2 * dm-verity volume handling
4 * Copyright (C) 2012, Red Hat, Inc. All rights reserved.
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
29 #define VERITY_MAX_LEVELS 63
31 static unsigned get_bits_up(size_t u)
39 static unsigned get_bits_down(size_t u)
47 static int verify_zero(struct crypt_device *cd, FILE *wr, size_t bytes)
52 if (fread(block, bytes, 1, wr) != 1) {
53 log_dbg("EIO while reading spare area.");
56 for (i = 0; i < bytes; i++)
58 log_err(cd, _("Spare area is not zeroed at position %" PRIu64 ".\n"),
65 static int verify_hash_block(const char *hash_name, int version,
66 char *hash, size_t hash_size,
67 const char *data, size_t data_size,
68 const char *salt, size_t salt_size)
70 struct crypt_hash *ctx = NULL;
73 if (crypt_hash_init(&ctx, hash_name))
76 if (version == 1 && (r = crypt_hash_write(ctx, salt, salt_size)))
79 if ((r = crypt_hash_write(ctx, data, data_size)))
82 if (version == 0 && (r = crypt_hash_write(ctx, salt, salt_size)))
85 r = crypt_hash_final(ctx, hash, hash_size);
87 crypt_hash_destroy(ctx);
91 static int mult_overflow(off_t *u, off_t b, size_t size)
93 *u = (uint64_t)b * size;
94 if ((off_t)(*u / size) != b || (off_t)*u < 0)
99 static int create_or_verify(struct crypt_device *cd, FILE *rd, FILE *wr,
100 off_t data_block, size_t data_block_size,
101 off_t hash_block, size_t hash_block_size,
102 off_t blocks, int version,
103 const char *hash_name, int verify,
104 char *calculated_digest, size_t digest_size,
105 const char *salt, size_t salt_size)
107 char left_block[hash_block_size];
108 char data_buffer[data_block_size];
109 char read_digest[digest_size];
110 size_t hash_per_block = 1 << get_bits_down(hash_block_size / digest_size);
111 size_t digest_size_full = 1 << get_bits_up(digest_size);
112 off_t blocks_to_write = (blocks + hash_per_block - 1) / hash_per_block;
113 off_t seek_rd, seek_wr;
118 if (mult_overflow(&seek_rd, data_block, data_block_size) ||
119 mult_overflow(&seek_wr, hash_block, hash_block_size)) {
120 log_err(cd, _("Device offset overflow.\n"));
124 if (fseeko(rd, seek_rd, SEEK_SET)) {
125 log_dbg("Cannot seek to requested position in data device.");
129 if (wr && fseeko(wr, seek_wr, SEEK_SET)) {
130 log_dbg("Cannot seek to requested position in hash device.");
134 memset(left_block, 0, hash_block_size);
135 while (blocks_to_write--) {
136 left_bytes = hash_block_size;
137 for (i = 0; i < hash_per_block; i++) {
141 if (fread(data_buffer, data_block_size, 1, rd) != 1) {
142 log_dbg("Cannot read data device block.");
146 if (verify_hash_block(hash_name, version,
147 calculated_digest, digest_size,
148 data_buffer, data_block_size,
155 if (fread(read_digest, digest_size, 1, wr) != 1) {
156 log_dbg("Cannot read digest form hash device.");
159 if (memcmp(read_digest, calculated_digest, digest_size)) {
160 log_err(cd, _("Verification failed at position %" PRIu64 ".\n"),
161 ftello(rd) - data_block_size);
165 if (fwrite(calculated_digest, digest_size, 1, wr) != 1) {
166 log_dbg("Cannot write digest to hash device.");
171 left_bytes -= digest_size;
173 if (digest_size_full - digest_size) {
175 r = verify_zero(cd, wr, digest_size_full - digest_size);
178 } else if (fwrite(left_block, digest_size_full - digest_size, 1, wr) != 1) {
179 log_dbg("Cannot write spare area to hash device.");
183 left_bytes -= digest_size_full;
186 if (wr && left_bytes) {
188 r = verify_zero(cd , wr, left_bytes);
191 } else if (fwrite(left_block, left_bytes, 1, wr) != 1) {
192 log_dbg("Cannot write remaining spare area to hash device.");
201 static int VERITY_create_or_verify_hash(struct crypt_device *cd,
204 const char *hash_name,
205 struct device *hash_device,
206 struct device *data_device,
207 size_t hash_block_size,
208 size_t data_block_size,
216 char calculated_digest[digest_size];
217 FILE *data_file = NULL;
218 FILE *hash_file = NULL, *hash_file_2;
219 off_t hash_level_block[VERITY_MAX_LEVELS];
220 off_t hash_level_size[VERITY_MAX_LEVELS];
221 off_t data_file_blocks, s;
222 size_t hash_per_block, hash_per_block_bits;
223 off_t data_device_size = 0, hash_device_size = 0;
227 log_dbg("Hash %s %s, data device %s, data blocks %" PRIu64
228 ", hash_device %s, offset %" PRIu64 ".",
229 verify ? "verification" : "creation", hash_name,
230 device_path(data_device), data_blocks,
231 device_path(hash_device), hash_position);
233 if (data_blocks < 0 || hash_position < 0) {
234 log_err(cd, _("Invalid size parameters for verity device.\n"));
239 r = device_size(data_device, &dev_size);
243 data_file_blocks = dev_size / data_block_size;
245 data_file_blocks = data_blocks;
247 if (mult_overflow(&data_device_size, data_blocks, data_block_size)) {
248 log_err(cd, _("Device offset overflow.\n"));
252 hash_per_block_bits = get_bits_down(hash_block_size / digest_size);
253 hash_per_block = 1 << hash_per_block_bits;
254 if (!hash_per_block_bits)
258 if (data_file_blocks) {
259 while (hash_per_block_bits * levels < 64 &&
260 (data_file_blocks - 1) >> (hash_per_block_bits * levels))
263 log_dbg("Using %d hash levels.", levels);
265 if (levels > VERITY_MAX_LEVELS) {
266 log_err(cd, _("Too many tree levels for verity volume.\n"));
270 for (i = levels - 1; i >= 0; i--) {
271 hash_level_block[i] = hash_position;
272 // verity position of block data_file_blocks at level i
273 s = data_file_blocks >> (i * hash_per_block_bits);
274 s = (s + hash_per_block - 1) / hash_per_block;
275 hash_level_size[i] = s;
276 if (hash_position + s < hash_position ||
277 (hash_position + s) < 0 ||
278 (hash_position + s) != hash_position + s) {
279 log_err(cd, _("Device offset overflow.\n"));
285 if (mult_overflow(&hash_device_size, hash_position, hash_block_size)) {
286 log_err(cd, _("Device offset overflow.\n"));
290 log_dbg("Data device size required: %" PRIu64 " bytes.",
292 data_file = fopen(device_path(data_device), "r");
294 log_err(cd, _("Cannot open device %s.\n"),
295 device_path(data_device)
301 log_dbg("Hash device size required: %" PRIu64 " bytes.",
303 hash_file = fopen(device_path(hash_device), verify ? "r" : "r+");
305 log_err(cd, _("Cannot open device %s.\n"),
306 device_path(hash_device));
311 memset(calculated_digest, 0, digest_size);
313 for (i = 0; i < levels; i++) {
315 r = create_or_verify(cd, data_file, hash_file,
317 hash_level_block[i], hash_block_size,
318 data_file_blocks, version, hash_name, verify,
319 calculated_digest, digest_size, salt, salt_size);
323 hash_file_2 = fopen(device_path(hash_device), "r");
325 log_err(cd, _("Cannot open device %s.\n"),
326 device_path(hash_device));
330 r = create_or_verify(cd, hash_file_2, hash_file,
331 hash_level_block[i - 1], hash_block_size,
332 hash_level_block[i], hash_block_size,
333 hash_level_size[i - 1], version, hash_name, verify,
334 calculated_digest, digest_size, salt, salt_size);
342 r = create_or_verify(cd, hash_file, NULL,
343 hash_level_block[levels - 1], hash_block_size,
345 1, version, hash_name, verify,
346 calculated_digest, digest_size, salt, salt_size);
348 r = create_or_verify(cd, data_file, NULL,
351 data_file_blocks, version, hash_name, verify,
352 calculated_digest, digest_size, salt, salt_size);
356 log_err(cd, _("Verification of data area failed.\n"));
358 log_dbg("Verification of data area succeeded.");
359 r = memcmp(root_hash, calculated_digest, digest_size) ? -EPERM : 0;
361 log_err(cd, _("Verification of root hash failed.\n"));
363 log_dbg("Verification of root hash succeeded.");
367 log_err(cd, _("Input/output error while creating hash area.\n"));
369 log_err(cd, _("Creation of hash area failed.\n"));
371 fsync(fileno(hash_file));
372 memcpy(root_hash, calculated_digest, digest_size);
383 /* Verify verity device using userspace crypto backend */
384 int VERITY_verify(struct crypt_device *cd,
385 struct crypt_params_verity *verity_hdr,
386 const char *root_hash,
387 size_t root_hash_size)
389 return VERITY_create_or_verify_hash(cd, 1,
390 verity_hdr->hash_type,
391 verity_hdr->hash_name,
392 crypt_metadata_device(cd),
393 crypt_data_device(cd),
394 verity_hdr->hash_block_size,
395 verity_hdr->data_block_size,
396 verity_hdr->data_size,
397 VERITY_hash_offset_block(verity_hdr),
398 CONST_CAST(char*)root_hash,
401 verity_hdr->salt_size);
404 /* Create verity hash */
405 int VERITY_create(struct crypt_device *cd,
406 struct crypt_params_verity *verity_hdr,
408 size_t root_hash_size)
410 unsigned pgsize = crypt_getpagesize();
412 if (verity_hdr->salt_size > 256)
415 if (verity_hdr->data_block_size > pgsize)
416 log_err(cd, _("WARNING: Kernel cannot activate device if data "
417 "block size exceeds page size (%u).\n"), pgsize);
419 return VERITY_create_or_verify_hash(cd, 0,
420 verity_hdr->hash_type,
421 verity_hdr->hash_name,
422 crypt_metadata_device(cd),
423 crypt_data_device(cd),
424 verity_hdr->hash_block_size,
425 verity_hdr->data_block_size,
426 verity_hdr->data_size,
427 VERITY_hash_offset_block(verity_hdr),
431 verity_hdr->salt_size);