From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
Victor Hsieh <victorhsieh@google.com>,
Jes Sorensen <Jes.Sorensen@gmail.com>,
Luca Boccassi <luca.boccassi@gmail.com>,
Martijn Coenen <maco@android.com>,
Paul Lawrence <paullawrence@google.com>,
Luca Boccassi <luca.boccassi@microsoft.com>
Subject: [PATCH 2/4] fs-verity: rename fsverity_signed_digest to fsverity_formatted_digest
Date: Fri, 13 Nov 2020 13:19:16 -0800 [thread overview]
Message-ID: <20201113211918.71883-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20201113211918.71883-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
The name "struct fsverity_signed_digest" is causing confusion because it
isn't actually a signed digest, but rather it's the way that the digest
is formatted in order to be signed. Rename it to
"struct fsverity_formatted_digest" to prevent this confusion.
Also update the struct's comment to clarify that it's specific to the
built-in signature verification support and isn't a requirement for all
fs-verity users.
I'll be renaming this struct in fsverity-utils too.
Acked-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
Documentation/filesystems/fsverity.rst | 2 +-
fs/verity/fsverity_private.h | 17 ++++++++++++-----
fs/verity/signature.c | 2 +-
3 files changed, 14 insertions(+), 7 deletions(-)
diff --git a/Documentation/filesystems/fsverity.rst b/Documentation/filesystems/fsverity.rst
index 895e9711ed881..421b75498d49b 100644
--- a/Documentation/filesystems/fsverity.rst
+++ b/Documentation/filesystems/fsverity.rst
@@ -372,7 +372,7 @@ kernel. Specifically, it adds support for:
File measurements must be signed in the following format, which is
similar to the structure used by `FS_IOC_MEASURE_VERITY`_::
- struct fsverity_signed_digest {
+ struct fsverity_formatted_digest {
char magic[8]; /* must be "FSVerity" */
__le16 digest_algorithm;
__le16 digest_size;
diff --git a/fs/verity/fsverity_private.h b/fs/verity/fsverity_private.h
index e96d99d5145e1..75f8e18b44a5b 100644
--- a/fs/verity/fsverity_private.h
+++ b/fs/verity/fsverity_private.h
@@ -101,12 +101,19 @@ struct fsverity_descriptor {
sizeof(struct fsverity_descriptor))
/*
- * Format in which verity file measurements are signed. This is the same as
- * 'struct fsverity_digest', except here some magic bytes are prepended to
- * provide some context about what is being signed in case the same key is used
- * for non-fsverity purposes, and here the fields have fixed endianness.
+ * Format in which verity file measurements are signed in built-in signatures.
+ * This is the same as 'struct fsverity_digest', except here some magic bytes
+ * are prepended to provide some context about what is being signed in case the
+ * same key is used for non-fsverity purposes, and here the fields have fixed
+ * endianness.
+ *
+ * This struct is specific to the built-in signature verification support, which
+ * is optional. fs-verity users may also verify signatures in userspace, in
+ * which case userspace is responsible for deciding on what bytes are signed.
+ * This struct may still be used, but it doesn't have to be. For example,
+ * userspace could instead use a string like "sha256:$digest_as_hex_string".
*/
-struct fsverity_signed_digest {
+struct fsverity_formatted_digest {
char magic[8]; /* must be "FSVerity" */
__le16 digest_algorithm;
__le16 digest_size;
diff --git a/fs/verity/signature.c b/fs/verity/signature.c
index 12794a4dd1585..74ae10f04d215 100644
--- a/fs/verity/signature.c
+++ b/fs/verity/signature.c
@@ -44,7 +44,7 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
const struct inode *inode = vi->inode;
const struct fsverity_hash_alg *hash_alg = vi->tree_params.hash_alg;
const u32 sig_size = le32_to_cpu(desc->sig_size);
- struct fsverity_signed_digest *d;
+ struct fsverity_formatted_digest *d;
int err;
if (sig_size == 0) {
--
2.29.2
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: Jes Sorensen <Jes.Sorensen@gmail.com>,
Luca Boccassi <luca.boccassi@microsoft.com>,
Luca Boccassi <luca.boccassi@gmail.com>,
linux-f2fs-devel@lists.sourceforge.net,
Paul Lawrence <paullawrence@google.com>,
linux-ext4@vger.kernel.org, Martijn Coenen <maco@android.com>,
Victor Hsieh <victorhsieh@google.com>
Subject: [f2fs-dev] [PATCH 2/4] fs-verity: rename fsverity_signed_digest to fsverity_formatted_digest
Date: Fri, 13 Nov 2020 13:19:16 -0800 [thread overview]
Message-ID: <20201113211918.71883-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20201113211918.71883-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
The name "struct fsverity_signed_digest" is causing confusion because it
isn't actually a signed digest, but rather it's the way that the digest
is formatted in order to be signed. Rename it to
"struct fsverity_formatted_digest" to prevent this confusion.
