| rjw | 1f88458 | 2022-01-06 17:20:42 +0800 | [diff] [blame] | 1 | /* | 
|  | 2 | * Copyright (C) 2015 Google, Inc. | 
|  | 3 | * | 
|  | 4 | * This software is licensed under the terms of the GNU General Public | 
|  | 5 | * License version 2, as published by the Free Software Foundation, and | 
|  | 6 | * may be copied, distributed, and modified under those terms. | 
|  | 7 | * | 
|  | 8 | * This program is distributed in the hope that it will be useful, | 
|  | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | 
|  | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | 
|  | 11 | * GNU General Public License for more details. | 
|  | 12 | * | 
|  | 13 | */ | 
|  | 14 |  | 
|  | 15 | #ifndef DM_ANDROID_VERITY_H | 
|  | 16 | #define DM_ANDROID_VERITY_H | 
|  | 17 |  | 
|  | 18 | #include <crypto/sha.h> | 
|  | 19 |  | 
|  | 20 | #define RSANUMBYTES 256 | 
|  | 21 | #define VERITY_METADATA_MAGIC_NUMBER 0xb001b001 | 
|  | 22 | #define VERITY_METADATA_MAGIC_DISABLE 0x46464f56 | 
|  | 23 | #define VERITY_METADATA_VERSION 0 | 
|  | 24 | #define VERITY_STATE_DISABLE 1 | 
|  | 25 | #define DATA_BLOCK_SIZE (4 * 1024) | 
|  | 26 | #define VERITY_METADATA_SIZE (8 * DATA_BLOCK_SIZE) | 
|  | 27 | #define VERITY_TABLE_ARGS 10 | 
|  | 28 | #define VERITY_COMMANDLINE_PARAM_LENGTH 20 | 
|  | 29 | #define BUILD_VARIANT 20 | 
|  | 30 |  | 
|  | 31 | /* | 
|  | 32 | * <subject>:<sha1-id> is the format for the identifier. | 
|  | 33 | * subject can either be the Common Name(CN) + Organization Name(O) or | 
|  | 34 | * just the CN if the it is prefixed with O | 
|  | 35 | * From https://tools.ietf.org/html/rfc5280#appendix-A | 
|  | 36 | * ub-organization-name-length INTEGER ::= 64 | 
|  | 37 | * ub-common-name-length INTEGER ::= 64 | 
|  | 38 | * | 
|  | 39 | * http://lxr.free-electrons.com/source/crypto/asymmetric_keys/x509_cert_parser.c?v=3.9#L278 | 
|  | 40 | * ctx->o_size + 2 + ctx->cn_size + 1 | 
|  | 41 | * + 41 characters for ":" and sha1 id | 
|  | 42 | * 64 + 2 + 64 + 1 + 1 + 40 (172) | 
|  | 43 | * setting VERITY_DEFAULT_KEY_ID_LENGTH to 200 characters. | 
|  | 44 | */ | 
|  | 45 | #define VERITY_DEFAULT_KEY_ID_LENGTH 200 | 
|  | 46 |  | 
|  | 47 | #define FEC_MAGIC 0xFECFECFE | 
|  | 48 | #define FEC_BLOCK_SIZE (4 * 1024) | 
|  | 49 | #define FEC_VERSION 0 | 
|  | 50 | #define FEC_RSM 255 | 
|  | 51 | #define FEC_ARG_LENGTH 300 | 
|  | 52 |  | 
|  | 53 | #define VERITY_TABLE_OPT_RESTART "restart_on_corruption" | 
|  | 54 | #define VERITY_TABLE_OPT_LOGGING "ignore_corruption" | 
|  | 55 | #define VERITY_TABLE_OPT_IGNZERO "ignore_zero_blocks" | 
|  | 56 |  | 
|  | 57 | #define VERITY_TABLE_OPT_FEC_FORMAT \ | 
|  | 58 | "use_fec_from_device %s fec_start %llu fec_blocks %llu fec_roots %u ignore_zero_blocks" | 
