]>
Commit | Line | Data |
---|---|---|
3d962ed6 AK |
1 | /* |
2 | * veritysetup | |
3 | * | |
4 | * (C) 2012 Red Hat Inc. | |
5 | * | |
6 | * This copyrighted material is made available to anyone wishing to use, | |
7 | * modify, copy, or redistribute it subject to the terms and conditions | |
8 | * of the GNU General Public License v.2. | |
9 | * | |
10 | * You should have received a copy of the GNU General Public License | |
11 | * along with this program; if not, write to the Free Software Foundation, | |
12 | * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
13 | */ | |
14 | ||
15 | /* | |
16 | * Compile flags to use a specific crypto library: | |
17 | * openssl: -lpopt -DCRYPT_OPENSSL -lcrypto | |
18 | * nss: -lpopt -DCRYPT_NSS -I/usr/include/nspr/ -I/usr/include/nss -lnss3 | |
19 | * gcrypt: -lpopt -DCRYPT_GCRYPT -lgcrypt -lgpg-error | |
20 | */ | |
21 | ||
22 | #define _FILE_OFFSET_BITS 64 | |
23 | ||
24 | #ifdef HAVE_CONFIG_H | |
25 | # include "configure.h" | |
26 | #endif | |
27 | ||
28 | #include <stdio.h> | |
29 | #include <stdlib.h> | |
30 | #include <stdint.h> | |
31 | #include <stdarg.h> | |
32 | #include <unistd.h> | |
33 | #include <errno.h> | |
34 | #include <string.h> | |
35 | #include <sys/types.h> | |
36 | #include <sys/stat.h> | |
37 | #include <sys/ioctl.h> | |
38 | #include <sys/mount.h> | |
39 | #include <arpa/inet.h> | |
40 | #include <popt.h> | |
41 | ||
42 | #ifdef CRYPT_OPENSSL | |
43 | # include <openssl/evp.h> | |
44 | # include <openssl/rand.h> | |
45 | #elif defined(CRYPT_GCRYPT) | |
46 | # include <gcrypt.h> | |
47 | #elif defined(CRYPT_NSS) | |
48 | # include <nss.h> | |
49 | # include <sechash.h> | |
50 | # include <pk11pub.h> | |
51 | #endif | |
52 | ||
53 | #if !defined(CRYPT_OPENSSL) && !defined(CRYPT_GCRYPT) && !defined(CRYPT_NSS) | |
54 | #error No crypto engine specified | |
55 | #endif | |
56 | ||
57 | #define DEFAULT_BLOCK_SIZE 4096 | |
58 | #define DM_VERITY_MAX_LEVELS 63 | |
59 | ||
60 | #define DEFAULT_SALT_SIZE 32 | |
61 | #define MAX_SALT_SIZE 384 | |
62 | ||
63 | #define MODE_VERIFY 0 | |
64 | #define MODE_CREATE 1 | |
65 | #define MODE_ACTIVATE 2 | |
66 | ||
67 | #define MAX_FORMAT_VERSION 1 | |
68 | ||
69 | static int mode = -1; | |
70 | static int use_superblock = 1; | |
71 | ||
72 | static const char *dm_device; | |
73 | static const char *data_device; | |
74 | static const char *hash_device; | |
75 | static const char *hash_algorithm = NULL; | |
76 | static const char *root_hash; | |
77 | ||
78 | static int version = -1; | |
79 | static int data_block_size = 0; | |
80 | static int hash_block_size = 0; | |
81 | static long long hash_start = 0; | |
82 | static long long data_blocks = 0; | |
83 | static const char *salt_string = NULL; | |
84 | static const char *hash_start_string = NULL; | |
85 | static const char *data_blocks_string = NULL; | |
86 | ||
87 | static FILE *data_file; | |
88 | static FILE *hash_file; | |
89 | ||
90 | static off_t data_file_blocks; | |
91 | static off_t hash_file_blocks; | |
92 | static off_t used_hash_blocks; | |
93 | ||
94 | static unsigned char *root_hash_bytes; | |
95 | static unsigned char *calculated_digest; | |
96 | ||
97 | static unsigned char *salt_bytes; | |
98 | static unsigned salt_size; | |
99 | ||
100 | static unsigned digest_size; | |
101 | static unsigned char digest_size_bits; | |
102 | static unsigned char levels; | |
103 | static unsigned char hash_per_block_bits; | |
104 | ||
105 | static off_t hash_level_block[DM_VERITY_MAX_LEVELS]; | |
106 | static off_t hash_level_size[DM_VERITY_MAX_LEVELS]; | |
107 | ||
108 | static off_t superblock_position; | |
109 | ||
110 | static int retval = 0; | |
111 | ||
112 | struct superblock { | |
113 | uint8_t signature[8]; | |
114 | uint8_t version; | |
115 | uint8_t data_block_bits; | |
116 | uint8_t hash_block_bits; | |
117 | uint8_t pad1[1]; | |
118 | uint16_t salt_size; | |
119 | uint8_t pad2[2]; | |
120 | uint32_t data_blocks_hi; | |
121 | uint32_t data_blocks_lo; | |
122 | uint8_t algorithm[16]; | |
123 | uint8_t salt[MAX_SALT_SIZE]; | |
124 | uint8_t pad3[88]; | |
125 | }; | |
126 | ||
127 | #define DM_VERITY_SIGNATURE "verity\0\0" | |
128 | #define DM_VERITY_VERSION 0 | |
129 | ||
130 | __attribute__ ((noreturn)) | |
131 | static void help(poptContext popt_context, | |
132 | enum poptCallbackReason reason, | |
133 | struct poptOption *key, | |
134 | const char *arg, | |
135 | void *data) | |
136 | { | |
137 | if (!strcmp(key->longName, "help")) { | |
138 | poptPrintHelp(popt_context, stdout, 0); | |
139 | } else { | |
140 | printf("veritysetup"); | |
141 | #ifdef DM_LIB_VERSION | |
142 | printf(", device mapper version %s", DM_LIB_VERSION); | |
143 | #endif | |
144 | printf("\n"); | |
145 | } | |
146 | exit(0); | |
147 | } | |
148 | ||
149 | static struct poptOption popt_help_options[] = { | |
150 | { NULL, 0, POPT_ARG_CALLBACK, help, 0, NULL, NULL }, | |
151 | { "help", 'h', POPT_ARG_NONE, NULL, 0, "Show help", NULL }, | |
152 | { "version", 0, POPT_ARG_NONE, NULL, 0, "Show version", NULL }, | |
153 | POPT_TABLEEND | |
154 | }; | |
155 | ||
156 | static struct poptOption popt_options[] = { | |
157 | { NULL, '\0', POPT_ARG_INCLUDE_TABLE, popt_help_options, 0, NULL, NULL }, | |
158 | { "create", 'c', POPT_ARG_VAL, &mode, MODE_CREATE, "Create hash", NULL }, | |
159 | { "verify", 'v', POPT_ARG_VAL, &mode, MODE_VERIFY, "Verify integrity", NULL }, | |
160 | { "activate", 'a', POPT_ARG_VAL, &mode, MODE_ACTIVATE, "Activate the device", NULL }, | |
161 | { "no-superblock", 0, POPT_ARG_VAL, &use_superblock, 0, "Do not create/use superblock" }, | |
162 | { "format", 0, POPT_ARG_INT, &version, 0, "Format version (1 - normal format, 0 - original Chromium OS format)", "number" }, | |
163 | { "data-block-size", 0, POPT_ARG_INT, &data_block_size, 0, "Block size on the data device", "bytes" }, | |
164 | { "hash-block-size", 0, POPT_ARG_INT, &hash_block_size, 0, "Block size on the hash device", "bytes" }, | |
165 | { "data-blocks", 0, POPT_ARG_STRING, &data_blocks_string, 0, "The number of blocks in the data file", "blocks" }, | |
166 | { "hash-start", 0, POPT_ARG_STRING, &hash_start_string, 0, "Starting block on the hash device", "512-byte sectors" }, | |
167 | { "algorithm", 0, POPT_ARG_STRING, &hash_algorithm, 0, "Hash algorithm (default sha256)", "string" }, | |
168 | { "salt", 0, POPT_ARG_STRING, &salt_string, 0, "Salt", "hex string" }, | |
169 | POPT_TABLEEND | |
170 | }; | |
171 | ||
172 | #if defined(__GNUC__) && __GNUC__ >= 2 | |
173 | __attribute__((__format__(__printf__, 1, 2))) | |
174 | #endif | |
175 | __attribute__((noreturn)) | |
176 | static void exit_err(const char *msg, ...) | |
177 | { | |
178 | va_list args; | |
179 | va_start(args, msg); | |
180 | vfprintf(stderr, msg, args); | |
181 | va_end(args); | |
182 | fputc('\n', stderr); | |
183 | exit(2); | |
184 | } | |
185 | ||
186 | __attribute__((noreturn)) | |
187 | static void stream_err(FILE *f, const char *msg) | |
188 | { | |
189 | if (ferror(f)) { | |
190 | perror(msg); | |
191 | exit(2); | |
192 | } else if (feof(f)) { | |
193 | exit_err("eof on %s", msg); | |
194 | } else { | |
195 | exit_err("unknown error on %s", msg); | |
196 | } | |
197 | } | |
198 | ||
199 | static void *xmalloc(size_t s) | |
200 | { | |
201 | void *ptr = malloc(!s ? 1 : s); | |
202 | if (!ptr) exit_err("out of memory"); | |
203 | return ptr; | |
204 | } | |
205 | ||
206 | static char *xstrdup(const char *str) | |
207 | { | |
208 | return strcpy(xmalloc(strlen(str) + 1), str); | |
209 | } | |
210 | ||
211 | static char *xprint(unsigned long long num) | |
212 | { | |
213 | size_t s = snprintf(NULL, 0, "%llu", num); | |
214 | char *p = xmalloc(s + 1); | |
215 | snprintf(p, s + 1, "%llu", num); | |
216 | return p; | |
217 | } | |
218 | ||
219 | static char *xhexprint(unsigned char *bytes, size_t len) | |
220 | { | |
221 | size_t i; | |
222 | char *p = xmalloc(len * 2 + 1); | |
223 | p[0] = 0; | |
224 | for (i = 0; i < len; i++) | |
225 | snprintf(p + i * 2, 3, "%02x", bytes[i]); | |
226 | return p; | |
227 | } | |
228 | ||
229 | static off_t get_size(FILE *f, const char *name) | |
230 | { | |
231 | struct stat st; | |
232 | int h = fileno(f); | |
233 | if (h < 0) { | |
234 | perror("fileno"); | |
235 | exit(2); | |
236 | } | |
237 | if (fstat(h, &st)) { | |
238 | perror("fstat"); | |
239 | exit(2); | |
240 | } | |
241 | if (S_ISREG(st.st_mode)) { | |
242 | return st.st_size; | |
243 | } else if (S_ISBLK(st.st_mode)) { | |
244 | unsigned long long size64; | |
245 | unsigned long sizeul; | |
246 | if (!ioctl(h, BLKGETSIZE64, &size64)) { | |
247 | return_size64: | |
248 | if ((off_t)size64 < 0 || (off_t)size64 != size64) { | |
249 | size_overflow: | |
250 | exit_err("%s: device size overflow", name); | |
251 | } | |
252 | return size64; | |
253 | } | |
254 | if (!ioctl(h, BLKGETSIZE, &sizeul)) { | |
255 | size64 = (unsigned long long)sizeul * 512; | |
256 | if (size64 / 512 != sizeul) goto size_overflow; | |
257 | goto return_size64; | |
258 | } | |
259 | perror("BLKGETSIZE"); | |
260 | exit(2); | |
261 | } else { | |
262 | exit_err("%s is not a file or a block device", name); | |
263 | } | |
264 | return -1; /* never reached, shut up warning */ | |
265 | } | |
266 | ||
267 | static void block_fseek(FILE *f, off_t block, int block_size) | |
268 | { | |
269 | unsigned long long pos = (unsigned long long)block * block_size; | |
270 | if (pos / block_size != block || | |
271 | (off_t)pos < 0 || | |
272 | (off_t)pos != pos) | |
273 | exit_err("seek position overflow"); | |
274 | if (fseeko(f, pos, SEEK_SET)) { | |
275 | perror("fseek"); | |
276 | exit(2); | |
277 | } | |
278 | } | |
279 | ||
280 | ||
281 | #ifdef CRYPT_OPENSSL | |
282 | ||
283 | static const EVP_MD *evp; | |
284 | ||
285 | static int hash_init(const char *name) | |
286 | { | |
287 | OpenSSL_add_all_digests(); | |
288 | evp = EVP_get_digestbyname(name); | |
289 | if (!evp) | |
290 | return 0; | |
291 | return EVP_MD_size(evp); | |
292 | } | |
293 | ||
294 | typedef EVP_MD_CTX hash_context; | |
295 | ||
296 | static void hash_context_init(hash_context *ctx) | |
297 | { | |
298 | EVP_MD_CTX_init(ctx); | |
299 | } | |
300 | ||
301 | static void hash_context_reset(hash_context *ctx) | |
302 | { | |
303 | if (EVP_DigestInit_ex(ctx, evp, NULL) != 1) | |
304 | exit_err("EVP_DigestInit_ex failed"); | |
305 | } | |
306 | ||
307 | static void hash_context_update(hash_context *ctx, unsigned char *data, size_t len) | |
308 | { | |
309 | if (EVP_DigestUpdate(ctx, data, len) != 1) | |
310 | exit_err("EVP_DigestUpdate failed"); | |
311 | } | |
312 | ||
313 | static void hash_context_final(hash_context *ctx, unsigned char *digest) | |
314 | { | |
315 | if (EVP_DigestFinal_ex(ctx, digest, NULL) != 1) | |
316 | exit_err("EVP_DigestFinal_ex failed"); | |
317 | } | |
318 | ||
319 | static void hash_context_destroy(hash_context *ctx) | |
320 | { | |
321 | if (EVP_MD_CTX_cleanup(ctx) != 1) | |
322 | exit_err("EVP_MD_CTX_cleanup failed"); | |
323 | } | |
324 | ||
325 | static void crypto_rand_bytes(unsigned char *data, size_t len) | |
326 | { | |
327 | if (RAND_bytes(data, len) != 1) | |
328 | exit_err("RAND_bytes failed"); | |
329 | } | |
330 | ||
331 | #elif defined(CRYPT_GCRYPT) | |
332 | ||
333 | static int gcrypt_id; | |
334 | ||
335 | static int hash_init(const char *name) | |
336 | { | |
337 | retry: | |
338 | gcrypt_id = gcry_md_map_name(name); | |
339 | if (!gcrypt_id) { | |
340 | if (!strcmp(name, "wp512")) { | |
341 | name = "whirlpool"; | |
342 | goto retry; | |
343 | } | |
344 | if (!strcmp(name, "rmd160")) { | |
345 | name = "ripemd160"; | |
346 | goto retry; | |
347 | } | |
348 | return 0; | |
349 | } | |
350 | return gcry_md_get_algo_dlen(gcrypt_id); | |
351 | } | |
352 | ||
353 | typedef gcry_md_hd_t hash_context; | |
354 | ||
355 | static void hash_context_init(hash_context *ctx) | |
356 | { | |
357 | if (gcry_md_open(ctx, gcrypt_id, 0)) | |
358 | exit_err("gcry_md_open failed"); | |
359 | } | |
360 | ||
361 | static void hash_context_reset(hash_context *ctx) | |
362 | { | |
363 | gcry_md_reset(*ctx); | |
364 | } | |
365 | ||
366 | static void hash_context_update(hash_context *ctx, unsigned char *data, size_t len) | |
367 | { | |
368 | gcry_md_write(*ctx, data, len); | |
369 | } | |
370 | ||
371 | static void hash_context_final(hash_context *ctx, unsigned char *digest) | |
372 | { | |
373 | unsigned char *p = gcry_md_read(*ctx, gcrypt_id); | |
374 | memcpy(digest, p, gcry_md_get_algo_dlen(gcrypt_id)); | |
375 | } | |
376 | ||
377 | static void hash_context_destroy(hash_context *ctx) | |
378 | { | |
379 | gcry_md_close(*ctx); | |
380 | } | |
381 | ||
382 | static void crypto_rand_bytes(unsigned char *data, size_t len) | |
383 | { | |
384 | gcry_randomize(data, len, GCRY_STRONG_RANDOM); | |
385 | } | |
386 | ||
387 | #elif defined(CRYPT_NSS) | |
388 | ||
389 | static HASH_HashType nss_alg; | |
390 | ||
391 | static int hash_init(const char *name) | |
392 | { | |
393 | if (NSS_NoDB_Init(NULL) != SECSuccess) | |
394 | exit_err("NSS_Init failed"); | |
395 | if (!strcmp(name, "md2")) | |
396 | nss_alg = HASH_AlgMD2; | |
397 | else if (!strcmp(name, "md5")) | |
398 | nss_alg = HASH_AlgMD5; | |
399 | else if (!strcmp(name, "sha1")) | |
400 | nss_alg = HASH_AlgSHA1; | |
401 | else if (!strcmp(name, "sha256")) | |
402 | nss_alg = HASH_AlgSHA256; | |
403 | else if (!strcmp(name, "sha384")) | |
404 | nss_alg = HASH_AlgSHA384; | |
405 | else if (!strcmp(name, "sha512")) | |
406 | nss_alg = HASH_AlgSHA512; | |
407 | else | |
408 | return 0; | |
409 | ||
410 | return HASH_ResultLen(nss_alg); | |
411 | } | |
412 | ||
413 | typedef HASHContext *hash_context; | |
414 | ||
415 | static void hash_context_init(hash_context *ctx) | |
416 | { | |
417 | *ctx = HASH_Create(nss_alg); | |
418 | if (!*ctx) | |
419 | exit_err("HASH_Create failed"); | |
420 | } | |
421 | ||
422 | static void hash_context_reset(hash_context *ctx) | |
423 | { | |
424 | HASH_Begin(*ctx); | |
425 | } | |
426 | ||
427 | static void hash_context_update(hash_context *ctx, unsigned char *data, size_t len) | |
428 | { | |
429 | HASH_Update(*ctx, data, len); | |
430 | } | |
431 | ||
432 | static void hash_context_final(hash_context *ctx, unsigned char *digest) | |
433 | { | |
434 | unsigned result_len; | |
435 | HASH_End(*ctx, digest, &result_len, HASH_ResultLen(nss_alg)); | |
436 | } | |
437 | ||
438 | static void hash_context_destroy(hash_context *ctx) | |
439 | { | |
440 | HASH_Destroy(*ctx); | |
441 | } | |
442 | ||
443 | static void crypto_rand_bytes(unsigned char *data, size_t len) | |
444 | { | |
445 | if (PK11_GenerateRandom(data, len) != SECSuccess) | |
446 | exit_err("PK11_GenerateRandom failed"); | |
447 | } | |
448 | ||
449 | #endif | |
450 | ||
451 | ||
452 | static off_t verity_position_at_level(off_t block, int level) | |
453 | { | |
454 | return block >> (level * hash_per_block_bits); | |
455 | } | |
456 | ||
457 | static void calculate_positions(void) | |
458 | { | |
459 | unsigned long long hash_position; | |
460 | int i; | |
461 | ||
462 | digest_size_bits = 0; | |
463 | while (1 << digest_size_bits < digest_size) | |
464 | digest_size_bits++; | |
465 | hash_per_block_bits = 0; | |
466 | while (((hash_block_size / digest_size) >> hash_per_block_bits) > 1) | |
467 | hash_per_block_bits++; | |
468 | if (!hash_per_block_bits) | |
469 | exit_err("at least two hashes must fit in a hash file block"); | |
470 | levels = 0; | |
471 | ||
472 | if (data_file_blocks) { | |
473 | while (hash_per_block_bits * levels < 64 && | |
474 | (unsigned long long)(data_file_blocks - 1) >> | |
475 | (hash_per_block_bits * levels)) | |
476 | levels++; | |
477 | } | |
478 | ||
479 | if (levels > DM_VERITY_MAX_LEVELS) | |
480 | exit_err("too many tree levels"); | |
481 | ||
482 | hash_position = hash_start * 512 / hash_block_size; | |
483 | for (i = levels - 1; i >= 0; i--) { | |
484 | off_t s; | |
485 | hash_level_block[i] = hash_position; | |
486 | s = verity_position_at_level(data_file_blocks, i); | |
487 | s = (s >> hash_per_block_bits) + | |
488 | !!(s & ((1 << hash_per_block_bits) - 1)); | |
489 | hash_level_size[i] = s; | |
490 | if (hash_position + s < hash_position || | |
491 | (off_t)(hash_position + s) < 0 || | |
492 | (off_t)(hash_position + s) != hash_position + s) | |
493 | exit_err("hash device offset overflow"); | |
494 | hash_position += s; | |
495 | } | |
496 | used_hash_blocks = hash_position; | |
497 | } | |
498 | ||
499 | static void create_or_verify_zero(FILE *wr, unsigned char *left_block, unsigned left_bytes) | |
500 | { | |
501 | if (left_bytes) { | |
502 | if (mode != MODE_CREATE) { | |
503 | unsigned x; | |
504 | if (fread(left_block, left_bytes, 1, wr) != 1) | |
505 | stream_err(wr, "read"); | |
506 | for (x = 0; x < left_bytes; x++) if (left_block[x]) { | |
507 | retval = 1; | |
508 | fprintf(stderr, "spare area is not zeroed at position %lld\n", (long long)ftello(wr) - left_bytes); | |
509 | } | |
510 | } else { | |
511 | if (fwrite(left_block, left_bytes, 1, wr) != 1) | |
512 | stream_err(wr, "write"); | |
513 | } | |
514 | } | |
515 | } | |
516 | ||
517 | static void create_or_verify_stream(FILE *rd, FILE *wr, int block_size, off_t blocks) | |
518 | { | |
519 | unsigned char *left_block = xmalloc(hash_block_size); | |
520 | unsigned char *data_buffer = xmalloc(block_size); | |
521 | unsigned char *read_digest = mode != MODE_CREATE ? xmalloc(digest_size) : NULL; | |
522 | off_t blocks_to_write = (blocks >> hash_per_block_bits) + | |
523 | !!(blocks & ((1 << hash_per_block_bits) - 1)); | |
524 | hash_context ctx; | |
525 | hash_context_init(&ctx); | |
526 | memset(left_block, 0, hash_block_size); | |
527 | while (blocks_to_write--) { | |
528 | unsigned x; | |
529 | unsigned left_bytes = hash_block_size; | |
530 | for (x = 0; x < 1 << hash_per_block_bits; x++) { | |
531 | if (!blocks) | |
532 | break; | |
533 | blocks--; | |
534 | if (fread(data_buffer, block_size, 1, rd) != 1) | |
535 | stream_err(rd, "read"); | |
536 | hash_context_reset(&ctx); | |
537 | if (version >= 1) { | |
538 | hash_context_update(&ctx, salt_bytes, salt_size); | |
539 | } | |
540 | hash_context_update(&ctx, data_buffer, block_size); | |
541 | if (!version) { | |
542 | hash_context_update(&ctx, salt_bytes, salt_size); | |
543 | } | |
544 | hash_context_final(&ctx, calculated_digest); | |
545 | if (!wr) | |
546 | break; | |
547 | if (mode != MODE_CREATE) { | |
548 | if (fread(read_digest, digest_size, 1, wr) != 1) | |
549 | stream_err(wr, "read"); | |
550 | if (memcmp(read_digest, calculated_digest, digest_size)) { | |
551 | retval = 1; | |
552 | fprintf(stderr, "verification failed at position %lld in %s file\n", (long long)ftello(rd) - block_size, rd == data_file ? "data" : "metadata"); | |
553 | } | |
554 | } else { | |
555 | if (fwrite(calculated_digest, digest_size, 1, wr) != 1) | |
556 | stream_err(wr, "write"); | |
557 | } | |
558 | if (!version) { | |
559 | left_bytes -= digest_size; | |
560 | } else { | |
561 | create_or_verify_zero(wr, left_block, (1 << digest_size_bits) - digest_size); | |
562 | left_bytes -= 1 << digest_size_bits; | |
563 | } | |
564 | } | |
565 | if (wr) | |
566 | create_or_verify_zero(wr, left_block, left_bytes); | |
567 | } | |
568 | if (mode == MODE_CREATE && wr) { | |
569 | if (fflush(wr)) { | |
570 | perror("fflush"); | |
571 | exit(1); | |
572 | } | |
573 | if (ferror(wr)) { | |
574 | stream_err(wr, "write"); | |
575 | } | |
576 | } | |
577 | hash_context_destroy(&ctx); | |
578 | free(left_block); | |
579 | free(data_buffer); | |
580 | if (mode != MODE_CREATE) | |
581 | free(read_digest); | |
582 | } | |
583 | ||
584 | static char **make_target_line(void) | |
585 | { | |
586 | const int line_elements = 14; | |
587 | char **line = xmalloc(line_elements * sizeof(char *)); | |
588 | int i = 0; | |
589 | char *algorithm_copy = xstrdup(hash_algorithm); | |
590 | /* transform ripemdXXX to rmdXXX */ | |
591 | if (!strncmp(algorithm_copy, "ripemd", 6)) | |
592 | memmove(algorithm_copy + 1, algorithm_copy + 4, strlen(algorithm_copy + 4) + 1); | |
593 | if (!strcmp(algorithm_copy, "whirlpool")) | |
594 | strcpy(algorithm_copy, "wp512"); | |
595 | line[i++] = xstrdup("0"); | |
596 | line[i++] = xprint((unsigned long long)data_file_blocks * data_block_size / 512); | |
597 | line[i++] = xstrdup("verity"); | |
598 | line[i++] = xprint(version); | |
599 | line[i++] = xstrdup(data_device); | |
600 | line[i++] = xstrdup(hash_device); | |
601 | line[i++] = xprint(data_block_size); | |
602 | line[i++] = xprint(hash_block_size); | |
603 | line[i++] = xprint(data_file_blocks); | |
604 | line[i++] = xprint(hash_start * 512 / hash_block_size); | |
605 | line[i++] = algorithm_copy; | |
606 | line[i++] = xhexprint(calculated_digest, digest_size); | |
607 | line[i++] = !salt_size ? xstrdup("-") : xhexprint(salt_bytes, salt_size); | |
608 | line[i++] = NULL; | |
609 | if (i > line_elements) | |
610 | exit_err("INTERNAL ERROR: insufficient array size"); | |
611 | return line; | |
612 | } | |
613 | ||
614 | static void free_target_line(char **line) | |
615 | { | |
616 | int i; | |
617 | for (i = 0; line[i]; i++) | |
618 | free(line[i]); | |
619 | free(line); | |
620 | } | |
621 | ||
622 | static void create_or_verify(void) | |
623 | { | |
624 | int i; | |
625 | if (mode != MODE_ACTIVATE) | |
626 | for (i = 0; i < levels; i++) { | |
627 | block_fseek(hash_file, hash_level_block[i], hash_block_size); | |
628 | if (!i) { | |
629 | block_fseek(data_file, 0, data_block_size); | |
630 | create_or_verify_stream(data_file, hash_file, data_block_size, data_file_blocks); | |
631 | } else { | |
632 | FILE *hash_file_2 = fopen(hash_device, "r"); | |
633 | if (!hash_file_2) { | |
634 | perror(hash_device); | |
635 | exit(2); | |
636 | } | |
637 | block_fseek(hash_file_2, hash_level_block[i - 1], hash_block_size); | |
638 | create_or_verify_stream(hash_file_2, hash_file, hash_block_size, hash_level_size[i - 1]); | |
639 | fclose(hash_file_2); | |
640 | } | |
641 | } | |
642 | ||
643 | if (levels) { | |
644 | block_fseek(hash_file, hash_level_block[levels - 1], hash_block_size); | |
645 | create_or_verify_stream(hash_file, NULL, hash_block_size, 1); | |
646 | } else { | |
647 | block_fseek(data_file, 0, data_block_size); | |
648 | create_or_verify_stream(data_file, NULL, data_block_size, data_file_blocks); | |
649 | } | |
650 | ||
651 | if (mode != MODE_CREATE) { | |
652 | if (memcmp(calculated_digest, root_hash_bytes, digest_size)) { | |
653 | fprintf(stderr, "verification failed in the root block\n"); | |
654 | retval = 1; | |
655 | } | |
656 | if (!retval && mode == MODE_VERIFY) | |
657 | fprintf(stderr, "hash successfully verified\n"); | |
658 | } else { | |
659 | char **target_line; | |
660 | char *p; | |
661 | if (fsync(fileno(hash_file))) { | |
662 | perror("fsync"); | |
663 | exit(1); | |
664 | } | |
665 | printf("hash device size: %llu\n", (unsigned long long)used_hash_blocks * hash_block_size); | |
666 | printf("data block size %u, hash block size %u, %u tree levels\n", data_block_size, hash_block_size, levels); | |
667 | if (salt_size) | |
668 | p = xhexprint(salt_bytes, salt_size); | |
669 | else | |
670 | p = xstrdup("-"); | |
671 | printf("salt: %s\n", p); | |
672 | free(p); | |
673 | p = xhexprint(calculated_digest, digest_size); | |
674 | printf("root hash: %s\n", p); | |
675 | free(p); | |
676 | printf("target line:"); | |
677 | target_line = make_target_line(); | |
678 | for (i = 0; target_line[i]; i++) | |
679 | printf(" %s", target_line[i]); | |
680 | free_target_line(target_line); | |
681 | printf("\n"); | |
682 | } | |
683 | } | |
684 | ||
685 | __attribute__((noreturn)) | |
686 | static void activate(void) | |
687 | { | |
688 | int i; | |
689 | size_t len = 1; | |
690 | char *table_arg; | |
691 | char **target_line = make_target_line(); | |
692 | for (i = 0; target_line[i]; i++) { | |
693 | if (i) | |
694 | len++; | |
695 | len += strlen(target_line[i]); | |
696 | } | |
697 | table_arg = xmalloc(len); | |
698 | table_arg[0] = 0; | |
699 | for (i = 0; target_line[i]; i++) { | |
700 | if (i) | |
701 | strcat(table_arg, " "); | |
702 | strcat(table_arg, target_line[i]); | |
703 | } | |
704 | free_target_line(target_line); | |
705 | execlp("dmsetup", "dmsetup", "-r", "create", dm_device, "--table", table_arg, NULL); | |
706 | perror("dmsetup"); | |
707 | exit(2); | |
708 | } | |
709 | ||
710 | static void get_hex(const char *string, unsigned char **result, size_t len, const char *description) | |
711 | { | |
712 | size_t rl = strlen(string); | |
713 | unsigned u; | |
714 | if (strspn(string, "0123456789ABCDEFabcdef") != rl) | |
715 | exit_err("invalid %s", description); | |
716 | if (rl != len * 2) | |
717 | exit_err("invalid length of %s", description); | |
718 | *result = xmalloc(len); | |
719 | memset(*result, 0, len); | |
720 | for (u = 0; u < rl; u++) { | |
721 | unsigned char c = (string[u] & 15) + (string[u] > '9' ? 9 : 0); | |
722 | (*result)[u / 2] |= c << (((u & 1) ^ 1) << 2); | |
723 | } | |
724 | } | |
725 | ||
726 | static struct superblock superblock; | |
727 | ||
728 | static void load_superblock(void) | |
729 | { | |
730 | long long sb_data_blocks; | |
731 | ||
732 | block_fseek(hash_file, superblock_position, 1); | |
733 | if (fread(&superblock, sizeof(struct superblock), 1, hash_file) != 1) | |
734 | stream_err(hash_file, "read"); | |
735 | if (memcmp(superblock.signature, DM_VERITY_SIGNATURE, sizeof(superblock.signature))) | |
736 | exit_err("superblock not found on the hash device"); | |
737 | if (superblock.version > MAX_FORMAT_VERSION) | |
738 | exit_err("unknown version"); | |
739 | if (superblock.data_block_bits < 9 || superblock.data_block_bits >= 31) | |
740 | exit_err("invalid data_block_bits in the superblock"); | |
741 | if (superblock.hash_block_bits < 9 || superblock.hash_block_bits >= 31) | |
742 | exit_err("invalid data_block_bits in the superblock"); | |
743 | sb_data_blocks = ((unsigned long long)ntohl(superblock.data_blocks_hi) << 31 << 1) | ntohl(superblock.data_blocks_lo); | |
744 | if (sb_data_blocks < 0 || (off_t)sb_data_blocks < 0 || (off_t)sb_data_blocks != sb_data_blocks) | |
745 | exit_err("invalid data blocks in the superblock"); | |
746 | if (!memchr(superblock.algorithm, 0, sizeof(superblock.algorithm))) | |
747 | exit_err("invalid hash algorithm in the superblock"); | |
748 | if (ntohs(superblock.salt_size) > MAX_SALT_SIZE) | |
749 | exit_err("invalid salt_size in the superblock"); | |
750 | ||
751 | if (version == -1) { | |
752 | version = superblock.version; | |
753 | } else { | |
754 | if (version != superblock.version) | |
755 | exit_err("version (%d) does not match superblock value (%d)", version, superblock.version); | |
756 | } | |
757 | ||
758 | if (!data_block_size) { | |
759 | data_block_size = 1 << superblock.data_block_bits; | |
760 | } else { | |
761 | if (data_block_size != 1 << superblock.data_block_bits) | |
762 | exit_err("data block size (%d) does not match superblock value (%d)", data_block_size, 1 << superblock.data_block_bits); | |
763 | } | |
764 | ||
765 | if (!hash_block_size) { | |
766 | hash_block_size = 1 << superblock.hash_block_bits; | |
767 | } else { | |
768 | if (hash_block_size != 1 << superblock.hash_block_bits) | |
769 | exit_err("hash block size (%d) does not match superblock value (%d)", hash_block_size, 1 << superblock.hash_block_bits); | |
770 | } | |
771 | ||
772 | if (!data_blocks) { | |
773 | data_blocks = sb_data_blocks; | |
774 | } else { | |
775 | if (data_blocks != sb_data_blocks) | |
776 | exit_err("data blocks (%lld) does not match superblock value (%lld)", data_blocks, sb_data_blocks); | |
777 | } | |
778 | ||
779 | if (!hash_algorithm) { | |
780 | hash_algorithm = (char *)superblock.algorithm; | |
781 | } else { | |
782 | if (strcmp(hash_algorithm, (char *)superblock.algorithm)) | |
783 | exit_err("hash algorithm (%s) does not match superblock value (%s)", hash_algorithm, superblock.algorithm); | |
784 | } | |
785 | ||
786 | if (!salt_bytes) { | |
787 | salt_size = ntohs(superblock.salt_size); | |
788 | salt_bytes = xmalloc(salt_size); | |
789 | memcpy(salt_bytes, superblock.salt, salt_size); | |
790 | } else { | |
791 | if (salt_size != ntohs(superblock.salt_size) || | |
792 | memcmp(salt_bytes, superblock.salt, salt_size)) | |
793 | exit_err("salt does not match superblock value"); | |
794 | } | |
795 | } | |
796 | ||
797 | static void save_superblock(void) | |
798 | { | |
799 | memset(&superblock, 0, sizeof(struct superblock)); | |
800 | ||
801 | memcpy(&superblock.signature, DM_VERITY_SIGNATURE, sizeof(superblock.signature)); | |
802 | superblock.version = version; | |
803 | superblock.data_block_bits = ffs(data_block_size) - 1; | |
804 | superblock.hash_block_bits = ffs(hash_block_size) - 1; | |
805 | superblock.salt_size = htons(salt_size); | |
806 | superblock.data_blocks_hi = htonl(data_blocks >> 31 >> 1); | |
807 | superblock.data_blocks_lo = htonl(data_blocks & 0xFFFFFFFF); | |
808 | strncpy((char *)superblock.algorithm, hash_algorithm, sizeof superblock.algorithm); | |
809 | memcpy(superblock.salt, salt_bytes, salt_size); | |
810 | ||
811 | block_fseek(hash_file, superblock_position, 1); | |
812 | if (fwrite(&superblock, sizeof(struct superblock), 1, hash_file) != 1) | |
813 | stream_err(hash_file, "write"); | |
814 | } | |
815 | ||
816 | int main(int argc, const char **argv) | |
817 | { | |
818 | poptContext popt_context; | |
819 | int r; | |
820 | const char *s; | |
821 | char c; | |
822 | ||
823 | if (sizeof(struct superblock) != 512) | |
824 | exit_err("INTERNAL ERROR: bad superblock size %ld", (long)sizeof(struct superblock)); | |
825 | ||
826 | popt_context = poptGetContext("verity", argc, argv, popt_options, 0); | |
827 | ||
828 | poptSetOtherOptionHelp(popt_context, "[-c | -v | -a] [<device name> if activating] <data device> <hash device> [<root hash> if activating or verifying] [OPTION...]"); | |
829 | ||
830 | if (argc <= 1) { | |
831 | poptPrintHelp(popt_context, stdout, 0); | |
832 | exit(1); | |
833 | } | |
834 | ||
835 | r = poptGetNextOpt(popt_context); | |
836 | if (r < -1) | |
837 | exit_err("bad option %s", poptBadOption(popt_context, 0)); | |
838 | ||
839 | if (mode < 0) | |
840 | exit_err("verify, create or activate mode not specified"); | |
841 | ||
842 | if (mode == MODE_ACTIVATE) { | |
843 | dm_device = poptGetArg(popt_context); | |
844 | if (!dm_device) | |
845 | exit_err("device name is missing"); | |
846 | if (!*dm_device || strchr(dm_device, '/')) | |
847 | exit_err("invalid device name to activate"); | |
848 | } | |
849 | ||
850 | data_device = poptGetArg(popt_context); | |
851 | if (!data_device) | |
852 | exit_err("data device is missing"); | |
853 | ||
854 | hash_device = poptGetArg(popt_context); | |
855 | if (!hash_device) | |
856 | exit_err("metadata device is missing"); | |
857 | ||
858 | if (mode != MODE_CREATE) { | |
859 | root_hash = poptGetArg(popt_context); | |
860 | if (!root_hash) | |
861 | exit_err("root hash not specified"); | |
862 | } | |
863 | ||
864 | s = poptGetArg(popt_context); | |
865 | if (s) | |
866 | exit_err("extra argument %s", s); | |
867 | ||
868 | data_file = fopen(data_device, "r"); | |
869 | if (!data_file) { | |
870 | perror(data_device); | |
871 | exit(2); | |
872 | } | |
873 | ||
874 | hash_file = fopen(hash_device, mode != MODE_CREATE ? "r" : "r+"); | |
875 | if (!hash_file && errno == ENOENT && mode == MODE_CREATE) | |
876 | hash_file = fopen(hash_device, "w+"); | |
877 | if (!hash_file) { | |
878 | perror(hash_device); | |
879 | exit(2); | |
880 | } | |
881 | ||
882 | if (hash_start_string) | |
883 | if (sscanf(hash_start_string, "%lld%c", &hash_start, &c) != 1) | |
884 | exit_err("invalid hash start"); | |
885 | ||
886 | if (hash_start < 0 || | |
887 | (unsigned long long)hash_start * 512 / 512 != hash_start || | |
888 | (off_t)(hash_start * 512) < 0 || | |
889 | (off_t)(hash_start * 512) != hash_start * 512) exit_err("invalid hash start"); | |
890 | ||
891 | if (salt_string || !use_superblock) { | |
892 | if (!salt_string || !strcmp(salt_string, "-")) | |
893 | salt_string = ""; | |
894 | salt_size = strlen(salt_string) / 2; | |
895 | if (salt_size > MAX_SALT_SIZE) | |
896 | exit_err("too long salt (max %d bytes)", MAX_SALT_SIZE); | |
897 | get_hex(salt_string, &salt_bytes, salt_size, "salt"); | |
898 | } | |
899 | ||
900 | if (use_superblock) { | |
901 | superblock_position = hash_start * 512; | |
902 | if (mode != MODE_CREATE) | |
903 | load_superblock(); | |
904 | } | |
905 | ||
906 | if (version == -1) | |
907 | version = MAX_FORMAT_VERSION; | |
908 | if (version < 0 || version > MAX_FORMAT_VERSION) | |
909 | exit_err("invalid format version"); | |
910 | ||
911 | if (!data_block_size) | |
912 | data_block_size = DEFAULT_BLOCK_SIZE; | |
913 | if (!hash_block_size) | |
914 | hash_block_size = data_block_size; | |
915 | ||
916 | if (data_block_size < 512 || (data_block_size & (data_block_size - 1)) || data_block_size >= 1U << 31) | |
917 | exit_err("invalid data block size"); | |
918 | ||
919 | if (hash_block_size < 512 || (hash_block_size & (hash_block_size - 1)) || hash_block_size >= 1U << 31) | |
920 | exit_err("invalid hash block size"); | |
921 | ||
922 | if (data_blocks_string) | |
923 | if (sscanf(data_blocks_string, "%lld%c", &data_blocks, &c) != 1) | |
924 | exit_err("invalid number of data blocks"); | |
925 | ||
926 | if (data_blocks < 0 || (off_t)data_blocks < 0 || (off_t)data_blocks != data_blocks) | |
927 | exit_err("invalid number of data blocks"); | |
928 | ||
929 | data_file_blocks = get_size(data_file, data_device) / data_block_size; | |
930 | hash_file_blocks = get_size(hash_file, hash_device) / hash_block_size; | |
931 | ||
932 | if (data_file_blocks < data_blocks) | |
933 | exit_err("data file is too small"); | |
934 | if (data_blocks) { | |
935 | data_file_blocks = data_blocks; | |
936 | } | |
937 | ||
938 | if (use_superblock) { | |
939 | hash_start = hash_start + (sizeof(struct superblock) + 511) / 512; | |
940 | hash_start = (hash_start + (hash_block_size / 512 - 1)) & ~(long long)(hash_block_size / 512 - 1); | |
941 | } | |
942 | ||
943 | if ((unsigned long long)hash_start * 512 % hash_block_size) | |
944 | exit_err("hash start not aligned on block size"); | |
945 | ||
946 | if (!hash_algorithm) | |
947 | hash_algorithm = "sha256"; | |
948 | if (strlen(hash_algorithm) >= sizeof(superblock.algorithm) && use_superblock) | |
949 | exit_err("hash algorithm name is too long"); | |
950 | ||
951 | digest_size = hash_init(hash_algorithm); | |
952 | if (!digest_size) exit_err("hash algorithm %s not found", hash_algorithm); | |
953 | ||
954 | if (!salt_bytes) { | |
955 | salt_size = DEFAULT_SALT_SIZE; | |
956 | salt_bytes = xmalloc(salt_size); | |
957 | crypto_rand_bytes(salt_bytes, salt_size); | |
958 | } | |
959 | ||
960 | calculated_digest = xmalloc(digest_size); | |
961 | ||
962 | if (mode != MODE_CREATE) { | |
963 | get_hex(root_hash, &root_hash_bytes, digest_size, "root_hash"); | |
964 | } | |
965 | ||
966 | calculate_positions(); | |
967 | ||
968 | create_or_verify(); | |
969 | ||
970 | if (use_superblock) { | |
971 | if (mode == MODE_CREATE) | |
972 | save_superblock(); | |
973 | } | |
974 | ||
975 | fclose(data_file); | |
976 | fclose(hash_file); | |
977 | ||
978 | if (mode == MODE_ACTIVATE && !retval) | |
979 | activate(); | |
980 | ||
981 | free(salt_bytes); | |
982 | free(calculated_digest); | |
983 | if (mode != MODE_CREATE) | |
984 | free(root_hash_bytes); | |
985 | poptFreeContext(popt_context); | |
986 | ||
987 | return retval; | |
988 | } |