From: Jes Sorensen <jes.sorensen@gmail.com>
To: linux-fscrypt@vger.kernel.org
Cc: kernel-team@fb.com, Jes Sorensen <jsorensen@fb.com>
Subject: [PATCH 3/7] Make fsverity_cmd_measure() a library function
Date: Mon, 10 Feb 2020 19:00:33 -0500 [thread overview]
Message-ID: <20200211000037.189180-4-Jes.Sorensen@gmail.com> (raw)
In-Reply-To: <20200211000037.189180-1-Jes.Sorensen@gmail.com>
From: Jes Sorensen <jsorensen@fb.com>
This splits the cmdline option parsing into wrap_cmd_measure() and
fsverity_cmd_measure() is just the basic call to the ioctl.
Signed-off-by: Jes Sorensen <jsorensen@fb.com>
---
cmd_measure.c | 49 +++++++++----------------------------------------
commands.h | 3 +--
fsverity.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 59 insertions(+), 43 deletions(-)
diff --git a/cmd_measure.c b/cmd_measure.c
index 574e3ca..fc3108d 100644
--- a/cmd_measure.c
+++ b/cmd_measure.c
@@ -13,50 +13,24 @@
#include "commands.h"
#include "fsverity_uapi.h"
-#include "hash_algs.h"
/* Display the measurement of the given verity file(s). */
-int fsverity_cmd_measure(const struct fsverity_command *cmd,
- int argc, char *argv[])
+int fsverity_cmd_measure(char *filename, struct fsverity_digest *d)
{
- struct fsverity_digest *d = NULL;
struct filedes file;
- char digest_hex[FS_VERITY_MAX_DIGEST_SIZE * 2 + 1];
- const struct fsverity_hash_alg *hash_alg;
- char _hash_alg_name[32];
- const char *hash_alg_name;
int status;
- int i;
- if (argc < 2)
- goto out_usage;
+ if (!open_file(&file, filename, O_RDONLY, 0))
+ goto out_err;
- d = xzalloc(sizeof(*d) + FS_VERITY_MAX_DIGEST_SIZE);
-
- for (i = 1; i < argc; i++) {
- d->digest_size = FS_VERITY_MAX_DIGEST_SIZE;
-
- if (!open_file(&file, argv[i], O_RDONLY, 0))
- goto out_err;
- if (ioctl(file.fd, FS_IOC_MEASURE_VERITY, d) != 0) {
- error_msg_errno("FS_IOC_MEASURE_VERITY failed on '%s'",
- file.name);
- filedes_close(&file);
- goto out_err;
- }
+ if (ioctl(file.fd, FS_IOC_MEASURE_VERITY, d) != 0) {
+ error_msg_errno("FS_IOC_MEASURE_VERITY failed on '%s'",
+ file.name);
filedes_close(&file);
-
- ASSERT(d->digest_size <= FS_VERITY_MAX_DIGEST_SIZE);
- bin2hex(d->digest, d->digest_size, digest_hex);
- hash_alg = find_hash_alg_by_num(d->digest_algorithm);
- if (hash_alg) {
- hash_alg_name = hash_alg->name;
- } else {
- sprintf(_hash_alg_name, "ALG_%u", d->digest_algorithm);
- hash_alg_name = _hash_alg_name;
- }
- printf("%s:%s %s\n", hash_alg_name, digest_hex, argv[i]);
+ goto out_err;
}
+ filedes_close(&file);
+
status = 0;
out:
free(d);
@@ -65,9 +39,4 @@ out:
out_err:
status = 1;
goto out;
-
-out_usage:
- usage(cmd, stderr);
- status = 2;
- goto out;
}
diff --git a/commands.h b/commands.h
index c38fcea..3e07f3d 100644
--- a/commands.h
+++ b/commands.h
@@ -28,8 +28,7 @@ void usage(const struct fsverity_command *cmd, FILE *fp);
int fsverity_cmd_enable(const struct fsverity_command *cmd,
int argc, char *argv[]);
-int fsverity_cmd_measure(const struct fsverity_command *cmd,
- int argc, char *argv[]);
+int fsverity_cmd_measure(char *filename, struct fsverity_digest *d);
int fsverity_cmd_sign(char *filename, const struct fsverity_hash_alg *hash_alg,