|  | 59 | #define VERITY_TABLE_OPT_FEC_ARGS 9 | 
|  | 60 |  | 
|  | 61 | #define VERITY_DEBUG 0 | 
|  | 62 |  | 
|  | 63 | #define DM_MSG_PREFIX                   "android-verity" | 
|  | 64 |  | 
|  | 65 | #define DM_LINEAR_ARGS 2 | 
|  | 66 | #define DM_LINEAR_TARGET_OFFSET "0" | 
|  | 67 |  | 
|  | 68 | /* | 
|  | 69 | * There can be two formats. | 
|  | 70 | * if fec is present | 
|  | 71 | * <data_blocks> <verity_tree> <verity_metdata_32K><fec_data><fec_data_4K> | 
|  | 72 | * if fec is not present | 
|  | 73 | * <data_blocks> <verity_tree> <verity_metdata_32K> | 
|  | 74 | */ | 
|  | 75 | struct fec_header { | 
|  | 76 | __le32 magic; | 
|  | 77 | __le32 version; | 
|  | 78 | __le32 size; | 
|  | 79 | __le32 roots; | 
|  | 80 | __le32 fec_size; | 
|  | 81 | __le64 inp_size; | 
|  | 82 | u8 hash[SHA256_DIGEST_SIZE]; | 
|  | 83 | } __attribute__((packed)); | 
|  | 84 |  | 
|  | 85 | struct android_metadata_header { | 
|  | 86 | __le32 magic_number; | 
|  | 87 | __le32 protocol_version; | 
|  | 88 | char signature[RSANUMBYTES]; | 
|  | 89 | __le32 table_length; | 
|  | 90 | }; | 
|  | 91 |  | 
|  | 92 | struct android_metadata { | 
|  | 93 | struct android_metadata_header *header; | 
|  | 94 | char *verity_table; | 
|  | 95 | }; | 
|  | 96 |  | 
|  | 97 | struct fec_ecc_metadata { | 
|  | 98 | bool valid; | 
|  | 99 | u32 roots; | 
|  | 100 | u64 blocks; | 
|  | 101 | u64 rounds; | 
|  | 102 | u64 start; | 
|  | 103 | }; | 
|  | 104 |  | 
|  | 105 | struct bio_read { | 
|  | 106 | struct page **page_io; | 
|  | 107 | int number_of_pages; | 
|  | 108 | }; | 
|  | 109 |  | 
|  | 110 | extern struct target_type linear_target; | 
|  | 111 |  | 
|  | 112 | extern void dm_linear_dtr(struct dm_target *ti); | 
|  | 113 | extern int dm_linear_map(struct dm_target *ti, struct bio *bio); | 
|  | 114 | extern int dm_linear_end_io(struct dm_target *ti, struct bio *bio, | 
|  | 115 | blk_status_t *error); | 
|  | 116 | extern void dm_linear_status(struct dm_target *ti, status_type_t type, | 
|  | 117 | unsigned status_flags, char *result, unsigned maxlen); | 
|  | 118 | extern int dm_linear_prepare_ioctl(struct dm_target *ti, | 
|  | 119 | struct block_device **bdev, fmode_t *mode); | 
|  | 120 | extern int dm_linear_iterate_devices(struct dm_target *ti, | 
|  | 121 | iterate_devices_callout_fn fn, void *data); | 
|  | 122 | extern int dm_linear_ctr(struct dm_target *ti, unsigned int argc, char **argv); | 
|  | 123 | extern long dm_linear_dax_direct_access(struct dm_target *ti, pgoff_t pgoff, | 
|  | 124 | long nr_pages, void **kaddr, | 
|  | 125 | pfn_t *pfn); | 
|  | 126 | extern size_t dm_linear_dax_copy_from_iter(struct dm_target *ti, pgoff_t pgoff, | 
|  | 127 | void *addr, size_t bytes, struct iov_iter *i); | 
|  | 128 | #endif /* DM_ANDROID_VERITY_H */ |