diff --git a/src/shared/extension-release.c b/src/shared/extension-release.c new file mode 100644 index 00000000000..5eecf5a3236 --- /dev/null +++ b/src/shared/extension-release.c @@ -0,0 +1,79 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "alloc-util.h" +#include "env-util.h" +#include "extension-release.h" +#include "log.h" +#include "os-util.h" +#include "strv.h" + +int extension_release_validate( + const char *name, + const char *host_os_release_id, + const char *host_os_release_version_id, + const char *host_os_release_sysext_level, + char **extension_release) { + + const char *extension_release_id = NULL, *extension_release_sysext_level = NULL; + + assert(name); + assert(!isempty(host_os_release_id)); + + /* Now that we can look into the extension image, let's see if the OS version is compatible */ + if (strv_isempty(extension_release)) { + log_debug("Extension '%s' carries no extension-release data, ignoring extension.", name); + return 0; + } + + extension_release_id = strv_env_pairs_get(extension_release, "ID"); + if (isempty(extension_release_id)) { + log_debug("Extension '%s' does not contain ID in extension-release but requested to match '%s'", + name, strna(host_os_release_id)); + return 0; + } + + if (!streq_ptr(host_os_release_id, extension_release_id)) { + log_debug("Extension '%s' is for OS '%s', but deployed on top of '%s'.", + name, strna(extension_release_id), strna(host_os_release_id)); + return 0; + } + + /* Rolling releases do not typically set VERSION_ID (eg: ArchLinux) */ + if (isempty(host_os_release_version_id) && isempty(host_os_release_sysext_level)) { + log_debug("No version info on the host (rolling release?), but ID in %s matched.", name); + return 1; + } + + /* If the extension has a sysext API level declared, then it must match the host API + * level. Otherwise, compare OS version as a whole */ + extension_release_sysext_level = strv_env_pairs_get(extension_release, "SYSEXT_LEVEL"); + if (!isempty(host_os_release_sysext_level) && !isempty(extension_release_sysext_level)) { + if (!streq_ptr(host_os_release_sysext_level, extension_release_sysext_level)) { + log_debug("Extension '%s' is for sysext API level '%s', but running on sysext API level '%s'", + name, strna(extension_release_sysext_level), strna(host_os_release_sysext_level)); + return 0; + } + } else if (!isempty(host_os_release_version_id)) { + const char *extension_release_version_id; + + extension_release_version_id = strv_env_pairs_get(extension_release, "VERSION_ID"); + if (isempty(extension_release_version_id)) { + log_debug("Extension '%s' does not contain VERSION_ID in extension-release but requested to match '%s'", + name, strna(host_os_release_version_id)); + return 0; + } + + if (!streq_ptr(host_os_release_version_id, extension_release_version_id)) { + log_debug("Extension '%s' is for OS '%s', but deployed on top of '%s'.", + name, strna(extension_release_version_id), strna(host_os_release_version_id)); + return 0; + } + } else if (isempty(host_os_release_version_id) && isempty(host_os_release_sysext_level)) { + /* Rolling releases do not typically set VERSION_ID (eg: ArchLinux) */ + log_debug("No version info on the host (rolling release?), but ID in %s matched.", name); + return 1; + } + + log_debug("Version info of extension '%s' matches host.", name); + return 1; +} diff --git a/src/shared/extension-release.h b/src/shared/extension-release.h new file mode 100644 index 00000000000..5c77010b0e1 --- /dev/null +++ b/src/shared/extension-release.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +/* Given an image name (for logging purposes), a set of os-release values from the host and a key-value pair + * vector of extension-release variables, check that the distro and (system extension level or distro + * version) match and return 1, and 0 otherwise. */ +int extension_release_validate( + const char *name, + const char *host_os_release_id, + const char *host_os_release_version_id, + const char *host_os_release_sysext_level, + char **extension_release); diff --git a/src/shared/meson.build b/src/shared/meson.build index 6d9a5c5b65c..dfa3275b049 100644 --- a/src/shared/meson.build +++ b/src/shared/meson.build @@ -100,6 +100,8 @@ shared_sources = files(''' exec-util.h exit-status.c exit-status.h + extension-release.c + extension-release.h fdset.c fdset.h fileio-label.c diff --git a/src/shared/os-util.c b/src/shared/os-util.c index 