Also update the struct's comment to clarify that it's specific to the
built-in signature verification support and isn't a requirement for all
fs-verity users.
I'll be renaming this struct in fsverity-utils too.
Acked-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
Documentation/filesystems/fsverity.rst | 2 +-
fs/verity/fsverity_private.h | 17 ++++++++++++-----
fs/verity/signature.c | 2 +-
3 files changed, 14 insertions(+), 7 deletions(-)
diff --git a/Documentation/filesystems/fsverity.rst b/Documentation/filesystems/fsverity.rst
index 895e9711ed881..421b75498d49b 100644
--- a/Documentation/filesystems/fsverity.rst
+++ b/Documentation/filesystems/fsverity.rst
@@ -372,7 +372,7 @@ kernel. Specifically, it adds support for:
File measurements must be signed in the following format, which is
similar to the structure used by `FS_IOC_MEASURE_VERITY`_::
- struct fsverity_signed_digest {
+ struct fsverity_formatted_digest {
char magic[8]; /* must be "FSVerity" */
__le16 digest_algorithm;
__le16 digest_size;
diff --git a/fs/verity/fsverity_private.h b/fs/verity/fsverity_private.h
index e96d99d5145e1..75f8e18b44a5b 100644
--- a/fs/verity/fsverity_private.h
+++ b/fs/verity/fsverity_private.h
@@ -101,12 +101,19 @@ struct fsverity_descriptor {
sizeof(struct fsverity_descriptor))
/*
- * Format in which verity file measurements are signed. This is the same as
- * 'struct fsverity_digest', except here some magic bytes are prepended to
- * provide some context about what is being signed in case the same key is used
- * for non-fsverity purposes, and here the fields have fixed endianness.
+ * Format in which verity file measurements are signed in built-in signatures.
+ * This is the same as 'struct fsverity_digest', except here some magic bytes
+ * are prepended to provide some context about what is being signed in case the
+ * same key is used for non-fsverity purposes, and here the fields have fixed
+ * endianness.
+ *
+ * This struct is specific to the built-in signature verification support, which
+ * is optional. fs-verity users may also verify signatures in userspace, in
+ * which case userspace is responsible for deciding on what bytes are signed.
+ * This struct may still be used, but it doesn't have to be. For example,
+ * userspace could instead use a string like "sha256:$digest_as_hex_string".
*/
-struct fsverity_signed_digest {
+struct fsverity_formatted_digest {
char magic[8]; /* must be "FSVerity" */
__le16 digest_algorithm;
__le16 digest_size;
diff --git a/fs/verity/signature.c b/fs/verity/signature.c
index 12794a4dd1585..74ae10f04d215 100644
--- a/fs/verity/signature.c
+++ b/fs/verity/signature.c
@@ -44,7 +44,7 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
const struct inode *inode = vi->inode;
const struct fsverity_hash_alg *hash_alg = vi->tree_params.hash_alg;
const u32 sig_size = le32_to_cpu(desc->sig_size);
- struct fsverity_signed_digest *d;
+ struct fsverity_formatted_digest *d;
int err;
if (sig_size == 0) {
--
2.29.2
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2020-11-13 21:20 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-13 21:19 [PATCH 0/4] fs-verity cleanups Eric Biggers
2020-11-13 21:19 ` [f2fs-dev] " Eric Biggers
2020-11-13 21:19 ` [PATCH 1/4] fs-verity: remove filenames from file comments Eric Biggers
2020-11-13 21:19 ` [f2fs-dev] " Eric Biggers
2020-11-16 11:21 ` Luca Boccassi
2020-11-13 21:19 ` Eric Biggers [this message]
2020-11-13 21:19 ` [f2fs-dev] [PATCH 2/4] fs-verity: rename fsverity_signed_digest to fsverity_formatted_digest Eric Biggers
2020-11-13 21:19 ` [PATCH 3/4] fs-verity: rename "file measurement" to "file digest" Eric Biggers
2020-11-13 21:19 ` [f2fs-dev] " Eric Biggers
2020-11-16 11:21 ` Luca Boccassi
2020-11-13 21:19 ` [PATCH 4/4] fs-verity: move structs needed for file signing to UAPI header Eric Biggers
2020-11-13 21:19 ` [f2fs-dev] " Eric Biggers
2020-11-16 11:25 ` Luca Boccassi
2020-11-16 19:57 ` [PATCH 0/4] fs-verity cleanups Eric Biggers
2020-11-16 19:57 ` [f2fs-dev] " Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201113211918.71883-3-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=Jes.Sorensen@gmail.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=luca.boccassi@gmail.com \
--cc=luca.boccassi@microsoft.com \
--cc=maco@android.com \
--cc=paullawrence@google.com \
--cc=victorhsieh@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.