From: Luca Boccassi <bluca@debian.org>
Date: Wed, 27 Sep 2023 00:04:44 +0000 (+0100)
Subject: dissect-image: support verity_dissect_and_mount() in two steps too
X-Git-Tag: v255-rc1~360^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3e1072726b47329c438b0abd8e7641c7baf35115;p=thirdparty%2Fsystemd.git

dissect-image: support verity_dissect_and_mount() in two steps too

With the new mount API first the image is opened, and later mounted
---

diff --git a/src/core/namespace.c b/src/core/namespace.c
index dc3fa8d4a27..feedb283cdb 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -1311,7 +1311,8 @@ static int mount_image(
                         host_os_release_id,
                         host_os_release_version_id,
                         host_os_release_level,
-                        NULL);
+                        /* required_sysext_scope= */ NULL,
+                        /* ret_image= */ NULL);
         if (r == -ENOENT && m->ignore)
                 return 0;
         if (r == -ESTALE && host_os_release_id)
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 2036b5adbaa..5c30e4f0af9 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -3909,7 +3909,8 @@ int verity_dissect_and_mount(
                 const char *required_host_os_release_id,
                 const char *required_host_os_release_version_id,
                 const char *required_host_os_release_sysext_level,
-                const char *required_sysext_scope) {
+                const char *required_sysext_scope,
+                DissectedImage **ret_image) {
 
         _cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL;
         _cleanup_(dissected_image_unrefp) DissectedImage *dissected_image = NULL;
@@ -3919,7 +3920,9 @@ int verity_dissect_and_mount(
         int r;
 
         assert(src);
-        assert(dest);
+        /* Verifying release metadata requires mounted image for now, so ensure the check is skipped when
+         * opening an image without mounting it immediately (i.e.: 'dest' is NULL). */
+        assert(!required_host_os_release_id || dest);
 
         relax_extension_release_check = mount_options_relax_extension_release_checks(options);
 
@@ -3976,12 +3979,14 @@ int verity_dissect_and_mount(
         if (r < 0)
                 return log_debug_errno(r, "Failed to decrypt dissected image: %m");
 
-        r = mkdir_p_label(dest, 0755);
-        if (r < 0)
-                return log_debug_errno(r, "Failed to create destination directory %s: %m", dest);
-        r = umount_recursive(dest, 0);
-        if (r < 0)
-                return log_debug_errno(r, "Failed to umount under destination directory %s: %m", dest);
+        if (dest) {
+                r = mkdir_p_label(dest, 0755);
+                if (r < 0)
+                        return log_debug_errno(r, "Failed to create destination directory %s: %m", dest);
+                r = umount_recursive(dest, 0);
+                if (r < 0)
+                        return log_debug_errno(r, "Failed to umount under destination directory %s: %m", dest);
+        }
 
         r = dissected_image_mount(
                         dissected_image,
@@ -4035,5 +4040,8 @@ int verity_dissect_and_mount(
         if (r < 0)
                 return log_debug_errno(r, "Failed to relinquish dissected image: %m");
 
+        if (ret_image)
+                *ret_image = TAKE_PTR(dissected_image);
+
         return 0;
 }
diff --git a/src/shared/dissect-image.h b/src/shared/dissect-image.h
index 7a8d5ff81dd..eb0841bd2e4 100644
--- a/src/shared/dissect-image.h
+++ b/src/shared/dissect-image.h
@@ -194,7 +194,7 @@ bool dissected_image_verity_sig_ready(const DissectedImage *image, PartitionDesi
 
 int mount_image_privately_interactively(const char *path, const ImagePolicy *image_policy, DissectImageFlags flags, char **ret_directory, int *ret_dir_fd, LoopDevice **ret_loop_device);
 
-int verity_dissect_and_mount(int src_fd, const char *src, const char *dest, const MountOptions *options, const ImagePolicy *image_policy, const char *required_host_os_release_id, const char *required_host_os_release_version_id, const char *required_host_os_release_sysext_level, const char *required_sysext_scope);
+int verity_dissect_and_mount(int src_fd, const char *src, const char *dest, const MountOptions *options, const ImagePolicy *image_policy, const char *required_host_os_release_id, const char *required_host_os_release_version_id, const char *required_host_os_release_sysext_level, const char *required_sysext_scope, DissectedImage **ret_image);
 
 int dissect_fstype_ok(const char *fstype);
 
diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c
index 8ba054471fc..813c2bc5198 100644
--- a/src/shared/mount-util.c
+++ b/src/shared/mount-util.c
@@ -875,7 +875,17 @@ static int mount_in_namespace_legacy(
         mount_tmp_created = true;
 
         if (is_image)
-                r = verity_dissect_and_mount(chased_src_fd, chased_src_path, mount_tmp, options, image_policy, NULL, NULL, NULL, NULL);
+                r = verity_dissect_and_mount(
+                                chased_src_fd,
+                                chased_src_path,
+                                mount_tmp,
+                                options,
+                                image_policy,
+                                /* required_host_os_release_id= */ NULL,
+                                /* required_host_os_release_version_id= */ NULL,
+                                /* required_host_os_release_sysext_level= */ NULL,
+                                /* required_sysext_scope= */ NULL,
+                                /* ret_image= */ NULL);
         else
                 r = mount_follow_verbose(LOG_DEBUG, FORMAT_PROC_FD_PATH(chased_src_fd), mount_tmp, NULL, MS_BIND, NULL);
         if (r < 0)