diff options
author | Daan De Meyer <daan.j.demeyer@gmail.com> | 2023-03-16 22:11:31 +0100 |
---|---|---|
committer | Daan De Meyer <daan.j.demeyer@gmail.com> | 2023-03-16 22:11:31 +0100 |
commit | d28c6ce62c4915ec5f7e10dc49be5e51c2356dad (patch) | |
tree | 01cbb2e9b6cc1e954e47e9462a2a7855d6b590da /src/partition | |
parent | 6eccec00fb50e1a35f5a11e3339d634541bcc3a8 (diff) | |
download | systemd-d28c6ce62c4915ec5f7e10dc49be5e51c2356dad.tar.gz |
repart: Zero full verity signature partition size
systemd-dissect requires the entirety of the partition following the
signature to be zeroed, so let's do just that.
Diffstat (limited to 'src/partition')
-rw-r--r-- | src/partition/repart.c | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/src/partition/repart.c b/src/partition/repart.c index e631464998..c53bf98fb2 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -3656,7 +3656,7 @@ static int partition_format_verity_sig(Context *context, Partition *p) { _cleanup_free_ char *text = NULL; Partition *hp; uint8_t fp[X509_FINGERPRINT_SIZE]; - size_t sigsz = 0, padsz; /* avoid false maybe-uninitialized warning */ + size_t sigsz = 0; /* avoid false maybe-uninitialized warning */ int whole_fd, r; assert(p->verity == VERITY_SIG); @@ -3702,17 +3702,14 @@ static int partition_format_verity_sig(Context *context, Partition *p) { if (r < 0) return log_error_errno(r, "Failed to format JSON object: %m"); - padsz = round_up_size(strlen(text), 4096); - assert_se(padsz <= p->new_size); - - r = strgrowpad0(&text, padsz); + r = strgrowpad0(&text, p->new_size); if (r < 0) - return log_error_errno(r, "Failed to pad string to %s", FORMAT_BYTES(padsz)); + return log_error_errno(r, "Failed to pad string to %s", FORMAT_BYTES(p->new_size)); if (lseek(whole_fd, p->offset, SEEK_SET) == (off_t) -1) return log_error_errno(errno, "Failed to seek to partition offset: %m"); - r = loop_write(whole_fd, text, padsz, /*do_poll=*/ false); + r = loop_write(whole_fd, text, p->new_size, /*do_poll=*/ false); if (r < 0) return log_error_errno(r, "Failed to write verity signature to partition: %m"); |