Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fsverity: Remove inode parameter from fsverity_hash_block() 

Due to the conversion from crypto_shash to the library API,
fsverity_hash_block() can no longer fail.  Therefore, the inode
parameter, which was used only to print an error message in the case of
a failure, is no longer necessary.  Remove it.

Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lore.kernel.org/r/20250915160819.140019-6-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
This commit is contained in:
Eric Biggers 2025-09-15 11:08:18 -05:00
parent 6733968be7
commit 4bd70b53bd
4 changed files with 9 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
fs/verity/enable.c
View File

@ -19,8 +19,7 @@ struct block_buffer {
}; };
/* Hash a block, writing the result to the next level's pending block buffer. */ /* Hash a block, writing the result to the next level's pending block buffer. */
static int hash_one_block(struct inode *inode, static int hash_one_block(const struct merkle_tree_params *params,
const struct merkle_tree_params *params,
struct block_buffer *cur) struct block_buffer *cur)
{ {
struct block_buffer *next = cur + 1; struct block_buffer *next = cur + 1;
@ -36,8 +35,7 @@ static int hash_one_block(struct inode *inode,
/* Zero-pad the block if it's shorter than the block size. */ /* Zero-pad the block if it's shorter than the block size. */
memset(&cur->data[cur->filled], 0, params->block_size - cur->filled); memset(&cur->data[cur->filled], 0, params->block_size - cur->filled);
fsverity_hash_block(params, inode, cur->data, fsverity_hash_block(params, cur->data, &next->data[next->filled]);
&next->data[next->filled]);
next->filled += params->digest_size; next->filled += params->digest_size;
cur->filled = 0; cur->filled = 0;
return 0; return 0;
@ -123,7 +121,7 @@ static int build_merkle_tree(struct file *filp,
fsverity_err(inode, "Short read of file data"); fsverity_err(inode, "Short read of file data");
goto out; goto out;
} }
err = hash_one_block(inode, params, &buffers[-1]); err = hash_one_block(params, &buffers[-1]);
if (err) if (err)
goto out; goto out;
for (level = 0; level < num_levels; level++) { for (level = 0; level < num_levels; level++) {
@ -134,7 +132,7 @@ static int build_merkle_tree(struct file *filp,
} }
/* Next block at @level is full */ /* Next block at @level is full */
err = hash_one_block(inode, params, &buffers[level]); err = hash_one_block(params, &buffers[level]);
if (err) if (err)
goto out; goto out;
err = write_merkle_tree_block(inode, err = write_merkle_tree_block(inode,
@ -154,7 +152,7 @@ static int build_merkle_tree(struct file *filp,
/* Finish all nonempty pending tree blocks. */ /* Finish all nonempty pending tree blocks. */
for (level = 0; level < num_levels; level++) { for (level = 0; level < num_levels; level++) {
if (buffers[level].filled != 0) { if (buffers[level].filled != 0) {
err = hash_one_block(inode, params, &buffers[level]); err = hash_one_block(params, &buffers[level]);
if (err) if (err)
goto out; goto out;
err = write_merkle_tree_block(inode, err = write_merkle_tree_block(inode,

2
fs/verity/fsverity_private.h
View File

@ -90,7 +90,7 @@ union fsverity_hash_ctx *
fsverity_prepare_hash_state(const struct fsverity_hash_alg *alg, fsverity_prepare_hash_state(const struct fsverity_hash_alg *alg,
const u8 *salt, size_t salt_size); const u8 *salt, size_t salt_size);
void fsverity_hash_block(const struct merkle_tree_params *params, void fsverity_hash_block(const struct merkle_tree_params *params,
const struct inode *inode, const void *data, u8 *out); const void *data, u8 *out);
void fsverity_hash_buffer(const struct fsverity_hash_alg *alg, void fsverity_hash_buffer(const struct fsverity_hash_alg *alg,
const void *data, size_t size, u8 *out); const void *data, size_t size, u8 *out);
void __init fsverity_check_hash_algs(void); void __init fsverity_check_hash_algs(void);

3
fs/verity/hash_algs.c
View File

@ -94,7 +94,6 @@ fsverity_prepare_hash_state(const struct fsverity_hash_alg *alg,
/** /**
* fsverity_hash_block() - hash a single data or hash block * fsverity_hash_block() - hash a single data or hash block
* @params: the Merkle tree's parameters * @params: the Merkle tree's parameters
* @inode: inode for which the hashing is being done
* @data: virtual address of a buffer containing the block to hash * @data: virtual address of a buffer containing the block to hash
* @out: output digest, size 'params->digest_size' bytes * @out: output digest, size 'params->digest_size' bytes
* *
@ -102,7 +101,7 @@ fsverity_prepare_hash_state(const struct fsverity_hash_alg *alg,
* in the Merkle tree parameters. * in the Merkle tree parameters.
*/ */
void fsverity_hash_block(const struct merkle_tree_params *params, void fsverity_hash_block(const struct merkle_tree_params *params,
const struct inode *inode, const void *data, u8 *out) const void *data, u8 *out)
{ {
union fsverity_hash_ctx ctx; union fsverity_hash_ctx ctx;

4
fs/verity/verify.c
View File

@ -202,7 +202,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
unsigned long hblock_idx = hblocks[level - 1].index; unsigned long hblock_idx = hblocks[level - 1].index;
unsigned int hoffset = hblocks[level - 1].hoffset; unsigned int hoffset = hblocks[level - 1].hoffset;
fsverity_hash_block(params, inode, haddr, real_hash); fsverity_hash_block(params, haddr, real_hash);
if (memcmp(want_hash, real_hash, hsize) != 0) if (memcmp(want_hash, real_hash, hsize) != 0)
goto corrupted; goto corrupted;
/* /*
@ -221,7 +221,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
} }
/* Finally, verify the data block. */ /* Finally, verify the data block. */
fsverity_hash_block(params, inode, data, real_hash); fsverity_hash_block(params, data, real_hash);
if (memcmp(want_hash, real_hash, hsize) != 0) if (memcmp(want_hash, real_hash, hsize) != 0)
goto corrupted; goto corrupted;
return true; return true;