((meta_offset=$block_count * $block_size))
((hash_offset=$meta_offset + 32768))
- ((dmsetup_sectors=$block_count * $block_size / 512))
- ((dmsetup_blocks=$block_count * $block_size / 4096))
- ((dmsetup_hash_offset=$hash_offset / 4096 + 1))
-
((meta_verity_offset=$meta_offset))
((meta_enable_offset=$meta_offset + 16))
((meta_root_hash_offset=$meta_offset + 32))
# if [ $signing_result != 0 ]; then exit 2; fi
############################################################################
- /sbin/dmsetup create $NAME -r --table "0 $dmsetup_sectors verity 1 $ROOTFS $ROOTFS 4096 4096 \
- $dmsetup_blocks $dmsetup_hash_offset sha256 $root_hash $salt 1 ignore_zero_blocks"
+ # replace dmsetup to veritysetup
+ # veritysetup reads super block to retrieve parameters:
+ # data block size, hash block size, number of data block, hashing algorithm, salt
+ /sbin/veritysetup --hash-offset=$hash_offset --ignore-zero-blocks open $ROOTFS $NAME $ROOTFS $root_hash
mount /dev/mapper/$NAME /sysroot
exit 1
}
# if /sbin/veritysetup does not exist, ignore dm-verity.
-if [ ! -f /sbin/veritysetup -a ! -f /sbin/dmsetup ]
+if [ ! -f /sbin/veritysetup ]
then
exit 1
fi
projects / platform / core / system / initrd.git / commitdiff