integritysetup: support mode=(journal|bitmap|direct)

Add a parameter to the integritytab file to set the mode in which to open the integrity volume. The mode can be journaled (the default), bitmap without a journal, or direct mode without a journal or a bitmap. This change removes the `no-journal' option because it is redundant, being replaced with `mode=direct'. Supercedes commit bcc1ee56c, from a week ago, which implemented `no-journal'. Resolves #27587
author: Alfred Klomp <git@alfredklomp.com> 2023-06-08 13:26:24 +0200
committer: Luca Boccassi <luca.boccassi@gmail.com> 2023-06-08 21:21:59 +0200
commit: a2160ba061a7b412540fbe49d88f96ec379c61ae (patch)
tree: 2f90b5772ea2c203af786bde5dc7f198e1812779 /src/integritysetup
parent: man/os-release: Add VENDOR_NAME= and VENDOR_URL= keys to os-release (diff)
download: systemd-a2160ba061a7b412540fbe49d88f96ec379c61ae.tar.xz
systemd-a2160ba061a7b412540fbe49d88f96ec379c61ae.zip
1 files changed, 16 insertions, 3 deletions
diff --git a/src/integritysetup/integrity-util.c b/src/integritysetup/integrity-util.c
index 66f93e7d2e..c29d4fcd5d 100644
--- a/src/integritysetup/integrity-util.c
+++ b/src/integritysetup/integrity-util.c
@@ -34,9 +34,22 @@ int parse_integrity_options(
                 else if (streq(word, "allow-discards")) {
                         if (ret_activate_flags)
                                 *ret_activate_flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS;
-                } else if (streq(word, "no-journal")) {
-                        if (ret_activate_flags)
-                                *ret_activate_flags |= CRYPT_ACTIVATE_NO_JOURNAL;
+                } else if ((val = startswith(word, "mode="))) {
+                        if (streq(val, "journal")) {
+                                if (ret_activate_flags)
+                                        *ret_activate_flags &= ~(CRYPT_ACTIVATE_NO_JOURNAL | CRYPT_ACTIVATE_NO_JOURNAL_BITMAP);
+                        } else if (streq(val, "bitmap")) {
+                                if (ret_activate_flags) {
+                                        *ret_activate_flags &= ~CRYPT_ACTIVATE_NO_JOURNAL;
+                                        *ret_activate_flags |= CRYPT_ACTIVATE_NO_JOURNAL_BITMAP;
+                                }
+                        } else if (streq(val, "direct")) {
+                                if (ret_activate_flags) {
+                                        *ret_activate_flags |= CRYPT_ACTIVATE_NO_JOURNAL;
+                                        *ret_activate_flags &= ~CRYPT_ACTIVATE_NO_JOURNAL_BITMAP;
+                                }
+                        } else
+                                log_warning("Encountered unknown mode option '%s', ignoring.", val);
                 } else if ((val = startswith(word, "journal-watermark="))) {
                         r = parse_percent(val);
                         if (r < 0)
author	Alfred Klomp <git@alfredklomp.com>	2023-06-08 13:26:24 +0200
committer	Luca Boccassi <luca.boccassi@gmail.com>	2023-06-08 21:21:59 +0200
commit	a2160ba061a7b412540fbe49d88f96ec379c61ae (patch)
tree	2f90b5772ea2c203af786bde5dc7f198e1812779 /src/integritysetup
parent	man/os-release: Add VENDOR_NAME= and VENDOR_URL= keys to os-release (diff)
download	systemd-a2160ba061a7b412540fbe49d88f96ec379c61ae.tar.xz systemd-a2160ba061a7b412540fbe49d88f96ec379c61ae.zip