Hi

Try to set up dm-verity with block size 512 bytes.

I don't know what block size does squashfs use, but if the filesystem 
block size is smaller than dm-verity block size, it doesn't work.

Mikulas



On Tue, 20 Jul 2021, Pintu Agarwal wrote:

> Hi,
> 
> Our ARM32 Linux embedded system consists of these:
> * Linux Kernel: 4.14
> * Processor: Qualcomm Arm32 Cortex-A7
> * Storage: NAND 512MB
> * Platform: Simple busybox
> * Filesystem: UBIFS, Squashfs
> * Consists of nand raw partitions, squashfs ubi volumes.
> 
> My requirement:
> We wanted to use dm-verity at boot time to check the integrity of
> squashfs-rootfs before mounting.
> 
> Problem:
> dm-0 is not able to locate and mount the squash fs rootfs block.
> The same approach is working when emulating with ext4 but fails with squashfs.
> 
> Logs:
> [....]
> [    0.000000] Kernel command line: [...] verity="96160 12020
> d7b8a7d0c01b9aec888930841313a81603a50a2a7be44631c4c813197a50d681 0 "
> rootfstype=squashfs root=/dev/mtdblock34 ubi.mtd=30,0,30 [...]
> root=/dev/dm-0 dm="system none ro,0 96160 verity 1 /dev/mtdblock34
> /dev/mtdblock39 4096 4096 12020 8 sha256
> d7b8a7d0c01b9aec888930841313a81603a50a2a7be44631c4c813197a50d681
> aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7"
> [....]
> [    4.693620] vreg_conn_pa: disa▒[    4.700662] md: Skipping
> autodetection of RAID arrays. (raid=autodetect will force)
> [    4.700713] device-mapper: init: attempting early device configuration.
> [    4.708224] device-mapper: init: adding target '0 96160 verity 1
> /dev/mtdblock34 /dev/mtdblock39 4096 4096 12020 8 sha256
> d7b8a7d0c01b9aec888930841313a81603a50a2a7be44631c4c813197a50d681
> aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7'
> [    4.714979] device-mapper: verity: sha256 using implementation
> "sha256-generic"
> [    4.737808] device-mapper: init: dm-0 is ready
> [....]
> [    5.278103] No filesystem could mount root, tried:
> [    5.278107]  squashfs
> [    5.280477]
> [    5.287627] Kernel panic - not syncing: VFS: Unable to mount root
> fs on unknown-block(253,0)
> [...]
> 
> Not sure, why is it still locating block "253" here which seems like a
> MAJOR number ?
> 
> Working logs on ext4:
> [....]
> [    4.529822] v▒[    4.534035] md: Skipping autodetection of RAID
> arrays. (raid=autodetect will force)
> [    4.534087] device-mapper: init: attempting early device configuration.
> [    4.550316] device-mapper: init: adding target '0 384440 verity 1
> /dev/ubiblock0_0 /dev/ubiblock0_0 4096 4096 48055 48063 sha256
> a02e0c13afb31e99b999c64aae6f4644c24addbc58db5689902cc5ba0be2d15b
> aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7 10
> restart_on_corruption ignore_zero_blocks use_fec_from_device
> /dev/ubiblock0_0 fec_roots 2 fec_blocks 48443 fec_start 48443'
> [    4.572215] device-mapper: verity: sha256 using implementation
> "sha256-generic"
> [    4.610692] device-mapper: init: dm-0 is ready
> [    4.720174] EXT4-fs (dm-0): mounted filesystem with ordered data
> mode. Opts: (null)
> [    4.720438] VFS: Mounted root (ext4 filesystem) readonly on device 253:0.
> [    4.737256] devtmpfs: mounted
> [....]
> 
> Questions:
> a) Is dm-verity supposed to work on squashfs block devices ?
> b) Are there any known issues with dm-verity on Kernel 4.14 ?
> c) Are there any patches that we are missing ?
> 
> 
> Thanks,
> Pintu
>