dissect-image: rename dissected_image_has_verity()/_can_do_verity()

Let's also pick more precise names for these helpers that are used for the tabular output: one checks whether a partition is candidate for verity at all, and the other checks if it is ready to be used for it. Let's make this clearer in the name.
2025-03-13 00:58:27 +03:00 · 2021-09-08 17:26:32 +02:00 · 2021-09-08 17:26:32 +02:00 · 495367666b
commit 495367666b
parent c3c88d67c0
3 changed files with 25 additions and 8 deletions
--- a/src/dissect/dissect.c
+++ b/src/dissect/dissect.c
@ -514,8 +514,8 @@ static int action_dissect(DissectedImage *m, LoopDevice *d) {

                if (arg_verity_settings.data_path)
                        r = table_add_cell(t, NULL, TABLE_STRING, "external");
-                else if (dissected_image_can_do_verity(m, i))
-                        r = table_add_cell(t, NULL, TABLE_STRING, yes_no(dissected_image_has_verity(m, i)));
+                else if (dissected_image_verity_candidate(m, i))
+                        r = table_add_cell(t, NULL, TABLE_STRING, yes_no(dissected_image_verity_ready(m, i)));
                else
                        r = table_add_cell(t, NULL, TABLE_EMPTY, NULL);
                if (r < 0)
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@ -2840,18 +2840,35 @@ int dissect_image_and_warn(
        }
 }

-bool dissected_image_can_do_verity(const DissectedImage *image, PartitionDesignator partition_designator) {
+bool dissected_image_verity_candidate(const DissectedImage *image, PartitionDesignator partition_designator) {
+        assert(image);
+
+        /* Checks if this partition could theoretically do Verity. For non-partitioned images this only works
+         * if there's an external verity file supplied, for which we can consult .has_verity. For partitioned
+         * images we only check the partition type.
+         *
+         * This call is used to decide whether to suppress or show a verity column in tabular output of the
+         * image. */
+
        if (image->single_file_system)
                return partition_designator == PARTITION_ROOT && image->has_verity;

        return PARTITION_VERITY_OF(partition_designator) >= 0;
 }

-bool dissected_image_has_verity(const DissectedImage *image, PartitionDesignator partition_designator) {
-        int k;
+bool dissected_image_verity_ready(const DissectedImage *image, PartitionDesignator partition_designator) {
+        PartitionDesignator k;
+
+        assert(image);
+
+        /* Checks if this partition has verity data available that we can activate. For non-partitioned this
+         * works for the root partition, for others only if the associated verity partition was found. */
+
+        if (!image->verity_ready)
+                return false;

        if (image->single_file_system)
-                return partition_designator == PARTITION_ROOT && image->verity_ready;
+                return partition_designator == PARTITION_ROOT;

        k = PARTITION_VERITY_OF(partition_designator);
        return k >= 0 && image->partitions[k].found;
--- a/src/shared/dissect-image.h
+++ b/src/shared/dissect-image.h
@ -186,8 +186,8 @@ PartitionDesignator partition_designator_from_string(const char *name) _pure_;
 int verity_settings_load(VeritySettings *verity, const char *image, const char *root_hash_path, const char *root_hash_sig_path);
 void verity_settings_done(VeritySettings *verity);

-bool dissected_image_can_do_verity(const DissectedImage *image, PartitionDesignator d);
-bool dissected_image_has_verity(const DissectedImage *image, PartitionDesignator d);
+bool dissected_image_verity_candidate(const DissectedImage *image, PartitionDesignator d);
+bool dissected_image_verity_ready(const DissectedImage *image, PartitionDesignator d);

 int mount_image_privately_interactively(const char *path, DissectImageFlags flags, char **ret_directory, LoopDevice **ret_loop_device, DecryptedImage **ret_decrypted_image);