Check if an argument is present in OstreeKernelArgs. This is a way to
make easier idempotent append and delete operations.
ostree_kernel_args_append_if_missing uses it to avoid inserting a
duplicate key.
Closes#2329
Signed-off-by: Rafael Garcia Ruiz <rafael.garcia@collabora.com>
g_memdup() is subject to an integer overflow on 64-bit machines if the
object being copied is larger than UINT_MAX bytes. I suspect none of
these objects can actually be that large in practice, but it's easier
to replace all the calls than it is to assess whether we need to
replace them.
A backport in libglnx is used on systems where GLib is older than 2.68.x.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Basically, it should not be necessary - the policy should be
up-to-date. We don't want to force on continual policy rebuilds.
Even trying to run bwrap when we're *not* in a booted
root can cause failures in nested containerization scenarios.
Closes: https://github.com/ostreedev/ostree/issues/2758
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
Use G_IO_ERROR_BUSY to represent 500 error
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
Make G_IO_ERROR_BUSY independent from glib version
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
This converts several invariant checks to asserts. Most of the
functions in this file were already using assertions, so this aligns
the remaining few outliers to the rest.
This enhances the logic handling GVariant parameters within
`ostree_repo_static_delta_generate()`.
Several of those entries are expected to be zero-terminated values,
and this implicit assumption has been observed to be an hidden trap
in languages where strings and arrays may not carry a terminator value
(e.g. Rust).
In order to improve the situation, this makes the documentation more
explicit and actively tries to catch invalid input parameters.
Introduces an intermediate format for overlayfs storage, where
.wh-ostree. prefixed files will be converted into char 0:0
whiteout devices used by overlayfs to mark deletions across layers.
The CI scripts now uses a volume for the scratch directories
previously in /var/tmp otherwise we cannot create whiteout
devices into an overlayfs mounted filesystem.
Related-Issue: #2712
This converts several invariant checks to asserts. Most of the
functions in this file were already using assertions, so this aligns
the remaining few outliers to the rest.
This enhances a bunch of helpers related to GVariant building, in
order to properly handle errors and avoid some potential cases of
unexpected NULL results.
This drops several NULL checks against filename input argument.
Those checks are both redundant (as filename validation already
checks for that) and dangerous (as they return early without
setting an error value).
are pending
This is to support pending deployments instead of rasing assertion.
For example:
```
$ sudo rpm-ostree kargs --append=foo=bar
$ sudo ostree admin kargs edit-in-place --append-if-missing=foobar
```
After reboot we get both `foo=bar foobar`.
Fix https://github.com/ostreedev/ostree/issues/2679
Commit 540e60c3 introduced _ostree_repo_auto_transaction_new(), a
private constructor to OstreeRepoAutoTransaction, by factoring out
some code from _ostree_repo_auto_transaction_start(). This factored
code increased the refcount of the 'repo' variable.
Subsequent commit 71304e854c made ostree_repo_prepare_transaction()
use ths newly introduced constructor. However, in this function, the
happy path assumed no ref was taken, and therefore did not unref it.
Commit 71304e854c didn't add the corresponding unref either.
This leaks a reference to OstreeRepo when calling
ostree_repo_prepare_transaction().
Plug this leak by using g_clear_object() to clear the repo field
of OstreeRepoAutoTransaction, instead of simply setting it to NULL.
Closes https://github.com/flatpak/flatpak/issues/4928
The ed25519 signature verification code does not
check that the signature is a minimum/correct length.
As a result, if the signature is too short, libsodium will end up
reading a few bytes out of bounds.
Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com>
Co-authored-by: Demi Marie Obenour <demi@invisiblethingslab.com>
Closes: https://github.com/ostreedev/ostree/security/advisories/GHSA-gqf4-p3gv-g8vw
For historical reasons we have a fair bit of distinct sysroot
initialization going on. A lot of code is calling *just* the new
`ensure_writable()` API, which does basically what you'd expect...
except if we're not using a mount namespace.
Which is the case in unit tests and legacy setups.
Change this API to also ensure the sysroot is fully initialized
even in those cases. Specifically we'll have `self->sysroot_fd`.
For now, callers that need `/boot` also need to separately
call `_ensure_boot_fd()`.
This PR is followup from https://github.com/coreos/coreos-assembler/pull/2863
Summary of changes:
- Moved bls-append-except-default parsing logic to reload_sysroot_config()
- Made sure heap allocated memory is being freed
It's falliable, and in one place we were actually ignoring
the error and leaving a `NULL` repo object which is just a trap
for people coming along later since it's rarely nullable.
Quite a while ago we switched to loading the repo at the same time
as the sysroot; convert callers in the library to use this infallible
accessor.
Prep for another patch which will use the repo object.
After landing the new --commit-only functionality, we still noticed
exceedingly long pruning times in large repos. Lets add an optimization
that will only retrieve commit objects when --commit-only flag is used.
update all existing deployments in place
Example:
$ sudo ostree admin kargs edit-in-place --append-if-missing=rw
See https://github.com/ostreedev/ostree/issues/2617
This will not add duplicate key, if there is `TESTARG=VAL1` in the
kernel arguments, `--append-if-missing=TESTARG=VAL2` will be ignored.
I messed this up; the last release should inherit from the previous
release (N-1) and not the previous to that (N-2).
I think (hope) this isn't an ABI break...
Just noticed this when I was going to add a new symbol.
Rafael Garcia Ruiz
Simon McVittie
Luca Bruno
Colin Walters
Ricardo Noriega
Jonathan Lebon
Miguel Angel Ajo
Dan Nicholson
Nikita Dubrovskii
git-bruh
Huijing Hei
Georges Basile Stavracas Neto
Saqib Ali
Joseph Marrero Corchado