From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 2 Dec 2022 14:05:49 +0000 (+0100)
Subject: dissect: disallow empty partition tables
X-Git-Tag: v254-rc1~748^2~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=598fd4da1cf9665834110583fd9133073cc12481;p=thirdparty%2Fsystemd.git

dissect: disallow empty partition tables

If we don't find a single useful partition table, refusing dissection.

(Except in systemd-dissect, when we are supposed to show DDI
information, in that case allow this to run and show general DDI
information, i.e. size, UUID and name at least)
---

diff --git a/src/dissect/dissect.c b/src/dissect/dissect.c
index f89a9dff204..b53c2cc3571 100644
--- a/src/dissect/dissect.c
+++ b/src/dissect/dissect.c
@@ -501,7 +501,8 @@ static int parse_argv(int argc, char *argv[]) {
                 if (r < 0)
                         return r;
 
-                arg_flags |= DISSECT_IMAGE_READ_ONLY;
+                /* when dumping image info be even more liberal than otherwise, do not even require a single valid partition */
+                arg_flags |= DISSECT_IMAGE_READ_ONLY|DISSECT_IMAGE_ALLOW_EMPTY;
                 break;
 
         case ACTION_MOUNT:
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 9cc8d431476..97414d2c8f9 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -1485,6 +1485,8 @@ static int dissect_image(
                 }
         }
 
+        bool any = false;
+
         /* After we discovered all partitions let's see if the verity requirements match the policy. (Note:
          * we don't check encryption requirements here, because we haven't probed the file system yet, hence
          * don't know if this is encrypted or not) */
@@ -1492,6 +1494,8 @@ static int dissect_image(
                 PartitionDesignator vi, si;
                 PartitionPolicyFlags found_flags;
 
+                any = any || m->partitions[di].found;
+
                 vi = partition_verity_of(di);
                 si = partition_verity_sig_of(di);
 
@@ -1513,6 +1517,9 @@ static int dissect_image(
                 }
         }
 
+        if (!any && !FLAGS_SET(flags, DISSECT_IMAGE_ALLOW_EMPTY))
+                return -ENOMSG;
+
         r = dissected_image_probe_filesystems(m, fd, policy);
         if (r < 0)
                 return r;
@@ -1605,6 +1612,9 @@ static int dissect_log_error(int r, const char *name, const VeritySettings *veri
         case -ERFKILL:
                 return log_error_errno(r, "%s: image does not match image policy.", name);
 
+        case -ENOMSG:
+                return log_error_errno(r, "%s: no suitable partitions found.", name);
+
         default:
                 return log_error_errno(r, "Failed to dissect image '%s': %m", name);
         }
diff --git a/src/shared/dissect-image.h b/src/shared/dissect-image.h
index 3043a3d9e56..a55ad63d2d0 100644
--- a/src/shared/dissect-image.h
+++ b/src/shared/dissect-image.h
@@ -80,6 +80,7 @@ typedef enum DissectImageFlags {
         DISSECT_IMAGE_PIN_PARTITION_DEVICES    = 1 << 21, /* Open dissected partitions and decrypted partitions and pin them by fd */
         DISSECT_IMAGE_RELAX_SYSEXT_CHECK       = 1 << 22, /* Don't insist that the extension-release file name matches the image name */
         DISSECT_IMAGE_DISKSEQ_DEVNODE          = 1 << 23, /* Prefer /dev/disk/by-diskseq/… device nodes */
+        DISSECT_IMAGE_ALLOW_EMPTY              = 1 << 24, /* Allow that no usable partitions is present */
 } DissectImageFlags;
 
 struct DissectedImage {