| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
designator
let's add the inverse of the existing partition_verity_of() and
partition_verity_sig_of()
|
|
|
|
|
|
|
|
| |
These don't have an inherent purpose, and aren't used throughout
the codebase, so let's simplify things and remove these.
See https://github.com/systemd/systemd/pull/24803#discussion_r1028190421
for more information.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of exposing just the partition type UUID, let's expose the
GptPartitionType struct, which has a lot more information available
in a much more accessible way.
Also, let's get rid of SECONDARY/OTHER in PartitionDesignator. These
were only there to support preferred architectures in dissect-image.c,
but we can easily handle that by comparing architectures when we decide
whether to override a partition. This is done in a new function
compare_arch().
|
| |
|
|
|
|
|
| |
To achieve this we move the PartitionDesignator enum from
dissect-image.h to gpt.h
|
| |
|
|
|
|
|
|
| |
I think those constants are generally useful. It's quite easy to make a mistake
when copying things from the docs, so let's make them easy and convenient to
access.
|
|
|
|
|
| |
__s390__ is defined for both s390 and s390x. Hence, we need to define
the native uuids for s390x at first.
|
|
|
|
| |
Not doing PARISC64 for now as no userland exists for it yet.
|
| |
|
|
|
|
|
|
|
|
|
| |
We expose various other forms of UUID helpers already, i.e.
SD_ID128_UUID_FORMAT_STR and SD_ID128_MAKE_UUID_STR(), and we parse
UUIDs, hence add a high-level helper for formatting UUIDs too.
This doesn't add any new code, it just moves some helpers
id128-util.[ch] → sd-id128.[ch], to make them public.
|
|
|
|
| |
This replaces the _GPT_ALL_ARCHES macro.
|
|
|
|
|
| |
We also add a function gpt_partition_type_uuid_to_arch() to get the
architecture of a partition type uuid.
|
|
|
|
| |
For consistency with ARCHITECTURE_PPC64_LE
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
4e767154891083069a58c5c960f386974ad87fb4 added a slightly different UUID
in the header and in the docs. This makes the code match the docs.
> As some downstream projects are already using the UUID as in the docs, most
> notably util-linux [1], we should adjust code to match doc; no shipping
> LoongArch systems are using upstream systemd, and no open-source distro is
> merging LoongArch support yet, so the change should break no one. This also
> matches the work being done by @yetist at loongarch64/systemd#7.
[1] https://github.com/util-linux/util-linux/commit/2d29fccaad267d1b003dc0ed2bb9634ff76f3e49
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a helper script:
$ python3 tools/list-discoverable-partitions.py <src/shared/gpt.h
<!-- generated with tools/list-discoverable-partitions.py -->
| Partition Type UUID | Name | Allowed File Systems | Explanation |
|---------------------|------|----------------------|-------------|
| _Root Partition (Alpha)_ | `6523f8ae-3eb1-4e2a-a05a-18b695ae656f` | [Root Partition] | [Root Partition more] |
| _Root Partition (ARC)_ | `d27f46ed-2919-4cb8-bd25-9531f3c16534` | ditto | ditto |
...
The output can be pasted into the markdown file. I think this works better than
trying to match the two lists by hand.
|
|
|
|
| |
"arm64" is generally written without the underscore.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I don't think we want people to send us pull requests over the next two years.
Let's just make something up ourselves, this is going to have at least as good
results, and will be much quicker.
Note that this only includes architectures for which there's some indication
that they are in active use. In architecture.h there are some more esoteric
ones like ARC_BE. We can add those if there's some actual user demand.
In particular, I included everything on the Debian "List of official ports" [1]
and a few other arches that we have received patches for in recent times.
[1] https://www.debian.org/ports/#portlist-released
|
|
|
|
| |
It's just too annoying to add new ones otherwise.
|
|
|
|
| |
C.f. 1fb2d8fcb69bcdbab0a5dd23bbf02f729e47e656.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is useful for provisioning initially empty secondary A/B root file
systems. We don't want those to ever be considered for automatic
mounting, for example in "systemd-nspawn --image=", hence we should
create them with the No-Auto flag turned on. Once a file system image is
dropped into the partition the flag may be turned off by the updater
tool, so that it is considered from then on.
Thew new option for this is called NoAuto. I dislike negated options
like this, but this is taken from the naming in the spec, which in turn
inherited the name from the same flag for Microsoft Data Partitions. To
minimize confusion, let's stick to the name hence.
|
| |
|
|
|
|
|
|
| |
created partitions
And set it to on by default, except if partition is marked read-only.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-repart can grow partitions dynamically at boot, but it won't
grow the file systems inside them. In /etc/fstab you can request that
via x-systemd.growfs. So far we didn't have a nice scheme for images
with GPT auto-discovery however, and that meant in particular in tools
such as systemd-nspawn the file systems couldn't be grown automatically.
Let's address this: let's define a new GPT partition flag that can be
set for our partition types. If set it indicates that the file system
should be grown to the partition size on mount.
This commit adds the flag and adds code to discover it when dissecting
images. There's no code yet to actually do something about it.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's make the GPT partition flags configurable when creating new
partitions. This is primarily useful for the read-only flag (which we
want to set for verity enabled partitions).
