mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-01-08 21:17:47 +03:00
Merge pull request #21425 from keszybz/ppc64-fixes
Add base-filesystem defines for arm64/ppc64el/riscv64 and make build quiet again
This commit is contained in:
commit
494876ce38
@ -40,64 +40,126 @@ Interface](https://systemd.io/BOOT_LOADER_INTERFACE).
|
||||
|
||||
## Defined Partition Type UUIDs
|
||||
|
||||
<!-- generated with tools/list-discoverable-partitions.py -->
|
||||
| Partition Type UUID | Name | Allowed File Systems | Explanation |
|
||||
|---------------------|------|----------------------|-------------|
|
||||
| `44479540-f297-41b2-9af7-d131d5f0458a` | _Root Partition (x86)_ | Any native, optionally in LUKS | On systems with matching architecture, the first partition with this type UUID on the disk containing the active EFI ESP is automatically mounted to the root directory <tt>/</tt>. If the partition is encrypted with LUKS or has dm-verity integrity data (see below), the device mapper file will be named `/dev/mapper/root`. |
|
||||
| `4f68bce3-e8cd-4db1-96e7-fbcaf984b709` | _Root Partition (x86-64)_ | ditto | ditto |
|
||||
| `69dad710-2ce4-4e3c-b16c-21a1d49abed3` | _Root Partition (32-bit ARM)_ | ditto | ditto |
|
||||
| `b921b045-1df0-41c3-af44-4c6f280d3fae` | _Root Partition (64-bit ARM/AArch64)_ | ditto | ditto |
|
||||
| `993d8d3d-f80e-4225-855a-9daf8ed7ea97` | _Root Partition (Itanium/IA-64)_ | ditto | ditto |
|
||||
| `77055800-792c-4f94-b39a-98c91b762bb6` | _Root Partition (LoongArch 64-bit)_ | ditto | ditto |
|
||||
| `60d5a7fe-8e7d-435c-b714-3dd8162144e1` | _Root Partition (RISC-V 32-bit)_ | ditto | ditto |
|
||||
| `72ec70a6-cf74-40e6-bd49-4bda08e8f224` | _Root Partition (RISC-V 64-bit)_ | ditto | ditto |
|
||||
| `d13c5d3b-b5d1-422a-b29f-9454fdc89d76` | _Root Verity Partition (x86)_ | A dm-verity superblock followed by hash data | Contains dm-verity integrity hash data for the matching root partition. If this feature is used the partition UUID of the root partition should be the first 128 bits of the root hash of the dm-verity hash data, and the partition UUID of this dm-verity partition should be the final 128 bits of it, so that the root partition and its Verity partition can be discovered easily, simply by specifying the root hash. |
|
||||
| `2c7357ed-ebd2-46d9-aec1-23d437ec2bf5` | _Root Verity Partition (x86-64)_ | ditto | ditto |
|
||||
| `7386cdf2-203c-47a9-a498-f2ecce45a2d6` | _Root Verity Partition (32-bit ARM)_ | ditto | ditto |
|
||||
| `df3300ce-d69f-4c92-978c-9bfb0f38d820` | _Root Verity Partition (64-bit ARM/AArch64)_ | ditto | ditto |
|
||||
| `86ed10d5-b607-45bb-8957-d350f23d0571` | _Root Verity Partition (Itanium/IA-64)_ | ditto | ditto |
|
||||
| `f3393b22-e9af-4613-a948-9d3bfbd0c535` | _Root Verity Partition (LoongArch 64-bit)_ | ditto | ditto |
|
||||
| `ae0253be-1167-4007-ac68-43926c14c5de` | _Root Verity Partition (RISC-V 32-bit)_ | ditto | ditto |
|
||||
| `b6ed5582-440b-4209-b8da-5ff7c419ea3d` | _Root Verity Partition (RISC-V 64-bit)_ | ditto | ditto |
|
||||
| `5996fc05-109c-48de-808b-23fa0830b676` | _Root Verity Signature Partition (x86)_ | A serialized JSON object, see below | Contains a root hash and a PKCS#7 signature for it, permitting signed dm-verity GPT images |
|
||||
| `41092b05-9fc8-4523-994f-2def0408b176` | _Root Verity Signature Partition (x86-64)_ | ditto | ditto |
|
||||
| `42b0455f-eb11-491d-98d3-56145ba9d037` | _Root Verity Signature Partition (32-bit ARM)_ | ditto | ditto |
|
||||
| `6db69de6-29f4-4758-a7a5-962190f00ce3` | _Root Verity Signature Partition (64-bit ARM/AArch64)_ | ditto | ditto |
|
||||
| `e98b36ee-32ba-4882-9b12-0ce14655f46a` | _Root Verity Signature Partition (Itanium/IA-64)_ | ditto | ditto |
|
||||
| `5afb67eb-ecc8-4f85-ae8e-ac1e7c50e7d0` | _Root Verity Signature Partition (LoongArch 64-bit)_ | ditto | ditto |
|
||||
| `3a112a75-8729-4380-b4cf-764d79934448` | _Root Verity Signature Partition (RISC-V 32-bit)_ | ditto | ditto |
|
||||
| `efe0f087-ea8d-4469-821a-4c2a96a8386a` | _Root Verity Signature Partition (RISC-V 64-bit)_ | ditto | ditto |
|
||||
| `75250d76-8cc6-458e-bd66-bd47cc81a812` | _`/usr/` Partition (x86)_ | Any native, optionally in LUKS | Similar semantics to root partition, but just the `/usr/` partition. |
|
||||
| `8484680c-9521-48c6-9c11-b0720656f69e` | _`/usr/` Partition (x86-64)_ | ditto | ditto |
|
||||
| `7d0359a3-02b3-4f0a-865c-654403e70625` | _`/usr/` Partition (32-bit ARM)_ | ditto | ditto |
|
||||
| `b0e01050-ee5f-4390-949a-9101b17104e9` | _`/usr/` Partition (64-bit ARM/AArch64)_ | ditto | ditto |
|
||||
| `4301d2a6-4e3b-4b2a-bb94-9e0b2c4225ea` | _`/usr/` Partition (Itanium/IA-64)_ | ditto | ditto |
|
||||
| `e611c702-575c-4cbe-9a46-434fa0bf7e3f` | _`/usr/` Partition (LoongArch 64-bit)_ | ditto | ditto |
|
||||
| `b933fb22-5c3f-4f91-af90-e2bb0fa50702` | _`/usr/` Partition (RISC-V 32-bit)_ | ditto | ditto |
|
||||
| `beaec34b-8442-439b-a40b-984381ed097d` | _`/usr/` Partition (RISC-V 64-bit)_ | ditto | ditto |
|
||||
| `8f461b0d-14ee-4e81-9aa9-049b6fb97abd` | _`/usr/` Verity Partition (x86)_ | A dm-verity superblock followed by hash data | Similar semantics to root Verity partition, but just for the `/usr/` partition. |
|
||||
| `77ff5f63-e7b6-4633-acf4-1565b864c0e6` | _`/usr/` Verity Partition (x86-64)_ | ditto | ditto |
|
||||
| `c215d751-7bcd-4649-be90-6627490a4c05` | _`/usr/` Verity Partition (32-bit ARM)_ | ditto | ditto |
|
||||
| `6e11a4e7-fbca-4ded-b9e9-e1a512bb664e` | _`/usr/` Verity Partition (64-bit ARM/AArch64)_ | ditto | ditto |
|
||||
| `6a491e03-3be7-4545-8e38-83320e0ea880` | _`/usr/` Verity Partition (Itanium/IA-64)_ | ditto | ditto |
|
||||
| `f46b2c26-59ae-48f0-9106-c50ed47f673d` | _`/usr/` Verity Partition (LoongArch 64-bit)_ | ditto | ditto |
|
||||
| `cb1ee4e3-8cd0-4136-a0a4-aa61a32e8730` | _`/usr/` Verity Partition (RISC-V 32-bit)_ | ditto | ditto |
|
||||
| `8f1056be-9b05-47c4-81d6-be53128e5b54` | _`/usr/` Verity Partition (RISC-V 64-bit)_ | ditto | ditto |
|
||||
| `974a71c0-de41-43c3-be5d-5c5ccd1ad2c0` | _`/usr/` Verity Signature Partition (x86)_ | A serialized JSON object, see below | Similar semantics to root Verity signature partition, but just for the `/usr/` partition. |
|
||||
| `e7bb33fb-06cf-4e81-8273-e543b413e2e2` | _`/usr/` Verity Signature Partition (x86-64)_ | ditto | ditto |
|
||||
| `d7ff812f-37d1-4902-a810-d76ba57b975a` | _`/usr/` Verity Signature Partition (32-bit ARM)_ | ditto | ditto |
|
||||
| `c23ce4ff-44bd-4b00-b2d4-b41b3419e02a` | _`/usr/` Verity Signature Partition (64-bit ARM/AArch64)_ | ditto | ditto |
|
||||
| `8de58bc2-2a43-460d-b14e-a76e4a17b47f` | _`/usr/` Verity Signature Partition (Itanium/IA-64)_ | ditto | ditto |
|
||||
| `b024f315-d330-444c-8461-44bbde524e99` | _`/usr/` Verity Signature Partition (LoongArch 64-bit)_ | ditto | ditto |
|
||||
| `c3836a13-3137-45ba-b583-b16c50fe5eb4` | _`/usr/` Verity Signature Partition (RISC-V 32-bit)_ | ditto | ditto |
|
||||
| `d2f9000a-7a18-453f-b5cd-4d32f77a7b32` | _`/usr/` Verity Signature Partition (RISC-V 64-bit)_ | ditto | ditto |
|
||||
| `933ac7e1-2eb4-4f13-b844-0e14e2aef915` | _Home Partition_ | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/home/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/home`. |
|
||||
| `3b8f8425-20e0-4f3b-907f-1a25a76f98e8` | _Server Data Partition_ | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/srv/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/srv`. |
|
||||
| `4d21b016-b534-45c2-a9fb-5c16e091fd2d` | _Variable Data Partition_ | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/var/` — under the condition that its partition UUID matches the first 128 bits of `HMAC-SHA256(machine-id, 0x4d21b016b53445c2a9fb5c16e091fd2d)` (i.e. the SHA256 HMAC hash of the binary type UUID keyed by the machine ID as read from [`/etc/machine-id`](https://www.freedesktop.org/software/systemd/man/machine-id.html). This special requirement is made because `/var/` (unlike the other partition types listed here) is inherently private to a specific installation and cannot possibly be shared between multiple OS installations on the same disk, and thus should be bound to a specific instance of the OS, identified by its machine ID. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/var`. |
|
||||
| `7ec6f557-3bc5-4aca-b293-16ef5df639d1` | _Temporary Data Partition_ | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/var/tmp/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/tmp`. Note that the intended mount point is indeed `/var/tmp/`, not `/tmp/`. The latter is typically maintained in memory via <tt>tmpfs</tt> and does not require a partition on disk. In some cases it might be desirable to make `/tmp/` persistent too, in which case it is recommended to make it a symlink or bind mount to `/var/tmp/`, thus not requiring its own partition type UUID. |
|
||||
| `0657fd6d-a4ab-43c4-84e5-0933c84b4f4f` | _Swap_ | Swap, optionally in LUKS | All swap partitions on the disk containing the root partition are automatically enabled. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/swap`. This partition type predates the Discoverable Partitions Specification. |
|
||||
| `0fc63daf-8483-4772-8e79-3d69d8477de4` | _Generic Linux Data Partitions_ | Any native, optionally in LUKS | No automatic mounting takes place for other Linux data partitions. This partition type should be used for all partitions that carry Linux file systems. The installer needs to mount them explicitly via entries in <tt>/etc/fstab</tt>. Optionally, these partitions may be encrypted with LUKS. This partition type predates the Discoverable Partitions Specification. |
|
||||
| `c12a7328-f81f-11d2-ba4b-00a0c93ec93b` | _EFI System Partition_ | VFAT | The ESP used for the current boot is automatically mounted to `/efi/` (or `/boot/` as fallback), unless a different partition is mounted there (possibly via `/etc/fstab`, or because the Extended Boot Loader Partition — see below — exists) or the directory is non-empty on the root disk. This partition type is defined by the [UEFI Specification](http://www.uefi.org/specifications). |
|
||||
| `bc13c2ff-59e6-4262-a352-b275fd6f7172` | _Extended Boot Loader Partition_ | Typically VFAT | The Extended Boot Loader Partition (XBOOTLDR) used for the current boot is automatically mounted to <tt>/boot/</tt>, unless a different partition is mounted there (possibly via <tt>/etc/fstab</tt>) or the directory is non-empty on the root disk. This partition type is defined by the [Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION). |
|
||||
| _Root Partition (Alpha)_ | `6523f8ae-3eb1-4e2a-a05a-18b695ae656f` | Any native, optionally in LUKS | On systems with matching architecture, the first partition with this type UUID on the disk containing the active EFI ESP is automatically mounted to the root directory <tt>/</tt>. If the partition is encrypted with LUKS or has dm-verity integrity data (see below), the device mapper file will be named `/dev/mapper/root`. |
|
||||
| _Root Partition (ARC)_ | `d27f46ed-2919-4cb8-bd25-9531f3c16534` | ditto | ditto |
|
||||
| _Root Partition (32-bit ARM)_ | `69dad710-2ce4-4e3c-b16c-21a1d49abed3` | ditto | ditto |
|
||||
| _Root Partition (64-bit ARM/AArch64)_ | `b921b045-1df0-41c3-af44-4c6f280d3fae` | ditto | ditto |
|
||||
| _Root Partition (Itanium/IA-64)_ | `993d8d3d-f80e-4225-855a-9daf8ed7ea97` | ditto | ditto |
|
||||
| _Root Partition (LoongArch 64-bit)_ | `77055800-792c-4f94-b39a-98c91b762bb6` | ditto | ditto |
|
||||
| _Root Partition (32-bit MIPS LittleEndian (mipsel))_ | `37c58c8a-d913-4156-a25f-48b1b64e07f0` | ditto | ditto |
|
||||
| _Root Partition (64-bit MIPS LittleEndian (mips64el))_ | `700bda43-7a34-4507-b179-eeb93d7a7ca3` | ditto | ditto |
|
||||
| _Root Partition (32-bit PowerPC)_ | `1de3f1ef-fa98-47b5-8dcd-4a860a654d78` | ditto | ditto |
|
||||
| _Root Partition (64-bit PowerPC BigEndian)_ | `912ade1d-a839-4913-8964-a10eee08fbd2` | ditto | ditto |
|
||||
| _Root Partition (64-bit PowerPC LittleEndian)_ | `c31c45e6-3f39-412e-80fb-4809c4980599` | ditto | ditto |
|
||||
| _Root Partition (RISC-V 32-bit)_ | `60d5a7fe-8e7d-435c-b714-3dd8162144e1` | ditto | ditto |
|
||||
| _Root Partition (RISC-V 64-bit)_ | `72ec70a6-cf74-40e6-bd49-4bda08e8f224` | ditto | ditto |
|
||||
| _Root Partition (s390)_ | `08a7acea-624c-4a20-91e8-6e0fa67d23f9` | ditto | ditto |
|
||||
| _Root Partition (s390x)_ | `5eead9a9-fe09-4a1e-a1d7-520d00531306` | ditto | ditto |
|
||||
| _Root Partition (TILE-Gx)_ | `c50cdd70-3862-4cc3-90e1-809a8c93ee2c` | ditto | ditto |
|
||||
| _Root Partition (x86)_ | `44479540-f297-41b2-9af7-d131d5f0458a` | ditto | ditto |
|
||||
| _Root Partition (amd64/x86_64)_ | `4f68bce3-e8cd-4db1-96e7-fbcaf984b709` | ditto | ditto |
|
||||
| _`/usr/` Partition (Alpha)_ | `e18cf08c-33ec-4c0d-8246-c6c6fb3da024` | A dm-verity superblock followed by hash data | Contains dm-verity integrity hash data for the matching root partition. If this feature is used the partition UUID of the root partition should be the first 128 bits of the root hash of the dm-verity hash data, and the partition UUID of this dm-verity partition should be the final 128 bits of it, so that the root partition and its Verity partition can be discovered easily, simply by specifying the root hash. |
|
||||
| _`/usr/` Partition (ARC)_ | `7978a683-6316-4922-bbee-38bff5a2fecc` | ditto | ditto |
|
||||
| _`/usr/` Partition (32-bit ARM)_ | `7d0359a3-02b3-4f0a-865c-654403e70625` | ditto | ditto |
|
||||
| _`/usr/` Partition (64-bit ARM/AArch64)_ | `b0e01050-ee5f-4390-949a-9101b17104e9` | ditto | ditto |
|
||||
| _`/usr/` Partition (Itanium/IA-64)_ | `4301d2a6-4e3b-4b2a-bb94-9e0b2c4225ea` | ditto | ditto |
|
||||
| _`/usr/` Partition (LoongArch 64-bit)_ | `e611c702-575c-4cbe-9a46-434fa0bf7e3f` | ditto | ditto |
|
||||
| _`/usr/` Partition (32-bit MIPS LittleEndian (mipsel))_ | `0f4868e9-9952-4706-979f-3ed3a473e947` | ditto | ditto |
|
||||
| _`/usr/` Partition (64-bit MIPS LittleEndian (mips64el))_ | `c97c1f32-ba06-40b4-9f22-236061b08aa8` | ditto | ditto |
|
||||
| _`/usr/` Partition (32-bit PowerPC)_ | `7d14fec5-cc71-415d-9d6c-06bf0b3c3eaf` | ditto | ditto |
|
||||
| _`/usr/` Partition (64-bit PowerPC BigEndian)_ | `2c9739e2-f068-46b3-9fd0-01c5a9afbcca` | ditto | ditto |
|
||||
| _`/usr/` Partition (64-bit PowerPC LittleEndian)_ | `15bb03af-77e7-4d4a-b12b-c0d084f7491c` | ditto | ditto |
|
||||
| _`/usr/` Partition (RISC-V 32-bit)_ | `b933fb22-5c3f-4f91-af90-e2bb0fa50702` | ditto | ditto |
|
||||
| _`/usr/` Partition (RISC-V 64-bit)_ | `beaec34b-8442-439b-a40b-984381ed097d` | ditto | ditto |
|
||||
| _`/usr/` Partition (s390)_ | `cd0f869b-d0fb-4ca0-b141-9ea87cc78d66` | ditto | ditto |
|
||||
| _`/usr/` Partition (s390x)_ | `8a4f5770-50aa-4ed3-874a-99b710db6fea` | ditto | ditto |
|
||||
| _`/usr/` Partition (TILE-Gx)_ | `55497029-c7c1-44cc-aa39-815ed1558630` | ditto | ditto |
|
||||
| _`/usr/` Partition (x86)_ | `75250d76-8cc6-458e-bd66-bd47cc81a812` | ditto | ditto |
|
||||
| _`/usr/` Partition (amd64/x86_64)_ | `8484680c-9521-48c6-9c11-b0720656f69e` | ditto | ditto |
|
||||
| _Root Verity Partition (Alpha)_ | `fc56d9e9-e6e5-4c06-be32-e74407ce09a5` | A serialized JSON object, see below | Contains a root hash and a PKCS#7 signature for it, permitting signed dm-verity GPT images. |
|
||||
| _Root Verity Partition (ARC)_ | `24b2d975-0f97-4521-afa1-cd531e421b8d` | ditto | ditto |
|
||||
| _Root Verity Partition (32-bit ARM)_ | `7386cdf2-203c-47a9-a498-f2ecce45a2d6` | ditto | ditto |
|
||||
| _Root Verity Partition (64-bit ARM/AArch64)_ | `df3300ce-d69f-4c92-978c-9bfb0f38d820` | ditto | ditto |
|
||||
| _Root Verity Partition (Itanium/IA-64)_ | `86ed10d5-b607-45bb-8957-d350f23d0571` | ditto | ditto |
|
||||
| _Root Verity Partition (LoongArch 64-bit)_ | `f3393b22-e9af-4613-a948-9d3bfbd0c535` | ditto | ditto |
|
||||
| _Root Verity Partition (32-bit MIPS LittleEndian (mipsel))_ | `d7d150d2-2a04-4a33-8f12-16651205ff7b` | ditto | ditto |
|
||||
| _Root Verity Partition (64-bit MIPS LittleEndian (mips64el))_ | `16b417f8-3e06-4f57-8dd2-9b5232f41aa6` | ditto | ditto |
|
||||
| _Root Verity Partition (64-bit PowerPC LittleEndian)_ | `906bd944-4589-4aae-a4e4-dd983917446a` | ditto | ditto |
|
||||
| _Root Verity Partition (64-bit PowerPC BigEndian)_ | `9225a9a3-3c19-4d89-b4f6-eeff88f17631` | ditto | ditto |
|
||||
| _Root Verity Partition (32-bit PowerPC)_ | `98cfe649-1588-46dc-b2f0-add147424925` | ditto | ditto |
|
||||
| _Root Verity Partition (RISC-V 32-bit)_ | `ae0253be-1167-4007-ac68-43926c14c5de` | ditto | ditto |
|
||||
| _Root Verity Partition (RISC-V 64-bit)_ | `b6ed5582-440b-4209-b8da-5ff7c419ea3d` | ditto | ditto |
|
||||
| _Root Verity Partition (s390x)_ | `b325bfbe-c7be-4ab8-8357-139e652d2f6b` | ditto | ditto |
|
||||
| _Root Verity Partition (s390)_ | `7ac63b47-b25c-463b-8df8-b4a94e6c90e1` | ditto | ditto |
|
||||
| _Root Verity Partition (TILE-Gx)_ | `966061ec-28e4-4b2e-b4a5-1f0a825a1d84` | ditto | ditto |
|
||||
| _Root Verity Partition (amd64/x86_64)_ | `2c7357ed-ebd2-46d9-aec1-23d437ec2bf5` | ditto | ditto |
|
||||
| _Root Verity Partition (x86)_ | `d13c5d3b-b5d1-422a-b29f-9454fdc89d76` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (Alpha)_ | `8cce0d25-c0d0-4a44-bd87-46331bf1df67` | Any native, optionally in LUKS | Similar semantics to root partition, but just the `/usr/` partition. |
|
||||
| _`/usr/` Verity Partition (ARC)_ | `fca0598c-d880-4591-8c16-4eda05c7347c` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (32-bit ARM)_ | `c215d751-7bcd-4649-be90-6627490a4c05` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (64-bit ARM/AArch64)_ | `6e11a4e7-fbca-4ded-b9e9-e1a512bb664e` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (Itanium/IA-64)_ | `6a491e03-3be7-4545-8e38-83320e0ea880` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (LoongArch 64-bit)_ | `f46b2c26-59ae-48f0-9106-c50ed47f673d` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (32-bit MIPS LittleEndian (mipsel))_ | `46b98d8d-b55c-4e8f-aab3-37fca7f80752` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (64-bit MIPS LittleEndian (mips64el))_ | `3c3d61fe-b5f3-414d-bb71-8739a694a4ef` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (64-bit PowerPC LittleEndian)_ | `ee2b9983-21e8-4153-86d9-b6901a54d1ce` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (64-bit PowerPC BigEndian)_ | `bdb528a5-a259-475f-a87d-da53fa736a07` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (32-bit PowerPC)_ | `df765d00-270e-49e5-bc75-f47bb2118b09` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (RISC-V 32-bit)_ | `cb1ee4e3-8cd0-4136-a0a4-aa61a32e8730` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (RISC-V 64-bit)_ | `8f1056be-9b05-47c4-81d6-be53128e5b54` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (s390x)_ | `31741cc4-1a2a-4111-a581-e00b447d2d06` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (s390)_ | `b663c618-e7bc-4d6d-90aa-11b756bb1797` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (TILE-Gx)_ | `2fb4bf56-07fa-42da-8132-6b139f2026ae` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (amd64/x86_64)_ | `77ff5f63-e7b6-4633-acf4-1565b864c0e6` | ditto | ditto |
|
||||
| _`/usr/` Verity Partition (x86)_ | `8f461b0d-14ee-4e81-9aa9-049b6fb97abd` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (Alpha)_ | `d46495b7-a053-414f-80f7-700c99921ef8` | A dm-verity superblock followed by hash data | Similar semantics to root Verity partition, but just for the `/usr/` partition. |
|
||||
| _Root Verity Signature Partition (ARC)_ | `143a70ba-cbd3-4f06-919f-6c05683a78bc` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (32-bit ARM)_ | `42b0455f-eb11-491d-98d3-56145ba9d037` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (64-bit ARM/AArch64)_ | `6db69de6-29f4-4758-a7a5-962190f00ce3` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (Itanium/IA-64)_ | `e98b36ee-32ba-4882-9b12-0ce14655f46a` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (LoongArch 64-bit)_ | `5afb67eb-ecc8-4f85-ae8e-ac1e7c50e7d0` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (32-bit MIPS LittleEndian (mipsel))_ | `c919cc1f-4456-4eff-918c-f75e94525ca5` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (64-bit MIPS LittleEndian (mips64el))_ | `904e58ef-5c65-4a31-9c57-6af5fc7c5de7` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (64-bit PowerPC LittleEndian)_ | `d4a236e7-e873-4c07-bf1d-bf6cf7f1c3c6` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (64-bit PowerPC BigEndian)_ | `f5e2c20c-45b2-4ffa-bce9-2a60737e1aaf` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (32-bit PowerPC)_ | `1b31b5aa-add9-463a-b2ed-bd467fc857e7` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (RISC-V 32-bit)_ | `3a112a75-8729-4380-b4cf-764d79934448` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (RISC-V 64-bit)_ | `efe0f087-ea8d-4469-821a-4c2a96a8386a` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (s390x)_ | `c80187a5-73a3-491a-901a-017c3fa953e9` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (s390)_ | `3482388e-4254-435a-a241-766a065f9960` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (TILE-Gx)_ | `b3671439-97b0-4a53-90f7-2d5a8f3ad47b` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (amd64/x86_64)_ | `41092b05-9fc8-4523-994f-2def0408b176` | ditto | ditto |
|
||||
| _Root Verity Signature Partition (x86)_ | `5996fc05-109c-48de-808b-23fa0830b676` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (Alpha)_ | `5c6e1c76-076a-457a-a0fe-f3b4cd21ce6e` | A serialized JSON object, see below | Similar semantics to root Verity signature partition, but just for the `/usr/` partition. |
|
||||
| _`/usr/` Verity Signature Partition (ARC)_ | `94f9a9a1-9971-427a-a400-50cb297f0f35` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (32-bit ARM)_ | `d7ff812f-37d1-4902-a810-d76ba57b975a` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (64-bit ARM/AArch64)_ | `c23ce4ff-44bd-4b00-b2d4-b41b3419e02a` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (Itanium/IA-64)_ | `8de58bc2-2a43-460d-b14e-a76e4a17b47f` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (LoongArch 64-bit)_ | `b024f315-d330-444c-8461-44bbde524e99` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (32-bit MIPS LittleEndian (mipsel))_ | `3e23ca0b-a4bc-4b4e-8087-5ab6a26aa8a9` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (64-bit MIPS LittleEndian (mips64el))_ | `f2c2c7ee-adcc-4351-b5c6-ee9816b66e16` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (64-bit PowerPC LittleEndian)_ | `c8bfbd1e-268e-4521-8bba-bf314c399557` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (64-bit PowerPC BigEndian)_ | `0b888863-d7f8-4d9e-9766-239fce4d58af` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (32-bit PowerPC)_ | `7007891d-d371-4a80-86a4-5cb875b9302e` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (RISC-V 32-bit)_ | `c3836a13-3137-45ba-b583-b16c50fe5eb4` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (RISC-V 64-bit)_ | `d2f9000a-7a18-453f-b5cd-4d32f77a7b32` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (s390x)_ | `3f324816-667b-46ae-86ee-9b0c0c6c11b4` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (s390)_ | `17440e4f-a8d0-467f-a46e-3912ae6ef2c5` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (TILE-Gx)_ | `4ede75e2-6ccc-4cc8-b9c7-70334b087510` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (amd64/x86_64)_ | `e7bb33fb-06cf-4e81-8273-e543b413e2e2` | ditto | ditto |
