fs-verity: add SHA-512 support
Add SHA-512 support to fs-verity. This is primarily a demonstration of the trivial changes needed to support a new hash algorithm in fs-verity; most users will still use SHA-256, due to the smaller space required to store the hashes. But some users may prefer SHA-512. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com>
This commit is contained in:
parent
ebeb654881
commit
9b8425a7cd
3 changed files with 7 additions and 1 deletions
|
@ -29,7 +29,7 @@ struct ahash_request;
|
||||||
* Largest digest size among all hash algorithms supported by fs-verity.
|
* Largest digest size among all hash algorithms supported by fs-verity.
|
||||||
* Currently assumed to be <= size of fsverity_descriptor::root_hash.
|
* Currently assumed to be <= size of fsverity_descriptor::root_hash.
|
||||||
*/
|
*/
|
||||||
#define FS_VERITY_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE
|
#define FS_VERITY_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
|
||||||
|
|
||||||
/* A hash algorithm supported by fs-verity */
|
/* A hash algorithm supported by fs-verity */
|
||||||
struct fsverity_hash_alg {
|
struct fsverity_hash_alg {
|
||||||
|
|
|
@ -17,6 +17,11 @@ struct fsverity_hash_alg fsverity_hash_algs[] = {
|
||||||
.digest_size = SHA256_DIGEST_SIZE,
|
.digest_size = SHA256_DIGEST_SIZE,
|
||||||
.block_size = SHA256_BLOCK_SIZE,
|
.block_size = SHA256_BLOCK_SIZE,
|
||||||
},
|
},
|
||||||
|
[FS_VERITY_HASH_ALG_SHA512] = {
|
||||||
|
.name = "sha512",
|
||||||
|
.digest_size = SHA512_DIGEST_SIZE,
|
||||||
|
.block_size = SHA512_BLOCK_SIZE,
|
||||||
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -14,6 +14,7 @@
|
||||||
#include <linux/types.h>
|
#include <linux/types.h>
|
||||||
|
|
||||||
#define FS_VERITY_HASH_ALG_SHA256 1
|
#define FS_VERITY_HASH_ALG_SHA256 1
|
||||||
|
#define FS_VERITY_HASH_ALG_SHA512 2
|
||||||
|
|
||||||
struct fsverity_enable_arg {
|
struct fsverity_enable_arg {
|
||||||
__u32 version;
|
__u32 version;
|
||||||
|
|
Loading…
Reference in a new issue