From 0de4b65ba6bbc966457f90e1fb39a6908ee84914 Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Mon, 11 Jun 2012 12:35:18 +0200 Subject: [PATCH 1/1] Rename hash-start to hash-offset and switch to use bytes units. --- man/veritysetup.8 | 9 +++++---- src/veritysetup.c | 14 ++++++-------- tests/verity-compat-test | 18 +++++++++--------- 3 files changed, 20 insertions(+), 21 deletions(-) diff --git a/man/veritysetup.8 b/man/veritysetup.8 index 3a61b00..bc8fad9 100644 --- a/man/veritysetup.8 +++ b/man/veritysetup.8 @@ -18,7 +18,7 @@ Veritysetup supports these operations: .IP Calculates and permanently stores hash verification data for data_device. Hash area can be located on the same device after data if specified -by \-\-hash\-start option. +by \-\-hash\-offset option. Note you need to provide root hash string for device verification or activation. Root hash must be trusted. @@ -28,7 +28,7 @@ allocates loopback device. In this case, hash file size must be enough to store the hash area. \fB\fR can be [\-\-hash, \-\-no-superblock, \-\-format, -\-\-data-block-size, \-\-hash-block-size, \-\-data-blocks, \-\-hash-start, +\-\-data-block-size, \-\-hash-block-size, \-\-data-blocks, \-\-hash-offset, \-\-salt, \-\-uuid] .PP \fIcreate\fR @@ -38,7 +38,7 @@ Creates a mapping with backed by device and using The is a hexadecimal string. -\fB\fR can be [\-\-hash-start, \-\-no-superblock] +\fB\fR can be [\-\-hash-offset, \-\-no-superblock] If option \-\-no-superblock is used, you have to use as the same options as in initial format operation. @@ -84,8 +84,9 @@ Used block size for the hash device. Size of data device used in verification. If not specified, the whole device is used. .TP -.B "\-\-hash-start=512-bytes sectors" +.B "\-\-hash-offset=bytes" Offset of hash area/superblock on hash_device. +Value must be aligned to disk sector offset. .TP .B "\-\-salt=hex string" Salt used for format or verification. diff --git a/src/veritysetup.c b/src/veritysetup.c index c84f206..3b1991d 100644 --- a/src/veritysetup.c +++ b/src/veritysetup.c @@ -40,7 +40,7 @@ static int data_block_size = DEFAULT_VERITY_DATA_BLOCK; static int hash_block_size = DEFAULT_VERITY_HASH_BLOCK; static uint64_t data_blocks = 0; static const char *salt_string = NULL; -static uint64_t hash_start = 0; +static uint64_t hash_offset = 0; static const char *opt_uuid = NULL; static int opt_verbose = 0; @@ -139,7 +139,7 @@ static int _prepare_format(struct crypt_params_verity *params, params->data_block_size = data_block_size; params->hash_block_size = hash_block_size; params->data_size = data_blocks; - params->hash_area_offset = hash_start; + params->hash_area_offset = hash_offset; params->hash_type = hash_type; params->flags = flags; @@ -189,7 +189,7 @@ static int _activate(const char *dm_device, if (use_superblock) { params.flags = flags; - params.hash_area_offset = hash_start; + params.hash_area_offset = hash_offset; r = crypt_load(cd, CRYPT_VERITY, ¶ms); } else { r = _prepare_format(¶ms, data_device, flags | CRYPT_VERITY_NO_HEADER); @@ -349,7 +349,7 @@ static int action_dump(int arg) if ((r = crypt_init(&cd, action_argv[0]))) return r; - params.hash_area_offset = hash_start; + params.hash_area_offset = hash_offset; r = crypt_load(cd, CRYPT_VERITY, ¶ms); if (!r) crypt_dump(cd); @@ -506,7 +506,7 @@ int main(int argc, const char **argv) { "data-block-size", 0, POPT_ARG_INT, &data_block_size, 0, N_("Block size on the data device"), N_("bytes") }, { "hash-block-size", 0, POPT_ARG_INT, &hash_block_size, 0, N_("Block size on the hash device"), N_("bytes") }, { "data-blocks", 0, POPT_ARG_STRING, &popt_tmp, 1, N_("The number of blocks in the data file"), N_("blocks") }, - { "hash-start", 0, POPT_ARG_STRING, &popt_tmp, 2, N_("Starting block on the hash device"), N_("512-byte sectors") }, + { "hash-offset", 0, POPT_ARG_STRING, &popt_tmp, 2, N_("Starting offset on the hash device"), N_("bytes") }, { "hash", 'h', POPT_ARG_STRING, &hash_algorithm, 0, N_("Hash algorithm"), N_("string") }, { "salt", 's', POPT_ARG_STRING, &salt_string, 0, N_("Salt"), N_("hex string") }, { "uuid", '\0', POPT_ARG_STRING, &opt_uuid, 0, N_("UUID for device to use."), NULL }, @@ -544,9 +544,7 @@ int main(int argc, const char **argv) data_blocks = ull_value; break; case 2: - hash_start = ull_value * 512; - if (hash_start / 512 != ull_value) - r = POPT_ERROR_BADNUMBER; + hash_offset = ull_value; break; } diff --git a/tests/verity-compat-test b/tests/verity-compat-test index b8156d7..55a7df4 100755 --- a/tests/verity-compat-test +++ b/tests/verity-compat-test @@ -70,9 +70,9 @@ function compare_out() # $1 what, $2 expected function check_root_hash() # $1 size, $2 hash, $3 salt, $4 version, $5 hash, [$6 offset] { if [ -z "$LOOPDEV2" ] ; then - BLOCKS=$(($6 * 512 / $1)) + BLOCKS=$(($6 / $1)) DEV_PARAMS="$LOOPDEV1 $LOOPDEV1 \ - --hash-start $6 \ + --hash-offset $6 \ --data-blocks=$BLOCKS --debug" else DEV_PARAMS="$LOOPDEV1 $LOOPDEV2" @@ -173,16 +173,16 @@ check_root_hash 1024 73509e8e868be6b8ac939817a98a3d35121413b2 dadada 1 sha1 echo "Verity tests [one device offset]" prepare $((8192 + 1024)) -check_root_hash 512 9de18652fe74edfb9b805aaed72ae2aa48f94333f1ba5c452ac33b1c39325174 $SALT 1 sha256 16384 -check_root_hash 1024 54d92778750495d1f80832b486ebd007617d746271511bbf0e295e143da2b3df $SALT 1 sha256 16384 -check_root_hash 4096 e522df0f97da4febb882ac40f30b37dc0b444bf6df418929463fa25280f09d5c $SALT 1 sha256 16384 +check_root_hash 512 9de18652fe74edfb9b805aaed72ae2aa48f94333f1ba5c452ac33b1c39325174 $SALT 1 sha256 8388608 +check_root_hash 1024 54d92778750495d1f80832b486ebd007617d746271511bbf0e295e143da2b3df $SALT 1 sha256 8388608 +check_root_hash 4096 e522df0f97da4febb882ac40f30b37dc0b444bf6df418929463fa25280f09d5c $SALT 1 sha256 8388608 # version 0 -check_root_hash 4096 cbbf4ebd004ef65e29b935bb635a39cf754d677f3fa10b0126da725bbdf10f7d $SALT 0 sha256 16384 +check_root_hash 4096 cbbf4ebd004ef65e29b935bb635a39cf754d677f3fa10b0126da725bbdf10f7d $SALT 0 sha256 8388608 # no salt -check_root_hash 4096 ef29c902d87350f1da4bfa536e16cebc162a909bf89abe448b81ec500d4fb9bf - 1 sha256 16384 +check_root_hash 4096 ef29c902d87350f1da4bfa536e16cebc162a909bf89abe448b81ec500d4fb9bf - 1 sha256 8388608 # sha1 -check_root_hash 1024 d0e9163ca8844aaa2e88fe5265a8c5d9ee494a99 $SALT 1 sha1 16384 -check_root_hash 1024 73509e8e868be6b8ac939817a98a3d35121413b2 dadada 1 sha1 16384 +check_root_hash 1024 d0e9163ca8844aaa2e88fe5265a8c5d9ee494a99 $SALT 1 sha1 8388608 +check_root_hash 1024 73509e8e868be6b8ac939817a98a3d35121413b2 dadada 1 sha1 8388608 remove_mapping exit 0 -- 2.7.4