diff --git a/mkosi.build b/mkosi.build index bb04d5edaad..fe3688d6ae9 100755 --- a/mkosi.build +++ b/mkosi.build @@ -110,12 +110,3 @@ if [ -n "$IMAGE_VERSION" ] ; then cat /tmp/os-release.tmp > "$DESTDIR"/usr/lib/os-release rm /tmp/os-release.tmp fi - -# Manually update the boot loader from the one we just built -mkdir -p "$DESTDIR"/boot/efi/EFI/systemd "$DESTDIR"/boot/efi/EFI/BOOT -cp "$DESTDIR"/usr/lib/systemd/boot/efi/systemd-bootx64.efi "$DESTDIR"/boot/efi/EFI/systemd/systemd-bootx64.efi -cp "$DESTDIR"/usr/lib/systemd/boot/efi/systemd-bootx64.efi "$DESTDIR"/boot/efi/EFI/BOOT/bootx64.efi - -mkdir -p "$DESTDIR"/efi/EFI/systemd "$DESTDIR"/efi/EFI/BOOT -cp "$DESTDIR"/usr/lib/systemd/boot/efi/systemd-bootx64.efi "$DESTDIR"/efi/EFI/systemd/systemd-bootx64.efi -cp "$DESTDIR"/usr/lib/systemd/boot/efi/systemd-bootx64.efi "$DESTDIR"/efi/EFI/BOOT/bootx64.efi diff --git a/mkosi.postinst b/mkosi.postinst new file mode 100755 index 00000000000..feb8203126d --- /dev/null +++ b/mkosi.postinst @@ -0,0 +1,6 @@ +#!/bin/sh +# SPDX-License-Identifier: LGPL-2.1-or-later + +if [ "$1" = "final" ] && command -v bootctl > /dev/null; then + bootctl install +fi diff --git a/src/basic/architecture.h b/src/basic/architecture.h index f0377c383e2..eaee01348e4 100644 --- a/src/basic/architecture.h +++ b/src/basic/architecture.h @@ -10,7 +10,7 @@ * processor features, models, generations or even ABIs. Hence we * focus on general family, and distinguish word width and endianness. */ -enum { +typedef enum { ARCHITECTURE_ALPHA, ARCHITECTURE_ARC, ARCHITECTURE_ARC_BE, @@ -45,7 +45,7 @@ enum { ARCHITECTURE_X86_64, _ARCHITECTURE_MAX, _ARCHITECTURE_INVALID = -EINVAL, -}; +} Architecture; int uname_architecture(void); @@ -67,7 +67,7 @@ int uname_architecture(void); # else # define LIB_ARCH_TUPLE "x86_64-linux-gnu" # endif -# define SECONDARY_ARCHITECTURE ARCHITECTURE_X86 +# define ARCHITECTURE_SECONDARY ARCHITECTURE_X86 #elif defined(__i386__) # define native_architecture() ARCHITECTURE_X86 # define LIB_ARCH_TUPLE "i386-linux-gnu" @@ -75,11 +75,11 @@ int uname_architecture(void); # if __BYTE_ORDER == __BIG_ENDIAN # define native_architecture() ARCHITECTURE_PPC64 # define LIB_ARCH_TUPLE "ppc64-linux-gnu" -# define SECONDARY_ARCHITECTURE ARCHITECTURE_PPC +# define ARCHITECTURE_SECONDARY ARCHITECTURE_PPC # else # define native_architecture() ARCHITECTURE_PPC64_LE # define LIB_ARCH_TUPLE "powerpc64le-linux-gnu" -# define SECONDARY_ARCHITECTURE ARCHITECTURE_PPC_LE +# define ARCHITECTURE_SECONDARY ARCHITECTURE_PPC_LE # endif #elif defined(__powerpc__) # if __BYTE_ORDER == __BIG_ENDIAN @@ -105,7 +105,7 @@ int uname_architecture(void); #elif defined(__s390x__) # define native_architecture() ARCHITECTURE_S390X # define LIB_ARCH_TUPLE "s390x-linux-gnu" -# define SECONDARY_ARCHITECTURE ARCHITECTURE_S390 +# define ARCHITECTURE_SECONDARY ARCHITECTURE_S390 #elif defined(__s390__) # define native_architecture() ARCHITECTURE_S390 # define LIB_ARCH_TUPLE "s390-linux-gnu" @@ -149,7 +149,7 @@ int uname_architecture(void); # else # define native_architecture() ARCHITECTURE_ARM64 # define LIB_ARCH_TUPLE "aarch64-linux-gnu" -# define SECONDARY_ARCHITECTURE ARCHITECTURE_ARM +# define ARCHITECTURE_SECONDARY ARCHITECTURE_ARM # endif #elif defined(__arm__) # if __BYTE_ORDER == __BIG_ENDIAN diff --git a/src/basic/process-util.c b/src/basic/process-util.c index 1dd2414bb21..bdadec40729 100644 --- a/src/basic/process-util.c +++ b/src/basic/process-util.c @@ -1045,8 +1045,8 @@ unsigned long personality_from_string(const char *p) { if (architecture == native_architecture()) return PER_LINUX; -#ifdef SECONDARY_ARCHITECTURE - if (architecture == SECONDARY_ARCHITECTURE) +#ifdef ARCHITECTURE_SECONDARY + if (architecture == ARCHITECTURE_SECONDARY) return PER_LINUX32; #endif @@ -1058,9 +1058,9 @@ const char* personality_to_string(unsigned long p) { if (p == PER_LINUX) architecture = native_architecture(); -#ifdef SECONDARY_ARCHITECTURE +#ifdef ARCHITECTURE_SECONDARY else if (p == PER_LINUX32) - architecture = SECONDARY_ARCHITECTURE; + architecture = ARCHITECTURE_SECONDARY; #endif if (architecture < 0) diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index 685c5225d55..4c553f4d2ef 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -991,9 +991,8 @@ int dissect_image( designator = PARTITION_XBOOTLDR; rw = !(pflags & GPT_FLAG_READ_ONLY); growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS); - } -#ifdef GPT_ROOT_NATIVE - else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE)) { + + } else if (gpt_partition_type_is_root(type_id)) { check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY|GPT_FLAG_GROWFS); @@ -1004,12 +1003,12 @@ int dissect_image( if (!sd_id128_is_null(root_uuid) && !sd_id128_equal(root_uuid, id)) continue; - designator = PARTITION_ROOT; - architecture = native_architecture(); + assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0); + designator = PARTITION_ROOT_OF_ARCH(architecture); rw = !