projects / systemd / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3a9542a)
dissect: always invalidate secondary arch partitions if we found primary arch
authorLennart Poettering <lennart@poettering.net>
Thu, 17 Sep 2020 15:32:34 +0000 (17:32 +0200)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Sun, 20 Sep 2020 10:51:22 +0000 (12:51 +0200)
Let's suppress the secondary arch data, since we never ever want to
mount it if we found the primary arch.

Previously we only suppressed in the Verity case, but there's little
reason to entertain the idea of a secondary arch in non-Verity
environments either, we are not going to use them, and should not do
decryption or anything like that.

(cherry picked from commit 74cb2db9f403dfe17cabc6dac48b0f49a84eb03f)
(cherry picked from commit 418cf0e78c067f7249f4769f78c8c199d907935f)
(cherry picked from commit 7f2b6a50d3c47da8a697f50c0bc191902ebec069)
(cherry picked from commit b6efbbfb001a41c4e74a716f73c67abe8250594e)

src/shared/dissect-image.c patch | blob | history

diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 4373ac2f894ff863924277f89c33bd691512b0c8..93b617c68cef9deb204394a38447b00d40b524f8 100644 (file)
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -672,7 +672,12 @@ int dissect_image(
                 }
         }
 
-        if (!m->partitions[PARTITION_ROOT].found) {
+        if (m->partitions[PARTITION_ROOT].found) {
+                /* If we found the primary arch, then invalidate the secondary arch to avoid any ambiguities,
+                 * since we never want to mount the secondary arch in this case. */
+                m->partitions[PARTITION_ROOT_SECONDARY].found = false;
+                m->partitions[PARTITION_ROOT_SECONDARY_VERITY].found = false;
+        } else {
                 /* No root partition found? Then let's see if ther's one for the secondary architecture. And if not
                  * either, then check if there's a single generic one, and use that. */
 
@@ -717,12 +722,6 @@ int dissect_image(
                 if (!m->partitions[PARTITION_ROOT_VERITY].found || !m->partitions[PARTITION_ROOT].found)
                         return -EADDRNOTAVAIL;
 
-                /* If we found the primary root with the hash, then we definitely want to suppress any secondary root
-                 * (which would be weird, after all the root hash should only be assigned to one pair of
-                 * partitions... */
-                m->partitions[PARTITION_ROOT_SECONDARY].found = false;
-                m->partitions[PARTITION_ROOT_SECONDARY_VERITY].found = false;
-
                 /* If we found a verity setup, then the root partition is necessarily read-only. */
                 m->partitions[PARTITION_ROOT].rw = false;
 
https://github.com/systemd/systemd.git