summaryrefslogtreecommitdiff
path: root/src/dissect
Commit message (Collapse)AuthorAgeFilesLines
...
* Merge pull request #24768 from keszybz/table-not-available-2Lennart Poettering2022-09-221-1/+1
|\ | | | | Adjust table n/a text in more places
| * shared/format-table: use enum instead of Table.empty_stringZbigniew Jędrzejewski-Szmek2022-09-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | All users were setting this to some static string (usually "-"), so let's simplify things by not doing strdup, but instead limiting callers to a fixed set of values. In preparation for the next commit, the function is renamed from "empty" to "replacement", because it'll be used for more than empty fields. I didn't do the whole string-table setup, because it's all used internally in one file and this way we can immediately assert if an invalid value is passed in. Some callers were (void)ing the error, others were ignoring it, and others propagating. It's nicer to remove the boilerplate.
* | tree-wide: drop unused reference to DecryptedImageYu Watanabe2022-09-181-4/+2
| |
* | tree-wide: use dissected_image_relinquish()Yu Watanabe2022-09-181-17/+8
|/
* dissect-image: use loop backing file or device node as name of the imageYu Watanabe2022-09-071-1/+0
| | | | | | Note, currently, for each call of dissect_loop_device_and_warn(), the specified name is equivalent to the path passed to loop_device_make_by_path(). Hence, this should not change the current behavios.
* dissect-image: introduce dissect_loop_device() which takes LoopDevice objectYu Watanabe2022-09-031-5/+2
|
* sd-device: rename devpath_from_devnum() -> devname_from_devnum()Yu Watanabe2022-09-031-1/+1
| | | | | | | | In sd-device, `devpath` is a kind of syspath without '/sys' prefix, e.g. /devices/pci0000:00/0000:00:1c.4/0000:3c:00.0/nvme/nvme0/nvme0n1, and `devname` is a path to the device node, e.g. /dev/nvme0n1. Let's use the consistent name for the helper function.
* loop-util: rework how we lock loopback block devicesLennart Poettering2022-09-011-11/+2
| | | | | | | | | | | | | | | | | | | | Let's rework how we lock loopback block devices in two ways: 1. Lock a separate fd, instead of the main block device fd. We already did that for our internal locking when allocating loopback block devices, but do so for the exposed locking (i.e. loop_device_flock()), too, so that the lock is independent of the main fd we actually use of IO. 2. Instead of locking the device during allocation of the loopback device, then unlocking it (which will make udev run), and then re-locking things if we need, let's instead just keep the lock the whole time, to make things a bit safer and faster, and not have to wait for udev at all. This is done by adding a "lock_op" parameter to loop device allocation functions that declares the initial state of the lock, and is one of LOCK_UN/LOCK_SH/LOCK_EX. This change also shortens a lot of code, since we allocate + immediately lock loopback devices pretty much everywhere.
* dissect: drop partition removal codeLennart Poettering2022-09-011-2/+0
| | | | | | | | | | | | | | | | | | | This reverts a major chunk of 75d7e04eb4662a814c26010d447eed8a862f5ec1 Now that the loopback device code already destroys the partitions we don't have to do this here anymore. I am sure the right place to delete the partitions is in the loopback code, since we really only should do that for loopback devices, see bug #24431, and not on "real" block devices. I am also not convinced dropping partitions the dissection logic doesn't care about is a good idea, after all. The dissection stuff should probably not consider itself the "owner" of the block devices it analyzes, but take a more passive role: figure out what is what, but not modify it. Fixes: #24431
* dissect: don't remove partitions explicitly on umount anymoreLennart Poettering2022-09-011-18/+5
| | | | | We do that now automatically when releasing the loopback device, hence we can drop the redundant try entirely.
* tree-wide: use devpath_from_devnum() and device_open_from_devnum()Yu Watanabe2022-08-281-12/+7
| | | | Fixes #24465.