|
||||
| _`/usr/` Verity Signature Partition (x86)_ | `974a71c0-de41-43c3-be5d-5c5ccd1ad2c0` | ditto | ditto |
|
||||
| _EFI System Partition_ | `c12a7328-f81f-11d2-ba4b-00a0c93ec93b` | VFAT | The ESP used for the current boot is automatically mounted to `/efi/` (or `/boot/` as fallback), unless a different partition is mounted there (possibly via `/etc/fstab`, or because the Extended Boot Loader Partition — see below — exists) or the directory is non-empty on the root disk. This partition type is defined by the [UEFI Specification](http://www.uefi.org/specifications). |
|
||||
| _Extended Boot Loader Partition_ | `bc13c2ff-59e6-4262-a352-b275fd6f7172` | Typically VFAT | The Extended Boot Loader Partition (XBOOTLDR) used for the current boot is automatically mounted to <tt>/boot/</tt>, unless a different partition is mounted there (possibly via <tt>/etc/fstab</tt>) or the directory is non-empty on the root disk. This partition type is defined by the [Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION). |
|
||||
| _Swap_ | `0657fd6d-a4ab-43c4-84e5-0933c84b4f4f` | Swap, optionally in LUKS | All swap partitions on the disk containing the root partition are automatically enabled. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/swap`. This partition type predates the Discoverable Partitions Specification. |
|
||||
| _Home Partition_ | `933ac7e1-2eb4-4f13-b844-0e14e2aef915` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/home/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/home`. |
|
||||
| _Server Data Partition_ | `3b8f8425-20e0-4f3b-907f-1a25a76f98e8` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/srv/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/srv`. |
|
||||
| _Variable Data Partition_ | `4d21b016-b534-45c2-a9fb-5c16e091fd2d` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/var/` — under the condition that its partition UUID matches the first 128 bits of `HMAC-SHA256(machine-id, 0x4d21b016b53445c2a9fb5c16e091fd2d)` (i.e. the SHA256 HMAC hash of the binary type UUID keyed by the machine ID as read from [`/etc/machine-id`](https://www.freedesktop.org/software/systemd/man/machine-id.html). This special requirement is made because `/var/` (unlike the other partition types listed here) is inherently private to a specific installation and cannot possibly be shared between multiple OS installations on the same disk, and thus should be bound to a specific instance of the OS, identified by its machine ID. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/var`. |
|
||||
| _Temporary Data Partition_ | `7ec6f557-3bc5-4aca-b293-16ef5df639d1` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/var/tmp/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/tmp`. Note that the intended mount point is indeed `/var/tmp/`, not `/tmp/`. The latter is typically maintained in memory via <tt>tmpfs</tt> and does not require a partition on disk. In some cases it might be desirable to make `/tmp/` persistent too, in which case it is recommended to make it a symlink or bind mount to `/var/tmp/`, thus not requiring its own partition type UUID. |
|
||||
| _Per-user Home Partition_ | `773f91ef-66d4-49b5-bd83-d683bf40ad16` | Any native, optionally in LUKS | A home partition of a user, managed by [`systemd-homed`](https://www.freedesktop.org/software/systemd/man/systemd-homed.html). |
|
||||
| _Generic Linux Data Partition_ | `0fc63daf-8483-4772-8e79-3d69d8477de4` | Any native, optionally in LUKS | No automatic mounting takes place for other Linux data partitions. This partition type should be used for all partitions that carry Linux file systems. The installer needs to mount them explicitly via entries in <tt>/etc/fstab</tt>. Optionally, these partitions may be encrypted with LUKS. This partition type predates the Discoverable Partitions Specification. |
|
||||
|
||||
Other GPT type IDs might be used on Linux, for example to mark software RAID or
|
||||
LVM partitions. The definitions of those GPT types is outside of the scope of
|
||||
|
@ -118,20 +118,19 @@ int uname_architecture(void) {
|
||||
{ "arc", ARCHITECTURE_ARC },
|
||||
{ "arceb", ARCHITECTURE_ARC_BE },
|
||||
#else
|
||||
#error "Please register your architecture here!"
|
||||
# error "Please register your architecture here!"
|
||||
#endif
|
||||
};
|
||||
|
||||
static int cached = _ARCHITECTURE_INVALID;
|
||||
struct utsname u;
|
||||
unsigned i;
|
||||
|
||||
if (cached != _ARCHITECTURE_INVALID)
|
||||
return cached;
|
||||
|
||||
assert_se(uname(&u) >= 0);
|
||||
|
||||
for (i = 0; i < ELEMENTSOF(arch_map); i++)
|
||||
for (size_t i = 0; i < ELEMENTSOF(arch_map); i++)
|
||||
if (streq(arch_map[i].machine, u.machine))
|
||||
return cached = arch_map[i].arch;
|
||||
|
||||
|
@ -8,42 +8,41 @@
|
||||
|
||||
/* A cleaned up architecture definition. We don't want to get lost in
|
||||
* processor features, models, generations or even ABIs. Hence we
|
||||
* focus on general family, and distinguish word width and
|
||||
* endianness. */
|
||||
* focus on general family, and distinguish word width and endianness. */
|
||||
|
||||
enum {
|
||||
ARCHITECTURE_X86 = 0,
|
||||
ARCHITECTURE_X86_64,
|
||||
ARCHITECTURE_PPC,
|
||||
ARCHITECTURE_PPC_LE,
|
||||
ARCHITECTURE_PPC64,
|
||||
ARCHITECTURE_PPC64_LE,
|
||||
ARCHITECTURE_IA64,
|
||||
ARCHITECTURE_PARISC,
|
||||
ARCHITECTURE_PARISC64,
|
||||
ARCHITECTURE_S390,
|
||||
ARCHITECTURE_S390X,
|
||||
ARCHITECTURE_SPARC,
|
||||
ARCHITECTURE_SPARC64,
|
||||
ARCHITECTURE_MIPS,
|
||||
ARCHITECTURE_MIPS_LE,
|
||||
ARCHITECTURE_MIPS64,
|
||||
ARCHITECTURE_MIPS64_LE,
|
||||
ARCHITECTURE_ALPHA,
|
||||
ARCHITECTURE_ARM,
|
||||
ARCHITECTURE_ARM_BE,
|
||||
ARCHITECTURE_ARM64,
|
||||
ARCHITECTURE_ARM64_BE,
|
||||
ARCHITECTURE_SH,
|
||||
ARCHITECTURE_SH64,
|
||||
ARCHITECTURE_M68K,
|
||||
ARCHITECTURE_TILEGX,
|
||||
ARCHITECTURE_CRIS,
|
||||
ARCHITECTURE_NIOS2,
|
||||
ARCHITECTURE_RISCV32,
|
||||
ARCHITECTURE_RISCV64,
|
||||
ARCHITECTURE_ARC,
|
||||
ARCHITECTURE_ARC_BE,
|
||||
ARCHITECTURE_ARM,
|
||||
ARCHITECTURE_ARM64,
|
||||
ARCHITECTURE_ARM64_BE,
|
||||
ARCHITECTURE_ARM_BE,
|
||||
ARCHITECTURE_CRIS,
|
||||
ARCHITECTURE_IA64,
|
||||
ARCHITECTURE_M68K,
|
||||
ARCHITECTURE_MIPS,
|
||||
ARCHITECTURE_MIPS64,
|
||||
ARCHITECTURE_MIPS64_LE,
|
||||
ARCHITECTURE_MIPS_LE,
|
||||
ARCHITECTURE_NIOS2,
|
||||
ARCHITECTURE_PARISC,
|
||||
ARCHITECTURE_PARISC64,
|
||||
ARCHITECTURE_PPC,
|
||||
ARCHITECTURE_PPC64,
|
||||
ARCHITECTURE_PPC64_LE,
|
||||
ARCHITECTURE_PPC_LE,
|
||||
ARCHITECTURE_RISCV32,
|
||||
ARCHITECTURE_RISCV64,
|
||||
ARCHITECTURE_S390,
|
||||
ARCHITECTURE_S390X,
|
||||
ARCHITECTURE_SH,
|
||||
ARCHITECTURE_SH64,
|
||||
ARCHITECTURE_SPARC,
|
||||
ARCHITECTURE_SPARC64,
|
||||
ARCHITECTURE_TILEGX,
|
||||
ARCHITECTURE_X86,
|
||||
ARCHITECTURE_X86_64,
|
||||
_ARCHITECTURE_MAX,
|
||||
_ARCHITECTURE_INVALID = -EINVAL,
|
||||
};
|
||||
|
@ -9,6 +9,7 @@
|
||||
#include <unistd.h>
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "architecture.h"
|
||||
#include "base-filesystem.h"
|
||||
#include "fd-util.h"
|
||||
#include "log.h"
|
||||
@ -38,25 +39,73 @@ static const BaseFilesystem table[] = {
|
||||
{ "proc", 0755, NULL, NULL, true },
|
||||
{ "sys", 0755, NULL, NULL, true },
|
||||
{ "dev", 0755, NULL, NULL, true },
|
||||
#if defined(__i386__) || defined(__x86_64__)
|
||||
|
||||
/* Various architecture ABIs define the path to the dynamic loader via the /lib64/ subdirectory of
|
||||
* the root directory. When booting from an otherwise empty root file system (where only /usr/ has
|
||||
* been mounted into) it is thus necessary to create a symlink pointing to the right subdirectory of
|
||||
* /usr/ first — otherwise we couldn't invoke any dynamic binary. Let's detect this case here, and
|
||||
* create the symlink as needed should it be missing. We prefer doing this consistently with Debian's
|
||||
* multiarch logic, but support Fedora-style multilib too.*/
|
||||
{ "lib64", 0, "usr/lib/x86_64-linux-gnu\0"
|
||||
#if defined(__aarch64__)
|
||||
/* aarch64 ELF ABI actually says dynamic loader is in /lib/, but Fedora puts it in /lib64/ anyway and
|
||||
* just symlinks /lib/ld-linux-aarch64.so.1 to ../lib64/ld-linux-aarch64.so.1. For this to work
|
||||
* correctly, /lib64/ must be symlinked to /usr/lib64/. */
|
||||
{ "lib64", 0, "usr/lib/"LIB_ARCH_TUPLE"\0"
|
||||
"usr/lib64\0", "ld-linux-aarch64.so.1" },
|
||||
# define KNOW_LIB64_DIRS 1
|
||||
#elif defined(__alpha__)
|
||||
#elif defined(__arc__) || defined(__tilegx__)
|
||||
#elif defined(__arm__)
|
||||
/* No /lib64 on arm. The linker is /lib/ld-linux-armhf.so.3. */
|
||||
# define KNOW_LIB64_DIRS 1
|
||||
#elif defined(__i386__) || defined(__x86_64__)
|
||||
{ "lib64", 0, "usr/lib/"LIB_ARCH_TUPLE"\0"
|
||||
"usr/lib64\0", "ld-linux-x86-64.so.2" },
|
||||
#else
|
||||
/* gcc doesn't allow pragma to be used within constructs, hence log about this separately below */
|
||||
# define WARN_LIB64 1
|
||||
# define KNOW_LIB64_DIRS 1
|
||||
#elif defined(__ia64__)
|
||||
#elif defined(__m68k__)
|
||||
/* No link needed. */
|
||||
# define KNOW_LIB64_DIRS 1
|
||||
#elif defined(_MIPS_SIM)
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||
# elif _MIPS_SIM == _MIPS_SIM_NABI32
|
||||
# elif _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# else
|
||||
# error "Unknown MIPS ABI"
|
||||
# endif
|
||||
#elif defined(__powerpc__)
|
||||
# if defined(__PPC64__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
|
||||
{ "lib64", 0, "usr/lib/"LIB_ARCH_TUPLE"\0"
|
||||
"usr/lib64\0", "ld64.so.2" },
|
||||
# define KNOW_LIB64_DIRS 1
|
||||
# elif defined(__powerpc64__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
|
||||
/* powerpc64-linux-gnu */
|
||||
# else
|
||||
/* powerpc-linux-gnu */
|
||||
# endif
|
||||
#elif defined(__riscv)
|
||||
# if __riscv_xlen == 32
|
||||
# elif __riscv_xlen == 64
|
||||
/* Same situation as for aarch64 */
|
||||
{ "lib64", 0, "usr/lib/"LIB_ARCH_TUPLE"\0"
|
||||
"usr/lib64\0", "ld-linux-riscv64-lp64d.so.1" },
|
||||
# define KNOW_LIB64_DIRS 1
|
||||
# else
|
||||
# error "Unknown RISC-V ABI"
|
||||
# endif
|
||||
#elif defined(__s390__)
|
||||
/* s390-linux-gnu */
|
||||
#elif defined(__s390x__)
|
||||
{ "lib64", 0, "usr/lib/"LIB_ARCH_TUPLE"\0"
|
||||
"usr/lib64", "ld-lsb-s390x.so.3" },
|
||||
# define KNOW_LIB64_DIRS 1
|
||||
#elif defined(__sparc__)
|
||||
#endif
|
||||
/* gcc doesn't allow pragma to be used within constructs, hence log about this separately below */
|
||||
};
|
||||
|
||||
#ifdef WARN_LIB64
|
||||
#pragma message "If your architecture knows a /lib64/ or /lib32/ directory, please add an entry creating it here."
