From: Alexander Larsson Date: Tue, 16 May 2023 14:31:34 +0000 (+0200) Subject: fsverity: Support passing a signature when enabling fs-verity X-Git-Tag: archive/raspbian/2023.7-3+rpi1~1^2~9^2~1^2~29^2~11 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=9ba98cd8e98ae9501dc1c03ff69920b94f8cd429;p=ostree.git fsverity: Support passing a signature when enabling fs-verity The composefs code will need this. --- diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c index 5cda047c..0900205f 100644 --- a/src/libostree/ostree-repo-commit.c +++ b/src/libostree/ostree-repo-commit.c @@ -184,7 +184,7 @@ _ostree_repo_commit_tmpf_final (OstreeRepo *self, const char *checksum, OstreeOb if (!_ostree_repo_ensure_loose_objdir_at (dest_dfd, tmpbuf, cancellable, error)) return FALSE; - if (!_ostree_tmpf_fsverity (self, tmpf, error)) + if (!_ostree_tmpf_fsverity (self, tmpf, NULL, error)) return FALSE; if (!glnx_link_tmpfile_at (tmpf, GLNX_LINK_TMPFILE_NOREPLACE_IGNORE_EXIST, dest_dfd, tmpbuf, diff --git a/src/libostree/ostree-repo-private.h b/src/libostree/ostree-repo-private.h index 5395de40..98719f5a 100644 --- a/src/libostree/ostree-repo-private.h +++ b/src/libostree/ostree-repo-private.h @@ -390,9 +390,10 @@ gboolean _ostree_repo_maybe_regenerate_summary (OstreeRepo *self, GCancellable * gboolean _ostree_repo_parse_fsverity_config (OstreeRepo *self, GError **error); gboolean _ostree_tmpf_fsverity_core (GLnxTmpfile *tmpf, _OstreeFeatureSupport fsverity_requested, - gboolean *supported, GError **error); + GBytes *signature, gboolean *supported, GError **error); -gboolean _ostree_tmpf_fsverity (OstreeRepo *self, GLnxTmpfile *tmpf, GError **error); +gboolean _ostree_tmpf_fsverity (OstreeRepo *self, GLnxTmpfile *tmpf, GBytes *signature, + GError **error); gboolean _ostree_fsverity_sign (const char *certfile, const char *keyfile, const guchar *fsverity_digest, GBytes **data_out, GCancellable *cancellable, GError **error); diff --git a/src/libostree/ostree-repo-verity.c b/src/libostree/ostree-repo-verity.c index fcbdaccd..5b2a621a 100644 --- a/src/libostree/ostree-repo-verity.c +++ b/src/libostree/ostree-repo-verity.c @@ -82,7 +82,7 @@ _ostree_repo_parse_fsverity_config (OstreeRepo *self, GError **error) * */ gboolean _ostree_tmpf_fsverity_core (GLnxTmpfile *tmpf, _OstreeFeatureSupport fsverity_requested, - gboolean *supported, GError **error) + GBytes *signature, gboolean *supported, GError **error) { /* Set this by default to simplify the code below */ if (supported) @@ -106,8 +106,8 @@ _ostree_tmpf_fsverity_core (GLnxTmpfile *tmpf, _OstreeFeatureSupport fsverity_re arg.block_size = 4096; /* FIXME query */ arg.salt_size = 0; /* TODO store salt in ostree repo config */ arg.salt_ptr = 0; - arg.sig_size = 0; /* We don't currently expect use of in-kernel signature verification */ - arg.sig_ptr = 0; + arg.sig_size = signature ? g_bytes_get_size (signature) : 0; + arg.sig_ptr = signature ? (guint64)g_bytes_get_data (signature, NULL) : 0; if (ioctl (tmpf->fd, FS_IOC_ENABLE_VERITY, &arg) < 0) { @@ -133,7 +133,7 @@ _ostree_tmpf_fsverity_core (GLnxTmpfile *tmpf, _OstreeFeatureSupport fsverity_re * as well as to support "opportunistic" use (requested and if filesystem supports). * */ gboolean -_ostree_tmpf_fsverity (OstreeRepo *self, GLnxTmpfile *tmpf, GError **error) +_ostree_tmpf_fsverity (OstreeRepo *self, GLnxTmpfile *tmpf, GBytes *signature, GError **error) { #ifdef HAVE_LINUX_FSVERITY_H g_mutex_lock (&self->txn_lock); @@ -156,7 +156,7 @@ _ostree_tmpf_fsverity (OstreeRepo *self, GLnxTmpfile *tmpf, GError **error) } gboolean supported = FALSE; - if (!_ostree_tmpf_fsverity_core (tmpf, fsverity_wanted, &supported, error)) + if (!_ostree_tmpf_fsverity_core (tmpf, fsverity_wanted, signature, &supported, error)) return FALSE; if (!supported) diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c index 425abe8b..32bbd335 100644 --- a/src/libostree/ostree-sysroot-deploy.c +++ b/src/libostree/ostree-sysroot-deploy.c @@ -163,7 +163,7 @@ install_into_boot (OstreeRepo *repo, OstreeSePolicy *sepolicy, int src_dfd, cons _OstreeFeatureSupport boot_verity = _OSTREE_FEATURE_NO; if (repo->fs_verity_wanted != _OSTREE_FEATURE_NO) boot_verity = _OSTREE_FEATURE_MAYBE; - if (!_ostree_tmpf_fsverity_core (&tmp_dest, boot_verity, NULL, error)) + if (!_ostree_tmpf_fsverity_core (&tmp_dest, boot_verity, NULL, NULL, error)) return FALSE; if (!glnx_link_tmpfile_at (&tmp_dest, GLNX_LINK_TMPFILE_NOREPLACE, dest_dfd, dest_subpath, error))