9aed3b5df4d..3405c9aeaf0 100644 --- a/src/shared/os-util.c +++ b/src/shared/os-util.c @@ -193,74 +193,3 @@ int load_extension_release_pairs(const char *root, const char *extension, char * return load_env_file_pairs(f, p, ret); } - -int extension_release_validate( - const char *name, - const char *host_os_release_id, - const char *host_os_release_version_id, - const char *host_os_release_sysext_level, - char **extension_release) { - - const char *extension_release_id = NULL, *extension_release_sysext_level = NULL; - - assert(name); - assert(!isempty(host_os_release_id)); - - /* Now that we can look into the extension image, let's see if the OS version is compatible */ - if (strv_isempty(extension_release)) { - log_debug("Extension '%s' carries no extension-release data, ignoring extension.", name); - return 0; - } - - extension_release_id = strv_env_pairs_get(extension_release, "ID"); - if (isempty(extension_release_id)) { - log_debug("Extension '%s' does not contain ID in extension-release but requested to match '%s'", - name, strna(host_os_release_id)); - return 0; - } - - if (!streq_ptr(host_os_release_id, extension_release_id)) { - log_debug("Extension '%s' is for OS '%s', but deployed on top of '%s'.", - name, strna(extension_release_id), strna(host_os_release_id)); - return 0; - } - - /* Rolling releases do not typically set VERSION_ID (eg: ArchLinux) */ - if (isempty(host_os_release_version_id) && isempty(host_os_release_sysext_level)) { - log_debug("No version info on the host (rolling release?), but ID in %s matched.", name); - return 1; - } - - /* If the extension has a sysext API level declared, then it must match the host API - * level. Otherwise, compare OS version as a whole */ - extension_release_sysext_level = strv_env_pairs_get(extension_release, "SYSEXT_LEVEL"); - if (!isempty(host_os_release_sysext_level) && !isempty(extension_release_sysext_level)) { - if (!streq_ptr(host_os_release_sysext_level, extension_release_sysext_level)) { - log_debug("Extension '%s' is for sysext API level '%s', but running on sysext API level '%s'", - name, strna(extension_release_sysext_level), strna(host_os_release_sysext_level)); - return 0; - } - } else if (!isempty(host_os_release_version_id)) { - const char *extension_release_version_id; - - extension_release_version_id = strv_env_pairs_get(extension_release, "VERSION_ID"); - if (isempty(extension_release_version_id)) { - log_debug("Extension '%s' does not contain VERSION_ID in extension-release but requested to match '%s'", - name, strna(host_os_release_version_id)); - return 0; - } - - if (!streq_ptr(host_os_release_version_id, extension_release_version_id)) { - log_debug("Extension '%s' is for OS '%s', but deployed on top of '%s'.", - name, strna(extension_release_version_id), strna(host_os_release_version_id)); - return 0; - } - } else if (isempty(host_os_release_version_id) && isempty(host_os_release_sysext_level)) { - /* Rolling releases do not typically set VERSION_ID (eg: ArchLinux) */ - log_debug("No version info on the host (rolling release?), but ID in %s matched.", name); - return 1; - } - - log_debug("Version info of extension '%s' matches host.", name); - return 1; -} diff --git a/src/shared/os-util.h b/src/shared/os-util.h index d4bff5e48ef..bdb9e6adea9 100644 --- a/src/shared/os-util.h +++ b/src/shared/os-util.h @@ -26,8 +26,3 @@ int parse_os_release(const char *root, ...) _sentinel_; int load_extension_release_pairs(const char *root, const char *extension, char ***ret); int load_os_release_pairs(const char *root, char ***ret); int load_os_release_pairs_with_prefix(const char *root, const char *prefix, char ***ret); - -/* Given an image name (for logging purposes), a set of os-release values from the host - * and a key-value pair vector of extension-release variables, check that the distro and - * (system extension level or distro version) match and return 1, and 0 otherwise. */ -int extension_release_validate(const char *name, const char *host_os_release_id, const char *host_os_release_version_id, const char *host_os_release_sysext_level, char **extension_release); diff --git a/src/sysext/sysext.c b/src/sysext/sysext.c index cd824887bf7..e06108d3a12 100644 --- a/src/sysext/sysext.c +++ b/src/sysext/sysext.c @@ -10,6 +10,7 @@ #include "dissect-image.h" #include "env-util.h" #include "escape.h" +#include "extension-release.h" #include "fd-util.h" #include "fileio.h" #include "format-table.h"