mount_ifs
Mount an image filesystem (QNX)
Syntax:
mount_ifs [-T] [-C size] [-d dll[,arg...]] [-f filename] [-k keyfile] [-m mountpoint]
[-o option[,option...]] [-v[v]...] [filename [mountpoint]]
mount_ifs-auth [-T] [-C size] -d dll[,arg...] [-f filename] -k keyfile [-m mountpoint]
[-o option[,option...]] [-v[v]...] [filename [mountpoint]]
Runs on:
QNX OS
Options:
- -C size
- The buffer/chunk size. The default is 64 KB.
- -d dll [,arg...]
- Load this DLL and pass it the signature_provider() function (go to
Verification
for more information). Optionally, you can specify additional arguments to the provider function. - -f filename
- The name of the file containing an image filesystem.
- -k keyfile
- The PEM file containing the public key.
- -m mountpoint
- Where to mount the image filesystem on your system.
- -o option[,option...]
- Server specific options.
- ro — Mount as read-only (default)
- trusted — Mount filesystem as trusted
- offset=paddr — Physical address of
in-memory IFS (go to
Mounting an in-memory IFS
for more information) - size=nbytes — Size (in bytes) of in-memory IFS to mount
- -T
- Create a second thread to handle the decompression in parallel. You need to use this only if you have a compressed IFS image.
- -v[v]...
- Be verbose; more
v
characters cause more verbosity.
Description:
The mount_ifs utility mounts an image filesystem at the specified mountpoint, decompressing the filesystem if it's compressed. It uses direct I/O (if supported) to load the IFS image from a block device into memory, and then mounts the IFS. The utility allocates the memory and supports the same compression algorithms as mkifs.
The mount_ifs utility is also invoked by the command mount -t
ifs
. However, this command requires mount_ifs to be in your
target's PATH.
You must specify one filename and one mountpoint value, using a combination of: -f, -m, filename operand, or mountpoint operand.
The mount_ifs-auth variant forces verification to take place. For
information on what must be provided for mounting to succeed, go to Verification.
To use this utility, your process needs the mountifs
(PROCMGR_AID_MOUNTIFS) ability. To use -o trusted,
it needs the path_trust (PROCMGR_AID_PATH_TRUST) ability.
(See Abilities
in the Privileges
section of the System Security guide.)
This utility supports image filesystems that are formatted as ELF or binary, but not as SREC.
It uses the OpenSSL library for cryptography services.
Mounting an in-memory IFS
To mount an IFS that is already in RAM, specify both -o
offset=paddr
and -o size=nbytes
. (The
specified filename is ignored.)
Verification
int signature_provider(const char *filename, const char *arg,
size_t siglen, unsigned char *sigbuf);
To declare the above function, the DLL source code should include the header file
mount_ifs.h.Examples:
Verification examples
Generate a private key:
openssl rsa -pubout -in private_key.pem -out public_key.pem
Sign an IFS with a private key:
openssl dgst -sha256 -sign private_key.pem -out myifs.sign myifs
Mount a verified image:
mount_ifs -f myifs -m /ifsmnt -k public_key.pem -d dll,myifs.sign