Back to home page

OSCL-LXR
 
 

     

0001 /* SPDX-License-Identifier: GPL-2.0-only */
0002 /*
0003  * Copyright (C) 2012 Red Hat, Inc.
0004  * Copyright (C) 2015 Google, Inc.
0005  *
0006  * Author: Mikulas Patocka <mpatocka@redhat.com>
0007  *
0008  * Based on Chromium dm-verity driver (C) 2011 The Chromium OS Authors
0009  */
0010 
0011 #ifndef DM_VERITY_H
0012 #define DM_VERITY_H
0013 
0014 #include <linux/dm-bufio.h>
0015 #include <linux/device-mapper.h>
0016 #include <linux/interrupt.h>
0017 #include <crypto/hash.h>
0018 
0019 #define DM_VERITY_MAX_LEVELS        63
0020 
0021 enum verity_mode {
0022     DM_VERITY_MODE_EIO,
0023     DM_VERITY_MODE_LOGGING,
0024     DM_VERITY_MODE_RESTART,
0025     DM_VERITY_MODE_PANIC
0026 };
0027 
0028 enum verity_block_type {
0029     DM_VERITY_BLOCK_TYPE_DATA,
0030     DM_VERITY_BLOCK_TYPE_METADATA
0031 };
0032 
0033 struct dm_verity_fec;
0034 
0035 struct dm_verity {
0036     struct dm_dev *data_dev;
0037     struct dm_dev *hash_dev;
0038     struct dm_target *ti;
0039     struct dm_bufio_client *bufio;
0040     char *alg_name;
0041     struct crypto_ahash *tfm;
0042     u8 *root_digest;    /* digest of the root block */
0043     u8 *salt;       /* salt: its size is salt_size */
0044     u8 *zero_digest;    /* digest for a zero block */
0045     unsigned salt_size;
0046     sector_t data_start;    /* data offset in 512-byte sectors */
0047     sector_t hash_start;    /* hash start in blocks */
0048     sector_t data_blocks;   /* the number of data blocks */
0049     sector_t hash_blocks;   /* the number of hash blocks */
0050     unsigned char data_dev_block_bits;  /* log2(data blocksize) */
0051     unsigned char hash_dev_block_bits;  /* log2(hash blocksize) */
0052     unsigned char hash_per_block_bits;  /* log2(hashes in hash block) */
0053     unsigned char levels;   /* the number of tree levels */
0054     unsigned char version;
0055     bool hash_failed:1; /* set if hash of any block failed */
0056     bool use_tasklet:1; /* try to verify in tasklet before work-queue */
0057     unsigned digest_size;   /* digest size for the current hash algorithm */
0058     unsigned int ahash_reqsize;/* the size of temporary space for crypto */
0059     enum verity_mode mode;  /* mode for handling verification errors */
0060     unsigned corrupted_errs;/* Number of errors for corrupted blocks */
0061 
0062     struct workqueue_struct *verify_wq;
0063 
0064     /* starting blocks for each tree level. 0 is the lowest level. */
0065     sector_t hash_level_block[DM_VERITY_MAX_LEVELS];
0066 
0067     struct dm_verity_fec *fec;  /* forward error correction */
0068     unsigned long *validated_blocks; /* bitset blocks validated */
0069 
0070     char *signature_key_desc; /* signature keyring reference */
0071 };
0072 
0073 struct dm_verity_io {
0074     struct dm_verity *v;
0075 
0076     /* original value of bio->bi_end_io */
0077     bio_end_io_t *orig_bi_end_io;
0078 
0079     sector_t block;
0080     unsigned n_blocks;
0081     bool in_tasklet;
0082 
0083     struct bvec_iter iter;
0084 
0085     struct work_struct work;
0086     struct tasklet_struct tasklet;
0087 
0088     /*
0089      * Three variably-size fields follow this struct:
0090      *
0091      * u8 hash_req[v->ahash_reqsize];
0092      * u8 real_digest[v->digest_size];
0093      * u8 want_digest[v->digest_size];
0094      *
0095      * To access them use: verity_io_hash_req(), verity_io_real_digest()
0096      * and verity_io_want_digest().
0097      */
0098 };
0099 
0100 static inline struct ahash_request *verity_io_hash_req(struct dm_verity *v,
0101                              struct dm_verity_io *io)
0102 {
0103     return (struct ahash_request *)(io + 1);
0104 }
0105 
0106 static inline u8 *verity_io_real_digest(struct dm_verity *v,
0107                     struct dm_verity_io *io)
0108 {
0109     return (u8 *)(io + 1) + v->ahash_reqsize;
0110 }
0111 
0112 static inline u8 *verity_io_want_digest(struct dm_verity *v,
0113                     struct dm_verity_io *io)
0114 {
0115     return (u8 *)(io + 1) + v->ahash_reqsize + v->digest_size;
0116 }
0117 
0118 static inline u8 *verity_io_digest_end(struct dm_verity *v,
0119                        struct dm_verity_io *io)
0120 {
0121     return verity_io_want_digest(v, io) + v->digest_size;
0122 }
0123 
0124 extern int verity_for_bv_block(struct dm_verity *v, struct dm_verity_io *io,
0125                    struct bvec_iter *iter,
0126                    int (*process)(struct dm_verity *v,
0127                           struct dm_verity_io *io,
0128                           u8 *data, size_t len));
0129 
0130 extern int verity_hash(struct dm_verity *v, struct ahash_request *req,
0131                const u8 *data, size_t len, u8 *digest);
0132 
0133 extern int verity_hash_for_block(struct dm_verity *v, struct dm_verity_io *io,
0134                  sector_t block, u8 *digest, bool *is_zero);
0135 
0136 extern bool dm_is_verity_target(struct dm_target *ti);
0137 extern int dm_verity_get_root_digest(struct dm_target *ti, u8 **root_digest,
0138                      unsigned int *digest_size);
0139 
0140 #endif /* DM_VERITY_H */
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!