* tree-wide: port things dirname_malloc() → path_extract_directory()Lennart Poettering2022-08-231-3/+3
|
* dissect: Add systemd-dissect --umountDaan De Meyer2022-08-031-1/+114
| | | | | | | | | | This command takes a mountpoint, unmounts it and makes sure the underlying partition devices and block device are removed before exiting. To mirror the --mount operation, we also add a --rmdir option which does the opposite of --mkdir, and a -U option which is a shortcut for --umount --rmdir.
* Add sys/file.h for LOCK_Pavel Zhukov2022-06-211-0/+1
| | | | | | | | Fixes build with musl: | ../git/src/shared/dissect-image.c: In function 'mount_image_privately_interactively': | ../git/src/shared/dissect-image.c:2986:34: error: 'LOCK_SH' undeclared (first use in this function) | 2986 | r = loop_device_flock(d, LOCK_SH); | | ^~~~~~~
* dissect-image: Explicitly remove partitions when done with imageDaan De Meyer2022-05-231-0/+2
| | | | | | | | | | | | | | When closing a loop device, the kernel will asynchronously remove the probed partitions. This can lead to race conditions where we try to reuse a partition device that still needs to be removed by the kernel. To avoid such issues, let's explicitly try to remove any partitions using BLKPG_DEL_PARTITION when we're done with an image. To make sure we don't try to remove partitions when we want them to remain (e.g. systemd-dissect --mount), we add dissected_image_relinquish() in a similar vein to loop_device_relinquish() and decrypted_image_relinquish().
* dissect: drop unnecessary {}Zbigniew Jędrzejewski-Szmek2022-05-081-2/+1
|
* tree-wide: take BSD lock on loopback devices we dissect/mount/operate onLennart Poettering2022-04-101-0/+14
| | | | | | | | | | | | | | | | | | | | | So here's something we should always keep in mind: systemd-udevd actually does *two* things with BSD file locks on block devices: 1. While it probes a device it takes a LOCK_SH lock. Thus everyone else taking a LOCK_EX lock will temporarily block udev from probing devices, which is good when making changes to it. 2. Whenever a device is closed after write (detected via inotify), udevd will issue BLKRRPART (requesting the kernel to reread the partition table). It does this while holding a LOCK_EX lock on the block device. Thus anyone else taking LOCK_SH or LOCK_EX will temporarily block udevd from issuing that ioctl. And that's quite relevant, since the kernel will temporarily flush out all partitions while re-reading the partition table and then create them anew. Thus it is smart to take LOCK_SH when dissecting a block device to ensure that no BLKRRPART is issued in the background, until we mounted the devices.
* strv: make iterator in STRV_FOREACH() declaread in the loopYu Watanabe2022-03-191-3/+0
| | | | This also avoids multiple evaluations in STRV_FOREACH_BACKWARDS()
* dissect-image: do not enable "verification" when trying to acquire metadataZbigniew Jędrzejewski-Szmek2021-11-241-1/+1
| | | | | | | | | The whole point of acquiring metadata is quite often to figure out why the image does not pass verification. Refusing to provide metadata is just being hostile to the user. When called from other places (e.g. image_read_metadata()), verification is still performed.
* dissect: show intended purpose of images in dissection outputLennart Poettering2021-11-231-1/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With this the tool will show whether an image is intended to be a bootable OS image, a system extension, or a portable service image. Example output with this patch: <snip> Name: image_53.raw Size: 3.2G Machine ID: bb9f2921198040feb7c82270bf66e4b8 OS Release: NAME=Fedora VERSION=34 (Thirty Four) … PRIVACY_POLICY_URL=https://fedoraproject.org/wiki/Legal:PrivacyPolicy IMAGE_VERSION=53 Use As: ✓ bootable system for UEFI ✓ bootable system for container ✗ portable service ✗ extension for system ✗ extension for initrd ✗ extension for portable service RW DESIGNATOR PARTITION UUID PARTITION LABEL FSTYPE ARCHITECTURE VERITY GROWFS NODE PARTNO rw root d56af2b4-35eb-2e40-8f08-2d3b7012b0fc Root Partition btrfs x86-64 no no /dev/loop1p2 2 rw esp e3d11339-05c1-a74a-ae77-aae76812c134 ESP System Partition vfat - - no /dev/loop1p1 1 … </snip>
* dissect: add helper call for unifying three loopsLennart Poettering2021-11-231-28/+21
|
* Make pager_open() return voidZbigniew Jędrzejewski-Szmek2021-11-031-1/+1
|
* basic: spit out chase_symlinks() from fs-util.[ch] → chase-symlinks.[ch]Lennart Poettering2021-10-051-0/+1
|
* dissect-image: load embedded verity signature info from imageLennart Poettering2021-09-281-0/+7
| | | | | This adds support for actually using embedded signature data from partitions.
* dissect-image: discover verity signature partitionsLennart Poettering2021-09-281-1/+3
| | | | | This doesn't make use of the discovered partitions yet, but it finds them at least.
* dissect-image: rename dissected_image_has_verity()/_can_do_verity()Lennart Poettering2021-09-101-2/+2
| | | | | | | Let's also pick more precise names for these helpers that are used for the tabular output: one checks whether a partition is candidate for verity at all, and the other checks if it is ready to be used for it. Let's make this clearer in the name.
* Merge pull request #20257 from bluca/seqnoLuca Boccassi2021-08-311-0/+1
|\ | | | | Use new diskseq block device property
| * dissect: use DISKSEQ when waiting for block devicesLuca Boccassi2021-07-281-0/+1
| | | | | | | | | | | | | | | | DISKSEQ is a reliable way to find out if we missed a uevent or not, as it's monotonically increasing. If we parse an event with a smaller or no sequence number, we know we need to wait longer. If we parse an event with a greater sequence number, we know we missed it and the device was reused.
* | shared/copy: add a new flag COPY_ALL_XATTRSAndrej Lajovic2021-08-111-2/+2
| | | | | | | | | | | | | | | | When the flag COPY_ALL_XATTRS is set, it causes the complete set of xattrs to be copied. If the flag is unset, only xattrs from the "user" namespace are copied. Fixes #17178.
* | Drop the text argument from assert_not_reached()Zbigniew Jędrzejewski-Szmek2021-08-031-3/+3
|/ | | | | | | | | | | | | | | | | In general we almost never hit those asserts in production code, so users see them very rarely, if ever. But either way, we just need something that users can pass to the developers. We have quite a few of those asserts, and some have fairly nice messages, but many are like "WTF?" or "???" or "unexpected something". The error that is printed includes the file location, and function name. In almost all functions there's at most one assert, so the function name alone is enough to identify the failure for a developer. So we don't get much extra from the message, and we might just as well drop them. Dropping them makes our code a tiny bit smaller, and most importantly, improves development experience by making it easy to insert such an assert in the code without thinking how to phrase the argument.
* tree-wide: add FORMAT_BYTES()Zbigniew Jędrzejewski-Szmek2021-07-091-4/+2
|
* dissect-image: add support for optionally mounting images with idmapping onLennart Poettering2021-05-071-2/+2
|
* Merge pull request #19391 from poettering/dissect-growZbigniew Jędrzejewski-Szmek2021-05-071-2/+18
|\ | | | | optionally, grow file systems to partition size when mounting them via GPT auto-discovery
| * dissect: enable growfs by default, but make it configurableLennart Poettering2021-04-231-1/+13
| | | | | | | | | | This adds a new --growfs=yes|no switch to systemd-dissect, defaulting to on.
| * dissect: show growfs flag in systemd-dissect table outputLennart Poettering2021-04-231-1/+5
| |
* | various: print the image path when setting up of the loopback device failsZbigniew Jędrzejewski-Szmek2021-04-231-1/+1
|/
* dissect: ignore udev database entries from before the loopback attachmentLennart Poettering2021-04-201-0/+1
| | | | | | | | | This tries to shorten the race of device reuse a bit more: let's ignore udev database entries that are older than the time where we started to use a loopback device. This doesn't fix the whole loopback device raciness mess, but it makes the race window a bit shorter.