|
||||
/* And if your architecture doesn't know these directories, make sure to add ifdeffery here to
|
||||
* suppress this pragma message. */
|
||||
#ifndef KNOW_LIB64_DIRS
|
||||
# pragma message "Please add an entry above specifying whether your architecture uses /lib64/, /lib32/, or no such links."
|
||||
#endif
|
||||
|
||||
int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
|
||||
|
176
src/shared/gpt.c
176
src/shared/gpt.c
@ -14,87 +14,77 @@
|
||||
#pragma message "Please define GPT partition types for your architecture."
|
||||
#endif
|
||||
|
||||
#define _GPT_ARCH_SEXTET(arch, name) \
|
||||
{ GPT_ROOT_##arch, "root-" name }, \
|
||||
{ GPT_ROOT_##arch##_VERITY, "root-" name "-verity" }, \
|
||||
{ GPT_ROOT_##arch##_VERITY_SIG, "root-" name "-verity-sig" }, \
|
||||
{ GPT_USR_##arch, "usr-" name }, \
|
||||
{ GPT_USR_##arch##_VERITY, "usr-" name "-verity" }, \
|
||||
{ GPT_USR_##arch##_VERITY_SIG, "usr-" name "-verity-sig" }
|
||||
|
||||
const GptPartitionType gpt_partition_type_table[] = {
|
||||
{ GPT_ROOT_X86, "root-x86" },
|
||||
{ GPT_ROOT_X86_VERITY, "root-x86-verity" },
|
||||
{ GPT_ROOT_X86_VERITY_SIG, "root-x86-verity-sig" },
|
||||
{ GPT_ROOT_X86_64, "root-x86-64" },
|
||||
{ GPT_ROOT_X86_64_VERITY, "root-x86-64-verity" },
|
||||
{ GPT_ROOT_X86_64_VERITY_SIG, "root-x86-64-verity-sig" },
|
||||
{ GPT_ROOT_ARM, "root-arm" },
|
||||
{ GPT_ROOT_ARM_VERITY, "root-arm-verity" },
|
||||
{ GPT_ROOT_ARM_VERITY_SIG, "root-arm-verity-sig" },
|
||||
{ GPT_ROOT_ARM_64, "root-arm64" },
|
||||
{ GPT_ROOT_ARM_64_VERITY, "root-arm64-verity" },
|
||||
{ GPT_ROOT_ARM_64_VERITY_SIG, "root-arm64-verity-sig" },
|
||||
{ GPT_ROOT_IA64, "root-ia64" },
|
||||
{ GPT_ROOT_IA64_VERITY, "root-ia64-verity" },
|
||||
{ GPT_ROOT_IA64_VERITY_SIG, "root-ia64-verity-sig" },
|
||||
{ GPT_ROOT_LOONGARCH64, "root-loongarch64" },
|
||||
{ GPT_ROOT_LOONGARCH64_VERITY, "root-loongarch64-verity" },
|
||||
{ GPT_ROOT_LOONGARCH64_VERITY_SIG, "root-loongarch64-verity-sig" },
|
||||
{ GPT_ROOT_RISCV32, "root-riscv32" },
|
||||
{ GPT_ROOT_RISCV32_VERITY, "root-riscv32-verity" },
|
||||
{ GPT_ROOT_RISCV32_VERITY_SIG, "root-riscv32-verity-sig" },
|
||||
{ GPT_ROOT_RISCV64, "root-riscv64" },
|
||||
{ GPT_ROOT_RISCV64_VERITY, "root-riscv64-verity" },
|
||||
{ GPT_ROOT_RISCV64_VERITY_SIG, "root-riscv64-verity-sig" },
|
||||
_GPT_ARCH_SEXTET(ALPHA, "alpha"),
|
||||
_GPT_ARCH_SEXTET(ARC, "arc"),
|
||||
_GPT_ARCH_SEXTET(ARM, "arm"),
|
||||
_GPT_ARCH_SEXTET(ARM64, "arm64"),
|
||||
_GPT_ARCH_SEXTET(IA64, "ia64"),
|
||||
_GPT_ARCH_SEXTET(LOONGARCH64, "loongarch64"),
|
||||
_GPT_ARCH_SEXTET(MIPS_LE, "mips-le"),
|
||||
_GPT_ARCH_SEXTET(MIPS64_LE, "mips64-le"),
|
||||
_GPT_ARCH_SEXTET(PPC, "ppc"),
|
||||
_GPT_ARCH_SEXTET(PPC64, "ppc64"),
|
||||
_GPT_ARCH_SEXTET(PPC64LE, "ppc64-le"),
|
||||
_GPT_ARCH_SEXTET(RISCV32, "riscv32"),
|
||||
_GPT_ARCH_SEXTET(RISCV64, "riscv64"),
|
||||
_GPT_ARCH_SEXTET(S390, "s390"),
|
||||
_GPT_ARCH_SEXTET(S390X, "s390x"),
|
||||
_GPT_ARCH_SEXTET(TILEGX, "tilegx"),
|
||||
_GPT_ARCH_SEXTET(X86, "x86"),
|
||||
_GPT_ARCH_SEXTET(X86_64, "x86-64"),
|
||||
#ifdef GPT_ROOT_NATIVE
|
||||
{ GPT_ROOT_NATIVE, "root" },
|
||||
{ GPT_ROOT_NATIVE_VERITY, "root-verity" },
|
||||
{ GPT_ROOT_NATIVE_VERITY_SIG, "root-verity-sig" },
|
||||
{ GPT_ROOT_NATIVE, "root" },
|
||||
{ GPT_ROOT_NATIVE_VERITY, "root-verity" },
|
||||
{ GPT_ROOT_NATIVE_VERITY_SIG, "root-verity-sig" },
|
||||
{ GPT_USR_NATIVE, "usr" },
|
||||
{ GPT_USR_NATIVE_VERITY, "usr-verity" },
|
||||
{ GPT_USR_NATIVE_VERITY_SIG, "usr-verity-sig" },
|
||||
#endif
|
||||
#ifdef GPT_ROOT_SECONDARY
|
||||
{ GPT_ROOT_SECONDARY, "root-secondary" },
|
||||
{ GPT_ROOT_SECONDARY_VERITY, "root-secondary-verity" },
|
||||
{ GPT_ROOT_SECONDARY_VERITY_SIG, "root-secondary-verity-sig" },
|
||||
_GPT_ARCH_SEXTET(SECONDARY, "secondary"),
|
||||
#endif
|
||||
{ GPT_USR_X86, "usr-x86" },
|
||||
{ GPT_USR_X86_VERITY, "usr-x86-verity" },
|
||||
{ GPT_USR_X86_VERITY_SIG, "usr-x86-verity-sig" },
|
||||
{ GPT_USR_X86_64, "usr-x86-64" },
|
||||
{ GPT_USR_X86_64_VERITY, "usr-x86-64-verity" },
|
||||
{ GPT_USR_X86_64_VERITY_SIG, "usr-x86-64-verity-sig" },
|
||||
{ GPT_USR_ARM, "usr-arm" },
|
||||
{ GPT_USR_ARM_VERITY, "usr-arm-verity" },
|
||||
{ GPT_USR_ARM_VERITY_SIG, "usr-arm-verity-sig" },
|
||||
{ GPT_USR_ARM_64, "usr-arm64" },
|
||||
{ GPT_USR_ARM_64_VERITY, "usr-arm64-verity" },
|
||||
{ GPT_USR_ARM_64_VERITY_SIG, "usr-arm64-verity-sig" },
|
||||
{ GPT_USR_IA64, "usr-ia64" },
|
||||
{ GPT_USR_IA64_VERITY, "usr-ia64-verity" },
|
||||
{ GPT_USR_IA64_VERITY_SIG, "usr-ia64-verity-sig" },
|
||||
{ GPT_USR_LOONGARCH64, "usr-loongarch64" },
|
||||
{ GPT_USR_LOONGARCH64_VERITY, "usr-loongarch64-verity" },
|
||||
{ GPT_USR_LOONGARCH64_VERITY_SIG, "usr-loongarch64-verity-sig" },
|
||||
{ GPT_USR_RISCV32, "usr-riscv32" },
|
||||
{ GPT_USR_RISCV32_VERITY, "usr-riscv32-verity" },
|
||||
{ GPT_USR_RISCV32_VERITY_SIG, "usr-riscv32-verity-sig" },
|
||||
{ GPT_USR_RISCV64, "usr-riscv64" },
|
||||
{ GPT_USR_RISCV64_VERITY, "usr-riscv64-verity" },
|
||||
{ GPT_USR_RISCV64_VERITY_SIG, "usr-riscv64-verity-sig" },
|
||||
#ifdef GPT_USR_NATIVE
|
||||
{ GPT_USR_NATIVE, "usr" },
|
||||
{ GPT_USR_NATIVE_VERITY, "usr-verity" },
|
||||
{ GPT_USR_NATIVE_VERITY_SIG, "usr-verity-sig" },
|
||||
#endif
|
||||
#ifdef GPT_USR_SECONDARY
|
||||
{ GPT_USR_SECONDARY, "usr-secondary" },
|
||||
{ GPT_USR_SECONDARY_VERITY, "usr-secondary-verity" },
|
||||
{ GPT_USR_SECONDARY_VERITY_SIG, "usr-secondary-verity-sig" },
|
||||
#endif
|
||||
{ GPT_ESP, "esp" },
|
||||
{ GPT_XBOOTLDR, "xbootldr" },
|
||||
{ GPT_SWAP, "swap" },
|
||||
{ GPT_HOME, "home" },
|
||||
{ GPT_SRV, "srv" },
|
||||
{ GPT_VAR, "var" },
|
||||
{ GPT_TMP, "tmp" },
|
||||
{ GPT_USER_HOME, "user-home" },
|
||||
{ GPT_LINUX_GENERIC, "linux-generic" },
|
||||
|
||||
{ GPT_ESP, "esp" },
|
||||
{ GPT_XBOOTLDR, "xbootldr" },
|
||||
{ GPT_SWAP, "swap" },
|
||||
{ GPT_HOME, "home" },
|
||||
{ GPT_SRV, "srv" },
|
||||
{ GPT_VAR, "var" },
|
||||
{ GPT_TMP, "tmp" },
|
||||
{ GPT_USER_HOME, "user-home" },
|
||||
{ GPT_LINUX_GENERIC, "linux-generic" },
|
||||
{}
|
||||
};
|
||||
|
||||
#define _GPT_ALL_ARCHES(type,suffix) \
|
||||
GPT_##type##_ALPHA##suffix, \
|
||||
GPT_##type##_ARC##suffix, \
|
||||
GPT_##type##_ARM##suffix, \
|
||||
GPT_##type##_ARM64##suffix, \
|
||||
GPT_##type##_IA64##suffix, \
|
||||
GPT_##type##_LOONGARCH64##suffix, \
|
||||
GPT_##type##_MIPS_LE##suffix, \
|
||||
GPT_##type##_MIPS64_LE##suffix, \
|
||||
GPT_##type##_PPC##suffix, \
|
||||
GPT_##type##_PPC64##suffix, \
|
||||
GPT_##type##_PPC64LE##suffix, \
|
||||
GPT_##type##_RISCV32##suffix, \
|
||||
GPT_##type##_RISCV64##suffix, \
|
||||
GPT_##type##_S390##suffix, \
|
||||
GPT_##type##_S390X##suffix, \
|
||||
GPT_##type##_TILEGX##suffix, \
|
||||
GPT_##type##_X86##suffix, \
|
||||
GPT_##type##_X86_64##suffix
|
||||
|
||||
const char *gpt_partition_type_uuid_to_string(sd_id128_t id) {
|
||||
for (size_t i = 0; i < ELEMENTSOF(gpt_partition_type_table) - 1; i++)
|
||||
if (sd_id128_equal(id, gpt_partition_type_table[i].uuid))
|
||||
@ -142,51 +132,19 @@ int gpt_partition_label_valid(const char *s) {
|
||||
}
|
||||
|
||||
bool gpt_partition_type_is_root(sd_id128_t id) {
|
||||
return sd_id128_in_set(id,
|
||||
GPT_ROOT_X86,
|
||||
GPT_ROOT_X86_64,
|
||||
GPT_ROOT_ARM,
|
||||
GPT_ROOT_ARM_64,
|
||||
GPT_ROOT_IA64,
|
||||
GPT_ROOT_LOONGARCH64,
|
||||
GPT_ROOT_RISCV32,
|
||||
GPT_ROOT_RISCV64);
|
||||
return sd_id128_in_set(id, _GPT_ALL_ARCHES(ROOT,));
|
||||
}
|
||||
|
||||
bool gpt_partition_type_is_root_verity(sd_id128_t id) {
|
||||
return sd_id128_in_set(id,
|
||||
GPT_ROOT_X86_VERITY,
|
||||
GPT_ROOT_X86_64_VERITY,
|
||||
GPT_ROOT_ARM_VERITY,
|
||||
GPT_ROOT_ARM_64_VERITY,
|
||||
GPT_ROOT_IA64_VERITY,
|
||||
GPT_ROOT_LOONGARCH64_VERITY,
|
||||
GPT_ROOT_RISCV32_VERITY,
|
||||
GPT_ROOT_RISCV64_VERITY);
|
||||
return sd_id128_in_set(id, _GPT_ALL_ARCHES(ROOT, _VERITY));
|
||||
}
|
||||
|
||||
bool gpt_partition_type_is_usr(sd_id128_t id) {
|
||||
return sd_id128_in_set(id,
|
||||
GPT_USR_X86,
|
||||
GPT_USR_X86_64,
|
||||
GPT_USR_ARM,
|
||||
GPT_USR_ARM_64,
|
||||
GPT_USR_IA64,
|
||||
GPT_USR_LOONGARCH64,
|
||||
GPT_USR_RISCV32,
|
||||
GPT_USR_RISCV64);
|
||||
return sd_id128_in_set(id, _GPT_ALL_ARCHES(USR,));
|
||||
}
|
||||
|
||||
bool gpt_partition_type_is_usr_verity(sd_id128_t id) {
|
||||
return sd_id128_in_set(id,
|
||||
GPT_USR_X86_VERITY,
|
||||
GPT_USR_X86_64_VERITY,
|
||||
GPT_USR_ARM_VERITY,
|
||||
GPT_USR_ARM_64_VERITY,
|
||||
GPT_USR_IA64_VERITY,
|
||||
GPT_USR_LOONGARCH64_VERITY,
|
||||
GPT_USR_RISCV32_VERITY,
|
||||
GPT_USR_RISCV64_VERITY);
|
||||
return sd_id128_in_set(id, _GPT_ALL_ARCHES(USR, _VERITY));
|
||||
}
|
||||
|
||||
bool gpt_partition_type_knows_read_only(sd_id128_t id) {
|
||||
|
324
src/shared/gpt.h
324
src/shared/gpt.h
@ -7,26 +7,120 @@
|
||||
|
||||
#include "id128-util.h"
|
||||
|
||||
