| Message ID | 1696457386-3010-14-git-send-email-wufan@linux.microsoft.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | Integrity Policy Enforcement LSM (IPE) | expand |
On Oct 4, 2023 Fan Wu <wufan@linux.microsoft.com> wrote: > > dm-verity provides a strong guarantee of a block device's integrity. As > a generic way to check the integrity of a block device, it provides > those integrity guarantees to its higher layers, including the filesystem > level. > > An LSM that control access to a resource on the system based on the > available integrity claims can use this transitive property of > dm-verity, by querying the underlying block_device of a particular > file. > > The digest and signature information need to be stored in the block > device to fulfill the next requirement of authorization via LSM policy. > This will enable the LSM to perform revocation of devices that are still > mounted, prohibiting execution of files that are no longer authorized > by the LSM in question. > > This patch added two security hook calls in dm-verity to save the > dm-verity roothash and the roothash signature to the block device's > LSM blobs. > > Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com> > Signed-off-by: Fan Wu <wufan@linux.microsoft.com> > --- > v2: > + No Changes > > v3: > + No changes > > v4: > + No changes > > v5: > + No changes > > v6: > + Fix an improper cleanup that can result in > a leak > > v7: > + Squash patch 08/12, 10/12 to [11/16] > + Use part0 for block_device, to retrieve the block_device, when > calling security_bdev_setsecurity > > v8: > + Undo squash of 08/12, 10/12 - separating drivers/md/ from > security/ & block/ > + Use common-audit function for dmverity_signature. > + Change implementation for storing the dm-verity digest to use the > newly introduced dm_verity_digest structure introduced in patch > 14/20. > + Create new structure, dm_verity_digest, containing digest algorithm, > size, and digest itself to pass to the LSM layer. V7 was missing the > algorithm. > + Create an associated public header containing this new structure and > the key values for the LSM hook, specific to dm-verity. > + Additional information added to commit, discussing the layering of > the changes and how the information passed will be used. > > v9: > + No changes > > v10: > + No changes > > v11: > + Add an optional field to save signature > + Move the security hook call to the new finalize hook > --- > drivers/md/dm-verity-target.c | 71 +++++++++++++++++++++++++++++++++++ > drivers/md/dm-verity.h | 6 +++ > include/linux/dm-verity.h | 19 ++++++++++ > 3 files changed, 96 insertions(+) > create mode 100644 include/linux/dm-verity.h We need an ACK from Alasdair and/or Mike on this too. > diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c > index 80673b66c194..db58b53649e3 100644 > --- a/drivers/md/dm-verity-target.c > +++ b/drivers/md/dm-verity-target.c > @@ -13,6 +13,7 @@ > * access behavior. > */ > > +#include "dm-core.h" > #include "dm-verity.h" > #include "dm-verity-fec.h" > #include "dm-verity-verify-sig.h" > @@ -22,6 +23,9 @@ > #include <linux/scatterlist.h> > #include <linux/string.h> > #include <linux/jump_label.h> > +#include <linux/security.h> > +#include <linux/dm-verity.h> > +#include <crypto/hash_info.h> > > #define DM_MSG_PREFIX "verity" > > @@ -952,6 +956,17 @@ static void verity_io_hints(struct dm_target *ti, struct queue_limits *limits) > blk_limits_io_min(limits, limits->logical_block_size); > } > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > +static void verity_free_sig(struct dm_verity *v) > +{ > + kfree(v->root_digest_sig); > +} > +#else > +static inline void verity_free_sig(struct dm_verity *v) > +{ > +} > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > + > static void verity_dtr(struct