rdcore: fail if system has more than 1 boot partition

Signed-off-by: Nikita Dubrovskii <[email protected]>
coreos · Oct 7, 2021 · d7b07bf · d7b07bf
1 parent 194ddf2
commit d7b07bf
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 0 deletions.
diff --git a/src/bin/rdcore/cmdline.rs b/src/bin/rdcore/cmdline.rs
@@ -34,6 +34,8 @@ pub enum Cmd {
     Kargs(KargsConfig),
     /// Copy data from stdin to stdout, checking piecewise hashes
     StreamHash(StreamHashConfig),
+    /// Verify that system has only 1 partition with given label
+    SinglePartition(PartitionLabelConfig),
 }
 
 #[derive(Debug, StructOpt)]
@@ -95,3 +97,10 @@ pub struct StreamHashConfig {
     #[structopt(value_name = "hash-file")]
     pub hash_file: String,
 }
+
+#[derive(Debug, StructOpt)]
+pub struct PartitionLabelConfig {
+    /// Path to the piecewise hash file
+    #[structopt(value_name = "label")]
+    pub label: String,
+}
diff --git a/src/bin/rdcore/main.rs b/src/bin/rdcore/main.rs
@@ -15,6 +15,7 @@
 mod cmdline;
 mod kargs;
 mod rootmap;
+mod single_partition;
 mod stream_hash;
 
 use anyhow::Result;
@@ -27,5 +28,6 @@ fn main() -> Result<()> {
         Cmd::Kargs(c) => kargs::kargs(&c),
         Cmd::Rootmap(c) => rootmap::rootmap(&c),
         Cmd::StreamHash(c) => stream_hash::stream_hash(&c),
+        Cmd::SinglePartition(c) => single_partition::verify_single_partition(&c),
     }
 }
diff --git a/src/bin/rdcore/single_partition.rs b/src/bin/rdcore/single_partition.rs
@@ -0,0 +1,32 @@
+// Copyright 2020 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use crate::cmdline::*;
+use anyhow::{bail, Result};
+
+use libcoreinst::blockdev::*;
+
+pub fn verify_single_partition(config: &PartitionLabelConfig) -> Result<()> {
+    // fail if we have more than 1 partition with boot label
+    let devices = get_all_block_devices()?;
+    let amount = count_partitions_with_label(&config.label, &devices.blockdevices);
+    if amount != 1 {
+        bail!(
+            "System has {} partitions with '{}' label",
+            amount,
+            config.label
+        );
+    }
+    Ok(())
+}