/* We only support root disk discovery for x86, x86-64, Itanium, ARM and LoongArch for now,
|
||||
* since EFI for anything else doesn't really exist, and we only care for root partitions
|
||||
* on the same disk as the EFI ESP. */
|
||||
|
||||
#define GPT_ROOT_X86 SD_ID128_MAKE(44,47,95,40,f2,97,41,b2,9a,f7,d1,31,d5,f0,45,8a)
|
||||
#define GPT_ROOT_X86_64 SD_ID128_MAKE(4f,68,bc,e3,e8,cd,4d,b1,96,e7,fb,ca,f9,84,b7,09)
|
||||
#define GPT_ROOT_ALPHA SD_ID128_MAKE(65,23,f8,ae,3e,b1,4e,2a,a0,5a,18,b6,95,ae,65,6f)
|
||||
#define GPT_ROOT_ARC SD_ID128_MAKE(d2,7f,46,ed,29,19,4c,b8,bd,25,95,31,f3,c1,65,34)
|
||||
#define GPT_ROOT_ARM SD_ID128_MAKE(69,da,d7,10,2c,e4,4e,3c,b1,6c,21,a1,d4,9a,be,d3)
|
||||
#define GPT_ROOT_ARM_64 SD_ID128_MAKE(b9,21,b0,45,1d,f0,41,c3,af,44,4c,6f,28,0d,3f,ae)
|
||||
#define GPT_ROOT_ARM64 SD_ID128_MAKE(b9,21,b0,45,1d,f0,41,c3,af,44,4c,6f,28,0d,3f,ae)
|
||||
#define GPT_ROOT_IA64 SD_ID128_MAKE(99,3d,8d,3d,f8,0e,42,25,85,5a,9d,af,8e,d7,ea,97)
|
||||
#define GPT_ROOT_LOONGARCH64 SD_ID128_MAKE(77,05,58,00,79,2c,4f,94,b3,9a,99,c9,1b,76,2b,b6)
|
||||
#define GPT_ROOT_LOONGARCH64 SD_ID128_MAKE(77,05,58,00,79,2c,4f,94,b3,9a,98,c9,1b,76,2b,b6)
|
||||
#define GPT_ROOT_MIPS_LE SD_ID128_MAKE(37,c5,8c,8a,d9,13,41,56,a2,5f,48,b1,b6,4e,07,f0)
|
||||
#define GPT_ROOT_MIPS64_LE SD_ID128_MAKE(70,0b,da,43,7a,34,45,07,b1,79,ee,b9,3d,7a,7c,a3)
|
||||
#define GPT_ROOT_PPC SD_ID128_MAKE(1d,e3,f1,ef,fa,98,47,b5,8d,cd,4a,86,0a,65,4d,78)
|
||||
#define GPT_ROOT_PPC64 SD_ID128_MAKE(91,2a,de,1d,a8,39,49,13,89,64,a1,0e,ee,08,fb,d2)
|
||||
#define GPT_ROOT_PPC64LE SD_ID128_MAKE(c3,1c,45,e6,3f,39,41,2e,80,fb,48,09,c4,98,05,99)
|
||||
#define GPT_ROOT_RISCV32 SD_ID128_MAKE(60,d5,a7,fe,8e,7d,43,5c,b7,14,3d,d8,16,21,44,e1)
|
||||
#define GPT_ROOT_RISCV64 SD_ID128_MAKE(72,ec,70,a6,cf,74,40,e6,bd,49,4b,da,08,e8,f2,24)
|
||||
#define GPT_USR_X86 SD_ID128_MAKE(75,25,0d,76,8c,c6,45,8e,bd,66,bd,47,cc,81,a8,12)
|
||||
#define GPT_USR_X86_64 SD_ID128_MAKE(84,84,68,0c,95,21,48,c6,9c,11,b0,72,06,56,f6,9e)
|
||||
#define GPT_ROOT_S390 SD_ID128_MAKE(08,a7,ac,ea,62,4c,4a,20,91,e8,6e,0f,a6,7d,23,f9)
|
||||
#define GPT_ROOT_S390X SD_ID128_MAKE(5e,ea,d9,a9,fe,09,4a,1e,a1,d7,52,0d,00,53,13,06)
|
||||
#define GPT_ROOT_TILEGX SD_ID128_MAKE(c5,0c,dd,70,38,62,4c,c3,90,e1,80,9a,8c,93,ee,2c)
|
||||
#define GPT_ROOT_X86 SD_ID128_MAKE(44,47,95,40,f2,97,41,b2,9a,f7,d1,31,d5,f0,45,8a)
|
||||
#define GPT_ROOT_X86_64 SD_ID128_MAKE(4f,68,bc,e3,e8,cd,4d,b1,96,e7,fb,ca,f9,84,b7,09)
|
||||
#define GPT_USR_ALPHA SD_ID128_MAKE(e1,8c,f0,8c,33,ec,4c,0d,82,46,c6,c6,fb,3d,a0,24)
|
||||
#define GPT_USR_ARC SD_ID128_MAKE(79,78,a6,83,63,16,49,22,bb,ee,38,bf,f5,a2,fe,cc)
|
||||
#define GPT_USR_ARM SD_ID128_MAKE(7d,03,59,a3,02,b3,4f,0a,86,5c,65,44,03,e7,06,25)
|
||||
#define GPT_USR_ARM_64 SD_ID128_MAKE(b0,e0,10,50,ee,5f,43,90,94,9a,91,01,b1,71,04,e9)
|
||||
#define GPT_USR_ARM64 SD_ID128_MAKE(b0,e0,10,50,ee,5f,43,90,94,9a,91,01,b1,71,04,e9)
|
||||
#define GPT_USR_IA64 SD_ID128_MAKE(43,01,d2,a6,4e,3b,4b,2a,bb,94,9e,0b,2c,42,25,ea)
|
||||
#define GPT_USR_LOONGARCH64 SD_ID128_MAKE(e6,11,c7,02,57,5c,4c,be,9a,46,43,4f,a0,bf,7e,3f)
|
||||
#define GPT_USR_MIPS_LE SD_ID128_MAKE(0f,48,68,e9,99,52,47,06,97,9f,3e,d3,a4,73,e9,47)
|
||||
#define GPT_USR_MIPS64_LE SD_ID128_MAKE(c9,7c,1f,32,ba,06,40,b4,9f,22,23,60,61,b0,8a,a8)
|
||||
#define GPT_USR_PPC SD_ID128_MAKE(7d,14,fe,c5,cc,71,41,5d,9d,6c,06,bf,0b,3c,3e,af)
|
||||
#define GPT_USR_PPC64 SD_ID128_MAKE(2c,97,39,e2,f0,68,46,b3,9f,d0,01,c5,a9,af,bc,ca)
|
||||
#define GPT_USR_PPC64LE SD_ID128_MAKE(15,bb,03,af,77,e7,4d,4a,b1,2b,c0,d0,84,f7,49,1c)
|
||||
#define GPT_USR_RISCV32 SD_ID128_MAKE(b9,33,fb,22,5c,3f,4f,91,af,90,e2,bb,0f,a5,07,02)
|
||||
#define GPT_USR_RISCV64 SD_ID128_MAKE(be,ae,c3,4b,84,42,43,9b,a4,0b,98,43,81,ed,09,7d)
|
||||
#define GPT_USR_S390 SD_ID128_MAKE(cd,0f,86,9b,d0,fb,4c,a0,b1,41,9e,a8,7c,c7,8d,66)
|
||||
#define GPT_USR_S390X SD_ID128_MAKE(8a,4f,57,70,50,aa,4e,d3,87,4a,99,b7,10,db,6f,ea)
|
||||
#define GPT_USR_TILEGX SD_ID128_MAKE(55,49,70,29,c7,c1,44,cc,aa,39,81,5e,d1,55,86,30)
|
||||
#define GPT_USR_X86 SD_ID128_MAKE(75,25,0d,76,8c,c6,45,8e,bd,66,bd,47,cc,81,a8,12)
|
||||
#define GPT_USR_X86_64 SD_ID128_MAKE(84,84,68,0c,95,21,48,c6,9c,11,b0,72,06,56,f6,9e)
|
||||
|
||||
/* Verity partitions for the root partitions above (we only define them for the root and /usr partitions,
|
||||
* because only they are commonly read-only and hence suitable for verity). */
|
||||
#define GPT_ROOT_ALPHA_VERITY SD_ID128_MAKE(fc,56,d9,e9,e6,e5,4c,06,be,32,e7,44,07,ce,09,a5)
|
||||
#define GPT_ROOT_ARC_VERITY SD_ID128_MAKE(24,b2,d9,75,0f,97,45,21,af,a1,cd,53,1e,42,1b,8d)
|
||||
#define GPT_ROOT_ARM_VERITY SD_ID128_MAKE(73,86,cd,f2,20,3c,47,a9,a4,98,f2,ec,ce,45,a2,d6)
|
||||
#define GPT_ROOT_ARM64_VERITY SD_ID128_MAKE(df,33,00,ce,d6,9f,4c,92,97,8c,9b,fb,0f,38,d8,20)
|
||||
#define GPT_ROOT_IA64_VERITY SD_ID128_MAKE(86,ed,10,d5,b6,07,45,bb,89,57,d3,50,f2,3d,05,71)
|
||||
#define GPT_ROOT_LOONGARCH64_VERITY SD_ID128_MAKE(f3,39,3b,22,e9,af,46,13,a9,48,9d,3b,fb,d0,c5,35)
|
||||
#define GPT_ROOT_MIPS_LE_VERITY SD_ID128_MAKE(d7,d1,50,d2,2a,04,4a,33,8f,12,16,65,12,05,ff,7b)
|
||||
#define GPT_ROOT_MIPS64_LE_VERITY SD_ID128_MAKE(16,b4,17,f8,3e,06,4f,57,8d,d2,9b,52,32,f4,1a,a6)
|
||||
#define GPT_ROOT_PPC64LE_VERITY SD_ID128_MAKE(90,6b,d9,44,45,89,4a,ae,a4,e4,dd,98,39,17,44,6a)
|
||||
#define GPT_ROOT_PPC64_VERITY SD_ID128_MAKE(92,25,a9,a3,3c,19,4d,89,b4,f6,ee,ff,88,f1,76,31)
|
||||
#define GPT_ROOT_PPC_VERITY SD_ID128_MAKE(98,cf,e6,49,15,88,46,dc,b2,f0,ad,d1,47,42,49,25)
|
||||
#define GPT_ROOT_RISCV32_VERITY SD_ID128_MAKE(ae,02,53,be,11,67,40,07,ac,68,43,92,6c,14,c5,de)
|
||||
#define GPT_ROOT_RISCV64_VERITY SD_ID128_MAKE(b6,ed,55,82,44,0b,42,09,b8,da,5f,f7,c4,19,ea,3d)
|
||||
#define GPT_ROOT_S390X_VERITY SD_ID128_MAKE(b3,25,bf,be,c7,be,4a,b8,83,57,13,9e,65,2d,2f,6b)
|
||||
#define GPT_ROOT_S390_VERITY SD_ID128_MAKE(7a,c6,3b,47,b2,5c,46,3b,8d,f8,b4,a9,4e,6c,90,e1)
|
||||
#define GPT_ROOT_TILEGX_VERITY SD_ID128_MAKE(96,60,61,ec,28,e4,4b,2e,b4,a5,1f,0a,82,5a,1d,84)
|
||||
#define GPT_ROOT_X86_64_VERITY SD_ID128_MAKE(2c,73,57,ed,eb,d2,46,d9,ae,c1,23,d4,37,ec,2b,f5)
|
||||
#define GPT_ROOT_X86_VERITY SD_ID128_MAKE(d1,3c,5d,3b,b5,d1,42,2a,b2,9f,94,54,fd,c8,9d,76)
|
||||
#define GPT_USR_ALPHA_VERITY SD_ID128_MAKE(8c,ce,0d,25,c0,d0,4a,44,bd,87,46,33,1b,f1,df,67)
|
||||
#define GPT_USR_ARC_VERITY SD_ID128_MAKE(fc,a0,59,8c,d8,80,45,91,8c,16,4e,da,05,c7,34,7c)
|
||||
#define GPT_USR_ARM_VERITY SD_ID128_MAKE(c2,15,d7,51,7b,cd,46,49,be,90,66,27,49,0a,4c,05)
|
||||
#define GPT_USR_ARM64_VERITY SD_ID128_MAKE(6e,11,a4,e7,fb,ca,4d,ed,b9,e9,e1,a5,12,bb,66,4e)
|
||||
#define GPT_USR_IA64_VERITY SD_ID128_MAKE(6a,49,1e,03,3b,e7,45,45,8e,38,83,32,0e,0e,a8,80)
|
||||
#define GPT_USR_LOONGARCH64_VERITY SD_ID128_MAKE(f4,6b,2c,26,59,ae,48,f0,91,06,c5,0e,d4,7f,67,3d)
|
||||
#define GPT_USR_MIPS_LE_VERITY SD_ID128_MAKE(46,b9,8d,8d,b5,5c,4e,8f,aa,b3,37,fc,a7,f8,07,52)
|
||||
#define GPT_USR_MIPS64_LE_VERITY SD_ID128_MAKE(3c,3d,61,fe,b5,f3,41,4d,bb,71,87,39,a6,94,a4,ef)
|
||||
#define GPT_USR_PPC64LE_VERITY SD_ID128_MAKE(ee,2b,99,83,21,e8,41,53,86,d9,b6,90,1a,54,d1,ce)
|
||||
#define GPT_USR_PPC64_VERITY SD_ID128_MAKE(bd,b5,28,a5,a2,59,47,5f,a8,7d,da,53,fa,73,6a,07)
|
||||
#define GPT_USR_PPC_VERITY SD_ID128_MAKE(df,76,5d,00,27,0e,49,e5,bc,75,f4,7b,b2,11,8b,09)
|
||||
#define GPT_USR_RISCV32_VERITY SD_ID128_MAKE(cb,1e,e4,e3,8c,d0,41,36,a0,a4,aa,61,a3,2e,87,30)
|
||||
#define GPT_USR_RISCV64_VERITY SD_ID128_MAKE(8f,10,56,be,9b,05,47,c4,81,d6,be,53,12,8e,5b,54)
|
||||
#define GPT_USR_S390X_VERITY SD_ID128_MAKE(31,74,1c,c4,1a,2a,41,11,a5,81,e0,0b,44,7d,2d,06)
|
||||
#define GPT_USR_S390_VERITY SD_ID128_MAKE(b6,63,c6,18,e7,bc,4d,6d,90,aa,11,b7,56,bb,17,97)
|
||||
#define GPT_USR_TILEGX_VERITY SD_ID128_MAKE(2f,b4,bf,56,07,fa,42,da,81,32,6b,13,9f,20,26,ae)
|
||||
#define GPT_USR_X86_64_VERITY SD_ID128_MAKE(77,ff,5f,63,e7,b6,46,33,ac,f4,15,65,b8,64,c0,e6)
|
||||
#define GPT_USR_X86_VERITY SD_ID128_MAKE(8f,46,1b,0d,14,ee,4e,81,9a,a9,04,9b,6f,b9,7a,bd)
|
||||
|
||||
/* PKCS#7 Signatures for the Verity Root Hashes */
|
||||
#define GPT_ROOT_ALPHA_VERITY_SIG SD_ID128_MAKE(d4,64,95,b7,a0,53,41,4f,80,f7,70,0c,99,92,1e,f8)
|
||||
#define GPT_ROOT_ARC_VERITY_SIG SD_ID128_MAKE(14,3a,70,ba,cb,d3,4f,06,91,9f,6c,05,68,3a,78,bc)
|
||||
#define GPT_ROOT_ARM_VERITY_SIG SD_ID128_MAKE(42,b0,45,5f,eb,11,49,1d,98,d3,56,14,5b,a9,d0,37)
|
||||
#define GPT_ROOT_ARM64_VERITY_SIG SD_ID128_MAKE(6d,b6,9d,e6,29,f4,47,58,a7,a5,96,21,90,f0,0c,e3)
|
||||
#define GPT_ROOT_IA64_VERITY_SIG SD_ID128_MAKE(e9,8b,36,ee,32,ba,48,82,9b,12,0c,e1,46,55,f4,6a)
|
||||
#define GPT_ROOT_LOONGARCH64_VERITY_SIG SD_ID128_MAKE(5a,fb,67,eb,ec,c8,4f,85,ae,8e,ac,1e,7c,50,e7,d0)
|
||||
#define GPT_ROOT_MIPS_LE_VERITY_SIG SD_ID128_MAKE(c9,19,cc,1f,44,56,4e,ff,91,8c,f7,5e,94,52,5c,a5)
|
||||
#define GPT_ROOT_MIPS64_LE_VERITY_SIG SD_ID128_MAKE(90,4e,58,ef,5c,65,4a,31,9c,57,6a,f5,fc,7c,5d,e7)
