enable_verity

Name:enable_verity

Proto:static int enable_verity(struct file *filp, const struct fsverity_enable_arg *arg)

Type:int

Parameter:

Type	Parameter	Name
struct file *	filp
const struct fsverity_enable_arg *	arg

160

inode = file_inode(filp)

161

162

struct merkle_tree_params params = {}

164

desc_size = size of desc + sig_size

169

desc = kzalloc - allocate memory. The memory is set to zero.*@size: how many bytes of memory are required.*@flags: the type of memory to allocate (see kmalloc).

170

If Not desc Then Return -ENOMEM

172

173

Merkle tree hash algorithm = hash_algorithm

174

log2 of size of data and tree blocks = log2 - log base 2 of 32-bit or a 64-bit unsigned value*@n: parameter* constant-capable log of base 2 calculation* - this can be used to initialise global variables from constant data, hence* the massive ternary operator construction* selects the (block_size)

177

If salt_size && copy_from_user(salt prepended to each hashed block , (constu8 __user * )(uintptr_t)salt_ptr, salt_size) Then

181

182

Go to out

184

size of salt in bytes; 0 if none = salt_size

187

If sig_size && copy_from_user(ptional PKCS#7 signature , (constu8 __user * )(uintptr_t)sig_ptr, sig_size) Then

191

192

Go to out

194

size of signature in bytes; 0 if none = cpu_to_le32(sig_size)

196

size of file the Merkle tree is built over = The following macros are to be defined by (i_size)

199

203

If err Then Go to out

210

inode_lock(inode)

211

If IS_VERITY(inode) Then err = -EEXIST

213

Else err = begin_enable_verity(filp)

215

inode_unlock(inode)

216

If err Then Go to out

228

pr_debug("Building Merkle tree...\n")

229

BUILD_BUG_ON - break compile if a condition is true( size of Merkle tree root hash < Largest digest size among all hash algorithms supported by fs-verity.* Currently assumed to be <= size of fsverity_descriptor::root_hash.)

230

err = Build the Merkle tree for the given inode using the given parameters, and* return the root hash in @root_hash.* The tree is written to a filesystem-specific location as determined by the* ->write_merkle_tree_block() method

231

If err Then

232

fsverity_err(inode, "Error %d building Merkle tree", err)

233

Go to rollback

235

pr_debug("Done building Merkle tree. Root hash is %s:%*phN\n", crypto API name, e.g. sha256 , same as hash_alg->digest_size , Merkle tree root hash )

245

vi = Validate the given fsverity_descriptor and create a new fsverity_info from* it. The signature (if present) is also checked.

246

If IS_ERR(vi) Then

247

err = PTR_ERR(vi)

248

Go to rollback

251

If sig_size Then pr_debug("Storing a %u-byte PKCS#7 signature alongside the file\n", sig_size)

259

inode_lock(inode)

260

err = end_enable_verity(filp, desc, desc_size, Merkle tree size in bytes )

261

inode_unlock(inode)

262

If err Then

263

fsverity_err(inode, "%ps() failed with err %d", end_enable_verity, err)

265

fsverity_free_info(vi)

266

Else if WARN_ON(!IS_VERITY(inode)) Then

267

268

fsverity_free_info(vi)

269

Else

277

fsverity_set_info(inode, vi)

279

out :

280

kfree(itial hash state or NULL )

281

282

Return err

284

285

inode_lock(inode)

286

end_enable_verity(filp, NULL, 0, Merkle tree size in bytes )

287

inode_unlock(inode)

288

Go to out

**Caller**
Name	Describe
fsverity_ioctl_enable	sverity_ioctl_enable() - enable verity on a file* Enable fs-verity on a file. See the "FS_IOC_ENABLE_VERITY" section of* Documentation/filesystems/fsverity.rst for the documentation.* Return: 0 on success, -errno on failure

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion