19020191358

Committed 02 Nov 2025 05:04PM UTC coverage: 72.222% (-0.02%) from 72.241%

Build # 19020191358

Build Type

push

github

Committed by

web-flow

Commit Message

Enhance docs for ukify and direct kernel boots (#39516)

Run Details

305246 of 422650 relevant lines covered (72.22%)

1085243.28 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/veritysetup/veritysetup.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <stdio.h>
#include <sys/stat.h>

#include "sd-device.h"

#include "alloc-util.h"
#include "argv-util.h"
#include "cryptsetup-util.h"
#include "extract-word.h"
#include "fileio.h"
#include "fstab-util.h"
#include "hexdecoct.h"
#include "log.h"
#include "main-func.h"
#include "parse-util.h"
#include "path-util.h"
#include "pretty-print.h"
#include "string-util.h"
#include "strv.h"
#include "verbs.h"

static char *arg_hash = NULL; /* the hash algorithm */
static bool arg_superblock = true;
static int arg_format = 1;
static uint64_t arg_data_block_size = 4096;
static uint64_t arg_hash_block_size = 4096;
static uint64_t arg_data_blocks = 0;
static uint64_t arg_hash_offset = 0;
static void *arg_salt = NULL;
static uint64_t arg_salt_size = 32;
static char *arg_uuid = NULL;
static uint32_t arg_activate_flags = CRYPT_ACTIVATE_READONLY;
static char *arg_fec_what = NULL;
static uint64_t arg_fec_offset = 0;
static uint64_t arg_fec_roots = 2;
static void *arg_root_hash_signature = NULL;
static size_t arg_root_hash_signature_size = 0;
static bool arg_root_hash_signature_auto = false;

STATIC_DESTRUCTOR_REGISTER(arg_hash, freep);
STATIC_DESTRUCTOR_REGISTER(arg_salt, freep);
STATIC_DESTRUCTOR_REGISTER(arg_uuid, freep);
STATIC_DESTRUCTOR_REGISTER(arg_fec_what, freep);
STATIC_DESTRUCTOR_REGISTER(arg_root_hash_signature, freep);

static int help(void) {
        _cleanup_free_ char *link = NULL;
        int r;

        r = terminal_urlify_man("systemd-veritysetup@.service", "8", &link);
        if (r < 0)
                return log_oom();

        printf("%s attach VOLUME DATADEVICE HASHDEVICE ROOTHASH [OPTIONS]\n"
               "%s detach VOLUME\n\n"
               "Attach or detach a verity protected block device.\n"
               "\nSee the %s for details.\n",
               program_invocation_short_name,
               program_invocation_short_name,
               link);

        return 0;
}

static int parse_roothashsig_option(const char *option, bool strict) {
        _cleanup_free_ void *rhs = NULL;
        size_t rhss = 0;
        bool set_auto = false;
        int r;

        assert(option);

        const char *value = startswith(option, "base64:");
        if (value) {
                r = unbase64mem(value, &rhs, &rhss);
                if (r < 0)
                        return log_error_errno(r, "Failed to parse root hash signature '%s': %m", option);

        } else if (path_is_absolute(option)) {
                r = read_full_file_full(
                                AT_FDCWD,
                                option,
                                /* offset= */ UINT64_MAX,
                                /* size= */ SIZE_MAX,
                                READ_FULL_FILE_CONNECT_SOCKET,
                                /* bind_name= */ NULL,
                                (char**) &rhs,
                                &rhss);
                if (r < 0)
                        return log_error_errno(r, "Failed to read root hash signature: %m");

        } else if (streq(option, "auto"))
                /* auto → Derive signature from udev property ID_DISSECT_PART_ROOTHASH_SIG */
                set_auto = true;
        else if (strict)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "root-hash-signature= expects either full path to signature file or "
                                       "base64 string encoding signature prefixed by base64:.");
        else
                return false;

        free_and_replace(arg_root_hash_signature, rhs);
        arg_root_hash_signature_size = rhss;
        arg_root_hash_signature_auto = set_auto;

        return true;
}

static int parse_block_size(const char *t, uint64_t *size) {
        uint64_t u;
        int r;

        r = parse_size(t, 1024, &u);
        if (r < 0)
                return r;

        if (u < 512 || u > (512 * 1024))
                return -ERANGE;

        if ((u % 512) != 0 || !ISPOWEROF2(u))
                return -EINVAL;

        *size = u;

        return 0;
}

static int parse_options(const char *options) {
        int r;

