[PATCH fstools] libfstools: support custom executable validating overlay
Paul Oranje
por at oranjevos.nl
Wed Jan 5 01:13:10 PST 2022
Nice. One small remark though.
HNY, Paul
> Op 4 jan. 2022, om 23:46 heeft Rafał Miłecki <zajec5 at gmail.com> het volgende geschreven:
>
> From: Rafał Miłecki <rafal at milecki.pl>
>
> This results in calling /usr/libexec/overlay_verify which may either
> modify overlay (e.g. wipe it) or refuse it. It's needed by targets that
> need to validate that "rootfs_data" doesn't come from a previous
> firmware. They may provide a script that will wipe such /outdated/
> overlays.
>
> Signed-off-by: Rafał Miłecki <rafal at milecki.pl>
> ---
> libfstools/overlay.c | 35 +++++++++++++++++++++++++++++++++++
> 1 file changed, 35 insertions(+)
>
> diff --git a/libfstools/overlay.c b/libfstools/overlay.c
> index 6790337..281626d 100644
> --- a/libfstools/overlay.c
> +++ b/libfstools/overlay.c
> @@ -14,6 +14,7 @@
> #include <sys/stat.h>
> #include <sys/types.h>
> #include <sys/mount.h>
> +#include <sys/wait.h>
>
> #include <asm/byteorder.h>
>
> @@ -36,6 +37,7 @@
>
> #define SWITCH_JFFS2 "/tmp/.switch_jffs2"
> #define OVERLAYDIR "/rom/overlay"
> +#define OVERLAY_VERIFY "/usr/libexec/overlay_verify"
>
> static bool keep_sysupgrade;
>
> @@ -412,6 +414,33 @@ int fs_state_set(const char *dir, enum fs_state state)
> return symlink(valstr, path);
> }
>
> +/*
> + * Call user custom script (if present) that may perform some extra overlay
> + * validation.
> + */
> +static int overlay_verify(const char *overlay_mp)
> +{
> + struct stat s;
> + pid_t pid;
> +
> + if (stat(OVERLAY_VERIFY, &s))
> + return 0;
> +
> + pid = fork();
> + if (!pid) {
> + execl(OVERLAY_VERIFY, OVERLAY_VERIFY, overlay_mp, NULL);
> + exit(EXIT_FAILURE);
> + } else if (pid > 0) {
The else clause is not needed as code after a successful execl() or exit() is never reached.
> + int wstatus;
> +
> + waitpid(pid, &wstatus, 0);
> +
> + if (WIFEXITED(wstatus))
> + return WEXITSTATUS(wstatus);
> + }
> +
> + return -1;
> +}
>
> int mount_overlay(struct volume *v)
> {
> @@ -432,6 +461,12 @@ int mount_overlay(struct volume *v)
> if (err)
> return err;
>
> + err = overlay_verify(overlay_mp);
> + if (err) {
> + ULOG_ERR("failed to verify overlay: %d\n", err);
> + return err;
> + }
> +
> /*
> * Check for extroot config in overlay (rootfs_data) and if present then
> * prefer it over rootfs_data.
> --
> 2.31.1
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list