From a48dd3475bb0d5f3a88922cdce09ee8c63b6c0b8 Mon Sep 17 00:00:00 2001 From: Lennart Poettering <lennart@poettering.net> Date: Wed, 8 Feb 2017 04:10:48 +0100 Subject: dissect: don't honour NOAUTO flags when looking for ESP (#5224) The flag is originally defined for "basic data partitions", but not for the ESP. We reuse it for the various partitions defined by the Discoverable Partitions Spec, but it isn't defined for the ESP, hence don't check for it. Instead, do check for GPT_FLAG_NO_BLOCK_IO_PROTOCOL, as that flag actually is defined for all partition types, and recommended to use by the UEFI spec. Fixes: #5218 --- src/shared/dissect-image.c | 39 ++++++++++++++++++++++++++++++++++++--- src/shared/gpt.h | 2 ++ 2 files changed, 38 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index 878cb008aa..c17486cba2 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -347,9 +347,6 @@ int dissect_image(int fd, const void *root_hash, size_t root_hash_size, DissectI sd_id128_t type_id, id; bool rw = true; - if (pflags & GPT_FLAG_NO_AUTO) - continue; - sid = blkid_partition_get_uuid(pp); if (!sid) continue; @@ -363,18 +360,37 @@ int dissect_image(int fd, const void *root_hash, size_t root_hash_size, DissectI continue; if (sd_id128_equal(type_id, GPT_HOME)) { + + if (pflags & GPT_FLAG_NO_AUTO) + continue; + designator = PARTITION_HOME; rw = !(pflags & GPT_FLAG_READ_ONLY); } else if (sd_id128_equal(type_id, GPT_SRV)) { + + if (pflags & GPT_FLAG_NO_AUTO) + continue; + designator = PARTITION_SRV; rw = !(pflags & GPT_FLAG_READ_ONLY); } else if (sd_id128_equal(type_id, GPT_ESP)) { + + /* Note that we don't check the GPT_FLAG_NO_AUTO flag for the ESP, as it is not defined + * there. We instead check the GPT_FLAG_NO_BLOCK_IO_PROTOCOL, as recommended by the + * UEFI spec (See "12.3.3 Number and Location of System Partitions"). */ + + if (pflags & GPT_FLAG_NO_BLOCK_IO_PROTOCOL) + continue; + designator = PARTITION_ESP; fstype = "vfat"; } #ifdef GPT_ROOT_NATIVE else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE)) { + if (pflags & GPT_FLAG_NO_AUTO) + continue; + /* If a root ID is specified, ignore everything but the root id */ if (!sd_id128_is_null(root_uuid) && !sd_id128_equal(root_uuid, id)) continue; @@ -384,6 +400,9 @@ int dissect_image(int fd, const void *root_hash, size_t root_hash_size, DissectI rw = !(pflags & GPT_FLAG_READ_ONLY); } else if (sd_id128_equal(type_id, GPT_ROOT_NATIVE_VERITY)) { + if (pflags & GPT_FLAG_NO_AUTO) + continue; + m->can_verity = true; /* Ignore verity unless a root hash is specified */ @@ -399,6 +418,9 @@ int dissect_image(int fd, const void *root_hash, size_t root_hash_size, DissectI #ifdef GPT_ROOT_SECONDARY else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY)) { + if (pflags & GPT_FLAG_NO_AUTO) + continue; + /* If a root ID is specified, ignore everything but the root id */ if (!sd_id128_is_null(root_uuid) && !sd_id128_equal(root_uuid, id)) continue; @@ -407,6 +429,10 @@ int dissect_image(int fd, const void *root_hash, size_t root_hash_size, DissectI architecture = SECONDARY_ARCHITECTURE; rw = !(pflags & GPT_FLAG_READ_ONLY); } else if (sd_id128_equal(type_id, GPT_ROOT_SECONDARY_VERITY)) { + + if (pflags & GPT_FLAG_NO_AUTO) + continue; + m->can_verity = true; /* Ignore verity unless root has is specified */ @@ -420,10 +446,17 @@ int dissect_image(int fd, const void *root_hash, size_t root_hash_size, DissectI } #endif else if (sd_id128_equal(type_id, GPT_SWAP)) { + + if (pflags & GPT_FLAG_NO_AUTO) + continue; + designator = PARTITION_SWAP; fstype = "swap"; } else if (sd_id128_equal(type_id, GPT_LINUX_GENERIC)) { + if (pflags & GPT_FLAG_NO_AUTO) + continue; + if (generic_node) multiple_generic = true; else { diff --git a/src/shared/gpt.h b/src/shared/gpt.h index 13d80d611c..cc752006fa 100644 --- a/src/shared/gpt.h +++ b/src/shared/gpt.h @@ -71,6 +71,8 @@ # define GPT_ROOT_NATIVE_VERITY GPT_ROOT_ARM_VERITY #endif +#define GPT_FLAG_NO_BLOCK_IO_PROTOCOL (1ULL << 1) + /* Flags we recognize on the root, swap, home and srv partitions when * doing auto-discovery. These happen to be identical to what * Microsoft defines for its own Basic Data Partitions, but that's -- cgit v1.2.3-54-g00ecf