mount_ifs

QNX SDP8.0Utilities ReferenceUtilities

Mount an image filesystem (QNX)

Syntax:

mount_ifs  [-T] [-C size] [-d dll[,arg...]] [-f filename] [-k keyfile] [-m mountpoint]
           [-o option[,option...]] [-v[v]...] [filename [mountpoint]]

mount_ifs-auth  [-T] [-C size] -d dll[,arg...] [-f filename] -k keyfile [-m mountpoint]
                [-o option[,option...]] [-v[v]...] [filename [mountpoint]]

Runs on:

QNX OS

Options:

-C size
The buffer/chunk size. The default is 64 KB.
-d dll [,arg...]
Load this DLL and pass it the signature_provider() function (go to Verification for more information). Optionally, you can specify additional arguments to the provider function.
-f filename
The name of the file containing an image filesystem.
-k keyfile
The PEM file containing the public key.
-m mountpoint
Where to mount the image filesystem on your system.
-o option[,option...]
Server specific options.
  • ro — Mount as read-only (default)
  • trusted — Mount filesystem as trusted
  • offset=paddr — Physical address of in-memory IFS (go to Mounting an in-memory IFS for more information)
  • size=nbytes — Size (in bytes) of in-memory IFS to mount
-T
Create a second thread to handle the decompression in parallel. You need to use this only if you have a compressed IFS image.
-v[v]...
Be verbose; more v characters cause more verbosity.

Description:

The mount_ifs utility mounts an image filesystem at the specified mountpoint, decompressing the filesystem if it's compressed. It uses direct I/O (if supported) to load the IFS image from a block device into memory, and then mounts the IFS. The utility allocates the memory and supports the same compression algorithms as mkifs.

The mount_ifs utility is also invoked by the command mount -t ifs. However, this command requires mount_ifs to be in your target's PATH.

You must specify one filename and one mountpoint value, using a combination of: -f, -m, filename operand, or mountpoint operand.

The mount_ifs-auth variant forces verification to take place. For information on what must be provided for mounting to succeed, go to Verification.

To use this utility, your process needs the mountifs (PROCMGR_AID_MOUNTIFS) ability. To use -o trusted, it needs the path_trust (PROCMGR_AID_PATH_TRUST) ability. (See Abilities in the Privileges section of the System Security guide.)

This utility supports image filesystems that are formatted as ELF or binary, but not as SREC.

It uses the OpenSSL library for cryptography services.

Mounting an in-memory IFS

To mount an IFS that is already in RAM, specify both -o offset=paddr and -o size=nbytes. (The specified filename is ignored.)

Verification

The IFS image can be digitally verified using an RSA-SHA256 signature before it is mounted. To enable verification, provide both the name of a PEM file containing the RSA public key (-k option) and the name of a DLL with a callout function acting as a signature provider (-d option). The DLL must contain the following function:
 int signature_provider(const char *filename, const char *arg, 
                        size_t siglen, unsigned char *sigbuf);
To declare the above function, the DLL source code should include the header file mount_ifs.h.

Examples:

Verification examples

Generate a private key:

openssl rsa -pubout -in private_key.pem -out public_key.pem

Sign an IFS with a private key:

openssl dgst -sha256 -sign private_key.pem -out myifs.sign myifs

Mount a verified image:

mount_ifs -f myifs -m /ifsmnt -k public_key.pem -d dll,myifs.sign
Page updated: