[PATCH v5 12/16] fs-verity: add SHA-512 support

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: linux-ext4@vger.kernel.org,
	linux-f2fs-devel@lists.sourceforge.net,
	linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org,
	linux-integrity@vger.kernel.org, Jaegeuk Kim <jaegeuk@kernel.org>,
	"Theodore Y . Ts'o" <tytso@mit.edu>,
	Victor Hsieh <victorhsieh@google.com>,
	Chandan Rajendra <chandan@linux.vnet.ibm.com>,
	Dave Chinner <david@fromorbit.com>,
	Christoph Hellwig <hch@lst.de>,
	"Darrick J . Wong" <darrick.wong@oracle.com>,
	Linus Torvalds <torvalds@linux-foundation.org>
Subject: [PATCH v5 12/16] fs-verity: add SHA-512 support
Date: Thu, 20 Jun 2019 13:50:39 -0700	[thread overview]
Message-ID: <20190620205043.64350-13-ebiggers@kernel.org> (raw)
In-Reply-To: <20190620205043.64350-1-ebiggers@kernel.org>

From: Eric Biggers <ebiggers@google.com>

Add SHA-512 support to fs-verity.  This is primarily a demonstration of
the trivial changes needed to support a new hash algorithm in fs-verity;
most users will still use SHA-256, due to the smaller space required to
store the hashes.  But some users may prefer SHA-512.

Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 fs/verity/fsverity_private.h  | 2 +-
 fs/verity/hash_algs.c         | 5 +++++
 include/uapi/linux/fsverity.h | 1 +
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/fs/verity/fsverity_private.h b/fs/verity/fsverity_private.h
index eaa2b3b93bbf6b..02a547f0667c13 100644
--- a/fs/verity/fsverity_private.h
+++ b/fs/verity/fsverity_private.h
@@ -29,7 +29,7 @@ struct ahash_request;
  * Largest digest size among all hash algorithms supported by fs-verity.
  * Currently assumed to be <= size of fsverity_descriptor::root_hash.
  */
-#define FS_VERITY_MAX_DIGEST_SIZE	SHA256_DIGEST_SIZE
+#define FS_VERITY_MAX_DIGEST_SIZE	SHA512_DIGEST_SIZE
 
 /* A hash algorithm supported by fs-verity */
 struct fsverity_hash_alg {
diff --git a/fs/verity/hash_algs.c b/fs/verity/hash_algs.c
index 46df17094fc252..e0462a010cabfb 100644
--- a/fs/verity/hash_algs.c
+++ b/fs/verity/hash_algs.c
@@ -17,6 +17,11 @@ struct fsverity_hash_alg fsverity_hash_algs[] = {
 		.digest_size = SHA256_DIGEST_SIZE,
 		.block_size = SHA256_BLOCK_SIZE,
 	},
+	[FS_VERITY_HASH_ALG_SHA512] = {
+		.name = "sha512",
+		.digest_size = SHA512_DIGEST_SIZE,
+		.block_size = SHA512_BLOCK_SIZE,
+	},
 };
 
 /**
diff --git a/include/uapi/linux/fsverity.h b/include/uapi/linux/fsverity.h
index 57d1d7fc0c345a..da0daf6c193b4b 100644
--- a/include/uapi/linux/fsverity.h
+++ b/include/uapi/linux/fsverity.h
@@ -14,6 +14,7 @@
 #include <linux/types.h>
 
 #define FS_VERITY_HASH_ALG_SHA256	1
+#define FS_VERITY_HASH_ALG_SHA512	2
 
 struct fsverity_enable_arg {
 	__u32 version;
-- 
2.22.0.410.gd8fdbe21b5-goog

WARNING: multiple messages have this Message-ID (diff)

From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: "Theodore Y . Ts'o" <tytso@mit.edu>,
	"Darrick J . Wong" <darrick.wong@oracle.com>,
	linux-api@vger.kernel.org, Dave Chinner <david@fromorbit.com>,
	linux-f2fs-devel@lists.sourceforge.net,
	linux-fsdevel@vger.kernel.org, Jaegeuk Kim <jaegeuk@kernel.org>,
	linux-integrity@vger.kernel.org, linux-ext4@vger.kernel.org,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Christoph Hellwig <hch@lst.de>,
	Victor Hsieh <victorhsieh@google.com>
Subject: [PATCH v5 12/16] fs-verity: add SHA-512 support
Date: Thu, 20 Jun 2019 13:50:39 -0700	[thread overview]
Message-ID: <20190620205043.64350-13-ebiggers@kernel.org> (raw)
In-Reply-To: <20190620205043.64350-1-ebiggers@kernel.org>

From: Eric Biggers <ebiggers@google.com>

Add SHA-512 support to fs-verity.  This is primarily a demonstration of
the trivial changes needed to support a new hash algorithm in fs-verity;
most users will still use SHA-256, due to the smaller space required to
store the hashes.  But some users may prefer SHA-512.

Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 fs/verity/fsverity_private.h  | 2 +-
 fs/verity/hash_algs.c         | 5 +++++
 include/uapi/linux/fsverity.h | 1 +
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/fs/verity/fsverity_private.h b/fs/verity/fsverity_private.h
index eaa2b3b93bbf6b..02a547f0667c13 100644
--- a/fs/verity/fsverity_private.h
+++ b/fs/verity/fsverity_private.h
@@ -29,7 +29,7 @@ struct ahash_request;
  * Largest digest size among all hash algorithms supported by fs-verity.
  * Currently assumed to be <= size of fsverity_descriptor::root_hash.
  */
-#define FS_VERITY_MAX_DIGEST_SIZE	SHA256_DIGEST_SIZE
+#define FS_VERITY_MAX_DIGEST_SIZE	SHA512_DIGEST_SIZE
 
 /* A hash algorithm supported by fs-verity */
 struct fsverity_hash_alg {
diff --git a/fs/verity/hash_algs.c b/fs/verity/hash_algs.c
index 46df17094fc252..e0462a010cabfb 100644
--- a/fs/verity/hash_algs.c
+++ b/fs/verity/hash_algs.c
@@ -17,6 +17,11 @@ struct fsverity_hash_alg fsverity_hash_algs[] = {
 		.digest_size = SHA256_DIGEST_SIZE,
 		.block_size = SHA256_BLOCK_SIZE,
 	},
+	[FS_VERITY_HASH_ALG_SHA512] = {
+		.name = "sha512",
+		.digest_size = SHA512_DIGEST_SIZE,
+		.block_size = SHA512_BLOCK_SIZE,
+	},
 };
 
 /**
diff --git a/include/uapi/linux/fsverity.h b/include/uapi/linux/fsverity.h
index 57d1d7fc0c345a..da0daf6c193b4b 100644
--- a/include/uapi/linux/fsverity.h
+++ b/include/uapi/linux/fsverity.h
@@ -14,6 +14,7 @@
 #include <linux/types.h>
 
 #define FS_VERITY_HASH_ALG_SHA256	1
+#define FS_VERITY_HASH_ALG_SHA512	2
 
 struct fsverity_enable_arg {
 	__u32 version;
-- 
2.22.0.410.gd8fdbe21b5-goog

WARNING: multiple messages have this Message-ID (diff)

From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: "Theodore Y . Ts'o" <tytso@mit.edu>,
	"Darrick J . Wong" <darrick.wong@oracle.com>,
	linux-api@vger.kernel.org, Dave Chinner <david@fromorbit.com>,
	linux-f2fs-devel@lists.sourceforge.net,
	linux-fsdevel@vger.kernel.org, Jaegeuk Kim <jaegeuk@kernel.org>,
	linux-integrity@vger.kernel.org, linux-ext4@vger.kernel.org,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Christoph Hellwig <hch@lst.de>,
	Victor Hsieh <victorhsieh@google.com>
Subject: [f2fs-dev] [PATCH v5 12/16] fs-verity: add SHA-512 support
Date: Thu, 20 Jun 2019 13:50:39 -0700	[thread overview]
Message-ID: <20190620205043.64350-13-ebiggers@kernel.org> (raw)
In-Reply-To: <20190620205043.64350-1-ebiggers@kernel.org>

From: Eric Biggers <ebiggers@google.com>

Add SHA-512 support to fs-verity.  This is primarily a demonstration of
the trivial changes needed to support a new hash algorithm in fs-verity;
most users will still use SHA-256, due to the smaller space required to
store the hashes.  But some users may prefer SHA-512.

Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 fs/verity/fsverity_private.h  | 2 +-
 fs/verity/hash_algs.c         | 5 +++++
 include/uapi/linux/fsverity.h | 1 +
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/fs/verity/fsverity_private.h b/fs/verity/fsverity_private.h
index eaa2b3b93bbf6b..02a547f0667c13 100644
--- a/fs/verity/fsverity_private.h
+++ b/fs/verity/fsverity_private.h
@@ -29,7 +29,7 @@ struct ahash_request;
  * Largest digest size among all hash algorithms supported by fs-verity.
  * Currently assumed to be <= size of fsverity_descriptor::root_hash.
  */
-#define FS_VERITY_MAX_DIGEST_SIZE	SHA256_DIGEST_SIZE
+#define FS_VERITY_MAX_DIGEST_SIZE	SHA512_DIGEST_SIZE
 
 /* A hash algorithm supported by fs-verity */
 struct fsverity_hash_alg {
diff --git a/fs/verity/hash_algs.c b/fs/verity/hash_algs.c
index 46df17094fc252..e0462a010cabfb 100644
--- a/fs/verity/hash_algs.c
+++ b/fs/verity/hash_algs.c
@@ -17,6 +17,11 @@ struct fsverity_hash_alg fsverity_hash_algs[] = {
 		.digest_size = SHA256_DIGEST_SIZE,
 		.block_size = SHA256_BLOCK_SIZE,
 	},
+	[FS_VERITY_HASH_ALG_SHA512] = {
+		.name = "sha512",
+		.digest_size = SHA512_DIGEST_SIZE,
+		.block_size = SHA512_BLOCK_SIZE,
+	},
 };
 
 /**
diff --git a/include/uapi/linux/fsverity.h b/include/uapi/linux/fsverity.h
index 57d1d7fc0c345a..da0daf6c193b4b 100644
--- a/include/uapi/linux/fsverity.h
+++ b/include/uapi/linux/fsverity.h
@@ -14,6 +14,7 @@
 #include <linux/types.h>
 
 #define FS_VERITY_HASH_ALG_SHA256	1
+#define FS_VERITY_HASH_ALG_SHA512	2
 
 struct fsverity_enable_arg {
 	__u32 version;
-- 
2.22.0.410.gd8fdbe21b5-goog



_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

next prev parent reply	other threads:[~2019-06-20 20:50 UTC|newest]