(pflags & GPT_FLAG_READ_ONLY); growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS); - } else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE_VERITY)) { + } else if (gpt_partition_type_is_root_verity(type_id)) { check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); @@ -1028,12 +1027,12 @@ int dissect_image( if (!sd_id128_is_null(root_verity_uuid) && !sd_id128_equal(root_verity_uuid, id)) continue; - designator = PARTITION_ROOT_VERITY; + assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0); + designator = PARTITION_VERITY_OF(PARTITION_ROOT_OF_ARCH(architecture)); fstype = "DM_verity_hash"; - architecture = native_architecture(); rw = false; - } else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE_VERITY_SIG)) { + } else if (gpt_partition_type_is_root_verity_sig(type_id)) { check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); @@ -1050,78 +1049,12 @@ int dissect_image( if (verity->root_hash) continue; - designator = PARTITION_ROOT_VERITY_SIG; + assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0); + designator = PARTITION_VERITY_SIG_OF(PARTITION_ROOT_OF_ARCH(architecture)); fstype = "verity_hash_signature"; - architecture = native_architecture(); - rw = false; - } -#endif -#ifdef GPT_ROOT_SECONDARY - else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY)) { - - check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY|GPT_FLAG_GROWFS); - - if (pflags & GPT_FLAG_NO_AUTO) - continue; - - /* If a root ID is specified, ignore everything but the root id */ - if (!sd_id128_is_null(root_uuid) && !sd_id128_equal(root_uuid, id)) - continue; - - designator = PARTITION_ROOT_SECONDARY; - architecture = SECONDARY_ARCHITECTURE; - rw = !(pflags & GPT_FLAG_READ_ONLY); - growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS); - - } else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY_VERITY)) { - - check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); - - if (pflags & GPT_FLAG_NO_AUTO) - continue; - - m->has_verity = true; - - /* Don't do verity if no verity config is passed in */ - if (!verity) - continue; - if (verity->designator >= 0 && verity->designator != PARTITION_ROOT) - continue; - - /* If root hash is specified, then ignore everything but the root id */ - if (!sd_id128_is_null(root_verity_uuid) && !sd_id128_equal(root_verity_uuid, id)) - continue; - - designator = PARTITION_ROOT_SECONDARY_VERITY; - fstype = "DM_verity_hash"; - architecture = SECONDARY_ARCHITECTURE; rw = false; - } else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY_VERITY_SIG)) { - - check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); - - if (pflags & GPT_FLAG_NO_AUTO) - continue; - - m->has_verity_sig = true; - - /* If root hash is specified explicitly, then ignore any embedded signature */ - if (!verity) - continue; - if (verity->designator >= 0 && verity->designator != PARTITION_ROOT) - continue; - if (verity->root_hash) - continue; - - designator = PARTITION_ROOT_SECONDARY_VERITY_SIG; - fstype = "verity_hash_signature"; - architecture = native_architecture(); - rw = false; - } -#endif -#ifdef GPT_USR_NATIVE - else if (sd_id128_equal(type_id, GPT_USR_NATIVE)) { + } else if (gpt_partition_type_is_usr(type_id)) { check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY|GPT_FLAG_GROWFS); @@ -1132,12 +1065,12 @@ int dissect_image( if (!sd_id128_is_null(usr_uuid) && !sd_id128_equal(usr_uuid, id)) continue; - designator = PARTITION_USR; - architecture = native_architecture(); + assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0); + designator = PARTITION_USR_OF_ARCH(architecture); rw = !(pflags & GPT_FLAG_READ_ONLY); growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS); - } else if (sd_id128_equal(type_id, GPT_USR_NATIVE_VERITY)) { + } else if (gpt_partition_type_is_usr_verity(type_id)) { check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); @@ -1155,12 +1088,12 @@ int dissect_image( if (!sd_id128_is_null(usr_verity_uuid) && !sd_id128_equal(usr_verity_uuid, id)) continue; - designator = PARTITION_USR_VERITY; + assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0); + designator = PARTITION_VERITY_OF(PARTITION_USR_OF_ARCH(architecture)); fstype = "DM_verity_hash"; - architecture = native_architecture(); rw = false; - } else if (sd_id128_equal(type_id, GPT_USR_NATIVE_VERITY_SIG)) { + } else if (gpt_partition_type_is_usr_verity_sig(type_id)) { check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); @@ -1177,76 +1110,12 @@ int dissect_image( if (verity->root_hash) continue; - designator = PARTITION_USR_VERITY_SIG; + assert_se((architecture = gpt_partition_type_uuid_to_arch(type_id)) >= 0); + designator = PARTITION_VERITY_SIG_OF(PARTITION_USR_OF_ARCH(architecture)); fstype = "verity_hash_signature"; - architecture = native_architecture(); - rw = false; - } -#endif -#ifdef GPT_USR_SECONDARY - else if (sd_id128_equal(type_id, GPT_USR_SECONDARY)) { - - check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY|GPT_FLAG_GROWFS); - - if (pflags & GPT_FLAG_NO_AUTO) - continue; - - /* If a usr ID is specified, ignore everything but the usr id */ - if (!sd_id128_is_null(usr_uuid) && !sd_id128_equal(usr_uuid, id)) - continue; - - designator = PARTITION_USR_SECONDARY; - architecture = SECONDARY_ARCHITECTURE; - rw = !(pflags & GPT_FLAG_READ_ONLY); - growfs = FLAGS_SET(pflags, GPT_FLAG_GROWFS); - - } else if (sd_id128_equal(type_id, GPT_USR_SECONDARY_VERITY)) { - - check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); - - if (pflags & GPT_FLAG_NO_AUTO) - continue; - - m->has_verity = true; - - if (!verity) - continue; - if (verity->designator >= 0 && verity->designator != PARTITION_USR) - continue; - - /* If usr hash is specified, then ignore everything but the root id */ - if (!sd_id128_is_null(usr_verity_uuid) && !sd_id128_equal(usr_verity_uuid, id)) - continue; - - designator = PARTITION_USR_SECONDARY_VERITY; - fstype = "DM_verity_hash"; - architecture = SECONDARY_ARCHITECTURE; rw = false; - } else if (sd_id128_equal(type_id, GPT_USR_SECONDARY_VERITY_SIG)) { - - check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); - - if (pflags & GPT_FLAG_NO_AUTO) - continue; - - m->has_verity_sig = true; - - /* If usr hash is specified explicitly, then ignore any embedded signature */ - if (!verity) - continue; - if (verity->designator >= 0 && verity->designator != PARTITION_USR) - continue; - if (verity->root_hash) - continue; - - designator = PARTITION_USR_SECONDARY_VERITY_SIG; - fstype = "verity_hash_signature"; - architecture = native_architecture(); - rw = false; - } -#endif - else if (sd_id128_equal(type_id, GPT_SWAP)) { + } else if (sd_id128_equal(type_id, GPT_SWAP)) { check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO); @@ -1439,8 +1308,8 @@ int dissect_image( } if (m->partitions[PARTITION_ROOT].found) { - /* If we found the primary arch, then invalidate the secondary arch to avoid any ambiguities, - * since we never want to mount the secondary arch in this case. */ + /* If we found the primary arch, then invalidate the secondary and other arch to avoid any + * ambiguities, since we never want to mount the secondary or other arch in this case. */ m->partitions[PARTITION_ROOT_SECONDARY].found = false; m->partitions[PARTITION_ROOT_SECONDARY_VERITY].found = false; m->partitions[PARTITION_ROOT_SECONDARY_VERITY_SIG].found = false; @@ -1448,6 +1317,13 @@ int dissect_image( m->partitions[PARTITION_USR_SECONDARY_VERITY].found = false; m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG].found = false; + m->partitions[PARTITION_ROOT_OTHER].found = false; + m->partitions[PARTITION_ROOT_OTHER_VERITY].found = false; + m->partitions[PARTITION_ROOT_OTHER_VERITY_SIG].found = false; + m->partitions[PARTITION_USR_OTHER].found = false; + m->partitions[PARTITION_USR_OTHER_VERITY].found = false; + m->partitions[PARTITION_USR_OTHER_VERITY_SIG].found = false; + } else if (m->partitions[PARTITION_ROOT_VERITY].found || m->partitions[PARTITION_ROOT_VERITY_SIG].found) return -EADDRNOTAVAIL; /* Verity found but no matching rootfs? Something is off, refuse. */ @@ -1455,7 +1331,10 @@ int dissect_image( else if (m->partitions[PARTITION_ROOT_SECONDARY].found) { /* No root partition found but there's one for the secondary architecture? Then upgrade - * secondary arch to first */ + * secondary arch to first and invalidate the other arch. */ + + log_debug("No root partition found of the native architecture, falling back to a root " + "partition of the secondary architecture."); m->partitions[PARTITION_ROOT] = m->partitions[PARTITION_ROOT_SECONDARY]; zero(m->partitions[PARTITION_ROOT_SECONDARY]); @@ -1471,26 +1350,64 @@ int dissect_image( m->partitions[PARTITION_USR_VERITY_SIG] = m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG]; zero(m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG]); + m->partitions[PARTITION_ROOT_OTHER].found = false; + m->partitions[PARTITION_ROOT_OTHER_VERITY].found = false; + m->partitions[PARTITION_ROOT_OTHER_VERITY_SIG].found = false; + m->partitions[PARTITION_USR_OTHER].found = false; + m->partitions[PARTITION_USR_OTHER_VERITY].found = false; + m->partitions[PARTITION_USR_OTHER_VERITY_SIG].found = false; + } else if (m->partitions[PARTITION_ROOT_SECONDARY_VERITY].found || m->partitions[PARTITION_ROOT_SECONDARY_VERITY_SIG].found) return -EADDRNOTAVAIL; /* as above */ + else if (m->partitions[PARTITION_ROOT_OTHER].found) { + + /* No root or secondary partition found but there's one for another architecture? Then + * upgrade the other architecture to first. */ + + log_debug("No root partition found of the native architecture or