|
||||
#define GPT_ROOT_PPC64LE_VERITY_SIG SD_ID128_MAKE(d4,a2,36,e7,e8,73,4c,07,bf,1d,bf,6c,f7,f1,c3,c6)
|
||||
#define GPT_ROOT_PPC64_VERITY_SIG SD_ID128_MAKE(f5,e2,c2,0c,45,b2,4f,fa,bc,e9,2a,60,73,7e,1a,af)
|
||||
#define GPT_ROOT_PPC_VERITY_SIG SD_ID128_MAKE(1b,31,b5,aa,ad,d9,46,3a,b2,ed,bd,46,7f,c8,57,e7)
|
||||
#define GPT_ROOT_RISCV32_VERITY_SIG SD_ID128_MAKE(3a,11,2a,75,87,29,43,80,b4,cf,76,4d,79,93,44,48)
|
||||
#define GPT_ROOT_RISCV64_VERITY_SIG SD_ID128_MAKE(ef,e0,f0,87,ea,8d,44,69,82,1a,4c,2a,96,a8,38,6a)
|
||||
#define GPT_ROOT_S390X_VERITY_SIG SD_ID128_MAKE(c8,01,87,a5,73,a3,49,1a,90,1a,01,7c,3f,a9,53,e9)
|
||||
#define GPT_ROOT_S390_VERITY_SIG SD_ID128_MAKE(34,82,38,8e,42,54,43,5a,a2,41,76,6a,06,5f,99,60)
|
||||
#define GPT_ROOT_TILEGX_VERITY_SIG SD_ID128_MAKE(b3,67,14,39,97,b0,4a,53,90,f7,2d,5a,8f,3a,d4,7b)
|
||||
#define GPT_ROOT_X86_64_VERITY_SIG SD_ID128_MAKE(41,09,2b,05,9f,c8,45,23,99,4f,2d,ef,04,08,b1,76)
|
||||
#define GPT_ROOT_X86_VERITY_SIG SD_ID128_MAKE(59,96,fc,05,10,9c,48,de,80,8b,23,fa,08,30,b6,76)
|
||||
#define GPT_USR_ALPHA_VERITY_SIG SD_ID128_MAKE(5c,6e,1c,76,07,6a,45,7a,a0,fe,f3,b4,cd,21,ce,6e)
|
||||
#define GPT_USR_ARC_VERITY_SIG SD_ID128_MAKE(94,f9,a9,a1,99,71,42,7a,a4,00,50,cb,29,7f,0f,35)
|
||||
#define GPT_USR_ARM_VERITY_SIG SD_ID128_MAKE(d7,ff,81,2f,37,d1,49,02,a8,10,d7,6b,a5,7b,97,5a)
|
||||
#define GPT_USR_ARM64_VERITY_SIG SD_ID128_MAKE(c2,3c,e4,ff,44,bd,4b,00,b2,d4,b4,1b,34,19,e0,2a)
|
||||
#define GPT_USR_IA64_VERITY_SIG SD_ID128_MAKE(8d,e5,8b,c2,2a,43,46,0d,b1,4e,a7,6e,4a,17,b4,7f)
|
||||
#define GPT_USR_LOONGARCH64_VERITY_SIG SD_ID128_MAKE(b0,24,f3,15,d3,30,44,4c,84,61,44,bb,de,52,4e,99)
|
||||
#define GPT_USR_MIPS_LE_VERITY_SIG SD_ID128_MAKE(3e,23,ca,0b,a4,bc,4b,4e,80,87,5a,b6,a2,6a,a8,a9)
|
||||
#define GPT_USR_MIPS64_LE_VERITY_SIG SD_ID128_MAKE(f2,c2,c7,ee,ad,cc,43,51,b5,c6,ee,98,16,b6,6e,16)
|
||||
#define GPT_USR_PPC64LE_VERITY_SIG SD_ID128_MAKE(c8,bf,bd,1e,26,8e,45,21,8b,ba,bf,31,4c,39,95,57)
|
||||
#define GPT_USR_PPC64_VERITY_SIG SD_ID128_MAKE(0b,88,88,63,d7,f8,4d,9e,97,66,23,9f,ce,4d,58,af)
|
||||
#define GPT_USR_PPC_VERITY_SIG SD_ID128_MAKE(70,07,89,1d,d3,71,4a,80,86,a4,5c,b8,75,b9,30,2e)
|
||||
#define GPT_USR_RISCV32_VERITY_SIG SD_ID128_MAKE(c3,83,6a,13,31,37,45,ba,b5,83,b1,6c,50,fe,5e,b4)
|
||||
#define GPT_USR_RISCV64_VERITY_SIG SD_ID128_MAKE(d2,f9,00,0a,7a,18,45,3f,b5,cd,4d,32,f7,7a,7b,32)
|
||||
#define GPT_USR_S390X_VERITY_SIG SD_ID128_MAKE(3f,32,48,16,66,7b,46,ae,86,ee,9b,0c,0c,6c,11,b4)
|
||||
#define GPT_USR_S390_VERITY_SIG SD_ID128_MAKE(17,44,0e,4f,a8,d0,46,7f,a4,6e,39,12,ae,6e,f2,c5)
|
||||
#define GPT_USR_TILEGX_VERITY_SIG SD_ID128_MAKE(4e,de,75,e2,6c,cc,4c,c8,b9,c7,70,33,4b,08,75,10)
|
||||
#define GPT_USR_X86_64_VERITY_SIG SD_ID128_MAKE(e7,bb,33,fb,06,cf,4e,81,82,73,e5,43,b4,13,e2,e2)
|
||||
#define GPT_USR_X86_VERITY_SIG SD_ID128_MAKE(97,4a,71,c0,de,41,43,c3,be,5d,5c,5c,cd,1a,d2,c0)
|
||||
|
||||
#define GPT_ESP SD_ID128_MAKE(c1,2a,73,28,f8,1f,11,d2,ba,4b,00,a0,c9,3e,c9,3b)
|
||||
#define GPT_XBOOTLDR SD_ID128_MAKE(bc,13,c2,ff,59,e6,42,62,a3,52,b2,75,fd,6f,71,72)
|
||||
#define GPT_SWAP SD_ID128_MAKE(06,57,fd,6d,a4,ab,43,c4,84,e5,09,33,c8,4b,4f,4f)
|
||||
@ -37,44 +131,122 @@
|
||||
#define GPT_USER_HOME SD_ID128_MAKE(77,3f,91,ef,66,d4,49,b5,bd,83,d6,83,bf,40,ad,16)
|
||||
#define GPT_LINUX_GENERIC SD_ID128_MAKE(0f,c6,3d,af,84,83,47,72,8e,79,3d,69,d8,47,7d,e4)
|
||||
|
||||
/* Verity partitions for the root partitions above (we only define them for the root and /usr partitions,
|
||||
* because only they are commonly read-only and hence suitable for verity). */
|
||||
#define GPT_ROOT_X86_VERITY SD_ID128_MAKE(d1,3c,5d,3b,b5,d1,42,2a,b2,9f,94,54,fd,c8,9d,76)
|
||||
#define GPT_ROOT_X86_64_VERITY SD_ID128_MAKE(2c,73,57,ed,eb,d2,46,d9,ae,c1,23,d4,37,ec,2b,f5)
|
||||
#define GPT_ROOT_ARM_VERITY SD_ID128_MAKE(73,86,cd,f2,20,3c,47,a9,a4,98,f2,ec,ce,45,a2,d6)
|
||||
#define GPT_ROOT_ARM_64_VERITY SD_ID128_MAKE(df,33,00,ce,d6,9f,4c,92,97,8c,9b,fb,0f,38,d8,20)
|
||||
#define GPT_ROOT_IA64_VERITY SD_ID128_MAKE(86,ed,10,d5,b6,07,45,bb,89,57,d3,50,f2,3d,05,71)
|
||||
#define GPT_ROOT_LOONGARCH64_VERITY SD_ID128_MAKE(f3,39,3b,22,e9,af,46,13,a9,48,9d,3b,fb,d0,c5,35)
|
||||
#define GPT_ROOT_RISCV32_VERITY SD_ID128_MAKE(ae,02,53,be,11,67,40,07,ac,68,43,92,6c,14,c5,de)
|
||||
#define GPT_ROOT_RISCV64_VERITY SD_ID128_MAKE(b6,ed,55,82,44,0b,42,09,b8,da,5f,f7,c4,19,ea,3d)
|
||||
#define GPT_USR_X86_VERITY SD_ID128_MAKE(8f,46,1b,0d,14,ee,4e,81,9a,a9,04,9b,6f,b9,7a,bd)
|
||||
#define GPT_USR_X86_64_VERITY SD_ID128_MAKE(77,ff,5f,63,e7,b6,46,33,ac,f4,15,65,b8,64,c0,e6)
|
||||
#define GPT_USR_ARM_VERITY SD_ID128_MAKE(c2,15,d7,51,7b,cd,46,49,be,90,66,27,49,0a,4c,05)
|
||||
#define GPT_USR_ARM_64_VERITY SD_ID128_MAKE(6e,11,a4,e7,fb,ca,4d,ed,b9,e9,e1,a5,12,bb,66,4e)
|
||||
#define GPT_USR_IA64_VERITY SD_ID128_MAKE(6a,49,1e,03,3b,e7,45,45,8e,38,83,32,0e,0e,a8,80)
|
||||
#define GPT_USR_LOONGARCH64_VERITY SD_ID128_MAKE(f4,6b,2c,26,59,ae,48,f0,91,06,c5,0e,d4,7f,67,3d)
|
||||
#define GPT_USR_RISCV32_VERITY SD_ID128_MAKE(cb,1e,e4,e3,8c,d0,41,36,a0,a4,aa,61,a3,2e,87,30)
|
||||
#define GPT_USR_RISCV64_VERITY SD_ID128_MAKE(8f,10,56,be,9b,05,47,c4,81,d6,be,53,12,8e,5b,54)
|
||||
/* Maintain same order as above */
|
||||
#if defined(__alpha__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_ALPHA
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_ALPHA_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_ALPHA_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_ALPHA
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_ALPHA_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_ALPHA_VERITY_SIG
|
||||
|
||||
/* PKCS#7 Signatures for the Verity Root Hashes */
|
||||
#define GPT_ROOT_X86_VERITY_SIG SD_ID128_MAKE(59,96,fc,05,10,9c,48,de,80,8b,23,fa,08,30,b6,76)
|
||||
#define GPT_ROOT_X86_64_VERITY_SIG SD_ID128_MAKE(41,09,2b,05,9f,c8,45,23,99,4f,2d,ef,04,08,b1,76)
|
||||
#define GPT_ROOT_ARM_VERITY_SIG SD_ID128_MAKE(42,b0,45,5f,eb,11,49,1d,98,d3,56,14,5b,a9,d0,37)
|
||||
#define GPT_ROOT_ARM_64_VERITY_SIG SD_ID128_MAKE(6d,b6,9d,e6,29,f4,47,58,a7,a5,96,21,90,f0,0c,e3)
|
||||
#define GPT_ROOT_IA64_VERITY_SIG SD_ID128_MAKE(e9,8b,36,ee,32,ba,48,82,9b,12,0c,e1,46,55,f4,6a)
|
||||
#define GPT_ROOT_LOONGARCH64_VERITY_SIG SD_ID128_MAKE(5a,fb,67,eb,ec,c8,4f,85,ae,8e,ac,1e,7c,50,e7,d0)
|
||||
#define GPT_ROOT_RISCV32_VERITY_SIG SD_ID128_MAKE(3a,11,2a,75,87,29,43,80,b4,cf,76,4d,79,93,44,48)
|
||||
#define GPT_ROOT_RISCV64_VERITY_SIG SD_ID128_MAKE(ef,e0,f0,87,ea,8d,44,69,82,1a,4c,2a,96,a8,38,6a)
|
||||
#define GPT_USR_X86_VERITY_SIG SD_ID128_MAKE(97,4a,71,c0,de,41,43,c3,be,5d,5c,5c,cd,1a,d2,c0)
|
||||
#define GPT_USR_X86_64_VERITY_SIG SD_ID128_MAKE(e7,bb,33,fb,06,cf,4e,81,82,73,e5,43,b4,13,e2,e2)
|
||||
#define GPT_USR_ARM_VERITY_SIG SD_ID128_MAKE(d7,ff,81,2f,37,d1,49,02,a8,10,d7,6b,a5,7b,97,5a)
|
||||
#define GPT_USR_ARM_64_VERITY_SIG SD_ID128_MAKE(c2,3c,e4,ff,44,bd,4b,00,b2,d4,b4,1b,34,19,e0,2a)
|
||||
#define GPT_USR_IA64_VERITY_SIG SD_ID128_MAKE(8d,e5,8b,c2,2a,43,46,0d,b1,4e,a7,6e,4a,17,b4,7f)
|
||||
#define GPT_USR_LOONGARCH64_VERITY_SIG SD_ID128_MAKE(b0,24,f3,15,d3,30,44,4c,84,61,44,bb,de,52,4e,99)
|
||||
#define GPT_USR_RISCV32_VERITY_SIG SD_ID128_MAKE(c3,83,6a,13,31,37,45,ba,b5,83,b1,6c,50,fe,5e,b4)
|
||||
#define GPT_USR_RISCV64_VERITY_SIG SD_ID128_MAKE(d2,f9,00,0a,7a,18,45,3f,b5,cd,4d,32,f7,7a,7b,32)
|
||||
#elif defined(__arc__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_ARC
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_ARC_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_ARC_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_ARC
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_ARC_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_ARC_VERITY_SIG
|
||||
|
||||
#if defined(__x86_64__)
|
||||
#elif defined(__aarch64__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_ARM64
|
||||
# define GPT_ROOT_SECONDARY GPT_ROOT_ARM
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_ARM64_VERITY
|
||||
# define GPT_ROOT_SECONDARY_VERITY GPT_ROOT_ARM_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_ARM64_VERITY_SIG
|
||||
# define GPT_ROOT_SECONDARY_VERITY_SIG GPT_ROOT_ARM_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_ARM64
|
||||
# define GPT_USR_SECONDARY GPT_USR_ARM
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_ARM64_VERITY
|
||||
# define GPT_USR_SECONDARY_VERITY GPT_USR_ARM_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_ARM64_VERITY_SIG
|
||||
# define GPT_USR_SECONDARY_VERITY_SIG GPT_USR_ARM_VERITY_SIG
|
||||
#elif defined(__arm__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_ARM
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_ARM_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_ARM_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_ARM
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_ARM_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_ARM_VERITY_SIG
|
||||
|
||||
#elif defined(__ia64__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_IA64
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_IA64_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_IA64_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_IA64
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_IA64_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_IA64_VERITY_SIG
|
||||
|
||||
#elif defined(__loongarch64)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_LOONGARCH64
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_LOONGARCH64_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_LOONGARCH64_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_LOONGARCH64
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_LOONGARCH64_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_LOONGARCH64_VERITY_SIG
|
||||
|
||||
#elif defined(__powerpc__) && defined(__PPC64__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_PPC64LE
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC64LE_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_PPC64LE_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_PPC64LE
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_PPC64LE_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_PPC64LE_VERITY_SIG
|
||||
#elif defined(__powerpc__) && defined(__powerpc64__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_PPC64
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC64_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_PPC64_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_PPC64
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_PPC64_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_PPC64_VERITY_SIG
|
||||
#elif defined(__powerpc__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_PPC
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_PPC_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_PPC
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_PPC_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_PPC_VERITY_SIG
|
||||
|
||||
#elif defined(__riscv) && __riscv_xlen == 32
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_RISCV32
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_RISCV32_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_RISCV32_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_RISCV32
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_RISCV32_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_RISCV32_VERITY_SIG
|
||||
#elif defined(__riscv) && __riscv_xlen == 64
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_RISCV64
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_RISCV64_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_RISCV64_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_RISCV64
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_RISCV64_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_RISCV64_VERITY_SIG
|
||||
|
||||
#elif defined(__s390__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_S390
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_S390_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_S390_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_S390
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_S390_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_S390_VERITY_SIG
|
||||
|
||||
#elif defined(__s390x__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_S390X
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_S390X_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_S390X_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_S390X
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_S390X_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_S390X_VERITY_SIG
|
||||
|
||||
#elif defined(__tilegx__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_TILEGX
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_TILEGX_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_TILEGX_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_TILEGX
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_TILEGX_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_TILEGX_VERITY_SIG
|
||||
|
||||
#elif defined(__x86_64__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_X86_64
|
||||
# define GPT_ROOT_SECONDARY GPT_ROOT_X86
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_X86_64_VERITY
|
||||
@ -96,64 +268,6 @@
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_X86_VERITY_SIG
|
||||
#endif
|
||||
|
||||
#if defined(__ia64__)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_IA64
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_IA64_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_IA64_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_IA64
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_IA64_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_IA64_VERITY_SIG
|
||||
#endif
|
||||
|
||||
#if defined(__aarch64__) && (__BYTE_ORDER != __BIG_ENDIAN)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_ARM_64
|
||||
# define GPT_ROOT_SECONDARY GPT_ROOT_ARM
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_ARM_64_VERITY
|
||||
# define GPT_ROOT_SECONDARY_VERITY GPT_ROOT_ARM_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_ARM_64_VERITY_SIG
|
||||
# define GPT_ROOT_SECONDARY_VERITY_SIG GPT_ROOT_ARM_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_ARM_64
|
||||
# define GPT_USR_SECONDARY GPT_USR_ARM
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_ARM_64_VERITY
|
||||
# define GPT_USR_SECONDARY_VERITY GPT_USR_ARM_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_ARM_64_VERITY_SIG
|
||||
# define GPT_USR_SECONDARY_VERITY_SIG GPT_USR_ARM_VERITY_SIG
|
||||
#elif defined(__arm__) && (__BYTE_ORDER != __BIG_ENDIAN)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_ARM
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_ARM_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_ARM_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_ARM
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_ARM_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_ARM_VERITY_SIG
|
||||
#endif
|
||||
|
||||
#if defined(__loongarch64)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_LOONGARCH64
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_LOONGARCH64_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_LOONGARCH64_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_LOONGARCH64
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_LOONGARCH64_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_LOONGARCH64_VERITY_SIG
|
||||
#endif
|
||||
|
||||
#if defined(__riscv)
|
||||
#if (__riscv_xlen == 32)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_RISCV32
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_RISCV32_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_RISCV32_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_RISCV32
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_RISCV32_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_RISCV32_VERITY_SIG
|
||||
#elif (__riscv_xlen == 64)
|
||||
# define GPT_ROOT_NATIVE GPT_ROOT_RISCV64
|
||||
# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_RISCV64_VERITY
|
||||
# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_RISCV64_VERITY_SIG
|
||||
# define GPT_USR_NATIVE GPT_USR_RISCV64
|
||||
# define GPT_USR_NATIVE_VERITY GPT_USR_RISCV64_VERITY
|
||||
# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_RISCV64_VERITY_SIG
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define GPT_FLAG_REQUIRED_PARTITION (1ULL << 0)
|
||||
#define GPT_FLAG_NO_BLOCK_IO_PROTOCOL (1ULL << 1)
|
||||
#define GPT_FLAG_LEGACY_BIOS_BOOTABLE (1ULL << 2)
|
||||
|
@ -18,7 +18,7 @@ static void test_gpt_types_against_architectures(void) {
|
||||
/* Dumps a table indicating for which architectures we know we have matching GPT partition
|
||||
* types. Also validates whether we can properly categorize the entries. */
|
||||
|
||||
FOREACH_STRING(prefix, "root-", "usr-") {
|
||||
FOREACH_STRING(prefix, "root-", "usr-")
|
||||
for (int a = 0; a < _ARCHITECTURE_MAX; a++) {
|
||||
const char *suffix;
|
||||
|
||||
@ -48,7 +48,6 @@ static void test_gpt_types_against_architectures(void) {
|
||||
assert_se(gpt_partition_type_is_usr_verity(id));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[]) {
|
||||
|
192
tools/list-discoverable-partitions.py
Normal file
192
tools/list-discoverable-partitions.py
Normal file
@ -0,0 +1,192 @@
|
||||
#!/usr/bin/env python3
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
|
||||
import re
|
||||
import sys
|
||||
import uuid
|
||||
|
||||
HEADER = f'''\
|
||||
<!-- generated with {sys.argv[0]} -->
|
||||
| Partition Type UUID | Name | Allowed File Systems | Explanation |
|
||||
|---------------------|------|----------------------|-------------|