        /* backward compatibility with the obsolete ROOTHASHSIG positional argument */
        r = parse_roothashsig_option(options, /* strict= */ false);
        if (r < 0)
                return r;
        if (r > 0) {
                log_warning("Usage of ROOTHASHSIG positional argument is deprecated. "
                            "Please use the option root-hash-signature=%s instead.", options);
                return 0;
        }

        for (;;) {
                _cleanup_free_ char *word = NULL;
                char *val;

                r = extract_first_word(&options, &word, ",", EXTRACT_DONT_COALESCE_SEPARATORS | EXTRACT_UNESCAPE_SEPARATORS);
                if (r < 0)
                        return log_error_errno(r, "Failed to parse options: %m");
                if (r == 0)
                        break;

                if (STR_IN_SET(word, "noauto", "auto", "nofail", "fail", "_netdev"))
                        continue;

                if (isempty(word))
                        continue;
                else if (streq(word, "ignore-corruption"))
                        arg_activate_flags |= CRYPT_ACTIVATE_IGNORE_CORRUPTION;
                else if (streq(word, "restart-on-corruption"))
                        arg_activate_flags |= CRYPT_ACTIVATE_RESTART_ON_CORRUPTION;
                else if (streq(word, "ignore-zero-blocks"))
                        arg_activate_flags |= CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS;
#ifdef CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE
                else if (streq(word, "check-at-most-once"))
                        arg_activate_flags |= CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE;
#endif
#ifdef CRYPT_ACTIVATE_PANIC_ON_CORRUPTION
                else if (streq(word, "panic-on-corruption"))
                        arg_activate_flags |= CRYPT_ACTIVATE_PANIC_ON_CORRUPTION;
#endif
                else if ((val = startswith(word, "superblock="))) {

                        r = parse_boolean(val);
                        if (r < 0)
                                return log_error_errno(r, "Failed to parse boolean '%s': %m", word);

                        arg_superblock = r;
                } else if ((val = startswith(word, "format="))) {

                        if (!STR_IN_SET(val, "0", "1"))
                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "format= expects either 0 (original Chrome OS version) or "
                                                                                "1 (modern version).");

                        arg_format = val[0] - '0';
                } else if ((val = startswith(word, "data-block-size="))) {
                        uint64_t sz;

                        r = parse_block_size(val, &sz);
                        if (r < 0)
                                return log_error_errno(r, "Failed to parse size '%s': %m", word);

                        arg_data_block_size = sz;
                } else if ((val = startswith(word, "hash-block-size="))) {
                        uint64_t sz;

                        r = parse_block_size(val, &sz);
                        if (r < 0)
                                return log_error_errno(r, "Failed to parse size '%s': %m", word);

                        arg_hash_block_size = sz;
                } else if ((val = startswith(word, "data-blocks="))) {
                        uint64_t u;

                        r = safe_atou64(val, &u);
                        if (r < 0)
                                return log_error_errno(r, "Failed to parse number '%s': %m", word);

                        arg_data_blocks = u;
                } else if ((val = startswith(word, "hash-offset="))) {
                        uint64_t off;

                        r = parse_size(val, 1024, &off);
                        if (r < 0)
                                return log_error_errno(r, "Failed to parse offset '%s': %m", word);
                        if (off % 512 != 0)
                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "hash-offset= expects a 512-byte aligned value.");

                        arg_hash_offset = off;
                } else if ((val = startswith(word, "salt="))) {

                        if (!string_is_safe(val))
                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "salt= is not valid.");

                        if (isempty(val)) {
                                arg_salt = mfree(arg_salt);
                                arg_salt_size = 32;
                        } else if (streq(val, "-")) {
                                arg_salt = mfree(arg_salt);
                                arg_salt_size = 0;
                        } else {
                                size_t l;
                                void *m;

                                r = unhexmem(val, &m, &l);
                                if (r < 0)
                                        return log_error_errno(r, "Failed to parse salt '%s': %m", word);

                                free_and_replace(arg_salt, m);
                                arg_salt_size = l;
                        }
                } else if ((val = startswith(word, "uuid="))) {

                        r = sd_id128_from_string(val, NULL);
                        if (r < 0)
                                return log_error_errno(r, "Failed to parse UUID '%s': %m", word);

                        r = free_and_strdup(&arg_uuid, val);
                        if (r < 0)
                                return log_oom();
                } else if ((val = startswith(word, "hash="))) {

                        r = free_and_strdup(&arg_hash, val);
                        if (r < 0)
                                return log_oom();
                } else if ((val = startswith(word, "fec-device="))) {
                        _cleanup_free_ char *what = NULL;

                        what = fstab_node_to_udev_node(val);
                        if (!what)
                                return log_oom();

                        if (!path_is_absolute(what))
                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "fec-device= expects an absolute path.");

                        if (!path_is_normalized(what))
                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "fec-device= expects an normalized path.");

                        r = free_and_strdup(&arg_fec_what, what);
                        if (r < 0)
                                return log_oom();
                } else if ((val = startswith(word, "fec-offset="))) {
                        uint64_t off;

                        r = parse_size(val, 1024, &off);
                        if (r < 0)
                                return log_error_errno(r, "Failed to parse offset '%s': %m", word);
                        if (off % 512 != 0)
                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "fec-offset= expects a 512-byte aligned value.");

                        arg_fec_offset = off;
                } else if ((val = startswith(word, "fec-roots="))) {
                        uint64_t u;

                        r = safe_atou64(val, &u);
                        if (r < 0)
                                return log_error_errno(r, "Failed to parse number '%s', ignoring: %m", word);
                        if (u < 2 || u > 24)
                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "fec-rootfs= expects a value between 2 and 24 (including).");

                        arg_fec_roots = u;
                } else if ((val = startswith(word, "root-hash-signature="))) {
                        r = parse_roothashsig_option(val, /* strict= */ true);
                        if (r < 0)
                                return r;

                } else
                        log_warning("Encountered unknown option '%s', ignoring.", word);
        }

        return r;
}

static int verb_attach(int argc, char *argv[], void *userdata) {
        _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
        _cleanup_free_ void *rh = NULL;
        struct crypt_params_verity p = {};
        crypt_status_info status;
        size_t rh_size = 0;
        int r;

        assert(argc >= 5);

        const char *volume = argv[1],
                *data_device = argv[2],
                *verity_device = argv[3],
                *root_hash = argv[4],
                *options = mangle_none(argc > 5 ? argv[5] : NULL);

        if (!filename_is_valid(volume))
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);

        if (options) {
                r = parse_options(options);
                if (r < 0)
                        return log_error_errno(r, "Failed to parse options: %m");
        }

        if (empty_or_dash(root_hash) || streq_ptr(root_hash, "auto"))
                root_hash = NULL;

        _cleanup_(sd_device_unrefp) sd_device *datadev = NULL;
        if (!root_hash || arg_root_hash_signature_auto) {
                r = sd_device_new_from_path(&datadev, data_device);
                if (r < 0)
                        return log_error_errno(r, "Failed to acquire udev object for data device '%s': %m", data_device);
        }

        if (!root_hash) {
                /* If no literal root hash is specified try to determine it automatically from the
                 * ID_DISSECT_PART_ROOTHASH udev property. */
                r = sd_device_get_property_value(ASSERT_PTR(datadev), "ID_DISSECT_PART_ROOTHASH", &root_hash);
                if (r < 0)
                        return log_error_errno(r, "No root hash specified, and device doesn't carry ID_DISSECT_PART_ROOTHASH property, cannot determine root hash.");
        }

        r = unhexmem(root_hash, &rh, &rh_size);
        if (r < 0)
                return log_error_errno(r, "Failed to parse root hash: %m");

        if (arg_root_hash_signature_auto) {
                assert(!arg_root_hash_signature);
                assert(arg_root_hash_signature_size == 0);

                const char *t;
                r = sd_device_get_property_value(ASSERT_PTR(datadev), "ID_DISSECT_PART_ROOTHASH_SIG", &t);
                if (r < 0)
                        return log_error_errno(r, "Automatic root hash signature pick up requested, and device doesn't carry ID_DISSECT_PART_ROOTHASH_SIG property, cannot determine root hash signature.");

                r = unbase64mem(t, &arg_root_hash_signature, &arg_root_hash_signature_size);
                if (r < 0)
                        return log_error_errno(r, "Failed to decode root hash signature data from udev data device: %m");
        }

        r = crypt_init(&cd, verity_device);
        if (r < 0)
                return log_error_errno(r, "Failed to open verity device %s: %m", verity_device);

        cryptsetup_enable_logging(cd);

        status = crypt_status(cd, volume);
        if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) {
                log_info("Volume %s already active.", volume);
                return 0;
        }

        if (arg_superblock) {
                p = (struct crypt_params_verity) {
                        .fec_device = arg_fec_what,
                        .hash_area_offset = arg_hash_offset,
                        .fec_area_offset = arg_fec_offset,
                        .fec_roots = arg_fec_roots,
                };

                r = crypt_load(cd, CRYPT_VERITY, &p);
                if (r < 0)
                        return log_error_errno(r, "Failed to load verity superblock: %m");
        } else {
                p = (struct crypt_params_verity) {
                        .hash_name = arg_hash,
                        .data_device = data_device,
                        .fec_device = arg_fec_what,
                        .salt = arg_salt,
                        .salt_size = arg_salt_size,
                        .hash_type = arg_format,
                        .data_block_size = arg_data_block_size,
                        .hash_block_size = arg_hash_block_size,
                        .data_size = arg_data_blocks,
                        .hash_area_offset = arg_hash_offset,
                        .fec_area_offset = arg_fec_offset,
                        .fec_roots = arg_fec_roots,
                        .flags = CRYPT_VERITY_NO_HEADER,
                };

                r = crypt_format(cd, CRYPT_VERITY, NULL, NULL, arg_uuid, NULL, 0, &p);
                if (r < 0)
                        return log_error_errno(r, "Failed to format verity superblock: %m");
        }

        r = crypt_set_data_device(cd, data_device);
        if (r < 0)
                return log_error_errno(r, "Failed to configure data device: %m");

        if (arg_root_hash_signature_size > 0) {
                r = crypt_activate_by_signed_key(cd, volume, rh, rh_size, arg_root_hash_signature, arg_root_hash_signature_size, arg_activate_flags);
                if (r < 0) {
                        log_info_errno(r, "Unable to activate verity device '%s' with root hash signature (%m), retrying without.", volume);

                        r = crypt_activate_by_volume_key(cd, volume, rh, rh_size, arg_activate_flags);
                        if (r < 0)
                                return log_error_errno(r, "Failed to activate verity device '%s' both with and without root hash signature: %m", volume);

                        log_info("Activation of verity device '%s' succeeded without root hash signature.", volume);
                }
        } else
                r = crypt_activate_by_volume_key(cd, volume, rh, rh_size, arg_activate_flags);
        if (r < 0)
                return log_error_errno(r, "Failed to set up verity device '%s': %m", volume);

        return 0;
}

static int verb_detach(int argc, char *argv[], void *userdata) {
        _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
        int r;

        assert(argc == 2);

        const char *volume = argv[1];

        if (!filename_is_valid(volume))
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);

        r = crypt_init_by_name(&cd, volume);
        if (r == -ENODEV) {
                log_info("Volume %s 'already' inactive.", volume);
                return 0;
        }
        if (r < 0)
                return log_error_errno(r, "crypt_init_by_name() for volume '%s' failed: %m", volume);

        cryptsetup_enable_logging(cd);

        r = crypt_deactivate(cd, volume);
        if (r < 0)
                return log_error_errno(r, "Failed to deactivate volume '%s': %m", volume);

        return 0;
}

static int run(int argc, char *argv[]) {
        if (argv_looks_like_help(argc, argv))
                return help();

        log_setup();

        cryptsetup_enable_logging(NULL);

        umask(0022);

        static const Verb verbs[] = {
                { "attach", 5, 6, 0, verb_attach },
                { "detach", 2, 2, 0, verb_detach },
                {}
        };

        return dispatch_verb(argc, argv, verbs, NULL);
}

DEFINE_MAIN_FUNCTION(run);

1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3	#include <stdio.h>
4	#include <sys/stat.h>
5
6	#include "sd-device.h"
7
8	#include "alloc-util.h"
9	#include "argv-util.h"
10	#include "cryptsetup-util.h"
11	#include "extract-word.h"
12	#include "fileio.h"
13	#include "fstab-util.h"
14	#include "hexdecoct.h"
15	#include "log.h"
16	#include "main-func.h"
17	#include "parse-util.h"
18	#include "path-util.h"
19	#include "pretty-print.h"
20	#include "string-util.h"
21	#include "strv.h"
22	#include "verbs.h"
23
24	static char arg_hash = NULL; / the hash algorithm */
25	static bool arg_superblock = true;
26	static int arg_format = 1;
27	static uint64_t arg_data_block_size = 4096;
28	static uint64_t arg_hash_block_size = 4096;
29	static uint64_t arg_data_blocks = 0;
30	static uint64_t arg_hash_offset = 0;
31	static void *arg_salt = NULL;
32	static uint64_t arg_salt_size = 32;
33	static char *arg_uuid = NULL;
34	static uint32_t arg_activate_flags = CRYPT_ACTIVATE_READONLY;
35	static char *arg_fec_what = NULL;
36	static uint64_t arg_fec_offset = 0;
37	static uint64_t arg_fec_roots = 2;
38	static void *arg_root_hash_signature = NULL;
39	static size_t arg_root_hash_signature_size = 0;
40	static bool arg_root_hash_signature_auto = false;
41
42	STATIC_DESTRUCTOR_REGISTER(arg_hash, freep);	×
43	STATIC_DESTRUCTOR_REGISTER(arg_salt, freep);	×
44	STATIC_DESTRUCTOR_REGISTER(arg_uuid, freep);	×
45	STATIC_DESTRUCTOR_REGISTER(arg_fec_what, freep);	×
46	STATIC_DESTRUCTOR_REGISTER(arg_root_hash_signature, freep);	×
47
48	static int help(void) {	×
49	_cleanup_free_ char *link = NULL;	×
50	int r;	×
51
52	r = terminal_urlify_man("systemd-veritysetup@.service", "8", &link);	×
53	if (r < 0)	×
54	return log_oom();	×
55
56	printf("%s attach VOLUME DATADEVICE HASHDEVICE ROOTHASH [OPTIONS]\n"	×
57	"%s detach VOLUME\n\n"
58	"Attach or detach a verity protected block device.\n"
59	"\nSee the %s for details.\n",
60	program_invocation_short_name,
61	program_invocation_short_name,
62	link);
63
64	return 0;
65	}
66
67	static int parse_roothashsig_option(const char *option, bool strict) {	×
68	_cleanup_free_ void *rhs = NULL;	×
69	size_t rhss = 0;	×
70	bool set_auto = false;	×
71	int r;	×
72
73	assert(option);	×
74
75	const char *value = startswith(option, "base64:");	×
76	if (value) {	×
77	r = unbase64mem(value, &rhs, &rhss);	×
78	if (r < 0)	×
79	return log_error_errno(r, "Failed to parse root hash signature '%s': %m", option);	×
80
81	} else if (path_is_absolute(option)) {	×
82	r = read_full_file_full(	×
83	AT_FDCWD,
84	option,
85	/* offset= */ UINT64_MAX,
86	/* size= */ SIZE_MAX,
87	READ_FULL_FILE_CONNECT_SOCKET,
88	/* bind_name= */ NULL,
89	(char**) &rhs,
90	&rhss);
91	if (r < 0)	×
92	return log_error_errno(r, "Failed to read root hash signature: %m");	×
93
94	} else if (streq(option, "auto"))	×
95	/* auto → Derive signature from udev property ID_DISSECT_PART_ROOTHASH_SIG */
96	set_auto = true;
97	else if (strict)	×
98	return log_error_errno(SYNTHETIC_ERRNO(EINVAL),	×
99	"root-hash-signature= expects either full path to signature file or "
100	"base64 string encoding signature prefixed by base64:.");
101	else
102	return false;
103
104	free_and_replace(arg_root_hash_signature, rhs);	×
105	arg_root_hash_signature_size = rhss;	×
106	arg_root_hash_signature_auto = set_auto;	×
107
108	return true;	×
109	}
110
111	static int parse_block_size(const char t, uint64_t size) {	×
112	uint64_t u;	×
113	int r;	×
114
115	r = parse_size(t, 1024, &u);	×
116	if (r < 0)	×
117	return r;	×
118
119	if (u < 512 \|\| u > (512 * 1024))	×
120	return -ERANGE;
121
122	if ((u % 512) != 0 \|\| !ISPOWEROF2(u))	×
123	return -EINVAL;
124
125	*size = u;	×
126
127	return 0;	×
128	}
129
130	static int parse_options(const char *options) {	×
131	int r;	×
132
133	/* backward compatibility with the obsolete ROOTHASHSIG positional argument */
134	r = parse_roothashsig_option(options, /* strict= */ false);	×
135	if (r < 0)	×
136	return r;
