projects / platform / upstream / cryptsetup.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1349efa)
dm-verity: Fix a boundary condition that caused failure for certain device sizes
authorMikulas Patocka <mpatocka@redhat.com>
Fri, 28 Jun 2013 14:56:31 +0000 (10:56 -0400)
committerMilan Broz <gmazyland@gmail.com>
Fri, 28 Jun 2013 15:05:45 +0000 (17:05 +0200)
On Fri, 28 Jun 2013, Mikulas Patocka wrote:

Fix a boundary condition that caused failure for certain device sizes

The problem is reported at
http://code.google.com/p/cryptsetup/issues/detail?id=160

This is the userspace fix.

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com
lib/verity/verity_hash.c patch | blob | history

diff --git a/lib/verity/verity_hash.c b/lib/verity/verity_hash.c
index 07a20c9..3f25e91 100644 (file)
--- a/lib/verity/verity_hash.c
+++ b/lib/verity/verity_hash.c
@@ -220,7 +220,7 @@ static int VERITY_create_or_verify_hash(struct crypt_device *cd,
        off_t hash_level_block[VERITY_MAX_LEVELS];
        off_t hash_level_size[VERITY_MAX_LEVELS];
        off_t data_file_blocks, s;
-       size_t hash_per_block, hash_per_block_bits;
+       size_t hash_per_block_bits;
        off_t data_device_size = 0, hash_device_size = 0;
        uint64_t dev_size;
        int levels, i, r;
@@ -251,7 +251,6 @@ static int VERITY_create_or_verify_hash(struct crypt_device *cd,
        }
 
        hash_per_block_bits = get_bits_down(hash_block_size / digest_size);
-       hash_per_block = 1 << hash_per_block_bits;
        if (!hash_per_block_bits)
                return -EINVAL;
 
@@ -271,8 +270,7 @@ static int VERITY_create_or_verify_hash(struct crypt_device *cd,
        for (i = levels - 1; i >= 0; i--) {
                hash_level_block[i] = hash_position;
                // verity position of block data_file_blocks at level i
-               s = data_file_blocks >> (i * hash_per_block_bits);
-               s = (s + hash_per_block - 1) / hash_per_block;
+               s = (data_file_blocks + ((off_t)1 << ((i + 1) * hash_per_block_bits)) - 1) >> ((i + 1) * hash_per_block_bits);
                hash_level_size[i] = s;
                if ((hash_position + s) < hash_position ||
                    (hash_position + s) < 0) {
Domain: System / System Framework;