u32 block_size, u8 *salt, u32 salt_size,
const char *keyfile, const char *certfile,
diff --git a/fsverity.c b/fsverity.c
index 6246031..49eca14 100644
--- a/fsverity.c
+++ b/fsverity.c
@@ -142,6 +142,54 @@ int wrap_cmd_sign(const struct fsverity_command *cmd, int argc, char *argv[])
goto out;
}
+int wrap_cmd_measure(const struct fsverity_command *cmd,
+ int argc, char *argv[])
+{
+ struct fsverity_digest *d = NULL;
+ char digest_hex[FS_VERITY_MAX_DIGEST_SIZE * 2 + 1];
+ const struct fsverity_hash_alg *hash_alg;
+ char _hash_alg_name[32];
+ const char *hash_alg_name;
+ int status;
+ int i;
+
+ if (argc < 2)
+ goto out_usage;
+
+ d = xzalloc(sizeof(*d) + FS_VERITY_MAX_DIGEST_SIZE);
+
+ for (i = 1; i < argc; i++) {
+ d->digest_size = FS_VERITY_MAX_DIGEST_SIZE;
+
+ status = fsverity_cmd_measure(argv[i], d);
+ if (status)
+ goto out_err;
+
+ ASSERT(d->digest_size <= FS_VERITY_MAX_DIGEST_SIZE);
+ bin2hex(d->digest, d->digest_size, digest_hex);
+ hash_alg = find_hash_alg_by_num(d->digest_algorithm);
+ if (hash_alg) {
+ hash_alg_name = hash_alg->name;
+ } else {
+ sprintf(_hash_alg_name, "ALG_%u", d->digest_algorithm);
+ hash_alg_name = _hash_alg_name;
+ }
+ printf("%s:%s %s\n", hash_alg_name, digest_hex, argv[i]);
+ }
+out:
+ free(d);
+ return status;
+
+out_err:
+ status = 1;
+ goto out;
+
+out_usage:
+ usage(cmd, stderr);
+ status = 2;
+ goto out;
+}
+
static const struct fsverity_command {
const char *name;
int (*func)(const struct fsverity_command *cmd, int argc, char *argv[]);
@@ -158,7 +206,7 @@ static const struct fsverity_command {
" [--signature=SIGFILE]\n"
}, {
.name = "measure",
- .func = fsverity_cmd_measure,
+ .func = wrap_cmd_measure,
.short_desc =
"Display the measurement of the given verity file(s)",
.usage_str =
--
2.24.1
next prev parent reply other threads:[~2020-02-11 0:01 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-11 0:00 [PATCH 0/7] Split fsverity-utils into a shared library Jes Sorensen
2020-02-11 0:00 ` [PATCH 1/7] Build basic " Jes Sorensen
2020-02-11 0:00 ` [PATCH 2/7] Restructure fsverity_cmd_sign for shared libraries Jes Sorensen
2020-02-11 0:00 ` Jes Sorensen [this message]
2020-02-11 0:00 ` [PATCH 4/7] Make fsverity_cmd_enable a library call() Jes Sorensen
2020-02-11 0:00 ` [PATCH 5/7] Rename commands.h to fsverity.h Jes Sorensen
2020-02-11 0:00 ` [PATCH 6/7] Move cmdline helper functions to fsverity.c Jes Sorensen
2020-02-11 0:00 ` [PATCH 7/7] cmd_sign: fsverity_cmd_sign() into two functions Jes Sorensen
2020-02-11 19:22 ` [PATCH 0/7] Split fsverity-utils into a shared library Eric Biggers
2020-02-11 22:09 ` Jes Sorensen
2020-02-11 23:14 ` Eric Biggers
2020-02-11 23:35 ` Jes Sorensen
2020-02-14 20:35 ` Eric Biggers
2020-02-19 23:49 ` Jes Sorensen
2020-07-30 17:52 ` Eric Biggers
2020-07-31 17:40 ` Jes Sorensen
2020-07-31 17:47 ` Chris Mason
2020-07-31 19:14 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200211000037.189180-4-Jes.Sorensen@gmail.com \
--to=jes.sorensen@gmail.com \
--cc=jsorensen@fb.com \
--cc=kernel-team@fb.com \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).