/src/cryptsetup/lib/verity/verity.h
Line | Count | Source |
1 | | // SPDX-License-Identifier: LGPL-2.1-or-later |
2 | | /* |
3 | | * dm-verity volume handling |
4 | | * |
5 | | * Copyright (C) 2012-2025 Red Hat, Inc. All rights reserved. |
6 | | */ |
7 | | |
8 | | #ifndef _VERITY_H |
9 | | #define _VERITY_H |
10 | | |
11 | | #include <stddef.h> |
12 | | #include <stdint.h> |
13 | | #include <stdbool.h> |
14 | | |
15 | 0 | #define VERITY_MAX_HASH_TYPE 1 |
16 | 0 | #define VERITY_BLOCK_SIZE_OK(x) ((x) % 512 || (x) < 512 || \ |
17 | 0 | (x) > (512 * 1024) || (x) & ((x)-1)) |
18 | | |
19 | | struct crypt_device; |
20 | | struct crypt_params_verity; |
21 | | struct device; |
22 | | struct volume_key; |
23 | | |
24 | | int VERITY_read_sb(struct crypt_device *cd, |
25 | | uint64_t sb_offset, |
26 | | char **uuid, |
27 | | struct crypt_params_verity *params); |
28 | | |
29 | | int VERITY_write_sb(struct crypt_device *cd, |
30 | | uint64_t sb_offset, |
31 | | const char *uuid_string, |
32 | | struct crypt_params_verity *params); |
33 | | |
34 | | int VERITY_activate(struct crypt_device *cd, |
35 | | const char *name, |
36 | | struct volume_key *root_hash, |
37 | | struct volume_key *signature, |
38 | | struct device *fec_device, |
39 | | struct crypt_params_verity *verity_hdr, |
40 | | uint32_t activation_flags); |
41 | | |
42 | | int VERITY_verify_params(struct crypt_device *cd, |
43 | | struct crypt_params_verity *hdr, |
44 | | bool signed_root_hash, |
45 | | struct device *fec_device, |
46 | | struct volume_key *root_hash); |
47 | | |
48 | | int VERITY_verify(struct crypt_device *cd, |
49 | | struct crypt_params_verity *verity_hdr, |
50 | | const char *root_hash, |
51 | | size_t root_hash_size); |
52 | | |
53 | | int VERITY_create(struct crypt_device *cd, |
54 | | struct crypt_params_verity *verity_hdr, |
55 | | const char *root_hash, |
56 | | size_t root_hash_size); |
57 | | |
58 | | int VERITY_FEC_process(struct crypt_device *cd, |
59 | | struct crypt_params_verity *params, |
60 | | struct device *fec_device, |
61 | | int check_fec, |
62 | | unsigned int *errors); |
63 | | |
64 | | uint64_t VERITY_hash_offset_block(struct crypt_params_verity *params); |
65 | | |
66 | | uint64_t VERITY_hash_blocks(struct crypt_device *cd, struct crypt_params_verity *params); |
67 | | |
68 | | uint64_t VERITY_FEC_blocks(struct crypt_device *cd, |
69 | | struct device *fec_device, |
70 | | struct crypt_params_verity *params); |
71 | | uint64_t VERITY_FEC_RS_blocks(uint64_t blocks, uint32_t roots); |
72 | | |
73 | | int VERITY_UUID_generate(char **uuid_string); |
74 | | |
75 | | int VERITY_dump(struct crypt_device *cd, |
76 | | struct crypt_params_verity *verity_hdr, |
77 | | const char *root_hash, |
78 | | unsigned int root_hash_size, |
79 | | struct device *fec_device); |
80 | | |
81 | | #endif |