Lines Matching full:v
69 struct dm_verity *v; member
104 static sector_t verity_map_sector(struct dm_verity *v, sector_t bi_sector) in verity_map_sector() argument
106 return dm_target_offset(v->ti, bi_sector); in verity_map_sector()
115 static sector_t verity_position_at_level(struct dm_verity *v, sector_t block, in verity_position_at_level() argument
118 return block >> (level * v->hash_per_block_bits); in verity_position_at_level()
121 static int verity_ahash_update(struct dm_verity *v, struct ahash_request *req, in verity_ahash_update() argument
154 static int verity_ahash_init(struct dm_verity *v, struct ahash_request *req, in verity_ahash_init() argument
159 ahash_request_set_tfm(req, v->ahash_tfm); in verity_ahash_init()
173 if (likely(v->salt_size && (v->version >= 1))) in verity_ahash_init()
174 r = verity_ahash_update(v, req, v->salt, v->salt_size, wait); in verity_ahash_init()
179 static int verity_ahash_final(struct dm_verity *v, struct ahash_request *req, in verity_ahash_final() argument
184 if (unlikely(v->salt_size && (!v->version))) { in verity_ahash_final()
185 r = verity_ahash_update(v, req, v->salt, v->salt_size, wait); in verity_ahash_final()
199 int verity_hash(struct dm_verity *v, struct dm_verity_io *io, in verity_hash() argument
204 if (static_branch_unlikely(&ahash_enabled) && !v->shash_tfm) { in verity_hash()
205 struct ahash_request *req = verity_io_hash_req(v, io); in verity_hash()
208 r = verity_ahash_init(v, req, &wait, may_sleep) ?: in verity_hash()
209 verity_ahash_update(v, req, data, len, &wait) ?: in verity_hash()
210 verity_ahash_final(v, req, digest, &wait); in verity_hash()
212 struct shash_desc *desc = verity_io_hash_req(v, io); in verity_hash()
214 desc->tfm = v->shash_tfm; in verity_hash()
215 r = crypto_shash_import(desc, v->initial_hashstate) ?: in verity_hash()
223 static void verity_hash_at_level(struct dm_verity *v, sector_t block, int level, in verity_hash_at_level() argument
226 sector_t position = verity_position_at_level(v, block, level); in verity_hash_at_level()
229 *hash_block = v->hash_level_block[level] + (position >> v->hash_per_block_bits); in verity_hash_at_level()
234 idx = position & ((1 << v->hash_per_block_bits) - 1); in verity_hash_at_level()
235 if (!v->version) in verity_hash_at_level()
236 *offset = idx * v->digest_size; in verity_hash_at_level()
238 *offset = idx << (v->hash_dev_block_bits - v->hash_per_block_bits); in verity_hash_at_level()
244 static int verity_handle_err(struct dm_verity *v, enum verity_block_type type, in verity_handle_err() argument
250 struct mapped_device *md = dm_table_get_md(v->ti->table); in verity_handle_err()
253 v->hash_failed = true; in verity_handle_err()
255 if (v->corrupted_errs >= DM_VERITY_MAX_CORRUPTED_ERRS) in verity_handle_err()
258 v->corrupted_errs++; in verity_handle_err()
271 DMERR_LIMIT("%s: %s block %llu is corrupted", v->data_dev->name, in verity_handle_err()
274 if (v->corrupted_errs == DM_VERITY_MAX_CORRUPTED_ERRS) { in verity_handle_err()
275 DMERR("%s: reached maximum errors", v->data_dev->name); in verity_handle_err()
276 dm_audit_log_target(DM_MSG_PREFIX, "max-corrupted-errors", v->ti, 0); in verity_handle_err()
285 if (v->mode == DM_VERITY_MODE_LOGGING) in verity_handle_err()
288 if (v->mode == DM_VERITY_MODE_RESTART) in verity_handle_err()
291 if (v->mode == DM_VERITY_MODE_PANIC) in verity_handle_err()
301 * On successful return, verity_io_want_digest(v, io) contains the hash value
306 * against current value of verity_io_want_digest(v, io).