137	if (r > 0) {	×
138	log_warning("Usage of ROOTHASHSIG positional argument is deprecated. "	×
139	"Please use the option root-hash-signature=%s instead.", options);
140	return 0;	×
141	}
142
143	for (;;) {	×
144	_cleanup_free_ char *word = NULL;	×
145	char *val;	×
146
147	r = extract_first_word(&options, &word, ",", EXTRACT_DONT_COALESCE_SEPARATORS \| EXTRACT_UNESCAPE_SEPARATORS);	×
148	if (r < 0)	×
149	return log_error_errno(r, "Failed to parse options: %m");	×
150	if (r == 0)	×
151	break;
152
153	if (STR_IN_SET(word, "noauto", "auto", "nofail", "fail", "_netdev"))	×
154	continue;	×
155
156	if (isempty(word))	×
157	continue;	×
158	else if (streq(word, "ignore-corruption"))	×
159	arg_activate_flags \|= CRYPT_ACTIVATE_IGNORE_CORRUPTION;	×
160	else if (streq(word, "restart-on-corruption"))	×
161	arg_activate_flags \|= CRYPT_ACTIVATE_RESTART_ON_CORRUPTION;	×
162	else if (streq(word, "ignore-zero-blocks"))	×
163	arg_activate_flags \|= CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS;	×
164	#ifdef CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE
165	else if (streq(word, "check-at-most-once"))	×
166	arg_activate_flags \|= CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE;	×
167	#endif
168	#ifdef CRYPT_ACTIVATE_PANIC_ON_CORRUPTION
169	else if (streq(word, "panic-on-corruption"))	×
170	arg_activate_flags \|= CRYPT_ACTIVATE_PANIC_ON_CORRUPTION;	×
171	#endif
172	else if ((val = startswith(word, "superblock="))) {	×
173
174	r = parse_boolean(val);	×
175	if (r < 0)	×
176	return log_error_errno(r, "Failed to parse boolean '%s': %m", word);	×
177
178	arg_superblock = r;	×
179	} else if ((val = startswith(word, "format="))) {	×
180
181	if (!STR_IN_SET(val, "0", "1"))	×
182	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "format= expects either 0 (original Chrome OS version) or "	×
183	"1 (modern version).");
184
185	arg_format = val[0] - '0';	×
186	} else if ((val = startswith(word, "data-block-size="))) {	×
187	uint64_t sz;	×
188
189	r = parse_block_size(val, &sz);	×
190	if (r < 0)	×
191	return log_error_errno(r, "Failed to parse size '%s': %m", word);	×
192
193	arg_data_block_size = sz;	×
194	} else if ((val = startswith(word, "hash-block-size="))) {	×
195	uint64_t sz;	×
196
197	r = parse_block_size(val, &sz);	×
198	if (r < 0)	×
199	return log_error_errno(r, "Failed to parse size '%s': %m", word);	×
200
201	arg_hash_block_size = sz;	×
202	} else if ((val = startswith(word, "data-blocks="))) {	×
203	uint64_t u;	×
204
205	r = safe_atou64(val, &u);	×
206	if (r < 0)	×
207	return log_error_errno(r, "Failed to parse number '%s': %m", word);	×
208
209	arg_data_blocks = u;	×
210	} else if ((val = startswith(word, "hash-offset="))) {	×
211	uint64_t off;	×
212
213	r = parse_size(val, 1024, &off);	×
214	if (r < 0)	×
215	return log_error_errno(r, "Failed to parse offset '%s': %m", word);	×
216	if (off % 512 != 0)	×
217	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "hash-offset= expects a 512-byte aligned value.");	×
218
219	arg_hash_offset = off;	×
220	} else if ((val = startswith(word, "salt="))) {	×
221
222	if (!string_is_safe(val))	×
223	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "salt= is not valid.");	×
224
225	if (isempty(val)) {	×
226	arg_salt = mfree(arg_salt);	×
227	arg_salt_size = 32;	×
228	} else if (streq(val, "-")) {	×
229	arg_salt = mfree(arg_salt);	×
230	arg_salt_size = 0;	×
231	} else {
232	size_t l;	×
233	void *m;	×
234
235	r = unhexmem(val, &m, &l);	×
236	if (r < 0)	×
237	return log_error_errno(r, "Failed to parse salt '%s': %m", word);	×
238
239	free_and_replace(arg_salt, m);	×
240	arg_salt_size = l;	×
241	}
242	} else if ((val = startswith(word, "uuid="))) {	×
243
244	r = sd_id128_from_string(val, NULL);	×
245	if (r < 0)	×
246	return log_error_errno(r, "Failed to parse UUID '%s': %m", word);	×
247
248	r = free_and_strdup(&arg_uuid, val);	×
249	if (r < 0)	×
250	return log_oom();	×
251	} else if ((val = startswith(word, "hash="))) {	×
252
253	r = free_and_strdup(&arg_hash, val);	×
254	if (r < 0)	×
255	return log_oom();	×
256	} else if ((val = startswith(word, "fec-device="))) {	×
257	_cleanup_free_ char *what = NULL;	×
258
259	what = fstab_node_to_udev_node(val);	×
260	if (!what)	×
261	return log_oom();	×
262
263	if (!path_is_absolute(what))	×
264	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "fec-device= expects an absolute path.");	×
265
266	if (!path_is_normalized(what))	×
267	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "fec-device= expects an normalized path.");	×
268
269	r = free_and_strdup(&arg_fec_what, what);	×
270	if (r < 0)	×
271	return log_oom();	×
272	} else if ((val = startswith(word, "fec-offset="))) {	×
273	uint64_t off;	×
274
275	r = parse_size(val, 1024, &off);	×
276	if (r < 0)	×
277	return log_error_errno(r, "Failed to parse offset '%s': %m", word);	×
278	if (off % 512 != 0)	×
279	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "fec-offset= expects a 512-byte aligned value.");	×
280
281	arg_fec_offset = off;	×
282	} else if ((val = startswith(word, "fec-roots="))) {	×
283	uint64_t u;	×
284
285	r = safe_atou64(val, &u);	×
286	if (r < 0)	×
287	return log_error_errno(r, "Failed to parse number '%s', ignoring: %m", word);	×
288	if (u < 2 \|\| u > 24)	×
289	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "fec-rootfs= expects a value between 2 and 24 (including).");	×
290
291	arg_fec_roots = u;	×
292	} else if ((val = startswith(word, "root-hash-signature="))) {	×
293	r = parse_roothashsig_option(val, /* strict= */ true);	×
294	if (r < 0)	×
295	return r;
296
297	} else
298	log_warning("Encountered unknown option '%s', ignoring.", word);	×
299	}
300
301	return r;	×
302	}
303
304	static int verb_attach(int argc, char argv[], void userdata) {	×
305	_cleanup_(crypt_freep) struct crypt_device *cd = NULL;	×
306	_cleanup_free_ void *rh = NULL;	×
307	struct crypt_params_verity p = {};	×
308	crypt_status_info status;	×
309	size_t rh_size = 0;	×
310	int r;	×
311
312	assert(argc >= 5);	×
313
314	const char *volume = argv[1],	×
315	*data_device = argv[2],	×
316	*verity_device = argv[3],	×
317	*root_hash = argv[4],	×
318	*options = mangle_none(argc > 5 ? argv[5] : NULL);	×
319
320	if (!filename_is_valid(volume))	×
321	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);	×
322
323	if (options) {	×
324	r = parse_options(options);	×
325	if (r < 0)	×
326	return log_error_errno(r, "Failed to parse options: %m");	×
327	}
328
329	if (empty_or_dash(root_hash) \|\| streq_ptr(root_hash, "auto"))	×
330	root_hash = NULL;	×
331
332	_cleanup_(sd_device_unrefp) sd_device *datadev = NULL;	×
333	if (!root_hash \|\| arg_root_hash_signature_auto) {	×
334	r = sd_device_new_from_path(&datadev, data_device);	×
335	if (r < 0)	×
336	return log_error_errno(r, "Failed to acquire udev object for data device '%s': %m", data_device);	×
337	}
338
339	if (!root_hash) {	×
340	/* If no literal root hash is specified try to determine it automatically from the
341	* ID_DISSECT_PART_ROOTHASH udev property. */
342	r = sd_device_get_property_value(ASSERT_PTR(datadev), "ID_DISSECT_PART_ROOTHASH", &root_hash);	×
343	if (r < 0)	×
344	return log_error_errno(r, "No root hash specified, and device doesn't carry ID_DISSECT_PART_ROOTHASH property, cannot determine root hash.");	×
345	}
346
347	r = unhexmem(root_hash, &rh, &rh_size);	×
348	if (r < 0)	×
349	return log_error_errno(r, "Failed to parse root hash: %m");	×
350
351	if (arg_root_hash_signature_auto) {	×
352	assert(!arg_root_hash_signature);	×
353	assert(arg_root_hash_signature_size == 0);	×
354
355	const char *t;	×
356	r = sd_device_get_property_value(ASSERT_PTR(datadev), "ID_DISSECT_PART_ROOTHASH_SIG", &t);	×
357	if (r < 0)	×
358	return log_error_errno(r, "Automatic root hash signature pick up requested, and device doesn't carry ID_DISSECT_PART_ROOTHASH_SIG property, cannot determine root hash signature.");	×
359
360	r = unbase64mem(t, &arg_root_hash_signature, &arg_root_hash_signature_size);	×
361	if (r < 0)	×
362	return log_error_errno(r, "Failed to decode root hash signature data from udev data device: %m");	×
363	}
364
365	r = crypt_init(&cd, verity_device);	×
366	if (r < 0)	×
367	return log_error_errno(r, "Failed to open verity device %s: %m", verity_device);	×
368
369	cryptsetup_enable_logging(cd);	×
370
371	status = crypt_status(cd, volume);	×
372	if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) {	×
373	log_info("Volume %s already active.", volume);	×
374	return 0;	×
375	}
376
377	if (arg_superblock) {	×
378	p = (struct crypt_params_verity) {	×
379	.fec_device = arg_fec_what,
380	.hash_area_offset = arg_hash_offset,
381	.fec_area_offset = arg_fec_offset,
382	.fec_roots = arg_fec_roots,
383	};
384
385	r = crypt_load(cd, CRYPT_VERITY, &p);	×
386	if (r < 0)	×
387	return log_error_errno(r, "Failed to load verity superblock: %m");	×
388	} else {
389	p = (struct crypt_params_verity) {	×
390	.hash_name = arg_hash,
391	.data_device = data_device,
392	.fec_device = arg_fec_what,
393	.salt = arg_salt,
394	.salt_size = arg_salt_size,
395	.hash_type = arg_format,
396	.data_block_size = arg_data_block_size,
397	.hash_block_size = arg_hash_block_size,
398	.data_size = arg_data_blocks,
399	.hash_area_offset = arg_hash_offset,
400	.fec_area_offset = arg_fec_offset,
401	.fec_roots = arg_fec_roots,
402	.flags = CRYPT_VERITY_NO_HEADER,
403	};
404
405	r = crypt_format(cd, CRYPT_VERITY, NULL, NULL, arg_uuid, NULL, 0, &p);	×
406	if (r < 0)	×
407	return log_error_errno(r, "Failed to format verity superblock: %m");	×
408	}
409
410	r = crypt_set_data_device(cd, data_device);	×
411	if (r < 0)	×
412	return log_error_errno(r, "Failed to configure data device: %m");	×
413
414	if (arg_root_hash_signature_size > 0) {	×
415	r = crypt_activate_by_signed_key(cd, volume, rh, rh_size, arg_root_hash_signature, arg_root_hash_signature_size, arg_activate_flags);	×
416	if (r < 0) {	×
417	log_info_errno(r, "Unable to activate verity device '%s' with root hash signature (%m), retrying without.", volume);	×
418
419	r = crypt_activate_by_volume_key(cd, volume, rh, rh_size, arg_activate_flags);	×
420	if (r < 0)	×
421	return log_error_errno(r, "Failed to activate verity device '%s' both with and without root hash signature: %m", volume);	×
422
423	log_info("Activation of verity device '%s' succeeded without root hash signature.", volume);	×
424	}
425	} else
426	r = crypt_activate_by_volume_key(cd, volume, rh, rh_size, arg_activate_flags);	×
427	if (r < 0)	×
428	return log_error_errno(r, "Failed to set up verity device '%s': %m", volume);	×
429
430	return 0;
431	}
432
433	static int verb_detach(int argc, char argv[], void userdata) {	×
434	_cleanup_(crypt_freep) struct crypt_device *cd = NULL;	×
435	int r;	×
436
437	assert(argc == 2);	×
438
439	const char *volume = argv[1];	×
440
441	if (!filename_is_valid(volume))	×
442	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);	×
443
444	r = crypt_init_by_name(&cd, volume);	×
445	if (r == -ENODEV) {	×
446	log_info("Volume %s 'already' inactive.", volume);	×
447	return 0;	×
448	}
449	if (r < 0)	×
450	return log_error_errno(r, "crypt_init_by_name() for volume '%s' failed: %m", volume);	×
451
452	cryptsetup_enable_logging(cd);	×
453
454	r = crypt_deactivate(cd, volume);	×
455	if (r < 0)	×
456	return log_error_errno(r, "Failed to deactivate volume '%s': %m", volume);	×
457
458	return 0;
459	}
460
461	static int run(int argc, char *argv[]) {	×
462	if (argv_looks_like_help(argc, argv))	×
463	return help();	×
464
465	log_setup();	×
466
467	cryptsetup_enable_logging(NULL);	×
468
469	umask(0022);	×
470
471	static const Verb verbs[] = {	×
472	{ "attach", 5, 6, 0, verb_attach },
473	{ "detach", 2, 2, 0, verb_detach },
474	{}
475	};
476
477	return dispatch_verb(argc, argv, verbs, NULL);	×
478	}
479
480	DEFINE_MAIN_FUNCTION(run);	×

systemd / systemd / 19020191358

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous