| Message ID | 20200515041042.267966-1-ebiggers@kernel.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | fsverity-utils: introduce libfsverity | expand |
On 5/15/20 12:10 AM, Eric Biggers wrote: > From the 'fsverity' program, split out a library 'libfsverity'. > Currently it supports computing file measurements ("digests"), and > signing those file measurements for use with the fs-verity builtin > signature verification feature. > > Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. > I made a lot of improvements; see patch 2 for details. > > Jes, can you let me know whether this works for you? Especially take a > close look at the API in libfsverity.h. Hi Eric, Thanks for looking at this. I have gone through this and managed to get my RPM code to work with it. I will push the updated code to my rpm github repo shortly. I have two fixes for the Makefile I will send to you in a separate email. One comment I have is that you changed the size of version and hash_algorithm to 32 bit in struct libfsverity_merkle_tree_params, but the kernel API only takes 8 bit values anyway. I had them at 16 bit to handle the struct padding, but if anything it seems to make more sense to make them 8 bit and pad the struct? struct libfsverity_merkle_tree_params { uint32_t version; uint32_t hash_algorithm; That said, not a big deal. Cheers, Jes
On Fri, May 15, 2020 at 04:50:49PM -0400, Jes Sorensen wrote: > On 5/15/20 12:10 AM, Eric Biggers wrote: > > From the 'fsverity' program, split out a library 'libfsverity'. > > Currently it supports computing file measurements ("digests"), and > > signing those file measurements for use with the fs-verity builtin > > signature verification feature. > > > > Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. > > I made a lot of improvements; see patch 2 for details. > > > > Jes, can you let me know whether this works for you? Especially take a > > close look at the API in libfsverity.h. > > Hi Eric, > > Thanks for looking at this. I have gone through this and managed to get > my RPM code to work with it. I will push the updated code to my rpm > github repo shortly. I have two fixes for the Makefile I will send to > you in a separate email. > > One comment I have is that you changed the size of version and > hash_algorithm to 32 bit in struct libfsverity_merkle_tree_params, but > the kernel API only takes 8 bit values anyway. I had them at 16 bit to > handle the struct padding, but if anything it seems to make more sense > to make them 8 bit and pad the struct? > > struct libfsverity_merkle_tree_params { > uint32_t version; > uint32_t hash_algorithm; > > That said, not a big deal. > Well, they're 32-bit in 'struct fsverity_enable_arg' (the argument to FS_IOC_ENABLE_VERITY), but 8-bit in 'struct fsverity_descriptor'. The reason for the difference is that 'struct fsverity_enable_arg' is just an in-memory structure for the ioctl, so there was no reason not to use larger fields. But fsverity_descriptor is stored on-disk and hashed, and it has to have a specific byte order, so just using 8-bit fields for it seemed best. 'struct libfsverity_merkle_tree_params' is just an in-memory structure too, so I think going with the 32-bits convention makes sense. - Eric
On 5/19/20 11:06 PM, Eric Biggers wrote: > On Fri, May 15, 2020 at 04:50:49PM -0400, Jes Sorensen wrote: >> On 5/15/20 12:10 AM, Eric Biggers wrote: >>> From the 'fsverity' program, split out a library 'libfsverity'. >>> Currently it supports computing file measurements ("digests"), and >>> signing those file measurements for use with the fs-verity builtin >>> signature verification feature. >>> >>> Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. >>> I made a lot of improvements; see patch 2 for details. >>> >>> Jes, can you let me know whether this works for you? Especially take a >>> close look at the API in libfsverity.h. >> >> Hi Eric, >> >> Thanks for looking at this. I have