Thread overview: 110+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-06-20 20:50 [PATCH v5 00/16] fs-verity: read-only file-based authenticity protection Eric Biggers
2019-06-20 20:50 ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50 ` Eric Biggers
2019-06-20 20:50 ` [f2fs-dev] [PATCH v5 01/16] fs-verity: add a documentation file Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:10   ` Jaegeuk Kim
2019-06-22 22:10     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:10     ` Jaegeuk Kim
2019-06-20 20:50 ` [f2fs-dev] [PATCH v5 02/16] fs-verity: add MAINTAINERS file entry Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:11   ` Jaegeuk Kim
2019-06-22 22:11     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:11     ` Jaegeuk Kim
2019-06-20 20:50 ` [f2fs-dev] [PATCH v5 03/16] fs-verity: add UAPI header Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:11   ` Jaegeuk Kim
2019-06-22 22:11     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:11     ` Jaegeuk Kim
2019-06-20 20:50 ` [PATCH v5 04/16] fs: uapi: define verity bit for FS_IOC_GETFLAGS Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:11   ` Jaegeuk Kim
2019-06-22 22:11     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:11     ` Jaegeuk Kim
2019-06-20 20:50 ` [f2fs-dev] [PATCH v5 05/16] fs-verity: add Kconfig and the helper functions for hashing Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:17   ` Jaegeuk Kim
2019-06-22 22:17     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:17     ` Jaegeuk Kim
2019-06-20 20:50 ` [PATCH v5 06/16] fs-verity: add inode and superblock fields Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:18   ` Jaegeuk Kim
2019-06-22 22:18     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:18     ` Jaegeuk Kim
2019-06-20 20:50 ` [PATCH v5 07/16] fs-verity: add the hook for file ->open() Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:28   ` Jaegeuk Kim
2019-06-22 22:28     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:28     ` Jaegeuk Kim
2019-06-20 20:50 ` [PATCH v5 08/16] fs-verity: add the hook for file ->setattr() Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:28   ` Jaegeuk Kim
2019-06-22 22:28     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:28     ` Jaegeuk Kim
2019-06-20 20:50 ` [f2fs-dev] [PATCH v5 09/16] fs-verity: add data verification hooks for ->readpages() Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:32   ` Jaegeuk Kim
2019-06-22 22:32     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:32     ` Jaegeuk Kim
2019-06-20 20:50 ` [PATCH v5 10/16] fs-verity: implement FS_IOC_ENABLE_VERITY ioctl Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:43   ` Jaegeuk Kim
2019-06-22 22:43     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:43     ` Jaegeuk Kim
2019-06-20 20:50 ` [PATCH v5 11/16] fs-verity: implement FS_IOC_MEASURE_VERITY ioctl Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:43   ` Jaegeuk Kim
2019-06-22 22:43     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:43     ` Jaegeuk Kim
2019-06-20 20:50 ` Eric Biggers [this message]
2019-06-20 20:50   ` [f2fs-dev] [PATCH v5 12/16] fs-verity: add SHA-512 support Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 22:44   ` Jaegeuk Kim
2019-06-22 22:44     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 22:44     ` Jaegeuk Kim
2019-06-20 20:50 ` [PATCH v5 13/16] fs-verity: support builtin file signatures Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-20 20:50 ` [PATCH v5 14/16] ext4: add basic fs-verity support Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-20 23:59   ` Darrick J. Wong
2019-06-20 23:59     ` [f2fs-dev] " Darrick J. Wong
2019-06-20 23:59     ` Darrick J. Wong
2019-06-21  3:17     ` Eric Biggers
2019-06-21  3:17       ` [f2fs-dev] " Eric Biggers
2019-06-21  3:17       ` Eric Biggers
2019-06-20 20:50 ` [PATCH v5 15/16] ext4: add fs-verity read support Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-20 20:50 ` [PATCH v5 16/16] f2fs: add fs-verity support Eric Biggers
2019-06-20 20:50   ` [f2fs-dev] " Eric Biggers
2019-06-20 20:50   ` Eric Biggers
2019-06-22 23:12   ` Jaegeuk Kim
2019-06-22 23:12     ` [f2fs-dev] " Jaegeuk Kim
2019-06-22 23:12     ` Jaegeuk Kim
2019-06-25  7:55   ` Chao Yu
2019-06-25  7:55     ` [f2fs-dev] " Chao Yu
2019-06-25  7:55     ` Chao Yu
2019-06-25  7:55     ` Chao Yu
2019-06-25 17:52     ` Eric Biggers
2019-06-25 17:52       ` [f2fs-dev] " Eric Biggers
2019-06-25 17:52       ` Eric Biggers
2019-06-26  7:34       ` Chao Yu
2019-06-26  7:34         ` [f2fs-dev] " Chao Yu
2019-06-26  7:34         ` Chao Yu
2019-06-26  7:34         ` Chao Yu
2019-06-26 18:21         ` Eric Biggers
2019-06-26 18:21           ` [f2fs-dev] " Eric Biggers
2019-06-26 18:21           ` Eric Biggers

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:eaa2b3b93bbf6 dfblob:46df17094fc25 dfblob:57d1d7fc0c345
dfblob:eaa2b3b93bbf6 dfblob:46df17094fc25 dfblob:57d1d7fc0c345
dfblob:eaa2b3b93bbf6 dfblob:46df17094fc25 dfblob:57d1d7fc0c345
dfblob:02a547f0667c1 dfblob:e0462a010cabf dfblob:da0daf6c193b4
dfblob:02a547f0667c1 dfblob:e0462a010cabf dfblob:da0daf6c193b4
dfblob:02a547f0667c1 dfblob:e0462a010cabf dfblob:da0daf6c193b4
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190620205043.64350-13-ebiggers@kernel.org \
    --to=ebiggers@kernel.org \
    --cc=chandan@linux.vnet.ibm.com \
    --cc=darrick.wong@oracle.com \
    --cc=david@fromorbit.com \
    --cc=hch@lst.de \
    --cc=jaegeuk@kernel.org \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-f2fs-devel@lists.sourceforge.net \
    --cc=linux-fscrypt@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=torvalds@linux-foundation.org \
    --cc=tytso@mit.edu \
    --cc=victorhsieh@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.