repart: Rework read-only logic

verity sig partitions can't actually be marked read-only, so let's
not do that to avoid an ugly warning about that. Instead, let's just
make sure that we mark verity hash and verity data partitions as
read-only.

diff --git a/src/partition/repart.c b/src/partition/repart.c
index 09b84e50800e7e7005cb674863d06e3df7d6933d..4410cad1e53a7a3d418e267ddb820ad2c1dad3fe 100644 (file)
--- a/src/partition/repart.c
+++ b/src/partition/repart.c
@@ -1763,9 +1763,7 @@ static int partition_read_definition(Partition *p, const char *path, const char
         /* Verity partitions are read only, let's imply the RO flag hence, unless explicitly configured otherwise. */
         if ((IN_SET(p->type.designator,
                     PARTITION_ROOT_VERITY,
-                    PARTITION_ROOT_VERITY_SIG,
-                    PARTITION_USR_VERITY,
-                    PARTITION_USR_VERITY_SIG) || p->verity != VERITY_OFF) && p->read_only < 0)
+                    PARTITION_USR_VERITY) || p->verity == VERITY_DATA) && p->read_only < 0)
                 p->read_only = true;
 
         /* Default to "growfs" on, unless read-only */