dm_target *ti) > { > struct dm_verity *v = ti->private; > @@ -966,6 +981,7 @@ static void verity_dtr(struct dm_target *ti) > kfree(v->salt); > kfree(v->root_digest); > kfree(v->zero_digest); > + verity_free_sig(v); > > if (v->tfm) > crypto_free_ahash(v->tfm); > @@ -1157,6 +1173,25 @@ static int verity_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v, > return r; > } > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > +static int verity_init_sig(struct dm_verity *v, const void *sig, > + size_t sig_size) > +{ > + v->sig_size = sig_size; > + v->root_digest_sig = kmalloc(v->sig_size, GFP_KERNEL); > + if (!v->root_digest) > + return -ENOMEM; > + > + return 0; > +} > +#else > +static inline int verity_init_sig(struct dm_verity *v, const void *sig, > + size_t sig_size) > +{ > + return 0; > +} > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > + > /* > * Target parameters: > * <version> The current format is version 1. > @@ -1365,6 +1400,13 @@ static int verity_ctr(struct dm_target *ti, unsigned int argc, char **argv) > ti->error = "Root hash verification failed"; > goto bad; > } > + > + r = verity_init_sig(v, verify_args.sig, verify_args.sig_size); > + if (r < 0) { > + ti->error = "Cannot allocate root digest signature"; > + goto bad; > + } > + > v->hash_per_block_bits = > __fls((1 << v->hash_dev_block_bits) / v->digest_size); > > @@ -1501,6 +1543,32 @@ int dm_verity_get_root_digest(struct dm_target *ti, u8 **root_digest, unsigned i > return 0; > } > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > +static int verity_finalize(struct dm_target *ti) > +{ > + struct block_device *bdev; > + struct dm_verity_digest root_digest; > + struct dm_verity *v; > + int r; > + > + v = ti->private; > + bdev = dm_table_get_md(ti->table)->disk->part0; > + root_digest.digest = v->root_digest; > + root_digest.digest_len = v->digest_size; > + root_digest.algo = v->alg_name; > + > + r = security_bdev_setsecurity(bdev, DM_VERITY_ROOTHASH_SEC_NAME, &root_digest, > + sizeof(root_digest)); > + if (r) > + return r; > + > + return security_bdev_setsecurity(bdev, > + DM_VERITY_SIGNATURE_SEC_NAME, > + v->root_digest_sig, > + v->sig_size); > +} > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > + > static struct target_type verity_target = { > .name = "verity", > .features = DM_TARGET_SINGLETON | DM_TARGET_IMMUTABLE, > @@ -1513,6 +1581,9 @@ static struct target_type verity_target = { > .prepare_ioctl = verity_prepare_ioctl, > .iterate_devices = verity_iterate_devices, > .io_hints = verity_io_hints, > +#ifdef CONFIG_IPE_PROP_DM_VERITY > + .finalize = verity_finalize, > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > }; > module_dm(verity); > > diff --git a/drivers/md/dm-verity.h b/drivers/md/dm-verity.h > index 2f555b420367..a093d4a54615 100644 > --- a/drivers/md/dm-verity.h > +++ b/drivers/md/dm-verity.h > @@ -42,6 +42,9 @@ struct dm_verity { > u8 *root_digest; /* digest of the root block */ > u8 *salt; /* salt: its size is salt_size */ > u8 *zero_digest; /* digest for a zero block */ > +#ifdef CONFIG_IPE_PROP_DM_VERITY > + u8 *root_digest_sig; /* digest signature of the root block */ > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > unsigned int salt_size; > sector_t data_start; /* data offset in 512-byte sectors */ > sector_t hash_start; /* hash start in blocks */ > @@ -55,6 +58,9 @@ struct dm_verity { > bool hash_failed:1; /* set if hash of any block failed */ > bool use_tasklet:1; /* try to verify in tasklet before work-queue */ > unsigned int digest_size; /* digest size for the current hash algorithm */ > +#ifdef CONFIG_IPE_PROP_DM_VERITY > + unsigned int sig_size; /* digest signature size */ > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > unsigned int ahash_reqsize;/* the size of temporary space for crypto */ > enum verity_mode mode; /* mode for handling verification errors */ > unsigned int corrupted_errs;/* Number of errors for corrupted blocks */ > diff --git a/include/linux/dm-verity.h b/include/linux/dm-verity.h > new file mode 100644 > index 000000000000..bb0413d55d72 > --- /dev/null > +++ b/include/linux/dm-verity.h > @@ -0,0 +1,19 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > + > +#ifndef _LINUX_DM_VERITY_H > +#define _LINUX_DM_VERITY_H > + > +#include <linux/types.h> > +#include <crypto/hash_info.h> > +#include <linux/device-mapper.h> > + > +struct dm_verity_digest { > + const char *algo; > + const u8 *digest; > + size_t digest_len; > +}; > + > +#define DM_VERITY_SIGNATURE_SEC_NAME DM_NAME ".verity-signature" > +#define DM_VERITY_ROOTHASH_SEC_NAME DM_NAME ".verity-roothash" > + > +#endif /* _LINUX_DM_VERITY_H */ > -- > 2.25.1 -- paul-moore.com
On Mon, Oct 23, 2023 at 11:52 PM Paul Moore <paul@paul-moore.com> wrote: > > On Oct 4, 2023 Fan Wu <wufan@linux.microsoft.com> wrote: > > > > dm-verity provides a strong guarantee of a block device's integrity. As > > a generic way to check the integrity of a block device, it provides > > those integrity guarantees to its higher layers, including the filesystem > > level. > > > > An LSM that control access to a resource on the system based on the > > available integrity claims can use this transitive property of > > dm-verity, by querying the underlying block_device of a particular > > file. > > > > The digest and signature information need to be stored in the block > > device to fulfill the next requirement of authorization via LSM policy. > > This will enable the LSM to perform revocation of devices that are still > > mounted, prohibiting execution of files that are no longer authorized > > by the LSM in question. > > > > This patch added two security hook calls in dm-verity to save the > > dm-verity roothash and the roothash signature to the block device's > > LSM blobs. > > > > Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com> > > Signed-off-by: Fan Wu <wufan@linux.microsoft.com> > > --- > > v2: > > + No Changes > > > > v3: > > + No changes > > > > v4: > > + No changes > > > > v5: > > + No changes > > > > v6: > > + Fix an improper cleanup that can result in > > a leak > > > > v7: > > + Squash patch 08/12, 10/12 to [11/16] > > + Use part0 for block_device, to retrieve the block_device, when > > calling security_bdev_setsecurity > > > > v8: > > + Undo squash of 08/12, 10/12 - separating drivers/md/ from > > security/ & block/ > > + Use common-audit function for dmverity_signature. > > + Change implementation for storing the dm-verity digest to use the > > newly introduced dm_verity_digest structure introduced in patch > > 14/20. > > + Create new structure, dm_verity_digest, containing digest algorithm, > > size, and digest itself to pass to the LSM layer. V7 was missing the > > algorithm. > > + Create an associated public header containing this new structure and > > the key values for the LSM hook, specific to dm-verity. > > + Additional information added to commit, discussing the layering of > > the changes and how the information passed will be used. > > > > v9: > > + No changes > > > > v10: > > + No changes > > > > v11: > > + Add an optional field to save signature > > + Move the security hook call to the new finalize hook > > --- > > drivers/md/dm-verity-target.c | 71 +++++++++++++++++++++++++++++++++++ > > drivers/md/dm-verity.h | 6 +++ > > include/linux/dm-verity.h | 19 ++++++++++ > > 3 files changed, 96 insertions(+) > > create mode 100644 include/linux/dm-verity.h > > We need an ACK from Alasdair and/or Mike on this too. A gentle ping with a reminder ... For reference, the full patchset can be found on lore at the link below: https://lore.kernel.org/linux-security-module/1696457386-3010-1-git-send-email-wufan@linux.microsoft.com/ > > diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c > > index 80673b66c194..db58b53649e3 100644 > > --- a/drivers/md/dm-verity-target.c > > +++ b/drivers/md/dm-verity-target.c > > @@ -13,6 +13,7 @@ > > * access behavior. > > */ > > > > +#include "dm-core.h" > > #include "dm-verity.h" > > #include "dm-verity-fec.h" > > #include "dm-verity-verify-sig.h" > > @@ -22,6 +23,9 @@ > > #include <linux/scatterlist.h> > > #include <linux/string.h> > > #include <linux/jump_label.h> > > +#include <linux/security.h> > > +#include <linux/dm-verity.h> > > +#include <crypto/hash_info.h> > > > > #define DM_MSG_PREFIX "verity" > > > > @@ -952,6 +956,17 @@ static void verity_io_hints(struct dm_target *ti, struct queue_limits *limits) > > blk_limits_io_min(limits, limits->logical_block_size); > > } > > > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > > +static void verity_free_sig(struct dm_verity *v) > > +{ > > + kfree(v->root_digest_sig); > > +} > > +#else > > +static inline void verity_free_sig(struct dm_verity *v) > > +{ > > +} > > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > > + > > static void verity_dtr(struct dm_target *ti) > > { > > struct dm_verity *v = ti->private; > > @@ -966,6 +981,7 @@ static void verity_dtr(struct dm_target *ti) > > kfree(v->salt); > > kfree(v->root_digest); > > kfree(v->zero_digest); > > + verity_free_sig(v); > > > > if (v->tfm) > > crypto_free_ahash(v->tfm); > > @@ -1157,6 +1173,25 @@ static int verity_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v, > > return r; > > } > > > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > > +static int verity_init_sig(struct dm_verity *v, const void *sig, > > + size_t sig_size) > > +{ > > + v->sig_size = sig_size; > > + v->root_digest_sig = kmalloc(v->sig_size, GFP_KERNEL); > > + if (!v->root_digest) > > + return -ENOMEM; > > + > > + return 0; > > +} > > +#else > > +static inline int verity_init_sig(struct dm_verity *v, const void *sig, > > + size_t sig_size) > > +{ > > + return 0; > > +} > > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > > + > > /* > > * Target parameters: > > * <version> The current format is version 1. > > @@ -1365,6 +1400,13 @@ static int verity_ctr(struct dm_target *ti, unsigned int argc, char **argv) > > ti->error = "Root hash verification failed"; > > goto bad; > > } > > + > > + r = verity_init_sig(v, verify_args.sig, verify_args.sig_size); > > + if (r < 0) { > > + ti->error = "Cannot allocate root digest signature"; > > + goto bad; > > + } > > + > > v->hash_per_block_bits = > > __fls((1 << v->hash_dev_block_bits) / v->digest_size); > > > > @@ -1501,6 +1543,32 @@ int dm_verity_get_root_digest(struct dm_target *ti, u8 **root_digest, unsigned i > > return 0; > > } > > > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > > +static int verity_finalize(struct dm_target *ti) > > +{ > > + struct block_device *bdev; > > + struct dm_verity_digest root_digest; > > + struct dm_verity *v; > > + int r; > > + > > + v = ti->private; > > + bdev = dm_table_get_md(ti->table)->disk->part0; > > + root_digest.digest = v->root_digest; > > + root_digest.digest_len = v->digest_size; > > + root_digest.algo = v->alg_name; > > + > > + r = security_bdev_setsecurity(bdev, DM_VERITY_ROOTHASH_SEC_NAME, &root_digest, > > + sizeof(root_digest)); > > + if (r) > > + return r; > > + > > + return security_bdev_setsecurity(bdev, > > + DM_VERITY_SIGNATURE_SEC_NAME, > > + v->root_digest_sig, > > + v->sig_size); > > +} > > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > > + > > static struct target_type verity_target = { > > .name = "verity", > > .features = DM_TARGET_SINGLETON | DM_TARGET_IMMUTABLE, > > @@ -1513,6 +1581,9 @@ static struct target_type verity_target = { > > .prepare_ioctl = verity_prepare_ioctl, > > .iterate_devices = verity_iterate_devices, > > .io_hints = verity_io_hints, > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > > + .finalize = verity_finalize, > > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > > }; > > module_dm(verity); > > > > diff --git a/drivers/md/dm-verity.h b/drivers/md/dm-verity.h > > index 2f555b420367..a093d4a54615 100644 > > --- a/drivers/md/dm-verity.h > > +++ b/drivers/md/dm-verity.h > > @@ -42,6 +42,9 @@ struct dm_verity { > > u8 *root_digest; /* digest of the root block */ > > u8 *salt; /* salt: its size is salt_size */ > > u8 *zero_digest; /* digest for a zero block */ > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > > + u8 *root_digest_sig; /* digest signature of the root block */ > > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > > unsigned int salt_size; > > sector_t data_start; /* data offset in 512-byte sectors */ > > sector_t hash_start; /* hash start in blocks */ > > @@ -55,6 +58,9 @@ struct dm_verity { > > bool hash_failed:1; /* set if hash of any block failed */ > > bool use_tasklet:1; /* try to verify in tasklet before work-queue */ > > unsigned int digest_size; /* digest size for the current hash algorithm */ > > +#ifdef CONFIG_IPE_PROP_DM_VERITY > > + unsigned int sig_size; /* digest signature size */ > > +#endif /* CONFIG_IPE_PROP_DM_VERITY */ > > unsigned int ahash_reqsize;/* the size of temporary space for crypto */ > > enum verity_mode mode; /* mode for handling verification errors */ > > unsigned int corrupted_errs;/* Number of errors for corrupted blocks */ > > diff --git a/include/linux/dm-verity.h b/include/linux/dm-verity.h > > new file mode 100644 > > index 000000000000..bb0413d55d72 > > --- /dev/null > > +++ b/include/linux/dm-verity.h > > @@ -0,0 +1,19 @@ > > +/* SPDX-License-Identifier: GPL-2.0 */ > > + > > +#ifndef _LINUX_DM_VERITY_H > > +#define _LINUX_DM_VERITY_H > > + > > +#include <linux/types.h> > > +#include <crypto/hash_info.h> > > +#include <linux/device-mapper.h> > > + > > +struct dm_verity_digest { > > + const char *algo; > > + const u8 *digest; > > + size_t digest_len; > > +}; > > + > > +#define DM_VERITY_SIGNATURE_SEC_NAME DM_NAME ".verity-signature" > > +#define DM_VERITY_ROOTHASH_SEC_NAME DM_NAME ".verity-roothash" > > + > > +#endif /* _LINUX_DM_VERITY_H */ > > -- > > 2.25.1
diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c index 80673b66c194..db58b53649e3 100644 --- a/drivers/md/dm-verity-target.c +++ b/drivers/md/dm-verity-target.c @@ -13,6 +13,7 @@ * access behavior. */ +#include "dm-core.h" #include "dm-verity.h" #include "dm-verity-fec.h" #include "dm-verity-verify-sig.h" @@ -22,6 +23,9 @@ #include <linux/scatterlist.h> #include <linux/string.h> #include <linux/jump_label.h> +#include <linux/security.h> +#include <linux/dm-verity.h> +#include <crypto/hash_info.h> #define DM_MSG_PREFIX "verity" @@ -952,6 +956,17 @@ static void verity_io_hints(struct dm_target *ti, struct queue_limits *limits) blk_limits_io_min(limits, limits->logical_block_size); } +#ifdef CONFIG_IPE_PROP_DM_VERITY +static void verity_free_sig(struct dm_verity *v) +{ + kfree(v->root_digest_sig); +} +#else +static inline void verity_free_sig(struct dm_verity *v) +{ +} +#endif /* CONFIG_IPE_PROP_DM_VERITY */ + static void verity_dtr(struct dm_target *ti) { struct dm_verity *v = ti->private; @@ -966,6 +981,7 @@ static void verity_dtr(struct dm_target *ti) kfree(v->salt); kfree(v->root_digest); kfree(v->zero_digest); + verity_free_sig(v); if (v->tfm) crypto_free_ahash(v->tfm); @@ -1157,6 +1173,25 @@ static int verity_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v, return r; } +#ifdef CONFIG_IPE_PROP_DM_VERITY +static int verity_init_sig(struct dm_verity *v, const void *sig, + size_t sig_size) +{ + v->sig_size = sig_size; + v->root_digest_sig = kmalloc(v->sig_size, GFP_KERNEL); + if (!v->root_digest) + return -ENOMEM; + + return 0; +} +#else +static inline int verity_init_sig(struct dm_verity *v, const void *sig, + size_t sig_size) +{ + return 0; +} +#endif /* CONFIG_IPE_PROP_DM_VERITY */ + /* * Target parameters: * <version> The current format is version 1. @@ -1365,6 +1400,13 @@ static int verity_ctr(struct dm_target *ti, unsigned int argc, char **argv) ti->error = "Root hash verification failed"; goto bad; } + + r = verity_init_sig(v, verify_args.sig, verify_args.sig_size); + if (r < 0) { + ti->error = "Cannot allocate root digest signature"; + goto bad; + } + v->hash_per_block_bits = __fls((1 << v->hash_dev_block_bits) / v->digest_size); @@ -1501,6 +1543,32 @@ int dm_verity_get_root_digest(struct dm_target *ti, u8 **root_digest, unsigned i return 0; } +#ifdef CONFIG_IPE_PROP_DM_VERITY +static int verity_finalize(struct dm_target *ti) +{ + struct block_device *bdev; + struct dm_verity_digest root_digest; + struct dm_verity *v; + int r; + + v = ti->private; + bdev = dm_table_get_md(ti->table)->disk->part0; + root_digest.digest = v->root_digest; + root_digest.digest_len = v->digest_size; + root_digest.algo = v->alg_name; + + r = security_bdev_setsecurity(bdev, DM_VERITY_ROOTHASH_SEC_NAME, &root_digest, + sizeof(root_digest)); + if (r) + return r; + + return security_bdev_setsecurity(bdev, + DM_VERITY_SIGNATURE_SEC_NAME, + v->root_digest_sig, + v->sig_size); +} +#endif /* CONFIG_IPE_PROP_DM_VERITY */ + static struct target_type verity_target = { .name = "verity", .features = DM_TARGET_SINGLETON | DM_TARGET_IMMUTABLE, @@ -1513,6 +1581,9 @@ static struct target_type verity_target = { .prepare_ioctl = verity_prepare_ioctl, .iterate_devices = verity_iterate_devices, .io_hints = verity_io_hints, +#ifdef CONFIG_IPE_PROP_DM_VERITY + .finalize = verity_finalize, +#endif /* CONFIG_IPE_PROP_DM_VERITY */ }; module_dm(verity); diff --git a/drivers/md/dm-verity.h b/drivers/md/dm-verity.h index 2f555b420367..a093d4a54615 100644 --- a/drivers/md/dm-verity.h +++ b/drivers/md/dm-verity.h @@ -42,6 +42,9 @@ struct dm_verity { u8 *root_digest; /* digest of the root block */ u8 *salt; /* salt: its size is salt_size */ u8 *zero_digest; /* digest for a zero block */ +#ifdef CONFIG_IPE_PROP_DM_VERITY + u8 *root_digest_sig; /* digest signature of the root block */ +#endif /* CONFIG_IPE_PROP_DM_VERITY */ unsigned int salt_size; sector_t data_start; /* data offset in 512-byte sectors */ sector_t hash_start; /* hash start in blocks */ @@ -55,6 +58,9 @@ struct dm_verity { bool hash_failed:1; /* set if hash of any block failed */ bool use_tasklet:1; /* try to verify in tasklet before work-queue */ unsigned int digest_size; /* digest size for the current hash algorithm */ +#ifdef CONFIG_IPE_PROP_DM_VERITY + unsigned int sig_size; /* digest signature size */ +#endif /* CONFIG_IPE_PROP_DM_VERITY */ unsigned int ahash_reqsize;/* the size of temporary space for crypto */ enum verity_mode mode; /* mode for handling verification errors */ unsigned int corrupted_errs;/* Number of errors for corrupted blocks */ diff --git a/include/linux/dm-verity.h b/include/linux/dm-verity.h new file mode 100644 index 000000000000..bb0413d55d72 --- /dev/null +++ b/include/linux/dm-verity.h @@ -0,0 +1,19 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#ifndef _LINUX_DM_VERITY_H +#define _LINUX_DM_VERITY_H + +#include <linux/types.h> +#include <crypto/hash_info.h> +#include <linux/device-mapper.h> + +struct dm_verity_digest { + const char *algo; + const u8 *digest; + size_t digest_len; +}; + +#define DM_VERITY_SIGNATURE_SEC_NAME DM_NAME ".verity-signature" +#define DM_VERITY_ROOTHASH_SEC_NAME DM_NAME ".verity-roothash" + +#endif /* _LINUX_DM_VERITY_H */