Merge pull request #2872 from cgwalters/composefs-followups

Composefs followups
2025-01-26 14:04:12 +03:00 · 2023-06-07 10:52:06 +02:00 · 2023-06-07 10:52:06 +02:00 · 0a3dd22f83
commit 0a3dd22f83
parent 8762062648 12b7f328e2
3 changed files with 40 additions and 13 deletions
--- a/src/libostree/ostree-repo-composefs.c
+++ b/src/libostree/ostree-repo-composefs.c
@ -178,6 +178,16 @@ _composefs_write_cb (void *file, void *buf, size_t len)
  return res;
 }

+#else /* HAVE_COMPOSEFS */
+
+static gboolean
+composefs_not_supported (GError **error)
+{
+  g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED,
+               "composefs is not supported in this ostree build");
+  return FALSE;
+}
+
 #endif

 /**
@ -232,9 +242,7 @@ ostree_composefs_target_write (OstreeComposefsTarget *target, int fd, guchar **o

  return TRUE;
 #else
-  g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED,
-               "Composeefs is not supported in this ostree build");
-  return FALSE;
+  return composefs_not_supported (error);
 #endif
 }

@ -500,7 +508,8 @@ ensure_lcfs_dir (struct lcfs_node_s *parent, const char *name, GError **error)

  return node;
 }
-#endif
+
+#endif /* HAVE_COMPOSEFS */

 /**
 * ostree_repo_checkout_composefs:
@ -553,9 +562,7 @@ ostree_repo_checkout_composefs (OstreeRepo *self, OstreeComposefsTarget *target,

  return TRUE;
 #else
-  g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED,
-               "Composeefs is not supported in this ostree build");
-  return FALSE;
+  return composefs_not_supported (error);
 #endif
 }

@ -623,7 +630,7 @@ ostree_repo_commit_add_composefs_metadata (OstreeRepo *self, GVariantBuilder *bu
                                                 error))
        return FALSE;
 #else
-      return glnx_throw (error, "composefs required, but libostree compiled without support");
+      return composefs_not_supported (error);
 #endif
    }

--- a/src/switchroot/ostree-mount-util.h
+++ b/src/switchroot/ostree-mount-util.h
@ -134,7 +134,7 @@ read_file (const char *path, size_t *out_len)
 {
  int fd;

-  fd = open (path, O_RDONLY);
+  fd = open (path, O_RDONLY | O_CLOEXEC);
  if (fd < 0)
    {
      if (errno == ENOENT)
--- a/src/switchroot/ostree-prepare-root.c
+++ b/src/switchroot/ostree-prepare-root.c
@ -78,6 +78,9 @@
 #define FS_VERITY_FL 0x00100000 /* Verity protected inode */
 #define FS_IOC_GETFLAGS _IOR ('f', 1, long)

+// The name of the composefs metadata root
+#define OSTREE_COMPOSEFS_NAME ".ostree.cfs"
+
 #if defined(HAVE_LIBSYSTEMD) && !defined(OSTREE_PREPARE_ROOT_STATIC)
 #define USE_LIBSYSTEMD
 #endif
@ -315,26 +318,27 @@ main (int argc, char *argv[])
      int cfs_fd;
      unsigned cfs_flags;

-      cfs_fd = open (".ostree.cfs", O_RDONLY);
+      cfs_fd = open (OSTREE_COMPOSEFS_NAME, O_RDONLY | O_CLOEXEC);
      if (cfs_fd < 0)
        {
          if (errno == ENOENT)
            goto nocfs;

-          err (EXIT_FAILURE, "failed to open .ostree.cfs");
+          err (EXIT_FAILURE, "failed to open %s", OSTREE_COMPOSEFS_NAME);
        }

      /* Check if file is already fsverity */
      if (ioctl (cfs_fd, FS_IOC_GETFLAGS, &cfs_flags) < 0)
-        err (EXIT_FAILURE, "failed to get .ostree.cfs flags");
+        err (EXIT_FAILURE, "failed to get %s flags", OSTREE_COMPOSEFS_NAME);

      /* It is not, apply signature (if it exists) */
      if ((cfs_flags & FS_VERITY_FL) == 0)
        {
+          const char signame[] = OSTREE_COMPOSEFS_NAME ".sig";
          unsigned char *signature;
          size_t signature_len;

-          signature = read_file (".ostree.cfs.sig", &signature_len);
+          signature = read_file (signame, &signature_len);
          if (signature != NULL)
            {
              /* If we're read-only we temporarily make it read-write to sign the image */
@ -351,6 +355,16 @@ main (int argc, char *argv[])
                            MS_REMOUNT | MS_RDONLY | MS_SILENT, NULL)
                         < 0)
                err (EXIT_FAILURE, "failed to remount rootfs back read-only (after signing)");
+
+#ifdef USE_LIBSYSTEMD
+              sd_journal_send ("MESSAGE=Applied fsverity signature %s", signame, NULL);
+#endif
+            }
+          else
+            {
+#ifdef USE_LIBSYSTEMD
+              sd_journal_send ("MESSAGE=No fsverity signature found for root", NULL);
+#endif
            }
        }

@ -397,6 +411,12 @@ main (int argc, char *argv[])
      if (mount (deploy_path, TMP_SYSROOT, NULL, MS_BIND | MS_SILENT, NULL) < 0)
        err (EXIT_FAILURE, "failed to make initial bind mount %s", deploy_path);
    }
+  else
+    {
+#ifdef USE_LIBSYSTEMD
+      sd_journal_send ("MESSAGE=Mounted composefs", NULL);
+#endif
+    }

  /* This will result in a system with /sysroot read-only. Thus, two additional
   * writable bind-mounts (for /etc and /var) are required later on. */