This adds two settings for this: Flags= and ReadOnly=, which strictly
speaking are redundant. The main reason to have both is that usually the
ReadOnly= setting is the one wants to control, and it' more generic.
Moreover we might later on introduce inherting of flags from CopyBlocks=
partitions, where one might want to control most flags as is except for
the RO flag and similar, hence let's keep them separate.
|
| |
|
|
|
|
|
|
|
| |
This adds a proper validator function.
No change in behaviour, just some minor refactoring (this should be
useful elsewhere later on though)
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
No code changes, just some reordering.
|
|\
| |
| | |
various tweaks to the image dissection logic
|
| | |
|
|/
|
|
| |
Fixes more or less: https://bugs.freedesktop.org/show_bug.cgi?id=67474
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This has been requested many times before. Let's add it finally.
GPT auto-discovery for /var is a bit more complex than for other
partition types: the other partitions can to some degree be shared
between multiple OS installations on the same disk (think: swap, /home,
/srv). However, /var is inherently something bound to an installation,
i.e. specific to its identity, or actually *is* its identity, and hence
something that cannot be shared.
To deal with this this new code is particularly careful when it comes to
/var: it will not mount things blindly, but insist that the UUID of the
partition matches a hashed version of the machine-id of the
installation, so that each installation has a very specific /var
associated with it, and would never use any other. (We actually use
HMAC-SHA256 on the GPT partition type for /var, keyed by the machine-id,
since machine-id is something we want to keep somewhat private).
Setting the right UUID for installations takes extra care. To make
things a bit simpler to set up, we avoid this safety check for nspawn
and RootImage= in unit files, under the assumption that such container
and service images unlikely will have multiple installations on them.
The check is hence only required when booting full machines, i.e. in
in systemd-gpt-auto-generator.
To help with putting together images for full machines, PR #14368
introduces a repartition tool that can automatically fill in correctly
calculated UUIDs on first boot if images have the var partition UUID
initialized to all zeroes. With that in place systems can be put
together in a way that on first boot the machine ID is determined and
the partition table automatically adjusted to have the /var partition
with the right UUID.
|
|
|
|
|
|
| |
As listed in the boot loader spec since a long time:
https://systemd.io/BOOT_LOADER_SPECIFICATION#technical-details
|
|
|
|
|
|
|
|
|
|
|
| |
These lines are generally out-of-date, incomplete and unnecessary. With
SPDX and git repository much more accurate and fine grained information
about licensing and authorship is available, hence let's drop the
per-file copyright notice. Of course, removing copyright lines of others
is problematic, hence this commit only removes my own lines and leaves
all others untouched. It might be nicer if sooner or later those could
go away too, making git the only and accurate source of authorship
information.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This part of the copyright blurb stems from the GPL use recommendations:
https://www.gnu.org/licenses/gpl-howto.en.html
The concept appears to originate in times where version control was per
file, instead of per tree, and was a way to glue the files together.
Ultimately, we nowadays don't live in that world anymore, and this
information is entirely useless anyway, as people are very welcome to
copy these files into any projects they like, and they shouldn't have to
change bits that are part of our copyright header for that.
hence, let's just get rid of this old cruft, and shorten our codebase a
bit.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Files which are installed as-is (any .service and other unit files, .conf
files, .policy files, etc), are left as is. My assumption is that SPDX
identifiers are not yet that well known, so it's better to retain the
extended header to avoid any doubt.
I also kept any copyright lines. We can probably remove them, but it'd nice to
obtain explicit acks from all involved authors before doing that.
|
|
|
|
|
| |
This follows what the kernel is doing, c.f.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
|
|
|
|
|
|
|
|
|
|
| |
The flag is originally defined for "basic data partitions", but not for the
ESP. We reuse it for the various partitions defined by the Discoverable
Partitions Spec, but it isn't defined for the ESP, hence don't check for
it. Instead, do check for GPT_FLAG_NO_BLOCK_IO_PROTOCOL, as that flag
actually is defined for all partition types, and recommended to use by
the UEFI spec.
Fixes: #5218
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for discovering and making use of properly tagged dm-verity
data integrity partitions. This extends both systemd-nspawn and systemd-dissect
with a new --root-hash= switch that takes the root hash to use for the root
partition, and is otherwise fully automatic.
Verity partitions are discovered automatically by GPT table type UUIDs, as
listed in
https://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec/
(which I updated prior to this change, to include new UUIDs for this purpose.
mkosi with https://github.com/systemd/mkosi/pull/39 applied may generate images
that carry the necessary integrity data. With that PR and this commit, the
following simply lines suffice to boot up an integrity-protected container image:
```
# mkdir test
# cd test
# mkosi --verity
# systemd-nspawn -i ./image.raw -bn
```
Note that mkosi writes the image file to "image.raw" next to a a file
"image.roothash" that contains the root hash. systemd-nspawn will look for that
file and use it if it exists, in case --root-hash= is not specified explicitly.
|
|
|
|
|
|
| |
Usually, we place the #pragma once before the copyright blurb in header files,
but in a few cases we didn't. Move those around, so that we do the same thing
everywhere.
|