gone through this and managed to get >> my RPM code to work with it. I will push the updated code to my rpm >> github repo shortly. I have two fixes for the Makefile I will send to >> you in a separate email. >> >> One comment I have is that you changed the size of version and >> hash_algorithm to 32 bit in struct libfsverity_merkle_tree_params, but >> the kernel API only takes 8 bit values anyway. I had them at 16 bit to >> handle the struct padding, but if anything it seems to make more sense >> to make them 8 bit and pad the struct? >> >> struct libfsverity_merkle_tree_params { >> uint32_t version; >> uint32_t hash_algorithm; >> >> That said, not a big deal. >> > > Well, they're 32-bit in 'struct fsverity_enable_arg' (the argument to > FS_IOC_ENABLE_VERITY), but 8-bit in 'struct fsverity_descriptor'. > The reason for the difference is that 'struct fsverity_enable_arg' is just an > in-memory structure for the ioctl, so there was no reason not to use larger > fields. But fsverity_descriptor is stored on-disk and hashed, and it has to > have a specific byte order, so just using 8-bit fields for it seemed best. > > 'struct libfsverity_merkle_tree_params' is just an in-memory structure too, so I > think going with the 32-bits convention makes sense. OK, thanks for the explanation, it's not a big deal going one way or the other. Cheers, Jes
From the 'fsverity' program, split out a library 'libfsverity'. Currently it supports computing file measurements ("digests"), and signing those file measurements for use with the fs-verity builtin signature verification feature. Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. I made a lot of improvements; see patch 2 for details. Jes, can you let me know whether this works for you? Especially take a close look at the API in libfsverity.h. This patchset can also be found at branch "libfsverity" of https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git/ Eric Biggers (3): Split up cmd_sign.c Introduce libfsverity Add some basic test programs for libfsverity .gitignore | 9 +- Makefile | 198 ++++++- cmd_sign.c | 635 ---------------------- commands.h | 24 - util.h => common/common_defs.h | 47 +- fsverity_uapi.h => common/fsverity_uapi.h | 0 common/libfsverity.h | 132 +++++ hash_algs.h | 68 --- lib/compute_digest.c | 243 +++++++++ hash_algs.c => lib/hash_algs.c | 126 +++-- lib/lib_private.h | 83 +++ lib/sign_digest.c | 395 ++++++++++++++ lib/utils.c | 107 ++++ cmd_enable.c => programs/cmd_enable.c | 32 +- cmd_measure.c => programs/cmd_measure.c | 12 +- programs/cmd_sign.c | 163 ++++++ fsverity.c => programs/fsverity.c | 52 +- programs/fsverity.h | 41 ++ programs/test_compute_digest.c | 54 ++ programs/test_hash_algs.c | 27 + programs/test_sign_digest.c | 44 ++ util.c => programs/utils.c | 7 +- programs/utils.h | 42 ++ testdata/cert.pem | 31 ++ testdata/file.sig | Bin 0 -> 708 bytes testdata/key.pem | 52 ++ 26 files changed, 1742 insertions(+), 882 deletions(-) delete mode 100644 cmd_sign.c delete mode 100644 commands.h rename util.h => common/common_defs.h (58%) rename fsverity_uapi.h => common/fsverity_uapi.h (100%) create mode 100644 common/libfsverity.h delete mode 100644 hash_algs.h create mode 100644 lib/compute_digest.c rename hash_algs.c => lib/hash_algs.c (54%) create mode 100644 lib/lib_private.h create mode 100644 lib/sign_digest.c create mode 100644 lib/utils.c rename cmd_enable.c => programs/cmd_enable.c (82%) rename cmd_measure.c => programs/cmd_measure.c (84%) create mode 100644 programs/cmd_sign.c rename fsverity.c => programs/fsverity.c (82%) create mode 100644 programs/fsverity.h create mode 100644 programs/test_compute_digest.c create mode 100644 programs/test_hash_algs.c create mode 100644 programs/test_sign_digest.c rename util.c => programs/utils.c (96%) create mode 100644 programs/utils.h create mode 100644 testdata/cert.pem create mode 100644 testdata/file.sig create mode 100644 testdata/key.pem