core: fix dm-verity auto-discovery in MountImageUnit()

The implementation of MountImageUnit()/systemctl mount-image was
changed to use a /proc/self/fd path as the source, but that causes
the dm-verity files autodiscovery to fail, as it looks for files
in the same directory as the image.

Use the original file path when setting up dm-verity.

1 files changed, 5 insertions, 1 deletions

diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index e63b168c24..6e287ecac7 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -3448,6 +3448,7 @@ static const char *const partition_designator_table[] = {
 };
 
 int verity_dissect_and_mount(
+                int src_fd,
                 const char *src,
                 const char *dest,
                 const MountOptions *options,
@@ -3466,14 +3467,17 @@ int verity_dissect_and_mount(
         assert(src);
         assert(dest);
 
+        /* We might get an FD for the image, but we use the original path to look for the dm-verity files */
         r = verity_settings_load(&verity, src, NULL, NULL);
         if (r < 0)
                 return log_debug_errno(r, "Failed to load root hash: %m");
 
         dissect_image_flags = verity.data_path ? DISSECT_IMAGE_NO_PARTITION_TABLE : 0;
 
+        /* Note that we don't use loop_device_make here, as the FD is most likely O_PATH which would not be
+         * accepted by LOOP_CONFIGURE, so just let loop_device_make_by_path reopen it as a regular FD. */
         r = loop_device_make_by_path(
-                        src,
+                        src_fd >= 0 ? FORMAT_PROC_FD_PATH(src_fd) : src,
                         -1,
                         verity.data_path ? 0 : LO_FLAGS_PARTSCAN,
                         &loop_device);