From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: Victor Hsieh <victorhsieh@google.com>
Subject: [fsverity-utils PATCH 0/4] Add option to write Merkle tree to a file
Date: Thu, 3 Jun 2021 12:58:08 -0700 [thread overview]
Message-ID: <20210603195812.50838-1-ebiggers@kernel.org> (raw)
Make 'fsverity digest' and 'fsverity sign' support writing the Merkle
tree and fs-verity descriptor to files, using new options
'--out-merkle-tree=FILE' and '--out-descriptor=FILE'.
Normally these new options aren't useful, but they can be needed in
cases where the fs-verity metadata needs to be consumed by something
other than one of the native Linux kernel implementations of fs-verity.
This is different from 'fsverity dump_metadata' in that
'fsverity dump_metadata' only works on a file with fs-verity enabled,
whereas these new options are for the userspace file digest computation.
Supporting this required adding some optional callbacks to
libfsverity_compute_digest().
Eric Biggers (4):
lib/compute_digest: add callbacks for getting the verity metadata
programs/test_compute_digest: test the metadata callbacks
programs/utils: add full_pwrite() and preallocate_file()
programs/fsverity: add --out-merkle-tree and --out-descriptor options
include/libfsverity.h | 46 +++++++++++-
lib/compute_digest.c | 130 +++++++++++++++++++++++++++-----
programs/cmd_digest.c | 7 +-
programs/cmd_sign.c | 17 +++--
programs/fsverity.c | 88 +++++++++++++++++++++-
programs/fsverity.h | 4 +-
programs/test_compute_digest.c | 133 +++++++++++++++++++++++++++++++++
programs/utils.c | 59 +++++++++++++++
programs/utils.h | 3 +
9 files changed, 458 insertions(+), 29 deletions(-)
base-commit: cf8fa5e5a7ac5b3b2dbfcc87e5dbd5f984c2d83a
--
2.31.1
next reply other threads:[~2021-06-03 20:00 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-03 19:58 Eric Biggers [this message]
2021-06-03 19:58 ` [fsverity-utils PATCH 1/4] lib/compute_digest: add callbacks for getting the verity metadata Eric Biggers
2021-06-03 19:58 ` [fsverity-utils PATCH 2/4] programs/test_compute_digest: test the metadata callbacks Eric Biggers
2021-06-03 19:58 ` [fsverity-utils PATCH 3/4] programs/utils: add full_pwrite() and preallocate_file() Eric Biggers
2021-06-04 0:33 ` Victor Hsieh
2021-06-04 0:57 ` Eric Biggers
2021-06-04 15:24 ` Victor Hsieh
2021-06-04 16:55 ` Eric Biggers
2021-06-03 19:58 ` [fsverity-utils PATCH 4/4] programs/fsverity: add --out-merkle-tree and --out-descriptor options Eric Biggers
2021-06-04 15:25 ` [fsverity-utils PATCH 0/4] Add option to write Merkle tree to a file Victor Hsieh
2021-06-09 6:48 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210603195812.50838-1-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=victorhsieh@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.