From 0f7c9a3d81becec899a082e8258bd12001c5ab3a Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 29 Jan 2020 18:08:36 +0100 Subject: [PATCH] dissect: complain if partition flags are set that we don't know --- src/shared/dissect-image.c | 45 ++++++++++++++++++++++++++++++++++++++ src/shared/gpt.h | 2 ++ 2 files changed, 47 insertions(+) diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index 087c3dc345..62aa42d013 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -278,6 +278,29 @@ static int loop_wait_for_partitions_to_appear( N_DEVICE_NODE_LIST_ATTEMPTS); } +static void check_partition_flags( + const char *node, + unsigned long long pflags, + unsigned long long supported) { + + assert(node); + + /* Mask away all flags supported by this partition's type and the three flags the UEFI spec defines generically */ + pflags &= ~(supported | GPT_FLAG_REQUIRED_PARTITION | GPT_FLAG_NO_BLOCK_IO_PROTOCOL | GPT_FLAG_LEGACY_BIOS_BOOTABLE); + + if (pflags == 0) + return; + + /* If there are other bits set, then log about it, to make things discoverable */ + for (unsigned i = 0; i < sizeof(pflags) * 8; i++) { + unsigned long long bit = 1ULL << i; + if (!FLAGS_SET(pflags, bit)) + continue; + + log_debug("Unexpected partition flag %llu set on %s!", bit, node); + } +} + #endif int dissect_image( @@ -484,6 +507,8 @@ int dissect_image( if (sd_id128_equal(type_id, GPT_HOME)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -491,6 +516,8 @@ int dissect_image( rw = !(pflags & GPT_FLAG_READ_ONLY); } else if (sd_id128_equal(type_id, GPT_SRV)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -510,6 +537,8 @@ int dissect_image( } else if (sd_id128_equal(type_id, GPT_XBOOTLDR)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -519,6 +548,8 @@ int dissect_image( #ifdef GPT_ROOT_NATIVE else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -531,6 +562,8 @@ int dissect_image( rw = !(pflags & GPT_FLAG_READ_ONLY); } else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE_VERITY)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -549,6 +582,8 @@ int dissect_image( #ifdef GPT_ROOT_SECONDARY else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -561,6 +596,8 @@ int dissect_image( rw = !(pflags & GPT_FLAG_READ_ONLY); } else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY_VERITY)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -578,6 +615,8 @@ int dissect_image( #endif else if (sd_id128_equal(type_id, GPT_SWAP)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -585,6 +624,8 @@ int dissect_image( fstype = "swap"; } else if (sd_id128_equal(type_id, GPT_LINUX_GENERIC)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -601,6 +642,8 @@ int dissect_image( } else if (sd_id128_equal(type_id, GPT_TMP)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; @@ -609,6 +652,8 @@ int dissect_image( } else if (sd_id128_equal(type_id, GPT_VAR)) { + check_partition_flags(node, pflags, GPT_FLAG_NO_AUTO|GPT_FLAG_READ_ONLY); + if (pflags & GPT_FLAG_NO_AUTO) continue; diff --git a/src/shared/gpt.h b/src/shared/gpt.h index dcceb076d6..6863dcb81c 100644 --- a/src/shared/gpt.h +++ b/src/shared/gpt.h @@ -57,7 +57,9 @@ # define GPT_ROOT_NATIVE_VERITY GPT_ROOT_ARM_VERITY #endif +#define GPT_FLAG_REQUIRED_PARTITION (1ULL << 0) #define GPT_FLAG_NO_BLOCK_IO_PROTOCOL (1ULL << 1) +#define GPT_FLAG_LEGACY_BIOS_BOOTABLE (1ULL << 2) /* Flags we recognize on the root, swap, home and srv partitions when * doing auto-discovery. These happen to be identical to what