mirror of
https://github.com/morgan9e/systemd
synced 2026-04-15 00:47:10 +09:00
0bdd5ccc81
This new tool looks for a three xattr on the root inode of a file system that encode mount constraints of the file system. The tool is supposed to be hooke into the mount logic and is supposed to protect against misappropriating trusted file systems in unintended ways. Consider the following scenario: we boot up on first boot and create a tpm-locked pair of /var/ and /srv/ partitions via systemd-repart. An attacker then offline modifies the partition table, exchanging the metadata of the /var/ and /srv/ partition. So far we'd happily accept that, honour the modified metadata and boot up. This could be used to revert changes to /var/ or similar. And all that even though both partitions are encrypted and locked to TPM! With this new mechanism we can encode in the protected contents of the file systems the ways it can be used: the partition type uuid, the partition label and the intended mount point can be stored in xattrs, and we can check them automatically on mount, and take action on mismatch. (action would typically be immediate reboot).
15 lines
381 B
Meson
15 lines
381 B
Meson
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
|
|
executables += [
|
|
libexec_template + {
|
|
'name' : 'systemd-validatefs',
|
|
'conditions' : [
|
|
'HAVE_BLKID',
|
|
],
|
|
'sources' : files('validatefs.c'),
|
|
'dependencies' : [
|
|
libblkid,
|
|
],
|
|
},
|
|
]
|