308 static int verity_verify_level(struct dm_verity *v, struct dm_verity_io *io, in verity_verify_level() argument
318 struct bio *bio = dm_bio_from_per_bio_data(io, v->ti->per_io_data_size); in verity_verify_level()
320 verity_hash_at_level(v, block, level, &hash_block, &offset); in verity_verify_level()
323 data = dm_bufio_get(v->bufio, hash_block, &buf); in verity_verify_level()
333 data = dm_bufio_read_with_ioprio(v->bufio, hash_block, in verity_verify_level()
341 data = dm_bufio_new(v->bufio, hash_block, &buf); in verity_verify_level()
344 if (verity_fec_decode(v, io, DM_VERITY_BLOCK_TYPE_METADATA, in verity_verify_level()
351 dm_bufio_forget(v->bufio, hash_block); in verity_verify_level()
364 r = verity_hash(v, io, data, 1 << v->hash_dev_block_bits, in verity_verify_level()
365 verity_io_real_digest(v, io), !io->in_bh); in verity_verify_level()
369 if (likely(memcmp(verity_io_real_digest(v, io), want_digest, in verity_verify_level()
370 v->digest_size) == 0)) in verity_verify_level()
379 } else if (verity_fec_decode(v, io, DM_VERITY_BLOCK_TYPE_METADATA, in verity_verify_level()
382 else if (verity_handle_err(v, in verity_verify_level()
387 bio = dm_bio_from_per_bio_data(io, v->ti->per_io_data_size); in verity_verify_level()
397 memcpy(want_digest, data, v->digest_size); in verity_verify_level()
409 int verity_hash_for_block(struct dm_verity *v, struct dm_verity_io *io, in verity_hash_for_block() argument
414 if (likely(v->levels)) { in verity_hash_for_block()
422 r = verity_verify_level(v, io, block, 0, true, digest); in verity_hash_for_block()
427 memcpy(digest, v->root_digest, v->digest_size); in verity_hash_for_block()
429 for (i = v->levels - 1; i >= 0; i--) { in verity_hash_for_block()
430 r = verity_verify_level(v, io, block, i, false, digest); in verity_hash_for_block()
435 if (!r && v->zero_digest) in verity_hash_for_block()
436 *is_zero = !memcmp(v->zero_digest, digest, v->digest_size); in verity_hash_for_block()
443 static noinline int verity_recheck(struct dm_verity *v, struct dm_verity_io *io, in verity_recheck() argument
452 page = mempool_alloc(&v->recheck_pool, GFP_NOIO); in verity_recheck()
459 io_req.client = v->io; in verity_recheck()
460 io_loc.bdev = v->data_dev->bdev; in verity_recheck()
461 io_loc.sector = cur_block << (v->data_dev_block_bits - SECTOR_SHIFT); in verity_recheck()
462 io_loc.count = 1 << (v->data_dev_block_bits - SECTOR_SHIFT); in verity_recheck()
467 r = verity_hash(v, io, buffer, 1 << v->data_dev_block_bits, in verity_recheck()
468 verity_io_real_digest(v, io), true); in verity_recheck()
472 if (memcmp(verity_io_real_digest(v, io), in verity_recheck()
473 verity_io_want_digest(v, io), v->digest_size)) { in verity_recheck()
478 memcpy(dest, buffer, 1 << v->data_dev_block_bits); in verity_recheck()
481 mempool_free(page, &v->recheck_pool); in verity_recheck()
486 static int verity_handle_data_hash_mismatch(struct dm_verity *v, in verity_handle_data_hash_mismatch() argument
498 if (verity_recheck(v, io, blkno, data) == 0) { in verity_handle_data_hash_mismatch()
499 if (v->validated_blocks) in verity_handle_data_hash_mismatch()
