diff options
Diffstat (limited to 'src/shared/dissect-image.c')
| -rw-r--r-- | src/shared/dissect-image.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index a84df05e3f..25fed4cf50 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -2980,6 +2980,11 @@ int mount_image_privately_interactively( if (r < 0) return log_error_errno(r, "Failed to set up loopback device for %s: %m", image); + /* Make sure udevd doesn't issue BLKRRPART behind our backs */ + r = loop_device_flock(d, LOCK_SH); + if (r < 0) + return r; + r = dissect_image_and_warn(d->fd, image, &verity, NULL, d->diskseq, d->uevent_seqnum_not_before, d->timestamp_not_before, flags, &dissected_image); if (r < 0) return r; @@ -3006,6 +3011,10 @@ int mount_image_privately_interactively( if (r < 0) return r; + r = loop_device_flock(d, LOCK_UN); + if (r < 0) + return r; + if (decrypted_image) { r = decrypted_image_relinquish(decrypted_image); if (r < 0) @@ -3086,6 +3095,10 @@ int verity_dissect_and_mount( if (r < 0) return log_debug_errno(r, "Failed to create loop device for image: %m"); + r = loop_device_flock(loop_device, LOCK_SH); + if (r < 0) + return log_debug_errno(r, "Failed to lock loop device: %m"); + r = dissect_image( loop_device->fd, &verity, @@ -3133,6 +3146,10 @@ int verity_dissect_and_mount( if (r < 0) return log_debug_errno(r, "Failed to mount image: %m"); + r = loop_device_flock(loop_device, LOCK_UN); + if (r < 0) + return log_debug_errno(r, "Failed to unlock loopback device: %m"); + /* If we got os-release values from the caller, then we need to match them with the image's * extension-release.d/ content. Return -EINVAL if there's any mismatch. * First, check the distro ID. If that matches, then check the new SYSEXT_LEVEL value if |