android-mainline/NOUPSTREAM-ANDROID-fs-verity-Export-function-to-check-signatures.patch - kernel/common-patches - Git at Google

 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Paul Lawrence <paullawrence@google.com>
 Date: Mon, 26 Oct 2020 09:34:26 -0700
 Subject: NOUPSTREAM: ANDROID: fs-verity: Export function to check signatures

 Allows a file system to provide its own fs-verity implementation
 but still to hook into the signature check and control file from
 fs-verity

 [CPNOTE: 20/07/21] Lee: Requested an update from Paul via the OoT bug
 [CPNOTE: 21/07/21] Lee: Depends on upstreaming of IncFS

 Bug: 160634504
 Bug: 170978993
 Test: incfs_test running on this + subsequent changes
 Signed-off-by: Paul Lawrence <paullawrence@google.com>
 Change-Id: I02020af460d62fa5eb459a083419208e175005e8
 ---
  fs/verity/signature.c    | 36 ++++++++++++++++++++++++++++++++----
  include/linux/fsverity.h | 14 ++++++++++++++
  2 files changed, 46 insertions(+), 4 deletions(-)

 diff --git a/fs/verity/signature.c b/fs/verity/signature.c
 --- a/fs/verity/signature.c
 +++ b/fs/verity/signature.c
 @@ -40,11 +40,38 @@ static struct key *fsverity_keyring;
  int fsverity_verify_signature(const struct fsverity_info *vi,
  			      const u8 *signature, size_t sig_size)
  {
 -	const struct inode *inode = vi->inode;
 -	const struct fsverity_hash_alg *hash_alg = vi->tree_params.hash_alg;
 +	unsigned int digest_algorithm =
 +		vi->tree_params.hash_alg - fsverity_hash_algs;
 +
 +	return __fsverity_verify_signature(vi->inode, signature, sig_size,
 +					   vi->file_digest, digest_algorithm);
 +}
 +
 +/**
 + * __fsverity_verify_signature() - check a verity file's signature
 + * @inode: the file's inode
 + * @signature: the file's signature
 + * @sig_size: size of @signature. Can be 0 if there is no signature
 + * @file_digest: the file's digest
 + * @digest_algorithm: the digest algorithm used
 + *
 + * Takes the file's digest and optional signature and verifies the signature
 + * against the digest and the fs-verity keyring if appropriate
 + *
 + * Return: 0 on success (signature valid or not required); -errno on failure
 + */
 +int __fsverity_verify_signature(const struct inode *inode, const u8 *signature,
 +				size_t sig_size, const u8 *file_digest,
 +				unsigned int digest_algorithm)
 +{
  	struct fsverity_formatted_digest *d;
 +	struct fsverity_hash_alg *hash_alg = fsverity_get_hash_alg(inode,
 +							digest_algorithm);
  	int err;

 +	if (IS_ERR(hash_alg))
 +		return PTR_ERR(hash_alg);
 +
  	if (sig_size == 0) {
  		if (fsverity_require_signatures) {
  			fsverity_err(inode,
 @@ -60,7 +87,7 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
  	memcpy(d->magic, "FSVerity", 8);
  	d->digest_algorithm = cpu_to_le16(hash_alg - fsverity_hash_algs);
  	d->digest_size = cpu_to_le16(hash_alg->digest_size);
 -	memcpy(d->digest, vi->file_digest, hash_alg->digest_size);
 +	memcpy(d->digest, file_digest, hash_alg->digest_size);

  	err = verify_pkcs7_signature(d, sizeof(*d) + hash_alg->digest_size,
  				     signature, sig_size, fsverity_keyring,
 @@ -83,9 +110,10 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
  	}

  	pr_debug("Valid signature for file digest %s:%*phN\n",
 -		 hash_alg->name, hash_alg->digest_size, vi->file_digest);
 +		 hash_alg->name, hash_alg->digest_size, file_digest);
  	return 0;
  }
 +EXPORT_SYMBOL_GPL(__fsverity_verify_signature);

  #ifdef CONFIG_SYSCTL
  static struct ctl_table_header *fsverity_sysctl_header;
 diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
 --- a/include/linux/fsverity.h
 +++ b/include/linux/fsverity.h
 @@ -233,4 +233,18 @@ static inline bool fsverity_active(const struct inode *inode)
  	return fsverity_get_info(inode) != NULL;
  }

 +#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
 +int __fsverity_verify_signature(const struct inode *inode, const u8 *signature,
 +				size_t sig_size, const u8 *file_digest,
 +				unsigned int digest_algorithm);
 +#else /* !CONFIG_FS_VERITY_BUILTIN_SIGNATURES */
 +static inline int __fsverity_verify_signature(const struct inode *inode,
 +				const u8 *signature, size_t sig_size,
 +				const u8 *file_digest,
 +				unsigned int digest_algorithm)
 +{
 +	return 0;
 +}
 +#endif /* !CONFIG_FS_VERITY_BUILTIN_SIGNATURES */
 +
  #endif	/* _LINUX_FSVERITY_H */
	From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
	From: Paul Lawrence <paullawrence@google.com>
	Date: Mon, 26 Oct 2020 09:34:26 -0700
	Subject: NOUPSTREAM: ANDROID: fs-verity: Export function to check signatures

