root/fs/verity/fsverity_private.h

INCLUDED FROM

DEFINITIONS

1. fsverity_verify_signature
2. fsverity_init_signature

   1 /* SPDX-License-Identifier: GPL-2.0 */
   2 /*
   3  * fs-verity: read-only file-based authenticity protection
   4  *
   5  * Copyright 2019 Google LLC
   6  */
   7 
   8 #ifndef _FSVERITY_PRIVATE_H
   9 #define _FSVERITY_PRIVATE_H
  10 
  11 #ifdef CONFIG_FS_VERITY_DEBUG
  12 #define DEBUG
  13 #endif
  14 
  15 #define pr_fmt(fmt) "fs-verity: " fmt
  16 
  17 #include <crypto/sha.h>
  18 #include <linux/fsverity.h>
  19 
  20 struct ahash_request;
  21 
  22 /*
  23  * Implementation limit: maximum depth of the Merkle tree.  For now 8 is plenty;
  24  * it's enough for over U64_MAX bytes of data using SHA-256 and 4K blocks.
  25  */
  26 #define FS_VERITY_MAX_LEVELS            8
  27 
  28 /*
  29  * Largest digest size among all hash algorithms supported by fs-verity.
  30  * Currently assumed to be <= size of fsverity_descriptor::root_hash.
  31  */
  32 #define FS_VERITY_MAX_DIGEST_SIZE       SHA512_DIGEST_SIZE
  33 
  34 /* A hash algorithm supported by fs-verity */
  35 struct fsverity_hash_alg {
  36         struct crypto_ahash *tfm; /* hash tfm, allocated on demand */
  37         const char *name;         /* crypto API name, e.g. sha256 */
  38         unsigned int digest_size; /* digest size in bytes, e.g. 32 for SHA-256 */
  39         unsigned int block_size;  /* block size in bytes, e.g. 64 for SHA-256 */
  40 };
  41 
  42 /* Merkle tree parameters: hash algorithm, initial hash state, and topology */
  43 struct merkle_tree_params {
  44         const struct fsverity_hash_alg *hash_alg; /* the hash algorithm */
  45         const u8 *hashstate;            /* initial hash state or NULL */
  46         unsigned int digest_size;       /* same as hash_alg->digest_size */
  47         unsigned int block_size;        /* size of data and tree blocks */
  48         unsigned int hashes_per_block;  /* number of hashes per tree block */
  49         unsigned int log_blocksize;     /* log2(block_size) */
  50         unsigned int log_arity;         /* log2(hashes_per_block) */
  51         unsigned int num_levels;        /* number of levels in Merkle tree */
  52         u64 tree_size;                  /* Merkle tree size in bytes */
  53 
  54         /*
  55          * Starting block index for each tree level, ordered from leaf level (0)
  56          * to root level ('num_levels - 1')
  57          */
  58         u64 level_start[FS_VERITY_MAX_LEVELS];
  59 };
  60 
  61 /**
  62  * fsverity_info - cached verity metadata for an inode
  63  *
  64  * When a verity file is first opened, an instance of this struct is allocated
  65  * and stored in ->i_verity_info; it remains until the inode is evicted.  It
  66  * caches information about the Merkle tree that's needed to efficiently verify
  67  * data read from the file.  It also caches the file measurement.  The Merkle
  68  * tree pages themselves are not cached here, but the filesystem may cache them.
  69  */
  70 struct fsverity_info {
  71         struct merkle_tree_params tree_params;
  72         u8 root_hash[FS_VERITY_MAX_DIGEST_SIZE];
  73         u8 measurement[FS_VERITY_MAX_DIGEST_SIZE];
  74         const struct inode *inode;
  75 };
  76 
  77 /*
  78  * Merkle tree properties.  The file measurement is the hash of this structure
  79  * excluding the signature and with the sig_size field set to 0.
  80  */
  81 struct fsverity_descriptor {
  82         __u8 version;           /* must be 1 */
  83         __u8 hash_algorithm;    /* Merkle tree hash algorithm */
  84         __u8 log_blocksize;     /* log2 of size of data and tree blocks */
  85         __u8 salt_size;         /* size of salt in bytes; 0 if none */
  86         __le32 sig_size;        /* size of signature in bytes; 0 if none */
  87         __le64 data_size;       /* size of file the Merkle tree is built over */
  88         __u8 root_hash[64];     /* Merkle tree root hash */
  89         __u8 salt[32];          /* salt prepended to each hashed block */
  90         __u8 __reserved[144];   /* must be 0's */
  91         __u8 signature[];       /* optional PKCS#7 signature */
  92 };
  93 
  94 /* Arbitrary limit to bound the kmalloc() size.  Can be changed. */
  95 #define FS_VERITY_MAX_DESCRIPTOR_SIZE   16384
  96 
  97 #define FS_VERITY_MAX_SIGNATURE_SIZE    (FS_VERITY_MAX_DESCRIPTOR_SIZE - \
  98                                          sizeof(struct fsverity_descriptor))
  99 
 100 /*
 101  * Format in which verity file measurements are signed.  This is the same as
 102  * 'struct fsverity_digest', except here some magic bytes are prepended to
 103  * provide some context about what is being signed in case the same key is used
 104  * for non-fsverity purposes, and here the fields have fixed endianness.
 105  */
 106 struct fsverity_signed_digest {
 107         char magic[8];                  /* must be "FSVerity" */
 108         __le16 digest_algorithm;
 109         __le16 digest_size;
 110         __u8 digest[];
 111 };
 112 
 113 /* hash_algs.c */
 114 
 115 extern struct fsverity_hash_alg fsverity_hash_algs[];
 116 
 117 const struct fsverity_hash_alg *fsverity_get_hash_alg(const struct inode *inode,
 118                                                       unsigned int num);
 119 const u8 *fsverity_prepare_hash_state(const struct fsverity_hash_alg *alg,
 120                                       const u8 *salt, size_t salt_size);
 121 int fsverity_hash_page(const struct merkle_tree_params *params,
 122                        const struct inode *inode,
 123                        struct ahash_request *req, struct page *page, u8 *out);
 124 int fsverity_hash_buffer(const struct fsverity_hash_alg *alg,
 125                          const void *data, size_t size, u8 *out);
 126 void __init fsverity_check_hash_algs(void);
 127 
 128 /* init.c */
 129 
 130 extern void __printf(3, 4) __cold
 131 fsverity_msg(const struct inode *inode, const char *level,
 132              const char *fmt, ...);
 133 
 134 #define fsverity_warn(inode, fmt, ...)          \
 135         fsverity_msg((inode), KERN_WARNING, fmt, ##__VA_ARGS__)
 136 #define fsverity_err(inode, fmt, ...)           \
 137         fsverity_msg((inode), KERN_ERR, fmt, ##__VA_ARGS__)
 138 
 139 /* open.c */
 140 
 141 int fsverity_init_merkle_tree_params(struct merkle_tree_params *params,
 142                                      const struct inode *inode,
 143                                      unsigned int hash_algorithm,
 144                                      unsigned int log_blocksize,
 145                                      const u8 *salt, size_t salt_size);
 146 
 147 struct fsverity_info *fsverity_create_info(const struct inode *inode,
 148                                            void *desc, size_t desc_size);
 149 
 150 void fsverity_set_info(struct inode *inode, struct fsverity_info *vi);
 151 
 152 void fsverity_free_info(struct fsverity_info *vi);
 153 
 154 int __init fsverity_init_info_cache(void);
 155 void __init fsverity_exit_info_cache(void);
 156 
 157 /* signature.c */
 158 
 159 #ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
 160 int fsverity_verify_signature(const struct fsverity_info *vi,
 161                               const struct fsverity_descriptor *desc,
 162                               size_t desc_size);
 163 
 164 int __init fsverity_init_signature(void);
 165 #else /* !CONFIG_FS_VERITY_BUILTIN_SIGNATURES */
 166 static inline int
 167 fsverity_verify_signature(const struct fsverity_info *vi,
 168                           const struct fsverity_descriptor *desc,
 169                           size_t desc_size)
 170 {
 171         return 0;
 172 }
 173 
 174 static inline int fsverity_init_signature(void)
 175 {
 176         return 0;
 177 }
 178 #endif /* !CONFIG_FS_VERITY_BUILTIN_SIGNATURES */
 179 
 180 /* verify.c */
 181 
 182 int __init fsverity_init_workqueue(void);
 183 void __init fsverity_exit_workqueue(void);
 184 
 185 #endif /* _FSVERITY_PRIVATE_H */