Prepare new superblock format.

[platform/upstream/cryptsetup.git] / lib / verity / verity_hash.c

diff --git a/lib/verity/verity_hash.c b/lib/verity/verity_hash.c
index 39086b7..e7ef93d 100644 (file)
--- a/lib/verity/verity_hash.c
+++ b/lib/verity/verity_hash.c
@@ -189,7 +189,7 @@ static int VERITY_create_or_verify_hash(struct crypt_device *cd,
        uint64_t data_device_size;
        int levels, i, r;
 
-       log_dbg("Userspace hash %s %s, data device %s, data blocks %" PRIu64
+       log_dbg("Hash %s %s, data device %s, data blocks %" PRIu64
                ", hash_device %s, offset %" PRIu64 ".",
                verify ? "verification" : "creation", hash_name,
                data_device, data_blocks, hash_device, hash_position);
@@ -324,7 +324,7 @@ int VERITY_verify(struct crypt_device *cd,
                  size_t root_hash_size)
 {
        return VERITY_create_or_verify_hash(cd, 1,
-               verity_hdr->version,
+               verity_hdr->hash_type,
                verity_hdr->hash_name,
                hash_device,
                data_device,
@@ -346,11 +346,18 @@ int VERITY_create(struct crypt_device *cd,
                  char *root_hash,
                  size_t root_hash_size)
 {
-       if (verity_hdr->salt_size > VERITY_MAX_SALT_SIZE)
+       int pgsize = crypt_getpagesize();
+
+       if (verity_hdr->salt_size > 256)
                return -EINVAL;
 
+       if (verity_hdr->hash_block_size > pgsize ||
+           verity_hdr->data_block_size > pgsize)
+               log_err(cd, _("WARNING: Kernel cannot activate device if block "
+                             "size exceeds page size (%u).\n"), pgsize);
+
        return VERITY_create_or_verify_hash(cd, 0,
-               verity_hdr->version,
+               verity_hdr->hash_type,
                verity_hdr->hash_name,
                hash_device,
                data_device,