repart: make No-Auto GPT partition flag configurable too

poettering · yuwata · commit ff0771bfc86c · 2021-06-18T14:34:01.000+09:00
This is useful for provisioning initially empty secondary A/B root file
systems. We don't want those to ever be considered for automatic
mounting, for example in "systemd-nspawn --image=", hence we should
create them with the No-Auto flag turned on. Once a file system image is
dropped into the partition the flag may be turned off by the updater
tool, so that it is considered from then on.

Thew new option for this is called NoAuto. I dislike negated options
like this, but this is taken from the naming in the spec, which in turn
inherited the name from the same flag for Microsoft Data Partitions. To
minimize confusion, let's stick to the name hence.
diff --git a/man/repart.d.xml b/man/repart.d.xml
@@ -571,33 +571,34 @@
       <varlistentry>
         <term><varname>Flags=</varname></term>
 
-        <listitem><para>Configures the 64bit GPT partition flags to set for the partition when creating
+        <listitem><para>Configures the 64bit GPT partition flags field to set for the partition when creating
         it. This option has no effect if the partition already exists. If not specified the flags values is
-        set to all zeroes, except if the partition type (as configured with <varname>Type=</varname> above)
-        refers to a Verity partition, in which case bit 60 is set (i.e. the read-only bit). This bit may also
-        be configured separately via <varname>ReadOnly=</varname>, see below. Specify the flags value in
-        hexadecimal (by prefixing it with <literal>0x</literal>), binary (prefix <literal>0b</literal>) or
-        decimal (no prefix).</para></listitem>
+        set to all zeroes, except for the three bits that can also be configured via
+        <varname>NoAuto=</varname>, <varname>ReadOnly=</varname> and <varname>GrowFileSystem=</varname>; see
+        below for details on the defaults for these three flags. Specify the flags value in hexadecimal (by
+        prefixing it with <literal>0x</literal>), binary (prefix <literal>0b</literal>) or decimal (no
+        prefix).</para></listitem>
       </varlistentry>
 
       <varlistentry>
+        <term><varname>NoAuto=</varname></term>
         <term><varname>ReadOnly=</varname></term>
         <term><varname>GrowFileSystem=</varname></term>
 
-        <listitem><para>Configures the Read-Only and Grow-File-System partition flags (bit 60 and 59) of the
-        partition table entry, as defined by the <ulink
+        <listitem><para>Configures the No-Auto, Read-Only and Grow-File-System partition flags (bit 63, 60
+        and 59) of the partition table entry, as defined by the <ulink
         url="https://systemd.io/DISCOVERABLE_PARTITIONS">Discoverable Partitions Specification</ulink>. Only
-        available for partition types supported by the specification. This option is a friendly way to set bit
-        60 and 59 of the partition flags value without setting any of the other bits, and may be set via
-        <varname>Flags=</varname> too, see above.</para>
+        available for partition types supported by the specification. This option is a friendly way to set
+        bits 63, 60 and 59 of the partition flags value without setting any of the other bits, and may be set
+        via <varname>Flags=</varname> too, see above.</para>
 
-        <para>If <varname>Flags=</varname> is used in conjunction with one or both of
-        <varname>ReadOnly=</varname>/<varname>GrowFileSystem=</varname> the latter control the value of the
-        relevant flags, i.e. the high-level settings
-        <varname>ReadOnly=</varname>/<varname>GrowFileSystem=</varname> override the low-level setting
-        <varname>Flags=</varname>.</para>
+        <para>If <varname>Flags=</varname> is used in conjunction with one or more of
+        <varname>NoAuto=</varname>/<varname>ReadOnly=</varname>/<varname>GrowFileSystem=</varname> the latter
+        control the value of the relevant flags, i.e. the high-level settings
+        <varname>NoAuto=</varname>/<varname>ReadOnly=</varname>/<varname>GrowFileSystem=</varname> override
+        the relevant bits of the low-level setting <varname>Flags=</varname>.</para>
 
-        <para>Note that the two flags affect only automatic partition mounting, as implemented by
+        <para>Note that the three flags affect only automatic partition mounting, as implemented by
         <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
         or the <option>--image=</option> option of various commands (such as
         <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>). It
@@ -611,10 +612,10 @@
         precedence in most tools reading these flags, and since growing the file system involves writing to
         the partition it is consequently ignored.</para>
 
