diff options
author | Christoph Müllner <christoph.muellner@vrull.eu> | 2023-11-27 00:22:11 +0100 |
---|---|---|
committer | Christoph Müllner <christophm30@gmail.com> | 2023-11-27 12:08:13 +0100 |
commit | b905f4be23124470520e30005b9d29a9f4219e5a (patch) | |
tree | 626f2856204cd277940f51f1b7706a957a0d0573 /linux-headers/include/linux/fsverity.h | |
parent | c2b4923917aa334f83606d08e0eaf3dddc2c9589 (diff) | |
download | riscv-gnu-toolchain-b905f4be23124470520e30005b9d29a9f4219e5a.zip riscv-gnu-toolchain-b905f4be23124470520e30005b9d29a9f4219e5a.tar.gz riscv-gnu-toolchain-b905f4be23124470520e30005b9d29a9f4219e5a.tar.bz2 |
Update Linux headers from v5.10.5 to v6.6
This patch imports the Linux kernel from v5.10.5 to v6.6.
Important RISC-V specific changes are:
* hwprobe support
* V support (ptrace and prctl calls)
* KVM support
There are patches on the glibc list that introduce code which uses the
hwprobe interface. Let's update the kernel headers to be ready for these
changes.
Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Diffstat (limited to 'linux-headers/include/linux/fsverity.h')
-rw-r--r-- | linux-headers/include/linux/fsverity.h | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/linux-headers/include/linux/fsverity.h b/linux-headers/include/linux/fsverity.h index 12b16f5..bdc2ca6 100644 --- a/linux-headers/include/linux/fsverity.h +++ b/linux-headers/include/linux/fsverity.h @@ -34,7 +34,63 @@ struct fsverity_digest { __u8 digest[]; }; +/* + * Struct containing a file's Merkle tree properties. The fs-verity file digest + * is the hash of this struct. A userspace program needs this struct only if it + * needs to compute fs-verity file digests itself, e.g. in order to sign files. + * It isn't needed just to enable fs-verity on a file. + * + * Note: when computing the file digest, 'sig_size' and 'signature' must be left + * zero and empty, respectively. These fields are present only because some + * filesystems reuse this struct as part of their on-disk format. + */ +struct fsverity_descriptor { + __u8 version; /* must be 1 */ + __u8 hash_algorithm; /* Merkle tree hash algorithm */ + __u8 log_blocksize; /* log2 of size of data and tree blocks */ + __u8 salt_size; /* size of salt in bytes; 0 if none */ + __le32 __reserved_0x04; /* must be 0 */ + __le64 data_size; /* size of file the Merkle tree is built over */ + __u8 root_hash[64]; /* Merkle tree root hash */ + __u8 salt[32]; /* salt prepended to each hashed block */ + __u8 __reserved[144]; /* must be 0's */ +}; + +/* + * Format in which fs-verity file digests are signed in built-in signatures. + * This is the same as 'struct fsverity_digest', except here some magic bytes + * are prepended to provide some context about what is being signed in case the + * same key is used for non-fsverity purposes, and here the fields have fixed + * endianness. + * + * This struct is specific to the built-in signature verification support, which + * is optional. fs-verity users may also verify signatures in userspace, in + * which case userspace is responsible for deciding on what bytes are signed. + * This struct may still be used, but it doesn't have to be. For example, + * userspace could instead use a string like "sha256:$digest_as_hex_string". + */ +struct fsverity_formatted_digest { + char magic[8]; /* must be "FSVerity" */ + __le16 digest_algorithm; + __le16 digest_size; + __u8 digest[]; +}; + +#define FS_VERITY_METADATA_TYPE_MERKLE_TREE 1 +#define FS_VERITY_METADATA_TYPE_DESCRIPTOR 2 +#define FS_VERITY_METADATA_TYPE_SIGNATURE 3 + +struct fsverity_read_metadata_arg { + __u64 metadata_type; + __u64 offset; + __u64 length; + __u64 buf_ptr; + __u64 __reserved; +}; + #define FS_IOC_ENABLE_VERITY _IOW('f', 133, struct fsverity_enable_arg) #define FS_IOC_MEASURE_VERITY _IOWR('f', 134, struct fsverity_digest) +#define FS_IOC_READ_VERITY_METADATA \ + _IOWR('f', 135, struct fsverity_read_metadata_arg) #endif /* _LINUX_FSVERITY_H */ |