500 set_bit(blkno, v->validated_blocks); in verity_handle_data_hash_mismatch()
504 if (verity_fec_decode(v, io, DM_VERITY_BLOCK_TYPE_DATA, blkno, in verity_handle_data_hash_mismatch()
511 if (verity_handle_err(v, DM_VERITY_BLOCK_TYPE_DATA, blkno)) { in verity_handle_data_hash_mismatch()
524 struct dm_verity *v = io->v; in verity_verify_io() local
525 const unsigned int block_size = 1 << v->data_dev_block_bits; in verity_verify_io()
528 struct bio *bio = dm_bio_from_per_bio_data(io, v->ti->per_io_data_size); in verity_verify_io()
549 if (v->validated_blocks && bio->bi_status == BLK_STS_OK && in verity_verify_io()
550 likely(test_bit(cur_block, v->validated_blocks))) in verity_verify_io()
553 r = verity_hash_for_block(v, io, cur_block, in verity_verify_io()
554 verity_io_want_digest(v, io), in verity_verify_io()
583 r = verity_hash(v, io, data, block_size, in verity_verify_io()
584 verity_io_real_digest(v, io), !io->in_bh); in verity_verify_io()
590 if (likely(memcmp(verity_io_real_digest(v, io), in verity_verify_io()
591 verity_io_want_digest(v, io), v->digest_size) == 0)) { in verity_verify_io()
592 if (v->validated_blocks) in verity_verify_io()
593 set_bit(cur_block, v->validated_blocks); in verity_verify_io()
597 r = verity_handle_data_hash_mismatch(v, io, bio, cur_block, in verity_verify_io()
626 struct dm_verity *v = io->v; in verity_finish_io() local
627 struct bio *bio = dm_bio_from_per_bio_data(io, v->ti->per_io_data_size); in verity_finish_io()
639 if (v->error_mode == DM_VERITY_MODE_PANIC) { in verity_finish_io()
642 if (v->error_mode == DM_VERITY_MODE_RESTART) { in verity_finish_io()
644 queue_work(v->verify_wq, &restart_work); in verity_finish_io()
675 queue_work(io->v->verify_wq, &io->work); in verity_bh_work()
692 unsigned int bytes = io->n_blocks << io->v->data_dev_block_bits; in verity_end_io()
695 (!verity_fec_is_enabled(io->v) || in verity_end_io()
702 if (static_branch_unlikely(&use_bh_wq_enabled) && io->v->use_bh_wq && in verity_end_io()
712 queue_work(io->v->verify_wq, &io->work); in verity_end_io()
725 struct dm_verity *v = pw->v; in verity_prefetch_io() local
728 for (i = v->levels - 2; i >= 0; i--) { in verity_prefetch_io()
732 verity_hash_at_level(v, pw->block, i, &hash_block_start, NULL); in verity_prefetch_io()
733 verity_hash_at_level(v, pw->block + pw->n_blocks - 1, i, &hash_block_end, NULL); in verity_prefetch_io()
738 cluster >>= v->data_dev_block_bits; in verity_prefetch_io()
747 if (unlikely(hash_block_end >= v->hash_blocks)) in verity_prefetch_io()
748 hash_block_end = v->hash_blocks - 1; in verity_prefetch_io()
751 dm_bufio_prefetch_with_ioprio(v->bufio, hash_block_start, in verity_prefetch_io()
759 static void verity_submit_prefetch(struct dm_verity *v, struct dm_verity_io *io, in verity_submit_prefetch() argument
766 if (v->validated_blocks) { in verity_submit_prefetch()
767 while (n_blocks && test_bit(block, v->validated_blocks)) { in verity_submit_prefetch()
772 v->validated_blocks)) in verity_submit_prefetch()
785 pw->v = v; in verity_submit_prefetch()
789 queue_work(v->verify_wq, &pw->work); in verity_submit_prefetch()
798 struct dm_verity *v = ti->private; in verity_map() local
801 bio_set_dev(bio, v->data_dev->bdev); in verity_map()
802 bio->bi_iter.bi_sector = verity_map_sector(v, bio->bi_iter.bi_sector); in verity_map()
805 ((1 << (v->data_dev_block_bits - SECTOR_SHIFT)) - 1)) { in verity_map()
811 (v->data_dev_block_bits - SECTOR_SHIFT) > v->data_blocks) { in verity_map()
820 io->v = v; in verity_map()
822 io->block = bio->bi_iter.bi_sector >> (v->data_dev_block_bits - SECTOR_SHIFT); in verity_map()
823 io->n_blocks = bio->bi_iter.bi_size >> v->data_dev_block_bits; in verity_map()
832 verity_submit_prefetch(v, io, bio->bi_ioprio); in verity_map()
841 struct dm_verity *v = ti->private; in verity_postsuspend() local
842 flush_workqueue(v->verify_wq); in verity_postsuspend()
843 dm_bufio_client_reset(v->bufio); in verity_postsuspend()
847 * Status: V (valid) or C (corruption found)
852 struct dm_verity *v = ti->private; in verity_status() local
859 DMEMIT("%c", v->hash_failed ? 'C' : 'V'); in verity_status()
863 v->version, in verity_status()
864 v->data_dev->name, in verity_status()
865 v->hash_dev->name, in verity_status()
866 1 << v->data_dev_block_bits, in verity_status()
867 1 << v->hash_dev_block_bits, in verity_status()
868 (unsigned long long)v->data_blocks, in verity_status()
869 (unsigned long long)v->hash_start, in verity_status()
870 v->alg_name in verity_status()
872 for (x = 0; x < v->digest_size; x++) in verity_status()
873 DMEMIT("%02x", v->root_digest[x]); in verity_status()
875 if (!v->salt_size) in verity_status()
878 for (x = 0; x < v->salt_size; x++) in verity_status()
879 DMEMIT("%02x", v->salt[x]); in verity_status()
880 if (v->mode != DM_VERITY_MODE_EIO) in verity_status()
882 if (v->error_mode != DM_VERITY_MODE_EIO) in verity_status()
884 if (verity_fec_is_enabled(v)) in verity_status()
886 if (v->zero_digest) in verity_status()
888 if (v->validated_blocks) in verity_status()
890 if (v->use_bh_wq) in verity_status()
892 if (v->signature_key_desc) in verity_status()
897 if (v->mode != DM_VERITY_MODE_EIO) { in verity_status()
899 switch (v->mode) { in verity_status()
913 if (v->error_mode != DM_VERITY_MODE_EIO) { in verity_status()
915 switch (v->error_mode) { in verity_status()
926 if (v->zero_digest) in verity_status()
928 if (v->validated_blocks) in verity_status()
930 if (v->use_bh_wq) in verity_status()
932 sz = verity_fec_status_table(v, sz, result, maxlen); in verity_status()
933 if (v->signature_key_desc) in verity_status()
935 " %s", v->signature_key_desc); in verity_status()
940 DMEMIT(",hash_failed=%c", v->hash_failed ? 'C' : 'V'); in verity_status()
941 DMEMIT(",verity_version=%u", v->version); in verity_status()
942 DMEMIT(",data_device_name=%s", v->data_dev->name); in verity_status()
943 DMEMIT(",hash_device_name=%s", v->hash_dev->name); in verity_status()
944 DMEMIT(",verity_algorithm=%s", v->alg_name); in verity_status()
947 for (x = 0; x < v->digest_size; x++) in verity_status()
948 DMEMIT("%02x", v->root_digest[x]); in verity_status()
951 if (!v->salt_size) in verity_status()
954 for (x = 0; x < v->salt_size; x++) in verity_status()
955 DMEMIT("%02x", v->salt[x]); in verity_status()
957 DMEMIT(",ignore_zero_blocks=%c", v->zero_digest ? 'y' : 'n'); in verity_status()
958 DMEMIT(",check_at_most_once=%c", v->validated_blocks ? 'y' : 'n'); in verity_status()
959 if (v->signature_key_desc) in verity_status()
960 DMEMIT(",root_hash_sig_key_desc=%s", v->signature_key_desc); in verity_status()
962 if (v->mode != DM_VERITY_MODE_EIO) { in verity_status()
964 switch (v->mode) { in verity_status()
978 if (v->error_mode != DM_VERITY_MODE_EIO) { in verity_status()
980 switch (v->error_mode) { in verity_status()
998 struct dm_verity *v = ti->private; in verity_prepare_ioctl() local
1000 *bdev = v->data_dev->bdev; in verity_prepare_ioctl()
1002 if (ti->len != bdev_nr_sectors(v->data_dev->bdev)) in verity_prepare_ioctl()
1010 struct dm_verity *v = ti->private; in verity_iterate_devices() local
1012 return fn(ti, v->data_dev, 0, ti->len, data); in verity_iterate_devices()
1017 struct dm_verity *v = ti->private; in verity_io_hints() local
1019 if (limits->logical_block_size < 1 << v->data_dev_block_bits) in verity_io_hints()
1020 limits->logical_block_size = 1 << v->data_dev_block_bits; in verity_io_hints()
1022 if (limits->physical_block_size < 1 << v->data_dev_block_bits) in verity_io_hints()
1023 limits->physical_block_size = 1 << v->data_dev_block_bits; in verity_io_hints()
1038 static int verity_init_sig(struct dm_verity *v, const void *sig, in verity_init_sig() argument
1041 v->sig_size = sig_size; in verity_init_sig()
1044 v->root_digest_sig = kmemdup(sig, v->sig_size, GFP_KERNEL); in verity_init_sig()
1045 if (!v->root_digest_sig) in verity_init_sig()
1052 static void verity_free_sig(struct dm_verity *v) in verity_free_sig() argument
1054 kfree(v->root_digest_sig); in verity_free_sig()
1059 static inline int verity_init_sig(struct dm_verity *v, const void *sig, in verity_init_sig() argument
1065 static inline void verity_free_sig(struct dm_verity *v) in verity_free_sig() argument
1073 struct dm_verity *v = ti->private; in verity_dtr() local
1075 if (v->verify_wq) in verity_dtr()
1076 destroy_workqueue(v->verify_wq); in verity_dtr()
1078 mempool_exit(&v->recheck_pool); in verity_dtr()
1079 if (v->io) in verity_dtr()
1080 dm_io_client_destroy(v->io); in verity_dtr()
1082 if (v->bufio) in verity_dtr()
1083 dm_bufio_client_destroy(v->bufio); in verity_dtr()
1085 kvfree(v->validated_blocks); in verity_dtr()
1086 kfree(v->salt); in verity_dtr()
1087 kfree(v->initial_hashstate); in verity_dtr()
1088 kfree(v->root_digest); in verity_dtr()
1089 kfree(v->zero_digest); in verity_dtr()
1090 verity_free_sig(v); in verity_dtr()
1092 if (v->ahash_tfm) { in verity_dtr()
1094 crypto_free_ahash(v->ahash_tfm); in verity_dtr()
1096 crypto_free_shash(v->shash_tfm); in verity_dtr()
1099 kfree(v->alg_name); in verity_dtr()
1101 if (v->hash_dev) in verity_dtr()
1102 dm_put_device(ti, v->hash_dev); in verity_dtr()
1104 if (v->data_dev) in verity_dtr()
1105 dm_put_device(ti, v->data_dev); in verity_dtr()
1107 verity_fec_dtr(v); in verity_dtr()
1109 kfree(v->signature_key_desc); in verity_dtr()
1111 if (v->use_bh_wq) in verity_dtr()
1114 kfree(v); in verity_dtr()
1119 static int verity_alloc_most_once(struct dm_verity *v) in verity_alloc_most_once() argument
1121 struct dm_target *ti = v->ti; in verity_alloc_most_once()
1124 if (v->data_blocks > INT_MAX) { in verity_alloc_most_once()
1129 v->validated_blocks = kvcalloc(BITS_TO_LONGS(v->data_blocks), in verity_alloc_most_once()
1132 if (!v->validated_blocks) { in verity_alloc_most_once()
1140 static int verity_alloc_zero_digest(struct dm_verity *v) in verity_alloc_zero_digest() argument
1146 v->zero_digest = kmalloc(v->digest_size, GFP_KERNEL); in verity_alloc_zero_digest()
1148 if (!v->zero_digest) in verity_alloc_zero_digest()
1151 io = kmalloc(sizeof(*io) + v->hash_reqsize, GFP_KERNEL); in verity_alloc_zero_digest()
1156 zero_data = kzalloc(1 << v->data_dev_block_bits, GFP_KERNEL); in verity_alloc_zero_digest()
1161 r = verity_hash(v, io, zero_data, 1 << v->data_dev_block_bits, in verity_alloc_zero_digest()
1162 v->zero_digest, true); in verity_alloc_zero_digest()
1178 static int verity_parse_verity_mode(struct dm_verity *v, const char *arg_name) in verity_parse_verity_mode() argument
1180 if (v->mode) in verity_parse_verity_mode()
1184 v->mode = DM_VERITY_MODE_LOGGING; in verity_parse_verity_mode()
1186 v->mode = DM_VERITY_MODE_RESTART; in verity_parse_verity_mode()
1188 v->mode = DM_VERITY_MODE_PANIC; in verity_parse_verity_mode()
1199 static int verity_parse_verity_error_mode(struct dm_verity *v, const char *arg_name) in verity_parse_verity_error_mode() argument
1201 if (v->error_mode) in verity_parse_verity_error_mode()
1205 v->error_mode = DM_VERITY_MODE_RESTART; in verity_parse_verity_error_mode()
1207 v->error_mode = DM_VERITY_MODE_PANIC; in verity_parse_verity_error_mode()
1212 static int verity_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v, in verity_parse_opt_args() argument
1218 struct dm_target *ti = v->ti; in verity_parse_opt_args()
1239 r = verity_parse_verity_mode(v, arg_name); in verity_parse_opt_args()
1249 r = verity_parse_verity_error_mode(v, arg_name); in verity_parse_opt_args()
1259 r = verity_alloc_zero_digest(v); in verity_parse_opt_args()
1269 r = verity_alloc_most_once(v); in verity_parse_opt_args()
1275 v->use_bh_wq = true; in verity_parse_opt_args()
1282 r = verity_fec_parse_opt_args(as, v, &argc, arg_name); in verity_parse_opt_args()
1290 r = verity_verify_sig_parse_opt_args(as, v, in verity_parse_opt_args()
1315 static int verity_setup_hash_alg(struct dm_verity *v, const char *alg_name) in verity_setup_hash_alg() argument
1317 struct dm_target *ti = v->ti; in verity_setup_hash_alg()
1322 v->alg_name = kstrdup(alg_name, GFP_KERNEL); in verity_setup_hash_alg()
1323 if (!v->alg_name) { in verity_setup_hash_alg()
1338 v->use_bh_wq ? CRYPTO_ALG_ASYNC : 0); in verity_setup_hash_alg()
1344 if (v->version >= 1 /* salt prepended, not appended? */) { in verity_setup_hash_alg()
1359 v->shash_tfm = shash; in verity_setup_hash_alg()
1360 v->digest_size = crypto_shash_digestsize(shash); in verity_setup_hash_alg()
1361 v->hash_reqsize = sizeof(struct shash_desc) + in verity_setup_hash_alg()
1365 v->ahash_tfm = ahash; in verity_setup_hash_alg()
1367 v->digest_size = crypto_ahash_digestsize(ahash); in verity_setup_hash_alg()
1368 v->hash_reqsize = sizeof(struct ahash_request) + in verity_setup_hash_alg()
1372 if ((1 << v->hash_dev_block_bits) < v->digest_size * 2) { in verity_setup_hash_alg()
1379 static int verity_setup_salt_and_hashstate(struct dm_verity *v, const char *arg) in verity_setup_salt_and_hashstate() argument
1381 struct dm_target *ti = v->ti; in verity_setup_salt_and_hashstate()
1384 v->salt_size = strlen(arg) / 2; in verity_setup_salt_and_hashstate()
1385 v->salt = kmalloc(v->salt_size, GFP_KERNEL); in verity_setup_salt_and_hashstate()
1386 if (!v->salt) { in verity_setup_salt_and_hashstate()
1390 if (strlen(arg) != v->salt_size * 2 || in verity_setup_salt_and_hashstate()
1391 hex2bin(v->salt, arg, v->salt_size)) { in verity_setup_salt_and_hashstate()
1396 if (v->shash_tfm) { in verity_setup_salt_and_hashstate()
1397 SHASH_DESC_ON_STACK(desc, v->shash_tfm); in verity_setup_salt_and_hashstate()
1404 v->initial_hashstate = kmalloc( in verity_setup_salt_and_hashstate()
1405 crypto_shash_statesize(v->shash_tfm), GFP_KERNEL); in verity_setup_salt_and_hashstate()
1406 if (!v->initial_hashstate) { in verity_setup_salt_and_hashstate()
1410 desc->tfm = v->shash_tfm; in verity_setup_salt_and_hashstate()
1412 crypto_shash_update(desc, v->salt, v->salt_size) ?: in verity_setup_salt_and_hashstate()
1413 crypto_shash_export(desc, v->initial_hashstate); in verity_setup_salt_and_hashstate()
1438 struct dm_verity *v; in verity_ctr() local
1449 v = kzalloc(sizeof(struct dm_verity), GFP_KERNEL); in verity_ctr()
1450 if (!v) { in verity_ctr()
1454 ti->private = v; in verity_ctr()
1455 v->ti = ti; in verity_ctr()
1457 r = verity_fec_ctr_alloc(v); in verity_ctr()
1477 r = verity_parse_opt_args(&as, v, &verify_args, true); in verity_ctr()
1488 v->version = num; in verity_ctr()
1490 r = dm_get_device(ti, argv[1], BLK_OPEN_READ, &v->data_dev); in verity_ctr()
1496 r = dm_get_device(ti, argv[2], BLK_OPEN_READ, &v->hash_dev); in verity_ctr()
1504 num < bdev_logical_block_size(v->data_dev->bdev) || in verity_ctr()
1510 v->data_dev_block_bits = __ffs(num); in verity_ctr()
1514 num < bdev_logical_block_size(v->hash_dev->bdev) || in verity_ctr()
1520 v->hash_dev_block_bits = __ffs(num); in verity_ctr()
1523 (sector_t)(num_ll << (v->data_dev_block_bits - SECTOR_SHIFT)) in verity_ctr()
1524 >> (v->data_dev_block_bits - SECTOR_SHIFT) != num_ll) { in verity_ctr()
1529 v->data_blocks = num_ll; in verity_ctr()
1531 if (ti->len > (v->data_blocks << (v->data_dev_block_bits - SECTOR_SHIFT))) { in verity_ctr()
1538 (sector_t)(num_ll << (v->hash_dev_block_bits - SECTOR_SHIFT)) in verity_ctr()
1539 >> (v->hash_dev_block_bits - SECTOR_SHIFT) != num_ll) { in verity_ctr()
1544 v->hash_start = num_ll; in verity_ctr()
1546 r = verity_setup_hash_alg(v, argv[7]); in verity_ctr()
1550 v->root_digest = kmalloc(v->digest_size, GFP_KERNEL); in verity_ctr()
1551 if (!v->root_digest) { in verity_ctr()
1556 if (strlen(argv[8]) != v->digest_size * 2 || in verity_ctr()
1557 hex2bin(v->root_digest, argv[8], v->digest_size)) { in verity_ctr()
1564 r = verity_setup_salt_and_hashstate(v, argv[9]); in verity_ctr()
1575 r = verity_parse_opt_args(&as, v, &verify_args, false); in verity_ctr()