-        <para><varname>ReadOnly=</varname> defaults to on for Verity partition
-        types. <varname>GrowFileSystem=</varname> defaults to on for all partition types that support it,
-        except if the partition is marked read-only (and thus effectively, defaults to off for Verity
-        partitions).</para></listitem>
+        <para><varname>NoAuto=</varname> defaults to off. <varname>ReadOnly=</varname> defaults to on for
+        Verity partition types, and off for all others. <varname>GrowFileSystem=</varname> defaults to on for
+        all partition types that support it, except if the partition is marked read-only (and thus
+        effectively, defaults to off for Verity partitions).</para></listitem>
       </varlistentry>
     </variablelist>
   </refsect1>
diff --git a/src/partition/repart.c b/src/partition/repart.c
@@ -169,6 +169,7 @@ struct Partition {
         EncryptMode encrypt;
 
         uint64_t gpt_flags;
+        int no_auto;
         int read_only;
         int growfs;
 
@@ -243,6 +244,7 @@ static Partition *partition_new(void) {
                 .offset = UINT64_MAX,
                 .copy_blocks_fd = -1,
                 .copy_blocks_size = UINT64_MAX,
+                .no_auto = -1,
                 .read_only = -1,
                 .growfs = -1,
         };
@@ -1312,6 +1314,7 @@ static int partition_read_definition(Partition *p, const char *path) {
                 { "Partition", "Encrypt",         config_parse_encrypt,     0, &p->encrypt          },
                 { "Partition", "Flags",           config_parse_gpt_flags,   0, &p->gpt_flags        },
                 { "Partition", "ReadOnly",        config_parse_tristate,    0, &p->read_only        },
+                { "Partition", "NoAuto",          config_parse_tristate,    0, &p->no_auto          },
                 { "Partition", "GrowFileSystem",  config_parse_tristate,    0, &p->growfs           },
                 {}
         };
@@ -3269,6 +3272,17 @@ static uint64_t partition_merge_flags(Partition *p) {
 
         f = p->gpt_flags;
 
+        if (p->no_auto >= 0) {
+                if (gpt_partition_type_knows_no_auto(p->type_uuid))
+                        SET_FLAG(f, GPT_FLAG_NO_AUTO, p->no_auto);
+                else {
+                        char buffer[ID128_UUID_STRING_MAX];
+                        log_warning("Configured NoAuto=%s for partition type '%s' that doesn't support it, ignoring.",
+                                    yes_no(p->no_auto),
+                                    gpt_partition_type_uuid_to_string_harder(p->type_uuid, buffer));
+                }
+        }
+
         if (p->read_only >= 0) {
                 if (gpt_partition_type_knows_read_only(p->type_uuid))
                         SET_FLAG(f, GPT_FLAG_READ_ONLY, p->read_only);
@@ -3409,7 +3423,7 @@ static int context_mangle_partitions(Context *context) {
                         if (r < 0)
                                 return log_error_errno(r, "Failed to set partition label: %m");
 
-                        /* Merge the read only + growfs setting with the literal flags, and set them for the partition */
+                        /* Merge the no auto + read only + growfs setting with the literal flags, and set them for the partition */
                         r = set_gpt_flags(q, partition_merge_flags(p));
                         if (r < 0)
                                 return log_error_errno(r, "Failed to set GPT partition flags: %m");
diff --git a/src/shared/gpt.c b/src/shared/gpt.c
@@ -174,3 +174,17 @@ bool gpt_partition_type_knows_growfs(sd_id128_t id) {
                                 GPT_TMP,
                                 GPT_XBOOTLDR);
 }
+
+bool gpt_partition_type_knows_no_auto(sd_id128_t id) {
+        return gpt_partition_type_is_root(id) ||
+                gpt_partition_type_is_root_verity(id) ||
+                gpt_partition_type_is_usr(id) ||
+                gpt_partition_type_is_usr_verity(id) ||
+                sd_id128_in_set(id,
+                                GPT_HOME,
+                                GPT_SRV,
+                                GPT_VAR,
+                                GPT_TMP,
+                                GPT_XBOOTLDR,
+                                GPT_SWAP);
+}
diff --git a/src/shared/gpt.h b/src/shared/gpt.h
@@ -140,3 +140,4 @@ bool gpt_partition_type_is_usr_verity(sd_id128_t id);
 
 bool gpt_partition_type_knows_read_only(sd_id128_t id);
 bool gpt_partition_type_knows_growfs(sd_id128_t id);
+bool gpt_partition_type_knows_no_auto(sd_id128_t id);

Original file line number	Diff line number	Diff line change
`@@ -140,3 +140,4 @@ bool gpt_partition_type_is_usr_verity(sd_id128_t id);`
`140`	`140`
`141`	`141`	`bool gpt_partition_type_knows_read_only(sd_id128_t id);`
`142`	`142`	`bool gpt_partition_type_knows_growfs(sd_id128_t id);`
	`143`	`+bool gpt_partition_type_knows_no_auto(sd_id128_t id);`