|
||||
'''
|
||||
|
||||
ARCHITECTURES = {
|
||||
'ALPHA': 'Alpha',
|
||||
'ARC': 'ARC',
|
||||
'ARM': '32-bit ARM',
|
||||
'ARM64': '64-bit ARM/AArch64',
|
||||
'IA64': 'Itanium/IA-64',
|
||||
'LOONGARCH64': 'LoongArch 64-bit',
|
||||
'MIPS_LE': '32-bit MIPS LittleEndian (mipsel)',
|
||||
'MIPS64_LE': '64-bit MIPS LittleEndian (mips64el)',
|
||||
'PPC': '32-bit PowerPC',
|
||||
'PPC64': '64-bit PowerPC BigEndian',
|
||||
'PPC64LE': '64-bit PowerPC LittleEndian',
|
||||
'RISCV32': 'RISC-V 32-bit',
|
||||
'RISCV64': 'RISC-V 64-bit',
|
||||
'S390': 's390',
|
||||
'S390X': 's390x',
|
||||
'TILEGX': 'TILE-Gx',
|
||||
'X86': 'x86',
|
||||
'X86_64': 'amd64/x86_64',
|
||||
}
|
||||
|
||||
TYPES = {
|
||||
'ROOT' : 'Root Partition',
|
||||
'ROOT_VERITY' : 'Root Verity Partition',
|
||||
'ROOT_VERITY_SIG' : 'Root Verity Signature Partition',
|
||||
'USR' : '`/usr/` Partition',
|
||||
'USR_VERITY' : '`/usr/` Verity Partition',
|
||||
'USR_VERITY_SIG' : '`/usr/` Verity Signature Partition',
|
||||
|
||||
'ESP': 'EFI System Partition',
|
||||
'SRV': 'Server Data Partition',
|
||||
'VAR': 'Variable Data Partition',
|
||||
'TMP': 'Temporary Data Partition',
|
||||
'SWAP': 'Swap',
|
||||
'HOME': 'Home Partition',
|
||||
'USER_HOME': 'Per-user Home Partition',
|
||||
'LINUX_GENERIC': 'Generic Linux Data Partition',
|
||||
'XBOOTLDR': 'Extended Boot Loader Partition',
|
||||
}
|
||||
|
||||
DESCRIPTIONS = {
|
||||
'ROOT': (
|
||||
'Any native, optionally in LUKS',
|
||||
'On systems with matching architecture, the first partition with this type UUID on the disk '
|
||||
'containing the active EFI ESP is automatically mounted to the root directory <tt>/</tt>. '
|
||||
'If the partition is encrypted with LUKS or has dm-verity integrity data (see below), the '
|
||||
'device mapper file will be named `/dev/mapper/root`.'),
|
||||
'USR': (
|
||||
'A dm-verity superblock followed by hash data',
|
||||
'Contains dm-verity integrity hash data for the matching root partition. If this feature is '
|
||||
'used the partition UUID of the root partition should be the first 128 bits of the root hash '
|
||||
'of the dm-verity hash data, and the partition UUID of this dm-verity partition should be the '
|
||||
'final 128 bits of it, so that the root partition and its Verity partition can be discovered '
|
||||
'easily, simply by specifying the root hash.'),
|
||||
'ROOT_VERITY': (
|
||||
'A serialized JSON object, see below',
|
||||
'Contains a root hash and a PKCS#7 signature for it, permitting signed dm-verity GPT images.'),
|
||||
'USR_VERITY': (
|
||||
'Any native, optionally in LUKS',
|
||||
'Similar semantics to root partition, but just the `/usr/` partition.'),
|
||||
'ROOT_VERITY_SIG': (
|
||||
'A dm-verity superblock followed by hash data',
|
||||
'Similar semantics to root Verity partition, but just for the `/usr/` partition.'),
|
||||
'USR_VERITY_SIG': (
|
||||
'A serialized JSON object, see below',
|
||||
'Similar semantics to root Verity signature partition, but just for the `/usr/` partition.'),
|
||||
|
||||
'ESP': (
|
||||
'VFAT',
|
||||
'The ESP used for the current boot is automatically mounted to `/efi/` (or `/boot/` as '
|
||||
'fallback), unless a different partition is mounted there (possibly via `/etc/fstab`, or '
|
||||
'because the Extended Boot Loader Partition — see below — exists) or the directory is '
|
||||
'non-empty on the root disk. This partition type is defined by the '
|
||||
'[UEFI Specification](http://www.uefi.org/specifications).'),
|
||||
'XBOOTLDR': (
|
||||
'Typically VFAT',
|
||||
'The Extended Boot Loader Partition (XBOOTLDR) used for the current boot is automatically '
|
||||
'mounted to <tt>/boot/</tt>, unless a different partition is mounted there (possibly via '
|
||||
'<tt>/etc/fstab</tt>) or the directory is non-empty on the root disk. This partition type '
|
||||
'is defined by the [Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION).'),
|
||||
'SWAP': (
|
||||
'Swap, optionally in LUKS',
|
||||
'All swap partitions on the disk containing the root partition are automatically enabled. '
|
||||
'If the partition is encrypted with LUKS, the device mapper file will be named '
|
||||
'`/dev/mapper/swap`. This partition type predates the Discoverable Partitions Specification.'),
|
||||
'HOME': (
|
||||
'Any native, optionally in LUKS',
|
||||
'The first partition with this type UUID on the disk containing the root partition is '
|
||||
'automatically mounted to `/home/`. If the partition is encrypted with LUKS, the device '
|
||||
'mapper file will be named `/dev/mapper/home`.'),
|
||||
'SRV': (
|
||||
'Any native, optionally in LUKS',
|
||||
'The first partition with this type UUID on the disk containing the root partition is '
|
||||
'automatically mounted to `/srv/`. If the partition is encrypted with LUKS, the device '
|
||||
'mapper file will be named `/dev/mapper/srv`.'),
|
||||
'VAR': (
|
||||
'Any native, optionally in LUKS',
|
||||
'The first partition with this type UUID on the disk containing the root partition is '
|
||||
'automatically mounted to `/var/` — under the condition that its partition UUID matches '
|
||||
'the first 128 bits of `HMAC-SHA256(machine-id, 0x4d21b016b53445c2a9fb5c16e091fd2d)` '
|
||||
'(i.e. the SHA256 HMAC hash of the binary type UUID keyed by the machine ID as read from '
|
||||
'[`/etc/machine-id`](https://www.freedesktop.org/software/systemd/man/machine-id.html). '
|
||||
'This special requirement is made because `/var/` (unlike the other partition types '
|
||||
'listed here) is inherently private to a specific installation and cannot possibly be '
|
||||
'shared between multiple OS installations on the same disk, and thus should be bound to '
|
||||
'a specific instance of the OS, identified by its machine ID. If the partition is '
|
||||
'encrypted with LUKS, the device mapper file will be named `/dev/mapper/var`.'),
|
||||
'TMP': (
|
||||
'Any native, optionally in LUKS',
|
||||
'The first partition with this type UUID on the disk containing the root partition is '
|
||||
'automatically mounted to `/var/tmp/`. If the partition is encrypted with LUKS, the '
|
||||
'device mapper file will be named `/dev/mapper/tmp`. Note that the intended mount point '
|
||||
'is indeed `/var/tmp/`, not `/tmp/`. The latter is typically maintained in memory via '
|
||||
'<tt>tmpfs</tt> and does not require a partition on disk. In some cases it might be '
|
||||
'desirable to make `/tmp/` persistent too, in which case it is recommended to make it '
|
||||
'a symlink or bind mount to `/var/tmp/`, thus not requiring its own partition type UUID.'),
|
||||
'USER_HOME': (
|
||||
'Any native, optionally in LUKS',
|
||||
'A home partition of a user, managed by '
|
||||
'[`systemd-homed`](https://www.freedesktop.org/software/systemd/man/systemd-homed.html).'),
|
||||
'LINUX_GENERIC': (
|
||||
'Any native, optionally in LUKS',
|
||||
'No automatic mounting takes place for other Linux data partitions. This partition type '
|
||||
'should be used for all partitions that carry Linux file systems. The installer needs '
|
||||
'to mount them explicitly via entries in <tt>/etc/fstab</tt>. Optionally, these '
|
||||
'partitions may be encrypted with LUKS. This partition type predates the Discoverable '
|
||||
'Partitions Specification.'),
|
||||
}
|
||||
|
||||
def extract(file):
|
||||
for line in file:
|
||||
# print(line)
|
||||
m = re.match(r'^#define\s+GPT_(.*SD_ID128_MAKE.*)', line)
|
||||
if not m:
|
||||
continue
|
||||
|
||||
if m2 := re.match(r'^(ROOT|USR)_([A-Z0-9]+|X86_64|MIPS_LE|MIPS64_LE)(|_VERITY|_VERITY_SIG)\s+SD_ID128_MAKE\((.*)\)', m.group(1)):
|
||||
type, arch, suffix, u = m2.groups()
|
||||
u = uuid.UUID(u.replace(',', ''))
|
||||
assert arch in ARCHITECTURES
|
||||
type = f'{type}{suffix}'
|
||||
assert type in TYPES
|
||||
|
||||
yield type, arch, u
|
||||
|
||||
elif m2 := re.match(r'(\w+)\s+SD_ID128_MAKE\((.*)\)', m.group(1)):
|
||||
type, u = m2.groups()
|
||||
u = uuid.UUID(u.replace(',', ''))
|
||||
yield type, None, u
|
||||
|
||||
else:
|
||||
raise Exception(f'Failed to match: {m.group(1)}')
|
||||
|
||||
def generate(defines):
|
||||
prevtype = None
|
||||
|
||||
print(HEADER, end='')
|
||||
|
||||
uuids = set()
|
||||
|
||||
for type, arch, uuid in defines:
|
||||
tdesc = TYPES[type]
|
||||
adesc = '' if arch is None else f' ({ARCHITECTURES[arch]})'
|
||||
|
||||
# Let's make sure that we didn't select&paste the same value twice
|
||||
assert uuid not in uuids
|
||||
uuids.add(uuid)
|
||||
|
||||
if type != prevtype:
|
||||
prevtype = type
|
||||
morea, moreb = DESCRIPTIONS[type]
|
||||
else:
|
||||
morea = moreb = 'ditto'
|
||||
|
||||
print(f'| _{tdesc}{adesc}_ | `{uuid}` | {morea} | {moreb} |')
|
||||
|
||||
if __name__ == '__main__':
|
||||
known = extract(sys.stdin)
|
||||
generate(known)
|
Loading…
Reference in New Issue
Block a user