the secondary architecture, " + "falling back to a root partition of a non-native architecture (%s).", + architecture_to_string(m->partitions[PARTITION_ROOT_OTHER].architecture)); + + m->partitions[PARTITION_ROOT] = m->partitions[PARTITION_ROOT_OTHER]; + zero(m->partitions[PARTITION_ROOT_OTHER]); + m->partitions[PARTITION_ROOT_VERITY] = m->partitions[PARTITION_ROOT_OTHER_VERITY]; + zero(m->partitions[PARTITION_ROOT_OTHER_VERITY]); + m->partitions[PARTITION_ROOT_VERITY_SIG] = m->partitions[PARTITION_ROOT_OTHER_VERITY_SIG]; + zero(m->partitions[PARTITION_ROOT_OTHER_VERITY_SIG]); + + m->partitions[PARTITION_USR] = m->partitions[PARTITION_USR_OTHER]; + zero(m->partitions[PARTITION_USR_OTHER]); + m->partitions[PARTITION_USR_VERITY] = m->partitions[PARTITION_USR_OTHER_VERITY]; + zero(m->partitions[PARTITION_USR_OTHER_VERITY]); + m->partitions[PARTITION_USR_VERITY_SIG] = m->partitions[PARTITION_USR_OTHER_VERITY_SIG]; + zero(m->partitions[PARTITION_USR_OTHER_VERITY_SIG]); + } + /* Hmm, we found a signature partition but no Verity data? Something is off. */ if (m->partitions[PARTITION_ROOT_VERITY_SIG].found && !m->partitions[PARTITION_ROOT_VERITY].found) return -EADDRNOTAVAIL; if (m->partitions[PARTITION_USR].found) { - /* Invalidate secondary arch /usr/ if we found the primary arch */ + /* Invalidate secondary and other arch /usr/ if we found the primary arch */ m->partitions[PARTITION_USR_SECONDARY].found = false; m->partitions[PARTITION_USR_SECONDARY_VERITY].found = false; m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG].found = false; + m->partitions[PARTITION_USR_OTHER].found = false; + m->partitions[PARTITION_USR_OTHER_VERITY].found = false; + m->partitions[PARTITION_USR_OTHER_VERITY_SIG].found = false; + } else if (m->partitions[PARTITION_USR_VERITY].found || m->partitions[PARTITION_USR_VERITY_SIG].found) return -EADDRNOTAVAIL; /* as above */ else if (m->partitions[PARTITION_USR_SECONDARY].found) { + log_debug("No usr partition found of the native architecture, falling back to a usr " + "partition of the secondary architecture."); + /* Upgrade secondary arch to primary */ m->partitions[PARTITION_USR] = m->partitions[PARTITION_USR_SECONDARY]; zero(m->partitions[PARTITION_USR_SECONDARY]); @@ -1499,10 +1416,29 @@ int dissect_image( m->partitions[PARTITION_USR_VERITY_SIG] = m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG]; zero(m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG]); + m->partitions[PARTITION_USR_OTHER].found = false; + m->partitions[PARTITION_USR_OTHER_VERITY].found = false; + m->partitions[PARTITION_USR_OTHER_VERITY_SIG].found = false; + } else if (m->partitions[PARTITION_USR_SECONDARY_VERITY].found || m->partitions[PARTITION_USR_SECONDARY_VERITY_SIG].found) return -EADDRNOTAVAIL; /* as above */ + else if (m->partitions[PARTITION_USR_OTHER].found) { + + log_debug("No usr partition found of the native architecture or the secondary architecture, " + "falling back to a usr partition of a non-native architecture (%s).", + architecture_to_string(m->partitions[PARTITION_ROOT_OTHER].architecture)); + + /* Upgrade other arch to primary */ + m->partitions[PARTITION_USR] = m->partitions[PARTITION_USR_OTHER]; + zero(m->partitions[PARTITION_USR_OTHER]); + m->partitions[PARTITION_USR_VERITY] = m->partitions[PARTITION_USR_OTHER_VERITY]; + zero(m->partitions[PARTITION_USR_OTHER_VERITY]); + m->partitions[PARTITION_USR_VERITY_SIG] = m->partitions[PARTITION_USR_OTHER_VERITY_SIG]; + zero(m->partitions[PARTITION_USR_OTHER_VERITY_SIG]); + } + /* Hmm, we found a signature partition but no Verity data? Something is off. */ if (m->partitions[PARTITION_USR_VERITY_SIG].found && !m->partitions[PARTITION_USR_VERITY].found) return -EADDRNOTAVAIL; @@ -3500,8 +3436,10 @@ int mount_image_privately_interactively( static const char *const partition_designator_table[] = { [PARTITION_ROOT] = "root", [PARTITION_ROOT_SECONDARY] = "root-secondary", + [PARTITION_ROOT_OTHER] = "root-other", [PARTITION_USR] = "usr", [PARTITION_USR_SECONDARY] = "usr-secondary", + [PARTITION_USR_OTHER] = "usr-other", [PARTITION_HOME] = "home", [PARTITION_SRV] = "srv", [PARTITION_ESP] = "esp", @@ -3509,12 +3447,16 @@ static const char *const partition_designator_table[] = { [PARTITION_SWAP] = "swap", [PARTITION_ROOT_VERITY] = "root-verity", [PARTITION_ROOT_SECONDARY_VERITY] = "root-secondary-verity", + [PARTITION_ROOT_OTHER_VERITY] = "root-other-verity", [PARTITION_USR_VERITY] = "usr-verity", [PARTITION_USR_SECONDARY_VERITY] = "usr-secondary-verity", + [PARTITION_USR_OTHER_VERITY] = "usr-other-verity", [PARTITION_ROOT_VERITY_SIG] = "root-verity-sig", [PARTITION_ROOT_SECONDARY_VERITY_SIG] = "root-secondary-verity-sig", + [PARTITION_ROOT_OTHER_VERITY_SIG] = "root-other-verity-sig", [PARTITION_USR_VERITY_SIG] = "usr-verity-sig", [PARTITION_USR_SECONDARY_VERITY_SIG] = "usr-secondary-verity-sig", + [PARTITION_USR_OTHER_VERITY_SIG] = "usr-other-verity-sig", [PARTITION_TMP] = "tmp", [PARTITION_VAR] = "var", }; diff --git a/src/shared/dissect-image.h b/src/shared/dissect-image.h index 48a9e0b4f9f..032126627ca 100644 --- a/src/shared/dissect-image.h +++ b/src/shared/dissect-image.h @@ -5,6 +5,7 @@ #include "sd-id128.h" +#include "architecture.h" #include "list.h" #include "loop-util.h" #include "macro.h" @@ -35,8 +36,10 @@ struct DissectedPartition { typedef enum PartitionDesignator { PARTITION_ROOT, PARTITION_ROOT_SECONDARY, /* Secondary architecture */ + PARTITION_ROOT_OTHER, PARTITION_USR, PARTITION_USR_SECONDARY, + PARTITION_USR_OTHER, PARTITION_HOME, PARTITION_SRV, PARTITION_ESP, @@ -44,12 +47,16 @@ typedef enum PartitionDesignator { PARTITION_SWAP, PARTITION_ROOT_VERITY, /* verity data for the PARTITION_ROOT partition */ PARTITION_ROOT_SECONDARY_VERITY, /* verity data for the PARTITION_ROOT_SECONDARY partition */ + PARTITION_ROOT_OTHER_VERITY, PARTITION_USR_VERITY, PARTITION_USR_SECONDARY_VERITY, + PARTITION_USR_OTHER_VERITY, PARTITION_ROOT_VERITY_SIG, /* PKCS#7 signature for root hash for the PARTITION_ROOT partition */ PARTITION_ROOT_SECONDARY_VERITY_SIG, /* ditto for the PARTITION_ROOT_SECONDARY partition */ + PARTITION_ROOT_OTHER_VERITY_SIG, PARTITION_USR_VERITY_SIG, PARTITION_USR_SECONDARY_VERITY_SIG, + PARTITION_USR_OTHER_VERITY_SIG, PARTITION_TMP, PARTITION_VAR, _PARTITION_DESIGNATOR_MAX, @@ -65,16 +72,22 @@ static inline bool PARTITION_DESIGNATOR_VERSIONED(PartitionDesignator d) { return IN_SET(d, PARTITION_ROOT, PARTITION_ROOT_SECONDARY, + PARTITION_ROOT_OTHER, PARTITION_USR, PARTITION_USR_SECONDARY, + PARTITION_USR_OTHER, PARTITION_ROOT_VERITY, PARTITION_ROOT_SECONDARY_VERITY, + PARTITION_ROOT_OTHER_VERITY, PARTITION_USR_VERITY, PARTITION_USR_SECONDARY_VERITY, + PARTITION_USR_OTHER_VERITY, PARTITION_ROOT_VERITY_SIG, PARTITION_ROOT_SECONDARY_VERITY_SIG, + PARTITION_ROOT_OTHER_VERITY_SIG, PARTITION_USR_VERITY_SIG, - PARTITION_USR_SECONDARY_VERITY_SIG); + PARTITION_USR_SECONDARY_VERITY_SIG, + PARTITION_USR_OTHER_VERITY_SIG); } static inline PartitionDesignator PARTITION_VERITY_OF(PartitionDesignator p) { @@ -86,12 +99,18 @@ static inline PartitionDesignator PARTITION_VERITY_OF(PartitionDesignator p) { case PARTITION_ROOT_SECONDARY: return PARTITION_ROOT_SECONDARY_VERITY; + case PARTITION_ROOT_OTHER: + return PARTITION_ROOT_OTHER_VERITY; + case PARTITION_USR: return PARTITION_USR_VERITY; case PARTITION_USR_SECONDARY: return PARTITION_USR_SECONDARY_VERITY; + case PARTITION_USR_OTHER: + return PARTITION_USR_OTHER_VERITY; + default: return _PARTITION_DESIGNATOR_INVALID; } @@ -106,17 +125,55 @@ static inline PartitionDesignator PARTITION_VERITY_SIG_OF(PartitionDesignator p) case PARTITION_ROOT_SECONDARY: return PARTITION_ROOT_SECONDARY_VERITY_SIG; + case PARTITION_ROOT_OTHER: + return PARTITION_ROOT_OTHER_VERITY_SIG; + case PARTITION_USR: return PARTITION_USR_VERITY_SIG; case PARTITION_USR_SECONDARY: return PARTITION_USR_SECONDARY_VERITY_SIG; + case PARTITION_USR_OTHER: + return PARTITION_USR_OTHER_VERITY_SIG; + default: return _PARTITION_DESIGNATOR_INVALID; } } +static inline PartitionDesignator PARTITION_ROOT_OF_ARCH(Architecture arch) { + switch (arch) { + + case native_architecture(): + return PARTITION_ROOT; + +#ifdef ARCHITECTURE_SECONDARY + case ARCHITECTURE_SECONDARY: + return PARTITION_ROOT_SECONDARY; +#endif + + default: + return PARTITION_ROOT_OTHER; + } +} + +static inline PartitionDesignator PARTITION_USR_OF_ARCH(Architecture arch) { + switch (arch) { + + case native_architecture(): + return PARTITION_USR; + +#ifdef ARCHITECTURE_SECONDARY + case ARCHITECTURE_SECONDARY: + return PARTITION_USR_SECONDARY; +#endif + + default: + return PARTITION_USR_OTHER; + } +} + typedef enum DissectImageFlags { DISSECT_IMAGE_DEVICE_READ_ONLY = 1 << 0, /* Make device read-only */ DISSECT_IMAGE_DISCARD_ON_LOOP = 1 << 1, /* Turn on "discard" if on a loop device and file system supports it */ diff --git a/src/shared/gpt.c b/src/shared/gpt.c index 3c0723da9c9..bf494119b58 100644 --- a/src/shared/gpt.c +++ b/src/shared/gpt.c @@ -15,12 +15,12 @@ #endif #define _GPT_ARCH_SEXTET(arch, name) \ - { GPT_ROOT_##arch, "root-" name }, \ - { GPT_ROOT_##arch##_VERITY, "root-" name "-verity" }, \ - { GPT_ROOT_##arch##_VERITY_SIG, "root-" name "-verity-sig" }, \ - { GPT_USR_##arch, "usr-" name }, \ - { GPT_USR_##arch##_VERITY, "usr-" name "-verity" }, \ - { GPT_USR_##arch##_VERITY_SIG, "usr-" name "-verity-sig" } + { GPT_ROOT_##arch, "root-" name, ARCHITECTURE_##arch, .is_root = true }, \ + { GPT_ROOT_##arch##_VERITY, "root-" name "-verity", ARCHITECTURE_##arch, .is_root_verity = true }, \ + { GPT_ROOT_##arch##_VERITY_SIG, "root-" name "-verity-sig", ARCHITECTURE_##arch, .is_root_verity_sig = true }, \ + { GPT_USR_##arch, "usr-" name, ARCHITECTURE_##arch, .is_usr = true }, \ + { GPT_USR_##arch##_VERITY, "usr-" name "-verity", ARCHITECTURE_##arch, .is_usr_verity = true }, \ + { GPT_USR_##arch##_VERITY_SIG, "usr-" name "-verity-sig", ARCHITECTURE_##arch, .is_usr_verity_sig = true } const GptPartitionType gpt_partition_type_table[] = { _GPT_ARCH_SEXTET(ALPHA, "alpha"), @@ -28,12 +28,21 @@ const GptPartitionType gpt_partition_type_table[] = { _GPT_ARCH_SEXTET(ARM, "arm"), _GPT_ARCH_SEXTET(ARM64, "arm64"), _GPT_ARCH_SEXTET(IA64, "ia64"), - _GPT_ARCH_SEXTET(LOONGARCH64, "loongarch64"), + + // TODO: Replace with `_GPT_ARCH_SEXTET(LOONGARCH64, "loongarch64")` once + // https://github.com/systemd/systemd/pull/21288 is merged. */ + { GPT_ROOT_LOONGARCH64, "root-loongarch64", _ARCHITECTURE_INVALID, .is_root = true }, + { GPT_ROOT_LOONGARCH64_VERITY, "root-loongarch64-verity", _ARCHITECTURE_INVALID, .is_root_verity = true }, + { GPT_ROOT_LOONGARCH64_VERITY_SIG, "root-loongarch64-verity-sig", _ARCHITECTURE_INVALID, .is_root_verity_sig = true }, + { GPT_USR_LOONGARCH64, "usr-loongarch64", _ARCHITECTURE_INVALID, .is_usr = true }, + { GPT_USR_LOONGARCH64_VERITY, "usr-loongarch64-verity", _ARCHITECTURE_INVALID, .is_usr_verity = true }, + { GPT_USR_LOONGARCH64_VERITY_SIG, "usr-loongarch64-verity-sig", _ARCHITECTURE_INVALID, .is_usr_verity_sig = true }, + _GPT_ARCH_SEXTET(MIPS_LE, "mips-le"), _GPT_ARCH_SEXTET(MIPS64_LE, "mips64-le"), _GPT_ARCH_SEXTET(PPC, "ppc"), _GPT_ARCH_SEXTET(PPC64, "ppc64"), - _GPT_ARCH_SEXTET(PPC64LE, "ppc64-le"), + _GPT_ARCH_SEXTET(PPC64_LE, "ppc64-le"), _GPT_ARCH_SEXTET(RISCV32, "riscv32"), _GPT_ARCH_SEXTET(RISCV64, "riscv64"), _GPT_ARCH_SEXTET(S390, "s390"), @@ -42,49 +51,29 @@ const GptPartitionType gpt_partition_type_table[] = { _GPT_ARCH_SEXTET(X86, "x86"), _GPT_ARCH_SEXTET(X86_64, "x86-64"), #ifdef GPT_ROOT_NATIVE - { GPT_ROOT_NATIVE, "root" }, - { GPT_ROOT_NATIVE_VERITY, "root-verity" }, - { GPT_ROOT_NATIVE_VERITY_SIG, "root-verity-sig" }, - { GPT_USR_NATIVE, "usr" }, - { GPT_USR_NATIVE_VERITY, "usr-verity" }, - { GPT_USR_NATIVE_VERITY_SIG, "usr-verity-sig" }, + { GPT_ROOT_NATIVE, "root", native_architecture(), .is_root = true }, + { GPT_ROOT_NATIVE_VERITY, "root-verity", native_architecture(), .is_root_verity = true }, + { GPT_ROOT_NATIVE_VERITY_SIG, "root-verity-sig", native_architecture(), .is_root_verity_sig = true }, + { GPT_USR_NATIVE, "usr", native_architecture(), .is_usr = true }, + { GPT_USR_NATIVE_VERITY, "usr-verity", native_architecture(), .is_usr_verity = true }, + { GPT_USR_NATIVE_VERITY_SIG, "usr-verity-sig", native_architecture(), .is_usr_verity_sig = true }, #endif #ifdef GPT_ROOT_SECONDARY _GPT_ARCH_SEXTET(SECONDARY, "secondary"), #endif - { GPT_ESP, "esp" }, - { GPT_XBOOTLDR, "xbootldr" }, - { GPT_SWAP, "swap" }, - { GPT_HOME, "home" }, - { GPT_SRV, "srv" }, - { GPT_VAR, "var" }, - { GPT_TMP, "tmp" }, - { GPT_USER_HOME, "user-home" }, - { GPT_LINUX_GENERIC, "linux-generic" }, + { GPT_ESP, "esp", _ARCHITECTURE_INVALID }, + { GPT_XBOOTLDR, "xbootldr", _ARCHITECTURE_INVALID }, + { GPT_SWAP, "swap", _ARCHITECTURE_INVALID }, + { GPT_HOME, "home", _ARCHITECTURE_INVALID }, + { GPT_SRV, "srv", _ARCHITECTURE_INVALID }, + { GPT_VAR, "var", _ARCHITECTURE_INVALID }, + { GPT_TMP, "tmp", _ARCHITECTURE_INVALID }, + { GPT_USER_HOME, "user-home", _ARCHITECTURE_INVALID }, + { GPT_LINUX_GENERIC, "linux-generic", _ARCHITECTURE_INVALID }, {} }; -#define _GPT_ALL_ARCHES(type,suffix) \ - GPT_##type##_ALPHA##suffix, \ - GPT_##type##_ARC##suffix, \ - GPT_##type##_ARM##suffix, \ - GPT_##type##_ARM64##suffix, \ - GPT_##type##_IA64##suffix, \ - GPT_##type##_LOONGARCH64##suffix, \ - GPT_##type##_MIPS_LE##suffix, \ - GPT_##type##_MIPS64_LE##suffix, \ - GPT_##type##_PPC##suffix, \ - GPT_##type##_PPC64##suffix, \ - GPT_##type##_PPC64LE##suffix, \ - GPT_##type##_RISCV32##suffix, \ - GPT_##type##_RISCV64##suffix, \ - GPT_##type##_S390##suffix, \ - GPT_##type##_S390X##suffix, \ - GPT_##type##_TILEGX##suffix, \ - GPT_##type##_X86##suffix, \ - GPT_##type##_X86_64##suffix - const char *gpt_partition_type_uuid_to_string(sd_id128_t id) { for (size_t i = 0; i < ELEMENTSOF(gpt_partition_type_table) - 1; i++) if (sd_id128_equal(id, gpt_partition_type_table[i].uuid)) @@ -121,6 +110,14 @@ int gpt_partition_type_uuid_from_string(const char *s, sd_id128_t *ret) { return sd_id128_from_string(s, ret); } +Architecture gpt_partition_type_uuid_to_arch(sd_id128_t id) { + for (size_t i = 0; i < ELEMENTSOF(gpt_partition_type_table) - 1; i++) + if (sd_id128_equal(id, gpt_partition_type_table[i].uuid)) + return gpt_partition_type_table[i].arch; + + return _ARCHITECTURE_INVALID; +} + int gpt_partition_label_valid(const char *s) { _cleanup_free_ char16_t *recoded = NULL; @@ -131,20 +128,36 @@ int gpt_partition_label_valid(const char *s) { return char16_strlen(recoded) <= GPT_LABEL_MAX; } +static GptPartitionType gpt_partition_type_from_uuid(sd_id128_t