1590 r = verity_init_sig(v, verify_args.sig, verify_args.sig_size); in verity_ctr()
1596 v->hash_per_block_bits = in verity_ctr()
1597 __fls((1 << v->hash_dev_block_bits) / v->digest_size); in verity_ctr()
1599 v->levels = 0; in verity_ctr()
1600 if (v->data_blocks) in verity_ctr()
1601 while (v->hash_per_block_bits * v->levels < 64 && in verity_ctr()
1602 (unsigned long long)(v->data_blocks - 1) >> in verity_ctr()
1603 (v->hash_per_block_bits * v->levels)) in verity_ctr()
1604 v->levels++; in verity_ctr()
1606 if (v->levels > DM_VERITY_MAX_LEVELS) { in verity_ctr()
1612 hash_position = v->hash_start; in verity_ctr()
1613 for (i = v->levels - 1; i >= 0; i--) { in verity_ctr()
1616 v->hash_level_block[i] = hash_position; in verity_ctr()
1617 s = (v->data_blocks + ((sector_t)1 << ((i + 1) * v->hash_per_block_bits)) - 1) in verity_ctr()
1618 >> ((i + 1) * v->hash_per_block_bits); in verity_ctr()
1626 v->hash_blocks = hash_position; in verity_ctr()
1628 r = mempool_init_page_pool(&v->recheck_pool, 1, 0); in verity_ctr()
1634 v->io = dm_io_client_create(); in verity_ctr()
1635 if (IS_ERR(v->io)) { in verity_ctr()
1636 r = PTR_ERR(v->io); in verity_ctr()
1637 v->io = NULL; in verity_ctr()
1642 v->bufio = dm_bufio_client_create(v->hash_dev->bdev, in verity_ctr()
1643 1 << v->hash_dev_block_bits, 1, sizeof(struct buffer_aux), in verity_ctr()
1645 v->use_bh_wq ? DM_BUFIO_CLIENT_NO_SLEEP : 0); in verity_ctr()
1646 if (IS_ERR(v->bufio)) { in verity_ctr()
1648 r = PTR_ERR(v->bufio); in verity_ctr()
1649 v->bufio = NULL; in verity_ctr()
1653 if (dm_bufio_get_device_size(v->bufio) < v->hash_blocks) { in verity_ctr()
1668 v->verify_wq = alloc_workqueue("kverityd", WQ_MEM_RECLAIM | WQ_HIGHPRI, 0); in verity_ctr()
1669 if (!v->verify_wq) { in verity_ctr()
1675 ti->per_io_data_size = sizeof(struct dm_verity_io) + v->hash_reqsize; in verity_ctr()
1677 r = verity_fec_ctr(v); in verity_ctr()
1707 struct dm_verity *v = ti->private; in dm_verity_get_mode() local
1712 return v->mode; in dm_verity_get_mode()
1723 struct dm_verity *v = ti->private; in dm_verity_get_root_digest() local
1728 *root_digest = kmemdup(v->root_digest, v->digest_size, GFP_KERNEL); in dm_verity_get_root_digest()
1732 *digest_size = v->digest_size; in dm_verity_get_root_digest()
1742 struct dm_verity *v) in verity_security_set_signature() argument
1745 * if the dm-verity target is unsigned, v->root_digest_sig will in verity_security_set_signature()
1752 v->root_digest_sig, in verity_security_set_signature()
1753 v->sig_size); in verity_security_set_signature()
1759 struct dm_verity *v) in verity_security_set_signature() argument
1775 struct dm_verity *v; in verity_preresume() local
1778 v = ti->private; in verity_preresume()
1780 root_digest.digest = v->root_digest; in verity_preresume()
1781 root_digest.digest_len = v->digest_size; in verity_preresume()
1782 if (static_branch_unlikely(&ahash_enabled) && !v->shash_tfm) in verity_preresume()
1783 root_digest.alg = crypto_ahash_alg_name(v->ahash_tfm); in verity_preresume()
1785 root_digest.alg = crypto_shash_alg_name(v->shash_tfm); in verity_preresume()
1792 r = verity_security_set_signature(bdev, v); in verity_preresume()