106                 d, e,
 107                 d, e,
 108                 u, v, arg_root_hash);
 109
 110         r = fflush_and_check(f);
 111         if (r < 0)
 112                 return log_error_errno(r, "Failed to write file %s: %m", p);
 113
 114         to = strjoina(arg_dest, "/cryptsetup.target.requires/systemd-veritysetup@root.service");
 115
 116         (void) mkdir_parents(to, 0755);
 117         if (symlink("../systemd-veritysetup@root.service", to) < 0)
 118                 return log_error_errno(errno, "Failed to create symlink %s: %m", to);
 119
 120         return 0;
 121 }
 122
 123 static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
 124         int r;
 125
 126         if (streq(key, "systemd.verity")) {
 127
 128                 r = value ? parse_boolean(value) : 1;
 129                 if (r < 0)
 130                         log_warning("Failed to parse verity= kernel command line switch %s. Ignoring.", value);
 131                 else
 132                         arg_enabled = r;
 133
 134         } else if (streq(key, "roothash")) {
 135
 136                 if (proc_cmdline_value_missing(key, value))
 137                         return 0;
 138
 139                 r = free_and_strdup(&arg_root_hash, value);
 140                 if (r < 0)
 141                         return log_oom();
 142
 143         } else if (streq(key, "systemd.verity_root_data")) {
 144
 145                 if (proc_cmdline_value_missing(key, value))
 146                         return 0;
 147
 148                 r = free_and_strdup(&arg_data_what, value);
 149                 if (r < 0)
 150                         return log_oom();
 151
 152         } else if (streq(key, "systemd.verity_root_hash")) {
 153
 154                 if (proc_cmdline_value_missing(key, value))
 155                         return 0;
 156
 157                 r = free_and_strdup(&arg_hash_what, value);
 158                 if (r < 0)
 159                         return log_oom();
 160         }
 161
 162         return 0;
 163 }
 164
 165 static int determine_devices(void) {
 166         _cleanup_free_ void *m = NULL;
 167         sd_id128_t root_uuid, verity_uuid;
 168         char ids[37];
 169         size_t l;
 170         int r;
 171
 172         /* Try to automatically derive the root data and hash device paths from the root hash */
 173
 174         if (!arg_root_hash)
 175                 return 0;
 176
 177         if (arg_data_what && arg_hash_what)
 178                 return 0;
 179
 180         r = unhexmem(arg_root_hash, strlen(arg_root_hash), &m, &l);
 181         if (r < 0)
 182                 return log_error_errno(r, "Failed to parse root hash: %s", arg_root_hash);
 183         if (l < sizeof(sd_id128_t)) {
 184                 log_debug("Root hash is shorter than 128 bits (32 characters), ignoring for discovering verity partition.");
 185                 return 0;
 186         }
 187
 188         if (!arg_data_what) {
 189                 memcpy(&root_uuid, m, sizeof(root_uuid));
 190
 191                 arg_data_what = strjoin("/dev/disk/by-partuuid/", id128_to_uuid_string(root_uuid, ids));
 192                 if (!arg_data_what)
 193                         return log_oom();
 194         }
 195
 196         if (!arg_hash_what) {
 197                 memcpy(&verity_uuid, (uint8_t*) m + l - sizeof(verity_uuid), sizeof(verity_uuid));
 198
 199                 arg_hash_what = strjoin("/dev/disk/by-partuuid/", id128_to_uuid_string(verity_uuid, ids));
 200                 if (!arg_hash_what)
 201                         return log_oom();
 202         }
 203
 204         return 1;
 205 }
 206
 207 int main(int argc, char *argv[]) {
 208         int r;
 209
 210         if (argc > 1 && argc != 4) {
 211                 log_error("This program takes three or no arguments.");
 212                 return EXIT_FAILURE;
 213         }
 214
 215         if (argc > 1)
 216                 arg_dest = argv[1];
 217
 218         log_set_target(LOG_TARGET_SAFE);
 219         log_parse_environment();
 220         log_open();
 221
 222         umask(0022);
 223
 224         r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, PROC_CMDLINE_STRIP_RD_PREFIX);
 225         if (r < 0) {
 226                 log_warning_errno(r, "Failed to parse kernel command line: %m");
 227                 goto finish;
 228         }
 229
 230         /* For now we only support the root device on verity. Later on we might want to add support for /etc/veritytab
 231          * or similar to define additional mappings */
 232
 233         if (!arg_enabled) {
 234                 r = 0;
 235                 goto finish;
 236         }
 237
 238         r = determine_devices();
 239         if (r < 0)
 240                 goto finish;
 241
 242         r = create_device();
 243         if (r < 0)
 244                 goto finish;
 245
 246         r = 0;
 247
 248 finish:
 249         free(arg_root_hash);
 250         free(arg_data_what);
 251         free(arg_hash_what);
 252
 253         return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
 254 }