* dissect: ignore old uevents when waiting for loopback partition scanLennart Poettering2021-04-201-0/+1
| | | | | | | | | | | Let's drop all monitor uevent that were enqueued before we actually started setting up the device. This doesn't fix the race, but it makes the race window smaller: since we cannot determine the uevent seqnum and the loopback attachment atomically, there's a tiny window where uevents might be generated by the device which we mistake for being associated with out use of the loopback device.
* dissect: split read-only flag into twoLennart Poettering2021-04-191-1/+1
| | | | | | | | | | | | | | | Let's have one flag to request that when dissecting an image the loopback device is made read-only, and another one to request that when it is mounted to make it read-only. Previously both concepts were always done read-only together. (Of course, making the loopback device read-only but mounting it read-write doesn't make too much sense, but the kernel should catch that for us, no need to make restrictions from our side there) Use-case for this: in systemd-repart we'd like to operate on images for adding partitions. Thus we'd like to have the loopback device writable, but if we read repart.d/ snippets from it, we want to do that read-only.
* dissect: show partition label in tableLennart Poettering2021-03-161-1/+2
| | | | | We nowadays pick up the partition label while dissecting, let's show it if we have it.
* dissect: don't insist on a root/usr partition when just inspectingLennart Poettering2021-03-161-2/+3
| | | | | | Let's relax rules here a bit, taking benefit of the fact that DISSECT_IMAGE_REQUIRE_ROOT + DISSECT_IMAGE_GENERIC_ROOT are now separate flags.
* dissect-image: split DISSECT_IMAGE_REQUIRE_ROOT in twoLennart Poettering2021-03-161-1/+7
| | | | | | | | | | | | Previously, the flag did two things at once: enable support for using generic partitions as root fs if there were only one/allow use of partition-table-less images as root fs. And secondly, insist that there was a rootfs, and fail if not. Let's split these two in two separate options so that they can be used independently of each other. There are cases where one wants to use one without the other (i.e. when inspecting things with systemd-dissect tool it should be OK to do so even if image has no root fs), and it's cleaner anyway.
* tree-wide: make use of DISSECT_IMAGE_USR_NO_ROOT in various toolsLennart Poettering2021-03-161-1/+1
| | | | | | | | Let's make use of the new dissection in all tools where this makes sense, which are all tools that dissect images, except for those which inherently operate on state/configuraiton and thus where an image without state nor configuration is useless (e.g. systemd-tmpfiles/systemd-firstboot/… --image= switch).
* dissect: fix trivial typoLennart Poettering2021-03-111-1/+1
|
* tree-wide: use UINT64_MAX or friendsYu Watanabe2021-03-051-4/+4
|
* dissect: parse, store and show extension-release infoLuca Boccassi2021-02-171-2/+19
|
* Move and rename parse_json_argument() functionZbigniew Jędrzejewski-Szmek2021-02-151-1/+1
| | | | | json.[ch] is a very generic implementation, and cmdline argument parsing doesn't fit there.
* Move and rename parse_path_argument() functionZbigniew Jędrzejewski-Szmek2021-02-151-1/+2
| | | | | This fits better in shared/, and the new parse-argument.c file is a good home for it.
* tree-wide: Drop custom formatting for print() help messagesDaan De Meyer2021-01-311-5/+7
| | | | | | | | | | | | I think this formatting was originally used because it simplified adding new options to the help messages. However, these days, most tools their help message end with "\nSee the %s for details.\n" so the final line almost never has to be edited which eliminates the benefit of the custom formatting used for printf() help messages. Let's make things more consistent and use the same formatting for printf() help messages that we use everywhere else. Prompted by https://github.com/systemd/systemd/pull/18355#discussion_r567241580
* dissect: almost port systemd-dissect to table_print_with_pager()Lennart Poettering2021-01-211-1/+22
| | | | | | | | This doesn't actually port systemd-dissect to table_print_with_pager() but at least rearranges things so that similar behaviour is exposed. The reason it's not ported over 1:1 is that systemd-dissect actually adjusts the JSON output of the table with additional info, and doesn't print the table 1:1 as JSON.
View Lorry Controller Status