dissect: let's check for crypto_LUKS before fstype allowlist check

When trying to mount a partition that is encrypted without the encryption first having been set up we want to return a recognizable error (EUNATCH). This was broken by 80ce8580f5 which added an allowlist check for permissible file systems first. Let's reverse the check order, so that we get EUNATCH again, as before. (And leave EIDRM as error for the failed allowlist check).
2026-03-06 15:02:31 -08:00 · 2023-04-20 11:14:50 +02:00
parent ed6a6bac45
commit 14ce246771
1 changed files with 6 additions and 5 deletions
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -1907,11 +1907,6 @@ static int mount_partition(

        if (!fstype)
                return -EAFNOSUPPORT;
-        r = dissect_fstype_ok(fstype);
-        if (r < 0)
-                return r;
-        if (!r)
-                return -EIDRM; /* Recognizable error */

        /* We are looking at an encrypted partition? This either means stacked encryption, or the caller
         * didn't call dissected_image_decrypt() beforehand. Let's return a recognizable error for this
@@ -1919,6 +1914,12 @@ static int mount_partition(
        if (streq(fstype, "crypto_LUKS"))
                return -EUNATCH;

+        r = dissect_fstype_ok(fstype);
+        if (r < 0)
+                return r;
+        if (!r)
+                return -EIDRM; /* Recognizable error */
+
        rw = m->rw && !(flags & DISSECT_IMAGE_MOUNT_READ_ONLY);

        discard = ((flags & DISSECT_IMAGE_DISCARD) ||