From: Eric Biggers <ebiggers@xxxxxxxxxx>
Make _fsv_enable() and _fsv_sign() default to FSV_BLOCK_SIZE if no block
size is explicitly specified, so that the individual tests don't have to
do this themselves. This overrides the fsverity-utils default of 4096
bytes, or the page size in older versions of fsverity-utils, both of
which may differ from FSV_BLOCK_SIZE.
Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
---
common/verity | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/common/verity b/common/verity
index a94ebf8e..1c706b80 100644
--- a/common/verity
+++ b/common/verity
@@ -249,7 +249,13 @@ _fsv_dump_signature()
_fsv_enable()
{
- $FSVERITY_PROG enable "$@"
+ local args=("$@")
+ # If the caller didn't explicitly specify a Merkle tree block size, then
+ # use FSV_BLOCK_SIZE.
+ if ! [[ " $*" =~ " --block-size" ]]; then
+ args+=("--block-size=$FSV_BLOCK_SIZE")
+ fi
+ $FSVERITY_PROG enable "${args[@]}"
}
_fsv_measure()
@@ -259,7 +265,13 @@ _fsv_measure()
_fsv_sign()
{
- $FSVERITY_PROG sign "$@"
+ local args=("$@")
+ # If the caller didn't explicitly specify a Merkle tree block size, then
+ # use FSV_BLOCK_SIZE.
+ if ! [[ " $*" =~ " --block-size" ]]; then
+ args+=("--block-size=$FSV_BLOCK_SIZE")
+ fi
+ $FSVERITY_PROG sign "${args[@]}"
}
# Generate a file, then enable verity on it.
--
2.38.1
|