search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
[linux-stable.git] / fs / verity / fsverity_private.h
blobb3506f56e180b5005708b9abad30b31ac142a73c
1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3 * fs-verity: read-only file-based authenticity protection
4 *
5 * Copyright 2019 Google LLC
6 */
7
8 #ifndef _FSVERITY_PRIVATE_H
9 #define _FSVERITY_PRIVATE_H
10
11 #define pr_fmt(fmt) "fs-verity: " fmt
12
13 #include <linux/fsverity.h>
14
15 /*
16 * Implementation limit: maximum depth of the Merkle tree. For now 8 is plenty;
17 * it's enough for over U64_MAX bytes of data using SHA-256 and 4K blocks.
18 */
19 #define FS_VERITY_MAX_LEVELS 8
20
21 /* A hash algorithm supported by fs-verity */
22 struct fsverity_hash_alg {
23 struct crypto_shash *tfm; /* hash tfm, allocated on demand */
24 const char *name; /* crypto API name, e.g. sha256 */
25 unsigned int digest_size; /* digest size in bytes, e.g. 32 for SHA-256 */
26 unsigned int block_size; /* block size in bytes, e.g. 64 for SHA-256 */
27 /*
28 * The HASH_ALGO_* constant for this algorithm. This is different from
29 * FS_VERITY_HASH_ALG_*, which uses a different numbering scheme.
30 */
31 enum hash_algo algo_id;
32 };
33
34 /* Merkle tree parameters: hash algorithm, initial hash state, and topology */
35 struct merkle_tree_params {
36 const struct fsverity_hash_alg *hash_alg; /* the hash algorithm */
37 const u8 *hashstate; /* initial hash state or NULL */
38 unsigned int digest_size; /* same as hash_alg->digest_size */
39 unsigned int block_size; /* size of data and tree blocks */
40 unsigned int hashes_per_block; /* number of hashes per tree block */
41 unsigned int blocks_per_page; /* PAGE_SIZE / block_size */
42 u8 log_digestsize; /* log2(digest_size) */
43 u8 log_blocksize; /* log2(block_size) */
44 u8 log_arity; /* log2(hashes_per_block) */
45 u8 log_blocks_per_page; /* log2(blocks_per_page) */
46 unsigned int num_levels; /* number of levels in Merkle tree */
47 u64 tree_size; /* Merkle tree size in bytes */
48 unsigned long tree_pages; /* Merkle tree size in pages */
49
50 /*
51 * Starting block index for each tree level, ordered from leaf level (0)
52 * to root level ('num_levels - 1')
53 */
54 unsigned long level_start[FS_VERITY_MAX_LEVELS];
55 };
56
57 /*
58 * fsverity_info - cached verity metadata for an inode
59 *
60 * When a verity file is first opened, an instance of this struct is allocated
61 * and stored in ->i_verity_info; it remains until the inode is evicted. It
62 * caches information about the Merkle tree that's needed to efficiently verify
63 * data read from the file. It also caches the file digest. The Merkle tree
64 * pages themselves are not cached here, but the filesystem may cache them.
65 */
66 struct fsverity_info {
67 struct merkle_tree_params tree_params;
68 u8 root_hash[FS_VERITY_MAX_DIGEST_SIZE];
69 u8 file_digest[FS_VERITY_MAX_DIGEST_SIZE];
70 const struct inode *inode;
71 unsigned long *hash_block_verified;
72 };
73
74 #define FS_VERITY_MAX_SIGNATURE_SIZE (FS_VERITY_MAX_DESCRIPTOR_SIZE - \
75 sizeof(struct fsverity_descriptor))
76
77 /* hash_algs.c */
78
79 extern struct fsverity_hash_alg fsverity_hash_algs[];
80
81 const struct fsverity_hash_alg *fsverity_get_hash_alg(const struct inode *inode,
82 unsigned int num);
83 const u8 *fsverity_prepare_hash_state(const struct fsverity_hash_alg *alg,
84 const u8 *salt, size_t salt_size);
85 int fsverity_hash_block(const struct merkle_tree_params *params,
86 const struct inode *inode, const void *data, u8 *out);
87 int fsverity_hash_buffer(const struct fsverity_hash_alg *alg,
88 const void *data, size_t size, u8 *out);
89 void __init fsverity_check_hash_algs(void);
90
91 /* init.c */
92
93 void __printf(3, 4) __cold
94 fsverity_msg(const struct inode *inode, const char *level,
95 const char *fmt, ...);
96
97 #define fsverity_warn(inode, fmt, ...) \
98 fsverity_msg((inode), KERN_WARNING, fmt, ##__VA_ARGS__)
99 #define fsverity_err(inode, fmt, ...) \
100 fsverity_msg((inode), KERN_ERR, fmt, ##__VA_ARGS__)
101
102 /* measure.c */
103
104 #ifdef CONFIG_BPF_SYSCALL
105 void __init fsverity_init_bpf(void);
106 #else
107 static inline void fsverity_init_bpf(void)
108 {
109 }
110 #endif
111
112 /* open.c */
113
114 int fsverity_init_merkle_tree_params(struct merkle_tree_params *params,
115 const struct inode *inode,
116 unsigned int hash_algorithm,
117 unsigned int log_blocksize,
118 const u8 *salt, size_t salt_size);
119
120 struct fsverity_info *fsverity_create_info(const struct inode *inode,
121 struct fsverity_descriptor *desc);
122
123 void fsverity_set_info(struct inode *inode, struct fsverity_info *vi);
124
125 void fsverity_free_info(struct fsverity_info *vi);
126
127 int fsverity_get_descriptor(struct inode *inode,
128 struct fsverity_descriptor **desc_ret);
129
130 void __init fsverity_init_info_cache(void);
131
132 /* signature.c */
133
134 #ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
135 extern int fsverity_require_signatures;
136 int fsverity_verify_signature(const struct fsverity_info *vi,
137 const u8 *signature, size_t sig_size);
138
139 void __init fsverity_init_signature(void);
140 #else /* !CONFIG_FS_VERITY_BUILTIN_SIGNATURES */
141 static inline int
142 fsverity_verify_signature(const struct fsverity_info *vi,
143 const u8 *signature, size_t sig_size)
144 {
145 return 0;
146 }
147
148 static inline void fsverity_init_signature(void)
149 {
150 }
151 #endif /* !CONFIG_FS_VERITY_BUILTIN_SIGNATURES */
152
153 /* verify.c */
154
155 void __init fsverity_init_workqueue(void);
156
157 #endif /* _FSVERITY_PRIVATE_H */
Linux kernel stable tree