From: Jes Sorensen <jes.sorensen@gmail.com>
To: linux-fscrypt@vger.kernel.org
Cc: kernel-team@fb.com, ebiggers@kernel.org, Jes Sorensen <jsorensen@fb.com>
Subject: [PATCH v3 0/9] Split fsverity-utils into a shared library
Date: Thu, 12 Mar 2020 17:47:49 -0400 [thread overview]
Message-ID: <20200312214758.343212-1-Jes.Sorensen@gmail.com> (raw)
From: Jes Sorensen <jsorensen@fb.com>
Hi,
This is an updated version of my patches to split fsverity-utils into
a shared library. This version addresses most of the comments I
received in the last version:
1) Document the API
2) Verified ran xfstest against the build
3) Make struct fsverity_descriptor private
4) Reviewed (and documented) error codes
5) Improved validation of input parameters, and return error if any
reserved field is not zero.
I left struct fsverity_hash_alg in the public API, because it adds
useful information to the user, in particular providing the digest
size, and allows the caller to walk the list to obtain the supported
algorithms. The alternative is to introduce a
libverity_get_digest_size() call.
I still need to add some self-tests to the build and deal with the
soname stuff.
Next up is rpm support.
Cheers,
Jes
Jes Sorensen (9):
Build basic shared library framework
Change compute_file_measurement() to take a file descriptor as
argument
Move fsverity_descriptor definition to libfsverity.h
Move hash algorithm code to shared library
Create libfsverity_compute_digest() and adapt cmd_sign to use it
Introduce libfsverity_sign_digest()
Validate input arguments to libfsverity_compute_digest()
Validate input parameters for libfsverity_sign_digest()
Document API of libfsverity
Makefile | 18 +-
cmd_enable.c | 11 +-
cmd_measure.c | 4 +-
cmd_sign.c | 526 +++------------------------------------
fsverity.c | 16 +-
hash_algs.c | 26 +-
hash_algs.h | 27 --
libfsverity.h | 127 ++++++++++
libfsverity_private.h | 33 +++
libverity.c | 559 ++++++++++++++++++++++++++++++++++++++++++
util.h | 2 +
11 files changed, 801 insertions(+), 548 deletions(-)
create mode 100644 libfsverity.h
create mode 100644 libfsverity_private.h
create mode 100644 libverity.c
--
2.24.1
next reply other threads:[~2020-03-12 21:48 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-12 21:47 Jes Sorensen [this message]
2020-03-12 21:47 ` [PATCH 1/9] Build basic shared library framework Jes Sorensen
2020-03-22 5:23 ` Eric Biggers
2020-03-22 5:33 ` Eric Biggers
2020-04-21 21:00 ` Jes Sorensen
2020-03-12 21:47 ` [PATCH 2/9] Change compute_file_measurement() to take a file descriptor as argument Jes Sorensen
2020-03-12 21:47 ` [PATCH 3/9] Move fsverity_descriptor definition to libfsverity.h Jes Sorensen
2020-03-22 4:57 ` Eric Biggers
2020-04-21 16:07 ` Jes Sorensen
2020-04-21 16:16 ` Eric Biggers
2020-04-21 16:20 ` Jes Sorensen
2020-03-12 21:47 ` [PATCH 4/9] Move hash algorithm code to shared library Jes Sorensen
2020-03-22 5:38 ` Eric Biggers
2020-04-22 17:57 ` Jes Sorensen
2020-03-12 21:47 ` [PATCH 5/9] Create libfsverity_compute_digest() and adapt cmd_sign to use it Jes Sorensen
2020-03-22 5:40 ` Eric Biggers
2020-03-12 21:47 ` [PATCH 6/9] Introduce libfsverity_sign_digest() Jes Sorensen
2020-03-12 21:47 ` [PATCH 7/9] Validate input arguments to libfsverity_compute_digest() Jes Sorensen
2020-03-12 21:47 ` [PATCH 8/9] Validate input parameters for libfsverity_sign_digest() Jes Sorensen
2020-03-22 5:27 ` Eric Biggers
2020-03-12 21:47 ` [PATCH 9/9] Document API of libfsverity Jes Sorensen
2020-03-22 5:54 ` Eric Biggers
2020-03-22 5:05 ` [PATCH v3 0/9] Split fsverity-utils into a shared library Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200312214758.343212-1-Jes.Sorensen@gmail.com \
--to=jes.sorensen@gmail.com \
--cc=ebiggers@kernel.org \
--cc=jsorensen@fb.com \
--cc=kernel-team@fb.com \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox