From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 8 Sep 2021 15:30:33 +0000 (+0200)
Subject: dissect-image: refuse external verity data in partitioned mode
X-Git-Tag: v250-rc1~701^2~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0903fd268324fda1de615d621975aae27b53aa56;p=thirdparty%2Fsystemd.git

dissect-image: refuse external verity data in partitioned mode

Our code doesn't support setting up verity with an external verity data
file unless we operate in non-partitioned mode. Let's refuse this
clearly and early if attempted anyway.
---

diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 4f398316ae3..480e4a22847 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -839,6 +839,10 @@ int dissect_image(
         if (!is_gpt && ((flags & DISSECT_IMAGE_GPT_ONLY) || !is_mbr))
                 return -ENOPKG;
 
+        /* We support external verity data partitions only if the image has no partition table */
+        if (verity && verity->data_path)
+                return -EBADR;
+
         /* Safety check: refuse block devices that carry a partition table but for which the kernel doesn't
          * do partition scanning. */
         r = blockdev_partscan_enabled(fd);