1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include "alloc-util.h"
4 #include "chase-symlinks.h"
5 #include "dirent-util.h"
6 #include "env-file.h"
7 #include "env-util.h"
8 #include "fd-util.h"
9 #include "fileio.h"
10 #include "fs-util.h"
11 #include "macro.h"
12 #include "os-util.h"
13 #include "parse-util.h"
14 #include "path-util.h"
15 #include "stat-util.h"
16 #include "string-util.h"
17 #include "strv.h"
18 #include "utf8.h"
19 #include "xattr-util.h"
20
image_name_is_valid(const char * s)21 bool image_name_is_valid(const char *s) {
22 if (!filename_is_valid(s))
23 return false;
24
25 if (string_has_cc(s, NULL))
26 return false;
27
28 if (!utf8_is_valid(s))
29 return false;
30
31 /* Temporary files for atomically creating new files */
32 if (startswith(s, ".#"))
33 return false;
34
35 return true;
36 }
37
path_is_extension_tree(const char * path,const char * extension)38 int path_is_extension_tree(const char *path, const char *extension) {
39 int r;
40
41 assert(path);
42
43 /* Does the path exist at all? If not, generate an error immediately. This is useful so that a missing root dir
44 * always results in -ENOENT, and we can properly distinguish the case where the whole root doesn't exist from
45 * the case where just the os-release file is missing. */
46 if (laccess(path, F_OK) < 0)
47 return -errno;
48
49 /* We use /usr/lib/extension-release.d/extension-release[.NAME] as flag for something being a system extension,
50 * and {/etc|/usr/lib}/os-release as a flag for something being an OS (when not an extension). */
51 r = open_extension_release(path, extension, NULL, NULL);
52 if (r == -ENOENT) /* We got nothing */
53 return 0;
54 if (r < 0)
55 return r;
56
57 return 1;
58 }
59
open_extension_release(const char * root,const char * extension,char ** ret_path,int * ret_fd)60 int open_extension_release(const char *root, const char *extension, char **ret_path, int *ret_fd) {
61 _cleanup_free_ char *q = NULL;
62 int r, fd;
63
64 if (extension) {
65 const char *extension_full_path;
66
67 if (!image_name_is_valid(extension))
68 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
69 "The extension name %s is invalid.", extension);
70
71 extension_full_path = strjoina("/usr/lib/extension-release.d/extension-release.", extension);
72 r = chase_symlinks(extension_full_path, root, CHASE_PREFIX_ROOT,
73 ret_path ? &q : NULL,
74 ret_fd ? &fd : NULL);
75 log_full_errno_zerook(LOG_DEBUG, MIN(r, 0), "Checking for %s: %m", extension_full_path);
76
77 /* Cannot find the expected extension-release file? The image filename might have been
78 * mangled on deployment, so fallback to checking for any file in the extension-release.d
79 * directory, and return the first one with a user.extension-release xattr instead.
80 * The user.extension-release.strict xattr is checked to ensure the author of the image
81 * considers it OK if names do not match. */
82 if (r == -ENOENT) {
83 _cleanup_free_ char *extension_release_dir_path = NULL;
84 _cleanup_closedir_ DIR *extension_release_dir = NULL;
85
86 r = chase_symlinks_and_opendir("/usr/lib/extension-release.d/", root, CHASE_PREFIX_ROOT,
87 &extension_release_dir_path, &extension_release_dir);
88 if (r < 0)
89 return log_debug_errno(r, "Cannot open %s/usr/lib/extension-release.d/, ignoring: %m", root);
90
91 r = -ENOENT;
92 FOREACH_DIRENT(de, extension_release_dir, return -errno) {
93 int k;
94
95 if (!IN_SET(de->d_type, DT_REG, DT_UNKNOWN))
96 continue;
97
98 const char *image_name = startswith(de->d_name, "extension-release.");
99 if (!image_name)
100 continue;
101
102 if (!image_name_is_valid(image_name)) {
103 log_debug("%s/%s is not a valid extension-release file name, ignoring.",
104 extension_release_dir_path, de->d_name);
105 continue;
106 }
107
108 /* We already chased the directory, and checked that
109 * this is a real file, so we shouldn't fail to open it. */
110 _cleanup_close_ int extension_release_fd = openat(dirfd(extension_release_dir),
111 de->d_name,
112 O_PATH|O_CLOEXEC|O_NOFOLLOW);
113 if (extension_release_fd < 0)
114 return log_debug_errno(errno,
115 "Failed to open extension-release file %s/%s: %m",
116 extension_release_dir_path,
117 de->d_name);
118
119 /* Really ensure it is a regular file after we open it. */
120 if (fd_verify_regular(extension_release_fd) < 0) {
121 log_debug("%s/%s is not a regular file, ignoring.", extension_release_dir_path, de->d_name);
122 continue;
123 }
124
125 /* No xattr or cannot parse it? Then skip this. */
126 _cleanup_free_ char *extension_release_xattr = NULL;
127 k = fgetxattr_malloc(extension_release_fd, "user.extension-release.strict", &extension_release_xattr);
128 if (k < 0 && !ERRNO_IS_NOT_SUPPORTED(k) && k != -ENODATA)
129 log_debug_errno(k,
130 "%s/%s: Failed to read 'user.extension-release.strict' extended attribute from file: %m",
131 extension_release_dir_path, de->d_name);
132 if (k < 0) {
133 log_debug("%s/%s does not have user.extension-release.strict xattr, ignoring.", extension_release_dir_path, de->d_name);
134 continue;
135 }
136
137 /* Explicitly set to request strict matching? Skip it. */
138 k = parse_boolean(extension_release_xattr);
139 if (k < 0)
140 log_debug_errno(k,
141 "%s/%s: Failed to parse 'user.extension-release.strict' extended attribute from file: %m",
142 extension_release_dir_path, de->d_name);
143 else if (k > 0)
144 log_debug("%s/%s: 'user.extension-release.strict' attribute is true, ignoring file.",
145 extension_release_dir_path, de->d_name);
146 if (k != 0)
147 continue;
148
149 log_debug("%s/%s: 'user.extension-release.strict' attribute is false…",
150 extension_release_dir_path, de->d_name);
151
152 /* We already found what we were looking for, but there's another candidate?
153 * We treat this as an error, as we want to enforce that there are no ambiguities
154 * in case we are in the fallback path.*/
155 if (r == 0) {
156 r = -ENOTUNIQ;
157 break;
158 }
159
160 r = 0; /* Found it! */
161
162 if (ret_fd)
163 fd = TAKE_FD(extension_release_fd);
164
165 if (ret_path) {
166 q = path_join(extension_release_dir_path, de->d_name);
167 if (!q)
168 return -ENOMEM;
169 }
170 }
171 }
172 } else {
173 const char *var = secure_getenv("SYSTEMD_OS_RELEASE");
174 if (var)
175 r = chase_symlinks(var, root, 0,
176 ret_path ? &q : NULL,
177 ret_fd ? &fd : NULL);
178 else
179 FOREACH_STRING(path, "/etc/os-release", "/usr/lib/os-release") {
180 r = chase_symlinks(path, root, CHASE_PREFIX_ROOT,
