On Mon, Jun 12, 2023 at 12:00:47PM -0700, Eric Biggers wrote: > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > Address several issues with the calling convention and documentation of > fsverity_get_digest(): > > - Make it provide the hash algorithm as either a FS_VERITY_HASH_ALG_* > value or HASH_ALGO_* value, at the caller's choice, rather than only a > HASH_ALGO_* value as it did before. This allows callers to work with > the fsverity native algorithm numbers if they want to. HASH_ALGO_* is > what IMA uses, but other users (e.g. overlayfs) should use > FS_VERITY_HASH_ALG_* to match fsverity-utils and the fsverity UAPI. > > - Make it return the digest size so that it doesn't need to be looked up > separately. Use the return value for this, since 0 works nicely for > the "file doesn't have fsverity enabled" case. This also makes it > clear that no other errors are possible. > > - Rename the 'digest' parameter to 'raw_digest' and clearly document > that it is only useful in combination with the algorithm ID. This > hopefully clears up a point of confusion. > > - Export it to modules, since overlayfs will need it for checking the > fsverity digests of lowerdata files > (https://lore.kernel.org/r/dd294a44e8f401e6b5140029d8355f88748cd8fd.1686565330.git.alexl@xxxxxxxxxx). > > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> > --- > fs/verity/measure.c | 37 ++++++++++++++++++++++---------- > include/linux/fsverity.h | 14 +++++++----- > security/integrity/ima/ima_api.c | 31 +++++++++++--------------- > 3 files changed, 47 insertions(+), 35 deletions(-) > Applied to https://git.kernel.org/pub/scm/fs/fsverity/linux.git/log/?h=for-next - Eric
