Linux-FSCrypt Archive on lore.kernel.org
 help / color / Atom feed
From: Jes Sorensen <jes.sorensen@gmail.com>
To: linux-fscrypt@vger.kernel.org
Cc: kernel-team@fb.com, Jes Sorensen <jsorensen@fb.com>
Subject: [PATCH 3/7] Make fsverity_cmd_measure() a library function
Date: Mon, 10 Feb 2020 19:00:33 -0500
Message-ID: <20200211000037.189180-4-Jes.Sorensen@gmail.com> (raw)
In-Reply-To: <20200211000037.189180-1-Jes.Sorensen@gmail.com>

From: Jes Sorensen <jsorensen@fb.com>

This splits the cmdline option parsing into wrap_cmd_measure() and
fsverity_cmd_measure() is just the basic call to the ioctl.

Signed-off-by: Jes Sorensen <jsorensen@fb.com>
---
 cmd_measure.c | 49 +++++++++----------------------------------------
 commands.h    |  3 +--
 fsverity.c    | 50 +++++++++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 59 insertions(+), 43 deletions(-)

diff --git a/cmd_measure.c b/cmd_measure.c
index 574e3ca..fc3108d 100644
--- a/cmd_measure.c
+++ b/cmd_measure.c
@@ -13,50 +13,24 @@
 
 #include "commands.h"
 #include "fsverity_uapi.h"
-#include "hash_algs.h"
 
 /* Display the measurement of the given verity file(s). */
-int fsverity_cmd_measure(const struct fsverity_command *cmd,
-			 int argc, char *argv[])
+int fsverity_cmd_measure(char *filename, struct fsverity_digest *d)
 {
-	struct fsverity_digest *d = NULL;
 	struct filedes file;
-	char digest_hex[FS_VERITY_MAX_DIGEST_SIZE * 2 + 1];
-	const struct fsverity_hash_alg *hash_alg;
-	char _hash_alg_name[32];
-	const char *hash_alg_name;
 	int status;
-	int i;
 
-	if (argc < 2)
-		goto out_usage;
+	if (!open_file(&file, filename, O_RDONLY, 0))
+		goto out_err;
 
-	d = xzalloc(sizeof(*d) + FS_VERITY_MAX_DIGEST_SIZE);
-
-	for (i = 1; i < argc; i++) {
-		d->digest_size = FS_VERITY_MAX_DIGEST_SIZE;
-
-		if (!open_file(&file, argv[i], O_RDONLY, 0))
-			goto out_err;
-		if (ioctl(file.fd, FS_IOC_MEASURE_VERITY, d) != 0) {
-			error_msg_errno("FS_IOC_MEASURE_VERITY failed on '%s'",
-					file.name);
-			filedes_close(&file);
-			goto out_err;
-		}
+	if (ioctl(file.fd, FS_IOC_MEASURE_VERITY, d) != 0) {
+		error_msg_errno("FS_IOC_MEASURE_VERITY failed on '%s'",
+				file.name);
 		filedes_close(&file);
-
-		ASSERT(d->digest_size <= FS_VERITY_MAX_DIGEST_SIZE);
-		bin2hex(d->digest, d->digest_size, digest_hex);
-		hash_alg = find_hash_alg_by_num(d->digest_algorithm);
-		if (hash_alg) {
-			hash_alg_name = hash_alg->name;
-		} else {
-			sprintf(_hash_alg_name, "ALG_%u", d->digest_algorithm);
-			hash_alg_name = _hash_alg_name;
-		}
-		printf("%s:%s %s\n", hash_alg_name, digest_hex, argv[i]);
+		goto out_err;
 	}
+	filedes_close(&file);
+
 	status = 0;
 out:
 	free(d);
@@ -65,9 +39,4 @@ out:
 out_err:
 	status = 1;
 	goto out;
-
-out_usage:
-	usage(cmd, stderr);
-	status = 2;
-	goto out;
 }
diff --git a/commands.h b/commands.h
index c38fcea..3e07f3d 100644
--- a/commands.h
+++ b/commands.h
@@ -28,8 +28,7 @@ void usage(const struct fsverity_command *cmd, FILE *fp);
 
 int fsverity_cmd_enable(const struct fsverity_command *cmd,
 			int argc, char *argv[]);
-int fsverity_cmd_measure(const struct fsverity_command *cmd,
-			 int argc, char *argv[]);
+int fsverity_cmd_measure(char *filename, struct fsverity_digest *d);
 int fsverity_cmd_sign(char *filename, const struct fsverity_hash_alg *hash_alg,
 		      u32 block_size, u8 *salt, u32 salt_size,
 		      const char *keyfile, const char *certfile,
diff --git a/fsverity.c b/fsverity.c
index 6246031..49eca14 100644
--- a/fsverity.c
+++ b/fsverity.c
@@ -142,6 +142,54 @@ int wrap_cmd_sign(const struct fsverity_command *cmd, int argc, char *argv[])
 	goto out;
 }
 
+int wrap_cmd_measure(const struct fsverity_command *cmd,
+		     int argc, char *argv[])
+{
+	struct fsverity_digest *d = NULL;
+	char digest_hex[FS_VERITY_MAX_DIGEST_SIZE * 2 + 1];
+	const struct fsverity_hash_alg *hash_alg;
+	char _hash_alg_name[32];
+	const char *hash_alg_name;
+	int status;
+	int i;
+
+	if (argc < 2)
+		goto out_usage;
+
+	d = xzalloc(sizeof(*d) + FS_VERITY_MAX_DIGEST_SIZE);
+
+	for (i = 1; i < argc; i++) {
+		d->digest_size = FS_VERITY_MAX_DIGEST_SIZE;
+
+		status = fsverity_cmd_measure(argv[i], d);
+		if (status)
+			goto out_err;
+
+		ASSERT(d->digest_size <= FS_VERITY_MAX_DIGEST_SIZE);
+		bin2hex(d->digest, d->digest_size, digest_hex);
+		hash_alg = find_hash_alg_by_num(d->digest_algorithm);
+		if (hash_alg) {
+			hash_alg_name = hash_alg->name;
+		} else {
+			sprintf(_hash_alg_name, "ALG_%u", d->digest_algorithm);
+			hash_alg_name = _hash_alg_name;
+		}
+		printf("%s:%s %s\n", hash_alg_name, digest_hex, argv[i]);
+	}
+out:
+	free(d);
+	return status;
+
+out_err:
+	status = 1;
+	goto out;
+
+out_usage:
+	usage(cmd, stderr);
+	status = 2;
+	goto out;
+}
+
 static const struct fsverity_command {
 	const char *name;
 	int (*func)(const struct fsverity_command *cmd, int argc, char *argv[]);
@@ -158,7 +206,7 @@ static const struct fsverity_command {
 "               [--signature=SIGFILE]\n"
 	}, {
 		.name = "measure",
-		.func = fsverity_cmd_measure,
+		.func = wrap_cmd_measure,
 		.short_desc =
 "Display the measurement of the given verity file(s)",
 		.usage_str =
-- 
2.24.1


  parent reply index

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-11  0:00 [PATCH 0/7] Split fsverity-utils into a shared library Jes Sorensen
2020-02-11  0:00 ` [PATCH 1/7] Build basic " Jes Sorensen
2020-02-11  0:00 ` [PATCH 2/7] Restructure fsverity_cmd_sign for shared libraries Jes Sorensen
2020-02-11  0:00 ` Jes Sorensen [this message]
2020-02-11  0:00 ` [PATCH 4/7] Make fsverity_cmd_enable a library call() Jes Sorensen
2020-02-11  0:00 ` [PATCH 5/7] Rename commands.h to fsverity.h Jes Sorensen
2020-02-11  0:00 ` [PATCH 6/7] Move cmdline helper functions to fsverity.c Jes Sorensen
2020-02-11  0:00 ` [PATCH 7/7] cmd_sign: fsverity_cmd_sign() into two functions Jes Sorensen
2020-02-11 19:22 ` [PATCH 0/7] Split fsverity-utils into a shared library Eric Biggers
2020-02-11 22:09   ` Jes Sorensen
2020-02-11 23:14     ` Eric Biggers
2020-02-11 23:35       ` Jes Sorensen
2020-02-14 20:35         ` Eric Biggers
2020-02-19 23:49           ` Jes Sorensen

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200211000037.189180-4-Jes.Sorensen@gmail.com \
    --to=jes.sorensen@gmail.com \
    --cc=jsorensen@fb.com \
    --cc=kernel-team@fb.com \
    --cc=linux-fscrypt@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-FSCrypt Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-fscrypt/0 linux-fscrypt/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-fscrypt linux-fscrypt/ https://lore.kernel.org/linux-fscrypt \
		linux-fscrypt@vger.kernel.org
	public-inbox-index linux-fscrypt

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-fscrypt


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git