morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity

dissect: accept --usr-hash=… too, similar to --root-hash=…

Browse Source 
This addresses an omission, given that we have both kinds of hashes
these days.
This commit is contained in:
Lennart Poettering
2025-03-06 09:30:48 +01:00
parent 299b70f85a
commit 10b8d65f3f
2 changed files with 32 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
man/systemd-dissect.xml
View File

@@ -498,6 +498,18 @@
<xi:include href="version-info.xml" xpointer="v247"/></listitem>
</varlistentry>
<varlistentry>
<term><option>--usr-hash=</option></term>
<term><option>--usr-hash-sig=</option></term>
<listitem><para>Similar to <option>--root-hash=</option> and <option>--root-hash-sig=</option>, but
specifies hash and signature for the <filename>/usr/</filename> partition. Note that either the
options for the root partition may be used or the ones for the <filename>/usr/</filename>, but not
both in combination.</para>
<xi:include href="version-info.xml" xpointer="v258"/></listitem>
</varlistentry>
<varlistentry>
<term><option>--loop-ref=</option></term>

22
src/dissect/dissect.c
View File

@@ -274,6 +274,8 @@ static int parse_argv(int argc, char *argv[]) {
ARG_GROWFS,
ARG_ROOT_HASH,
ARG_ROOT_HASH_SIG,
ARG_USR_HASH,
ARG_USR_HASH_SIG,
ARG_VERITY_DATA,
ARG_MKDIR,
ARG_RMDIR,
@@ -311,6 +313,8 @@ static int parse_argv(int argc, char *argv[]) {
{ "growfs", required_argument, NULL, ARG_GROWFS },
{ "root-hash", required_argument, NULL, ARG_ROOT_HASH },
{ "root-hash-sig", required_argument, NULL, ARG_ROOT_HASH_SIG },
{ "usr-hash", required_argument, NULL, ARG_USR_HASH },
{ "usr-hash-sig", required_argument, NULL, ARG_USR_HASH_SIG },
{ "verity-data", required_argument, NULL, ARG_VERITY_DATA },
{ "mkdir", no_argument, NULL, ARG_MKDIR },
{ "rmdir", no_argument, NULL, ARG_RMDIR },
@@ -457,10 +461,16 @@ static int parse_argv(int argc, char *argv[]) {
arg_in_memory = true;
break;
case ARG_ROOT_HASH: {
case ARG_ROOT_HASH:
case ARG_USR_HASH: {
_cleanup_free_ void *p = NULL;
size_t l;
PartitionDesignator d = c == ARG_USR_HASH ? PARTITION_USR : PARTITION_ROOT;
if (arg_verity_settings.designator >= 0 &&
arg_verity_settings.designator != d)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Cannot combine --root-hash=/--root-hash-sig= and --usr-hash=/--usr-hash-sig= options.");
r = unhexmem(optarg, &p, &l);
if (r < 0)
return log_error_errno(r, "Failed to parse root hash '%s': %m", optarg);
@@ -470,14 +480,21 @@ static int parse_argv(int argc, char *argv[]) {
free_and_replace(arg_verity_settings.root_hash, p);
arg_verity_settings.root_hash_size = l;
arg_verity_settings.designator = d;
break;
}
case ARG_ROOT_HASH_SIG: {
case ARG_ROOT_HASH_SIG:
case ARG_USR_HASH_SIG: {
char *value;
size_t l;
void *p;
PartitionDesignator d = c == ARG_USR_HASH_SIG ? PARTITION_USR : PARTITION_ROOT;
if (arg_verity_settings.designator >= 0 &&
arg_verity_settings.designator != d)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Cannot combine --root-hash=/--root-hash-sig= and --usr-hash=/--usr-hash-sig= options.");
if ((value = startswith(optarg, "base64:"))) {
r = unbase64mem(value, &p, &l);
if (r < 0)
@@ -490,6 +507,7 @@ static int parse_argv(int argc, char *argv[]) {
free_and_replace(arg_verity_settings.root_hash_sig, p);
arg_verity_settings.root_hash_sig_size = l;
arg_verity_settings.designator = d;
break;
}