[PATCH fstools] libfstools: support custom executable validating overlay

Paul Oranje por at oranjevos.nl
Wed Jan 5 01:13:10 PST 2022


Nice. One small remark though.
HNY, Paul

> Op 4 jan. 2022, om 23:46 heeft Rafał Miłecki <zajec5 at gmail.com> het volgende geschreven:
> 
> From: Rafał Miłecki <rafal at milecki.pl>
> 
> This results in calling /usr/libexec/overlay_verify which may either
> modify overlay (e.g. wipe it) or refuse it. It's needed by targets that
> need to validate that "rootfs_data" doesn't come from a previous
> firmware. They may provide a script that will wipe such /outdated/
> overlays.
> 
> Signed-off-by: Rafał Miłecki <rafal at milecki.pl>
> ---
> libfstools/overlay.c | 35 +++++++++++++++++++++++++++++++++++
> 1 file changed, 35 insertions(+)
> 
> diff --git a/libfstools/overlay.c b/libfstools/overlay.c
> index 6790337..281626d 100644
> --- a/libfstools/overlay.c
> +++ b/libfstools/overlay.c
> @@ -14,6 +14,7 @@
> #include <sys/stat.h>
> #include <sys/types.h>
> #include <sys/mount.h>
> +#include <sys/wait.h>
> 
> #include <asm/byteorder.h>
> 
> @@ -36,6 +37,7 @@
> 
> #define SWITCH_JFFS2 "/tmp/.switch_jffs2"
> #define OVERLAYDIR "/rom/overlay"
> +#define OVERLAY_VERIFY "/usr/libexec/overlay_verify"
> 
> static bool keep_sysupgrade;
> 
> @@ -412,6 +414,33 @@ int fs_state_set(const char *dir, enum fs_state state)
> 	return symlink(valstr, path);
> }
> 
> +/*
> + * Call user custom script (if present) that may perform some extra overlay
> + * validation.
> + */
> +static int overlay_verify(const char *overlay_mp)
> +{
> +	struct stat s;
> +	pid_t pid;
> +
> +	if (stat(OVERLAY_VERIFY, &s))
> +		return 0;
> +
> +	pid = fork();
> +	if (!pid) {
> +		execl(OVERLAY_VERIFY, OVERLAY_VERIFY, overlay_mp, NULL);
> +		exit(EXIT_FAILURE);
> +	} else if (pid > 0) {
The else clause is not needed as code after a successful execl() or exit() is never reached.

> +		int wstatus;
> +
> +		waitpid(pid, &wstatus, 0);
> +
> +		if (WIFEXITED(wstatus))
> +			return WEXITSTATUS(wstatus);
> +	}
> +
> +	return -1;
> +}
> 
> int mount_overlay(struct volume *v)
> {
> @@ -432,6 +461,12 @@ int mount_overlay(struct volume *v)
> 	if (err)
> 		return err;
> 
> +	err = overlay_verify(overlay_mp);
> +	if (err) {
> +		ULOG_ERR("failed to verify overlay: %d\n", err);
> +		return err;
> +	}
> +
> 	/*
> 	 * Check for extroot config in overlay (rootfs_data) and if present then
> 	 * prefer it over rootfs_data.
> -- 
> 2.31.1
> 
> 
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel





More information about the openwrt-devel mailing list