From: Milan Broz Date: Sun, 12 Aug 2012 20:49:42 +0000 (+0200) Subject: Create hash image if doesn't exist in veritysetup format. X-Git-Tag: upstream/1.6~194 X-Git-Url: http://review.tizen.org/git/?p=platform%2Fupstream%2Fcryptsetup.git;a=commitdiff_plain;h=49b018c7650f66903de4deba38bd77eb373c2ae9 Create hash image if doesn't exist in veritysetup format. --- diff --git a/ChangeLog b/ChangeLog index 0a8e9d3..18cdcd3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ 2012-08-12 Milan Broz * Allocate loop device late (only when real block device needed). * Rework underlying device/file access functions. + * Create hash image if doesn't exist in veritysetup format. 2012-07-10 Milan Broz * Version 1.5.0. diff --git a/man/veritysetup.8 b/man/veritysetup.8 index c81e64f..ceda89f 100644 --- a/man/veritysetup.8 +++ b/man/veritysetup.8 @@ -23,9 +23,8 @@ by \-\-hash\-offset option. Note you need to provide root hash string for device verification or activation. Root hash must be trusted. -If data or hash device argument points to regular file, veritysetup -allocates loopback device. In this case, hash file size must be enough -to store the hash area. +The data or hash device argument can be block device or file image. +If hash device path doesn't exist, it will be created as file. \fB\fR can be [\-\-hash, \-\-no-superblock, \-\-format, \-\-data-block-size, \-\-hash-block-size, \-\-data-blocks, \-\-hash-offset, diff --git a/src/veritysetup.c b/src/veritysetup.c index d9bc048..5a8c599 100644 --- a/src/veritysetup.c +++ b/src/veritysetup.c @@ -26,7 +26,9 @@ #include #include #include +#include #include +#include #include "cryptsetup.h" @@ -140,8 +142,20 @@ static int action_format(int arg) struct crypt_device *cd = NULL; struct crypt_params_verity params = {}; uint32_t flags = CRYPT_VERITY_CREATE_HASH; + struct stat st; int r; + /* Try to create hash image if doesn't exist */ + if (stat(action_argv[1], &st) < 0) { + log_dbg("Creating hash image %s.", action_argv[1]); + r = open(action_argv[1], O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR); + if (r < 0) { + log_err(_("Cannot create hash image %s for writing.\n"), action_argv[1]); + return -EINVAL; + } + close(r); + } + if ((r = crypt_init(&cd, action_argv[1]))) goto out; diff --git a/tests/verity-compat-test b/tests/verity-compat-test index 813dcdb..b39dcf8 100755 --- a/tests/verity-compat-test +++ b/tests/verity-compat-test @@ -11,7 +11,6 @@ function remove_mapping() { [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME [ ! -z "$LOOPDEV1" ] && losetup -d $LOOPDEV1 >/dev/null 2>&1 - [ ! -z "$LOOPDEV2" ] && losetup -d $LOOPDEV2 >/dev/null 2>&1 rm -f $IMG $IMG_HASH $DEV_OUT >/dev/null 2>&1 LOOPDEV1="" LOOPDEV2="" @@ -42,17 +41,13 @@ function prepare() # $1 dev1_siz [$2 dev2_size] losetup $LOOPDEV1 $IMG [ -z "$2" ] && return - dd if=/dev/zero of=$IMG_HASH bs=1k count=$2 >/dev/null 2>&1 - LOOPDEV2=$(losetup -f 2>/dev/null) - [ -z "$LOOPDEV2" ] && fail "No free loop device" - losetup $LOOPDEV2 $IMG_HASH + LOOPDEV2=$IMG_HASH } function wipe() { dd if=/dev/zero of=$LOOPDEV1 bs=256k >/dev/null 2>&1 - dd if=/dev/zero of=$LOOPDEV2 bs=256k >/dev/null 2>&1 - rm -f $DEV_OUT >/dev/null 2>&1 + rm -f $IMG_HASH $DEV_OUT >/dev/null 2>&1 } function check_exists() @@ -111,14 +106,14 @@ function check_root_hash() # $1 size, $2 hash, $3 salt, $4 version, $5 hash, [$6 case $fail in data) - dd if=/dev/urandom of=$LOOPDEV1 bs=1 seek=3456 count=8 2>/dev/null + dd if=/dev/urandom of=$LOOPDEV1 bs=1 seek=3456 count=8 conv=notrunc 2>/dev/null TXT="data_dev" ;; hash) if [ -z "$LOOPDEV2" ] ; then - dd if=/dev/urandom of=$LOOPDEV1 bs=1 seek=$((8193 + $4)) count=8 2>/dev/null + dd if=/dev/urandom of=$LOOPDEV1 bs=1 seek=$((8193 + $4)) count=8 conv=notrunc 2>/dev/null else - dd if=/dev/urandom of=$LOOPDEV2 bs=1 seek=8193 count=8 2>/dev/null + dd if=/dev/urandom of=$LOOPDEV2 bs=1 seek=8193 count=8 conv=notrunc 2>/dev/null fi TXT="hash_dev" ;;