	Allows a file system to provide its own fs-verity implementation
	but still to hook into the signature check and control file from
	fs-verity

	[CPNOTE: 20/07/21] Lee: Requested an update from Paul via the OoT bug
	[CPNOTE: 21/07/21] Lee: Depends on upstreaming of IncFS

	Bug: 160634504
	Bug: 170978993
	Test: incfs_test running on this + subsequent changes
	Signed-off-by: Paul Lawrence <paullawrence@google.com>
	Change-Id: I02020af460d62fa5eb459a083419208e175005e8
	---
	fs/verity/signature.c \| 36 ++++++++++++++++++++++++++++++++----
	include/linux/fsverity.h \| 14 ++++++++++++++
	2 files changed, 46 insertions(+), 4 deletions(-)

	diff --git a/fs/verity/signature.c b/fs/verity/signature.c
	--- a/fs/verity/signature.c
	+++ b/fs/verity/signature.c
	@@ -40,11 +40,38 @@ static struct key *fsverity_keyring;
	int fsverity_verify_signature(const struct fsverity_info *vi,
	const u8 *signature, size_t sig_size)
	{
	- const struct inode *inode = vi->inode;
	- const struct fsverity_hash_alg *hash_alg = vi->tree_params.hash_alg;
	+ unsigned int digest_algorithm =
	+ vi->tree_params.hash_alg - fsverity_hash_algs;
	+
	+ return __fsverity_verify_signature(vi->inode, signature, sig_size,
	+ vi->file_digest, digest_algorithm);
	+}
	+
	+/**
	+ * __fsverity_verify_signature() - check a verity file's signature
	+ * @inode: the file's inode
	+ * @signature: the file's signature
	+ * @sig_size: size of @signature. Can be 0 if there is no signature
	+ * @file_digest: the file's digest
	+ * @digest_algorithm: the digest algorithm used
	+ *
	+ * Takes the file's digest and optional signature and verifies the signature
	+ * against the digest and the fs-verity keyring if appropriate
	+ *
	+ * Return: 0 on success (signature valid or not required); -errno on failure
	+ */
	+int __fsverity_verify_signature(const struct inode inode, const u8 signature,
	+ size_t sig_size, const u8 *file_digest,
	+ unsigned int digest_algorithm)
	+{
	struct fsverity_formatted_digest *d;
	+ struct fsverity_hash_alg *hash_alg = fsverity_get_hash_alg(inode,
	+ digest_algorithm);
	int err;

	+ if (IS_ERR(hash_alg))
	+ return PTR_ERR(hash_alg);
	+
	if (sig_size == 0) {
	if (fsverity_require_signatures) {
	fsverity_err(inode,
	@@ -60,7 +87,7 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
	memcpy(d->magic, "FSVerity", 8);
	d->digest_algorithm = cpu_to_le16(hash_alg - fsverity_hash_algs);
	d->digest_size = cpu_to_le16(hash_alg->digest_size);
	- memcpy(d->digest, vi->file_digest, hash_alg->digest_size);
	+ memcpy(d->digest, file_digest, hash_alg->digest_size);

	err = verify_pkcs7_signature(d, sizeof(*d) + hash_alg->digest_size,
	signature, sig_size, fsverity_keyring,
	@@ -83,9 +110,10 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
	}

	pr_debug("Valid signature for file digest %s:%*phN\n",
	- hash_alg->name, hash_alg->digest_size, vi->file_digest);
	+ hash_alg->name, hash_alg->digest_size, file_digest);
	return 0;
	}
	+EXPORT_SYMBOL_GPL(__fsverity_verify_signature);

	#ifdef CONFIG_SYSCTL
	static struct ctl_table_header *fsverity_sysctl_header;
	diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
	--- a/include/linux/fsverity.h
	+++ b/include/linux/fsverity.h
	@@ -233,4 +233,18 @@ static inline bool fsverity_active(const struct inode *inode)
	return fsverity_get_info(inode) != NULL;
	}

	+#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
	+int __fsverity_verify_signature(const struct inode inode, const u8 signature,
	+ size_t sig_size, const u8 *file_digest,
	+ unsigned int digest_algorithm);
	+#else /* !CONFIG_FS_VERITY_BUILTIN_SIGNATURES */
	+static inline int __fsverity_verify_signature(const struct inode *inode,
	+ const u8 *signature, size_t sig_size,
	+ const u8 *file_digest,
	+ unsigned int digest_algorithm)
	+{
	+ return 0;
	+}
	+#endif /* !CONFIG_FS_VERITY_BUILTIN_SIGNATURES */
	+
	#endif /* _LINUX_FSVERITY_H */