id) { + for (size_t i = 0; i < ELEMENTSOF(gpt_partition_type_table) - 1; i++) + if (sd_id128_equal(id, gpt_partition_type_table[i].uuid)) + return gpt_partition_type_table[i]; + + return (GptPartitionType) { .uuid = id, .arch = _ARCHITECTURE_INVALID }; +} + bool gpt_partition_type_is_root(sd_id128_t id) { - return sd_id128_in_set(id, _GPT_ALL_ARCHES(ROOT,)); + return gpt_partition_type_from_uuid(id).is_root; } bool gpt_partition_type_is_root_verity(sd_id128_t id) { - return sd_id128_in_set(id, _GPT_ALL_ARCHES(ROOT, _VERITY)); + return gpt_partition_type_from_uuid(id).is_root_verity; +} + +bool gpt_partition_type_is_root_verity_sig(sd_id128_t id) { + return gpt_partition_type_from_uuid(id).is_root_verity_sig; } bool gpt_partition_type_is_usr(sd_id128_t id) { - return sd_id128_in_set(id, _GPT_ALL_ARCHES(USR,)); + return gpt_partition_type_from_uuid(id).is_usr; } bool gpt_partition_type_is_usr_verity(sd_id128_t id) { - return sd_id128_in_set(id, _GPT_ALL_ARCHES(USR, _VERITY)); + return gpt_partition_type_from_uuid(id).is_usr_verity; +} + +bool gpt_partition_type_is_usr_verity_sig(sd_id128_t id) { + return gpt_partition_type_from_uuid(id).is_usr_verity_sig; } bool gpt_partition_type_knows_read_only(sd_id128_t id) { diff --git a/src/shared/gpt.h b/src/shared/gpt.h index e94bbb2d047..00c829ca79a 100644 --- a/src/shared/gpt.h +++ b/src/shared/gpt.h @@ -5,6 +5,7 @@ #include "sd-id128.h" +#include "architecture.h" #include "id128-util.h" #define GPT_ROOT_ALPHA SD_ID128_MAKE(65,23,f8,ae,3e,b1,4e,2a,a0,5a,18,b6,95,ae,65,6f) @@ -17,7 +18,7 @@ #define GPT_ROOT_MIPS64_LE SD_ID128_MAKE(70,0b,da,43,7a,34,45,07,b1,79,ee,b9,3d,7a,7c,a3) #define GPT_ROOT_PPC SD_ID128_MAKE(1d,e3,f1,ef,fa,98,47,b5,8d,cd,4a,86,0a,65,4d,78) #define GPT_ROOT_PPC64 SD_ID128_MAKE(91,2a,de,1d,a8,39,49,13,89,64,a1,0e,ee,08,fb,d2) -#define GPT_ROOT_PPC64LE SD_ID128_MAKE(c3,1c,45,e6,3f,39,41,2e,80,fb,48,09,c4,98,05,99) +#define GPT_ROOT_PPC64_LE SD_ID128_MAKE(c3,1c,45,e6,3f,39,41,2e,80,fb,48,09,c4,98,05,99) #define GPT_ROOT_RISCV32 SD_ID128_MAKE(60,d5,a7,fe,8e,7d,43,5c,b7,14,3d,d8,16,21,44,e1) #define GPT_ROOT_RISCV64 SD_ID128_MAKE(72,ec,70,a6,cf,74,40,e6,bd,49,4b,da,08,e8,f2,24) #define GPT_ROOT_S390 SD_ID128_MAKE(08,a7,ac,ea,62,4c,4a,20,91,e8,6e,0f,a6,7d,23,f9) @@ -35,7 +36,7 @@ #define GPT_USR_MIPS64_LE SD_ID128_MAKE(c9,7c,1f,32,ba,06,40,b4,9f,22,23,60,61,b0,8a,a8) #define GPT_USR_PPC SD_ID128_MAKE(7d,14,fe,c5,cc,71,41,5d,9d,6c,06,bf,0b,3c,3e,af) #define GPT_USR_PPC64 SD_ID128_MAKE(2c,97,39,e2,f0,68,46,b3,9f,d0,01,c5,a9,af,bc,ca) -#define GPT_USR_PPC64LE SD_ID128_MAKE(15,bb,03,af,77,e7,4d,4a,b1,2b,c0,d0,84,f7,49,1c) +#define GPT_USR_PPC64_LE SD_ID128_MAKE(15,bb,03,af,77,e7,4d,4a,b1,2b,c0,d0,84,f7,49,1c) #define GPT_USR_RISCV32 SD_ID128_MAKE(b9,33,fb,22,5c,3f,4f,91,af,90,e2,bb,0f,a5,07,02) #define GPT_USR_RISCV64 SD_ID128_MAKE(be,ae,c3,4b,84,42,43,9b,a4,0b,98,43,81,ed,09,7d) #define GPT_USR_S390 SD_ID128_MAKE(cd,0f,86,9b,d0,fb,4c,a0,b1,41,9e,a8,7c,c7,8d,66) @@ -54,7 +55,7 @@ #define GPT_ROOT_LOONGARCH64_VERITY SD_ID128_MAKE(f3,39,3b,22,e9,af,46,13,a9,48,9d,3b,fb,d0,c5,35) #define GPT_ROOT_MIPS_LE_VERITY SD_ID128_MAKE(d7,d1,50,d2,2a,04,4a,33,8f,12,16,65,12,05,ff,7b) #define GPT_ROOT_MIPS64_LE_VERITY SD_ID128_MAKE(16,b4,17,f8,3e,06,4f,57,8d,d2,9b,52,32,f4,1a,a6) -#define GPT_ROOT_PPC64LE_VERITY SD_ID128_MAKE(90,6b,d9,44,45,89,4a,ae,a4,e4,dd,98,39,17,44,6a) +#define GPT_ROOT_PPC64_LE_VERITY SD_ID128_MAKE(90,6b,d9,44,45,89,4a,ae,a4,e4,dd,98,39,17,44,6a) #define GPT_ROOT_PPC64_VERITY SD_ID128_MAKE(92,25,a9,a3,3c,19,4d,89,b4,f6,ee,ff,88,f1,76,31) #define GPT_ROOT_PPC_VERITY SD_ID128_MAKE(98,cf,e6,49,15,88,46,dc,b2,f0,ad,d1,47,42,49,25) #define GPT_ROOT_RISCV32_VERITY SD_ID128_MAKE(ae,02,53,be,11,67,40,07,ac,68,43,92,6c,14,c5,de) @@ -72,7 +73,7 @@ #define GPT_USR_LOONGARCH64_VERITY SD_ID128_MAKE(f4,6b,2c,26,59,ae,48,f0,91,06,c5,0e,d4,7f,67,3d) #define GPT_USR_MIPS_LE_VERITY SD_ID128_MAKE(46,b9,8d,8d,b5,5c,4e,8f,aa,b3,37,fc,a7,f8,07,52) #define GPT_USR_MIPS64_LE_VERITY SD_ID128_MAKE(3c,3d,61,fe,b5,f3,41,4d,bb,71,87,39,a6,94,a4,ef) -#define GPT_USR_PPC64LE_VERITY SD_ID128_MAKE(ee,2b,99,83,21,e8,41,53,86,d9,b6,90,1a,54,d1,ce) +#define GPT_USR_PPC64_LE_VERITY SD_ID128_MAKE(ee,2b,99,83,21,e8,41,53,86,d9,b6,90,1a,54,d1,ce) #define GPT_USR_PPC64_VERITY SD_ID128_MAKE(bd,b5,28,a5,a2,59,47,5f,a8,7d,da,53,fa,73,6a,07) #define GPT_USR_PPC_VERITY SD_ID128_MAKE(df,76,5d,00,27,0e,49,e5,bc,75,f4,7b,b2,11,8b,09) #define GPT_USR_RISCV32_VERITY SD_ID128_MAKE(cb,1e,e4,e3,8c,d0,41,36,a0,a4,aa,61,a3,2e,87,30) @@ -92,7 +93,7 @@ #define GPT_ROOT_LOONGARCH64_VERITY_SIG SD_ID128_MAKE(5a,fb,67,eb,ec,c8,4f,85,ae,8e,ac,1e,7c,50,e7,d0) #define GPT_ROOT_MIPS_LE_VERITY_SIG SD_ID128_MAKE(c9,19,cc,1f,44,56,4e,ff,91,8c,f7,5e,94,52,5c,a5) #define GPT_ROOT_MIPS64_LE_VERITY_SIG SD_ID128_MAKE(90,4e,58,ef,5c,65,4a,31,9c,57,6a,f5,fc,7c,5d,e7) -#define GPT_ROOT_PPC64LE_VERITY_SIG SD_ID128_MAKE(d4,a2,36,e7,e8,73,4c,07,bf,1d,bf,6c,f7,f1,c3,c6) +#define GPT_ROOT_PPC64_LE_VERITY_SIG SD_ID128_MAKE(d4,a2,36,e7,e8,73,4c,07,bf,1d,bf,6c,f7,f1,c3,c6) #define GPT_ROOT_PPC64_VERITY_SIG SD_ID128_MAKE(f5,e2,c2,0c,45,b2,4f,fa,bc,e9,2a,60,73,7e,1a,af) #define GPT_ROOT_PPC_VERITY_SIG SD_ID128_MAKE(1b,31,b5,aa,ad,d9,46,3a,b2,ed,bd,46,7f,c8,57,e7) #define GPT_ROOT_RISCV32_VERITY_SIG SD_ID128_MAKE(3a,11,2a,75,87,29,43,80,b4,cf,76,4d,79,93,44,48) @@ -110,7 +111,7 @@ #define GPT_USR_LOONGARCH64_VERITY_SIG SD_ID128_MAKE(b0,24,f3,15,d3,30,44,4c,84,61,44,bb,de,52,4e,99) #define GPT_USR_MIPS_LE_VERITY_SIG SD_ID128_MAKE(3e,23,ca,0b,a4,bc,4b,4e,80,87,5a,b6,a2,6a,a8,a9) #define GPT_USR_MIPS64_LE_VERITY_SIG SD_ID128_MAKE(f2,c2,c7,ee,ad,cc,43,51,b5,c6,ee,98,16,b6,6e,16) -#define GPT_USR_PPC64LE_VERITY_SIG SD_ID128_MAKE(c8,bf,bd,1e,26,8e,45,21,8b,ba,bf,31,4c,39,95,57) +#define GPT_USR_PPC64_LE_VERITY_SIG SD_ID128_MAKE(c8,bf,bd,1e,26,8e,45,21,8b,ba,bf,31,4c,39,95,57) #define GPT_USR_PPC64_VERITY_SIG SD_ID128_MAKE(0b,88,88,63,d7,f8,4d,9e,97,66,23,9f,ce,4d,58,af) #define GPT_USR_PPC_VERITY_SIG SD_ID128_MAKE(70,07,89,1d,d3,71,4a,80,86,a4,5c,b8,75,b9,30,2e) #define GPT_USR_RISCV32_VERITY_SIG SD_ID128_MAKE(c3,83,6a,13,31,37,45,ba,b5,83,b1,6c,50,fe,5e,b4) @@ -186,12 +187,12 @@ # define GPT_USR_NATIVE_VERITY_SIG GPT_USR_LOONGARCH64_VERITY_SIG #elif defined(__powerpc__) && defined(__PPC64__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ -# define GPT_ROOT_NATIVE GPT_ROOT_PPC64LE -# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC64LE_VERITY -# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_PPC64LE_VERITY_SIG -# define GPT_USR_NATIVE GPT_USR_PPC64LE -# define GPT_USR_NATIVE_VERITY GPT_USR_PPC64LE_VERITY -# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_PPC64LE_VERITY_SIG +# define GPT_ROOT_NATIVE GPT_ROOT_PPC64_LE +# define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC64_LE_VERITY +# define GPT_ROOT_NATIVE_VERITY_SIG GPT_ROOT_PPC64_LE_VERITY_SIG +# define GPT_USR_NATIVE GPT_USR_PPC64_LE +# define GPT_USR_NATIVE_VERITY GPT_USR_PPC64_LE_VERITY +# define GPT_USR_NATIVE_VERITY_SIG GPT_USR_PPC64_LE_VERITY_SIG #elif defined(__powerpc__) && defined(__powerpc64__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ # define GPT_ROOT_NATIVE GPT_ROOT_PPC64 # define GPT_ROOT_NATIVE_VERITY GPT_ROOT_PPC64_VERITY @@ -288,9 +289,19 @@ const char *gpt_partition_type_uuid_to_string_harder( char buffer[static ID128_UUID_STRING_MAX]); int gpt_partition_type_uuid_from_string(const char *s, sd_id128_t *ret); +Architecture gpt_partition_type_uuid_to_arch(sd_id128_t id); + typedef struct GptPartitionType { sd_id128_t uuid; const char *name; + Architecture arch; + + bool is_root:1; + bool is_root_verity:1; + bool is_root_verity_sig:1; + bool is_usr:1; + bool is_usr_verity:1; + bool is_usr_verity_sig:1; } GptPartitionType; extern const GptPartitionType gpt_partition_type_table[]; @@ -299,8 +310,10 @@ int gpt_partition_label_valid(const char *s); bool gpt_partition_type_is_root(sd_id128_t id); bool gpt_partition_type_is_root_verity(sd_id128_t id); +bool gpt_partition_type_is_root_verity_sig(sd_id128_t id); bool gpt_partition_type_is_usr(sd_id128_t id); bool gpt_partition_type_is_usr_verity(sd_id128_t id); +bool gpt_partition_type_is_usr_verity_sig(sd_id128_t id); bool gpt_partition_type_knows_read_only(sd_id128_t id); bool gpt_partition_type_knows_growfs(sd_id128_t id); diff --git a/src/test/test-gpt.c b/src/test/test-gpt.c index 7ee044ba50c..6fa546de2ad 100644 --- a/src/test/test-gpt.c +++ b/src/test/test-gpt.c @@ -47,6 +47,8 @@ static void test_gpt_types_against_architectures(void) { assert_se(gpt_partition_type_is_usr(id)); if (streq(prefix, "usr-") && streq(suffix, "-verity")) assert_se(gpt_partition_type_is_usr_verity(id)); + + assert_se(gpt_partition_type_uuid_to_arch(id) == a); } } } diff --git a/tools/list-discoverable-partitions.py b/tools/list-discoverable-partitions.py index 8d95902eba3..0d653f81864 100644 --- a/tools/list-discoverable-partitions.py +++ b/tools/list-discoverable-partitions.py @@ -21,7 +21,7 @@ ARCHITECTURES = { 'MIPS64_LE': '64-bit MIPS LittleEndian (mips64el)', 'PPC': '32-bit PowerPC', 'PPC64': '64-bit PowerPC BigEndian', - 'PPC64LE': '64-bit PowerPC LittleEndian', + 'PPC64_LE': '64-bit PowerPC LittleEndian', 'RISCV32': 'RISC-V 32-bit', 'RISCV64': 'RISC-V 64-bit', 'S390': 's390', @@ -146,7 +146,7 @@ def extract(file): if not m: continue - if m2 := re.match(r'^(ROOT|USR)_([A-Z0-9]+|X86_64|MIPS_LE|MIPS64_LE)(|_VERITY|_VERITY_SIG)\s+SD_ID128_MAKE\((.*)\)', m.group(1)): + if m2 := re.match(r'^(ROOT|USR)_([A-Z0-9]+|X86_64|PPC64_LE|MIPS_LE|MIPS64_LE)(|_VERITY|_VERITY_SIG)\s+SD_ID128_MAKE\((.*)\)', m.group(1)): type, arch, suffix, u = m2.groups() u = uuid.UUID(u.replace(',', '')) assert arch in ARCHITECTURES