181 ret_path ? &q : NULL,
182 ret_fd ? &fd : NULL);
183 if (r != -ENOENT)
184 break;
185 }
186 }
187 if (r < 0)
188 return r;
189
190 if (ret_fd) {
191 int real_fd;
192
193 /* Convert the O_PATH fd into a proper, readable one */
194 real_fd = fd_reopen(fd, O_RDONLY|O_CLOEXEC|O_NOCTTY);
195 safe_close(fd);
196 if (real_fd < 0)
197 return real_fd;
198
199 *ret_fd = real_fd;
200 }
201
202 if (ret_path)
203 *ret_path = TAKE_PTR(q);
204
205 return 0;
206 }
207
fopen_extension_release(const char * root,const char * extension,char ** ret_path,FILE ** ret_file)208 int fopen_extension_release(const char *root, const char *extension, char **ret_path, FILE **ret_file) {
209 _cleanup_free_ char *p = NULL;
210 _cleanup_close_ int fd = -1;
211 FILE *f;
212 int r;
213
214 if (!ret_file)
215 return open_extension_release(root, extension, ret_path, NULL);
216
217 r = open_extension_release(root, extension, ret_path ? &p : NULL, &fd);
218 if (r < 0)
219 return r;
220
221 f = take_fdopen(&fd, "r");
222 if (!f)
223 return -errno;
224
225 if (ret_path)
226 *ret_path = TAKE_PTR(p);
227 *ret_file = f;
228
229 return 0;
230 }
231
parse_release_internal(const char * root,const char * extension,va_list ap)232 static int parse_release_internal(const char *root, const char *extension, va_list ap) {
233 _cleanup_fclose_ FILE *f = NULL;
234 _cleanup_free_ char *p = NULL;
235 int r;
236
237 r = fopen_extension_release(root, extension, &p, &f);
238 if (r < 0)
239 return r;
240
241 return parse_env_filev(f, p, ap);
242 }
243
_parse_extension_release(const char * root,const char * extension,...)244 int _parse_extension_release(const char *root, const char *extension, ...) {
245 va_list ap;
246 int r;
247
248 va_start(ap, extension);
249 r = parse_release_internal(root, extension, ap);
250 va_end(ap);
251
252 return r;
253 }
254
_parse_os_release(const char * root,...)255 int _parse_os_release(const char *root, ...) {
256 va_list ap;
257 int r;
258
259 va_start(ap, root);
260 r = parse_release_internal(root, NULL, ap);
261 va_end(ap);
262
263 return r;
264 }
265
load_os_release_pairs(const char * root,char *** ret)266 int load_os_release_pairs(const char *root, char ***ret) {
267 _cleanup_fclose_ FILE *f = NULL;
268 _cleanup_free_ char *p = NULL;
269 int r;
270
271 r = fopen_os_release(root, &p, &f);
272 if (r < 0)
273 return r;
274
275 return load_env_file_pairs(f, p, ret);
276 }
277
load_os_release_pairs_with_prefix(const char * root,const char * prefix,char *** ret)278 int load_os_release_pairs_with_prefix(const char *root, const char *prefix, char ***ret) {
279 _cleanup_strv_free_ char **os_release_pairs = NULL, **os_release_pairs_prefixed = NULL;
280 int r;
281
282 r = load_os_release_pairs(root, &os_release_pairs);
283 if (r < 0)
284 return r;
285
286 STRV_FOREACH_PAIR(p, q, os_release_pairs) {
287 char *line;
288
289 /* We strictly return only the four main ID fields and ignore the rest */
290 if (!STR_IN_SET(*p, "ID", "VERSION_ID", "BUILD_ID", "VARIANT_ID"))
291 continue;
292
293 ascii_strlower(*p);
294 line = strjoin(prefix, *p, "=", *q);
295 if (!line)
296 return -ENOMEM;
297 r = strv_consume(&os_release_pairs_prefixed, line);
298 if (r < 0)
299 return r;
300 }
301
302 *ret = TAKE_PTR(os_release_pairs_prefixed);
303
304 return 0;
305 }
306
load_extension_release_pairs(const char * root,const char * extension,char *** ret)307 int load_extension_release_pairs(const char *root, const char *extension, char ***ret) {
308 _cleanup_fclose_ FILE *f = NULL;
309 _cleanup_free_ char *p = NULL;
310 int r;
311
312 r = fopen_extension_release(root, extension, &p, &f);
313 if (r < 0)
314 return r;
315
316 return load_env_file_pairs(f, p, ret);
317 }
318