From 0851c2cfb09d67bd8b20df7c6ab73a8001f050f8 Mon Sep 17 00:00:00 2001 From: Ondrej Kozina Date: Mon, 20 Jul 2020 20:27:37 +0200 Subject: [PATCH] Port veritysetup to new args parsing. --- src/Makemodule.am | 5 + src/utils_arg_names.h | 15 +++ src/veritysetup.c | 188 +++++++++++++------------------------ src/veritysetup_arg_list.h | 60 ++++++++++++ src/veritysetup_args.h | 53 +++++++++++ 5 files changed, 196 insertions(+), 125 deletions(-) create mode 100644 src/veritysetup_arg_list.h create mode 100644 src/veritysetup_args.h diff --git a/src/Makemodule.am b/src/Makemodule.am index adf21944..132a5f3e 100644 --- a/src/Makemodule.am +++ b/src/Makemodule.am @@ -48,9 +48,14 @@ veritysetup_SOURCES = \ lib/utils_loop.c \ lib/utils_io.c \ lib/utils_blkid.c \ + src/utils_args.c \ + src/utils_arg_names.h \ + src/utils_arg_macros.h \ src/utils_tools.c \ src/utils_password.c \ src/veritysetup.c \ + src/veritysetup_args.h \ + src/veritysetup_arg_list.h \ src/cryptsetup.h veritysetup_LDADD = $(LDADD) \ diff --git a/src/utils_arg_names.h b/src/utils_arg_names.h index 3b7fcfb0..e8172aaf 100644 --- a/src/utils_arg_names.h +++ b/src/utils_arg_names.h @@ -30,7 +30,10 @@ #define OPT_BITMAP_SECTORS_PER_BIT "bitmap-sectors-per-bit" #define OPT_BLOCK_SIZE "block-size" #define OPT_BUFFER_SECTORS "buffer-sectors" +#define OPT_CHECK_AT_MOST_ONCE "check-at-most-once" #define OPT_CIPHER "cipher" +#define OPT_DATA_BLOCK_SIZE "data-block-size" +#define OPT_DATA_BLOCKS "data-blocks" #define OPT_DATA_DEVICE "data-device" #define OPT_DEBUG "debug" #define OPT_DEBUG_JSON "debug-json" @@ -41,11 +44,19 @@ #define OPT_DISABLE_LOCKS "disable-locks" #define OPT_DUMP_MASTER_KEY "dump-master-key" #define OPT_ENCRYPT "encrypt" +#define OPT_FEC_DEVICE "fec-device" +#define OPT_FEC_OFFSET "fec-offset" +#define OPT_FEC_ROOTS "fec-roots" #define OPT_FORCE_PASSWORD "force-password" +#define OPT_FORMAT "format" #define OPT_HASH "hash" +#define OPT_HASH_BLOCK_SIZE "hash-block-size" +#define OPT_HASH_OFFSET "hash-offset" #define OPT_HEADER "header" #define OPT_HEADER_BACKUP_FILE "header-backup-file" #define OPT_HOTZONE_SIZE "hotzone-size" +#define OPT_IGNORE_CORRUPTION "ignore-corruption" +#define OPT_IGNORE_ZERO_BLOCKS "ignore-zero-blocks" #define OPT_INIT_ONLY "init-only" #define OPT_INTEGRITY "integrity" #define OPT_INTEGRITY_BITMAP_MODE "integrity-bitmap-mode" @@ -78,6 +89,7 @@ #define OPT_KEYFILE_SIZE "keyfile-size" #define OPT_KEYSLOT_CIPHER "keyslot-cipher" #define OPT_KEYSLOT_KEY_SIZE "keyslot-key-size" +#define OPT_NO_SUPERBLOCK "no-superblock" #define OPT_NO_WIPE "no-wipe" #define OPT_LABEL "label" #define OPT_LUKS2_KEYSLOTS_SIZE "luks2-keyslots-size" @@ -102,7 +114,10 @@ #define OPT_REFRESH "refresh" #define OPT_RESILIENCE "resilience" #define OPT_RESILIENCE_HASH "resilience-hash" +#define OPT_RESTART_ON_CORRUPTION "restart-on-corruption" #define OPT_RESUME_ONLY "resume-only" +#define OPT_ROOT_HASH_SIGNATURE "root-hash-signature" +#define OPT_SALT "salt" #define OPT_SECTOR_SIZE "sector-size" #define OPT_SERIALIZE_MEMORY_HARD_PBKDF "serialize-memory-hard-pbkdf" #define OPT_SHARED "shared" diff --git a/src/veritysetup.c b/src/veritysetup.c index b9e59d2d..9288a7a1 100644 --- a/src/veritysetup.c +++ b/src/veritysetup.c @@ -20,38 +20,16 @@ */ #include "cryptsetup.h" +#include "veritysetup_args.h" #define PACKAGE_VERITY "veritysetup" -static char *opt_fec_device = NULL; -static char *opt_hash_algorithm = NULL; -static char *opt_salt = NULL; -static char *opt_uuid = NULL; -static char *opt_root_hash_signature = NULL; - -static int opt_use_superblock = 1; -static int opt_fec_roots = DEFAULT_VERITY_FEC_ROOTS; -static int opt_hash_type = 1; -static int opt_data_block_size = DEFAULT_VERITY_DATA_BLOCK; -static int opt_hash_block_size = DEFAULT_VERITY_HASH_BLOCK; -static uint64_t data_blocks = 0; -static uint64_t hash_offset = 0; -static uint64_t fec_offset = 0; -static int opt_restart_on_corruption = 0; -static int opt_ignore_corruption = 0; -static int opt_ignore_zero_blocks = 0; -static int opt_check_at_most_once = 0; - static const char **action_argv; static int action_argc; void tools_cleanup(void) { - FREE_AND_NULL(opt_fec_device); - FREE_AND_NULL(opt_hash_algorithm); - FREE_AND_NULL(opt_salt); - FREE_AND_NULL(opt_uuid); - FREE_AND_NULL(opt_root_hash_signature); + tools_args_free(tool_core_args, ARRAY_SIZE(tool_core_args)); } static int _prepare_format(struct crypt_params_verity *params, @@ -61,16 +39,16 @@ static int _prepare_format(struct crypt_params_verity *params, char *salt = NULL; int len; - params->hash_name = opt_hash_algorithm ?: DEFAULT_VERITY_HASH; + params->hash_name = ARG_STR(OPT_HASH_ID); params->data_device = data_device; - params->fec_device = opt_fec_device; - params->fec_roots = opt_fec_roots; + params->fec_device = ARG_STR(OPT_FEC_DEVICE_ID); + params->fec_roots = ARG_UINT32(OPT_FEC_ROOTS_ID); - if (opt_salt && !strcmp(opt_salt, "-")) { + if (ARG_STR(OPT_SALT_ID) && !strcmp(ARG_STR(OPT_SALT_ID), "-")) { params->salt_size = 0; params->salt = NULL; - } else if (opt_salt) { - len = crypt_hex_to_bytes(opt_salt, &salt, 0); + } else if (ARG_SET(OPT_SALT_ID)) { + len = crypt_hex_to_bytes(ARG_STR(OPT_SALT_ID), &salt, 0); if (len < 0) { log_err(_("Invalid salt string specified.")); return -EINVAL; @@ -82,12 +60,12 @@ static int _prepare_format(struct crypt_params_verity *params, params->salt = NULL; } - params->data_block_size = opt_data_block_size; - params->hash_block_size = opt_hash_block_size; - params->data_size = data_blocks; - params->hash_area_offset = hash_offset; - params->fec_area_offset = fec_offset; - params->hash_type = opt_hash_type; + params->data_block_size = ARG_UINT32(OPT_DATA_BLOCK_SIZE_ID); + params->hash_block_size = ARG_UINT32(OPT_HASH_BLOCK_SIZE_ID); + params->data_size = ARG_UINT64(OPT_DATA_BLOCKS_ID); + params->hash_area_offset = ARG_UINT64(OPT_HASH_OFFSET_ID); + params->fec_area_offset = ARG_UINT64(OPT_FEC_OFFSET_ID); + params->hash_type = ARG_UINT32(OPT_FORMAT_ID); params->flags = flags; return 0; @@ -110,13 +88,13 @@ static int action_format(int arg) close(r); } /* Try to create FEC image if doesn't exist */ - if (opt_fec_device) { - r = open(opt_fec_device, O_WRONLY | O_EXCL | O_CREAT, S_IRUSR | S_IWUSR); + if (ARG_SET(OPT_FEC_DEVICE_ID)) { + r = open(ARG_STR(OPT_FEC_DEVICE_ID), O_WRONLY | O_EXCL | O_CREAT, S_IRUSR | S_IWUSR); if (r < 0 && errno != EEXIST) { - log_err(_("Cannot create FEC image %s for writing."), opt_fec_device); + log_err(_("Cannot create FEC image %s for writing."), ARG_STR(OPT_FEC_DEVICE_ID)); return -EINVAL; } else if (r >= 0) { - log_dbg("Created FEC image %s.", opt_fec_device); + log_dbg("Created FEC image %s.", ARG_STR(OPT_FEC_DEVICE_ID)); close(r); } } @@ -124,14 +102,14 @@ static int action_format(int arg) if ((r = crypt_init(&cd, action_argv[1]))) goto out; - if (!opt_use_superblock) + if (ARG_SET(OPT_NO_SUPERBLOCK_ID)) flags |= CRYPT_VERITY_NO_HEADER; r = _prepare_format(¶ms, action_argv[0], flags); if (r < 0) goto out; - r = crypt_format(cd, CRYPT_VERITY, NULL, NULL, opt_uuid, NULL, 0, ¶ms); + r = crypt_format(cd, CRYPT_VERITY, NULL, NULL, ARG_STR(OPT_UUID_ID), NULL, 0, ¶ms); if (!r) crypt_dump(cd); out: @@ -158,21 +136,21 @@ static int _activate(const char *dm_device, if ((r = crypt_init_data_device(&cd, hash_device, data_device))) goto out; - if (opt_ignore_corruption) + if (ARG_SET(OPT_IGNORE_CORRUPTION_ID)) activate_flags |= CRYPT_ACTIVATE_IGNORE_CORRUPTION; - if (opt_restart_on_corruption) + if (ARG_SET(OPT_RESTART_ON_CORRUPTION_ID)) activate_flags |= CRYPT_ACTIVATE_RESTART_ON_CORRUPTION; - if (opt_ignore_zero_blocks) + if (ARG_SET(OPT_IGNORE_ZERO_BLOCKS_ID)) activate_flags |= CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS; - if (opt_check_at_most_once) + if (ARG_SET(OPT_CHECK_AT_MOST_ONCE_ID)) activate_flags |= CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE; - if (opt_use_superblock) { + if (!ARG_SET(OPT_NO_SUPERBLOCK_ID)) { params.flags = flags; - params.hash_area_offset = hash_offset; - params.fec_area_offset = fec_offset; - params.fec_device = opt_fec_device; - params.fec_roots = opt_fec_roots; + params.hash_area_offset = ARG_UINT64(OPT_HASH_OFFSET_ID); + params.fec_area_offset = ARG_UINT64(OPT_FEC_OFFSET_ID); + params.fec_device = ARG_STR(OPT_FEC_DEVICE_ID); + params.fec_roots = ARG_UINT32(OPT_FEC_ROOTS_ID); r = crypt_load(cd, CRYPT_VERITY, ¶ms); } else { r = _prepare_format(¶ms, data_device, flags | CRYPT_VERITY_NO_HEADER); @@ -190,17 +168,17 @@ static int _activate(const char *dm_device, goto out; } - if (opt_root_hash_signature) { + if (ARG_SET(OPT_ROOT_HASH_SIGNATURE_ID)) { // FIXME: check max file size - if (stat(opt_root_hash_signature, &st) || !S_ISREG(st.st_mode) || !st.st_size) { - log_err(_("Invalid signature file %s."), opt_root_hash_signature); + if (stat(ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID), &st) || !S_ISREG(st.st_mode) || !st.st_size) { + log_err(_("Invalid signature file %s."), ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID)); r = -EINVAL; goto out; } signature_size = st.st_size; - r = tools_read_mk(opt_root_hash_signature, &signature, signature_size); + r = tools_read_mk(ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID), &signature, signature_size); if (r < 0) { - log_err(_("Cannot read signature file %s."), opt_root_hash_signature); + log_err(_("Cannot read signature file %s."), ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID)); goto out; } } @@ -223,7 +201,7 @@ static int action_open(int arg) action_argv[0], action_argv[2], action_argv[3], - opt_root_hash_signature ? CRYPT_VERITY_ROOT_HASH_SIGNATURE : 0); + ARG_SET(OPT_ROOT_HASH_SIGNATURE_ID) ? CRYPT_VERITY_ROOT_HASH_SIGNATURE : 0); } static int action_verify(int arg) @@ -335,7 +313,7 @@ static int action_status(int arg) if (vp.fec_device) { log_std(" FEC device: %s\n", vp.fec_device); - if ((backing_file = crypt_loop_backing_file(opt_fec_device))) { + if ((backing_file = crypt_loop_backing_file(ARG_STR(OPT_FEC_DEVICE_ID)))) { log_std(" FEC loop: %s\n", backing_file); free(backing_file); } @@ -382,8 +360,8 @@ static int action_dump(int arg) if ((r = crypt_init(&cd, action_argv[0]))) return r; - params.hash_area_offset = hash_offset; - params.fec_area_offset = fec_offset; + params.hash_area_offset = ARG_UINT64(OPT_HASH_OFFSET_ID); + params.fec_area_offset = ARG_UINT64(OPT_FEC_OFFSET_ID); r = crypt_load(cd, CRYPT_VERITY, ¶ms); if (!r) crypt_dump(cd); @@ -459,6 +437,15 @@ static int run_action(struct action_type *action) return translate_errno(r); } +static void basic_options_cb(poptContext popt_context, + enum poptCallbackReason reason __attribute__((unused)), + struct poptOption *key, + const char *arg, + void *data __attribute__((unused))) +{ + tools_parse_arg_value(popt_context, tool_core_args[key->val].type, tool_core_args + key->val, arg, key->val, NULL); +} + int main(int argc, const char **argv) { static const char *null_action_argv[] = {NULL}; @@ -469,27 +456,16 @@ int main(int argc, const char **argv) { "version",'V', POPT_ARG_NONE, NULL, 0, N_("Print package version"), NULL }, POPT_TABLEEND }; + static struct poptOption popt_basic_options[] = { + { NULL, '\0', POPT_ARG_CALLBACK, basic_options_cb, 0, NULL, NULL }, +#define ARG(A, B, C, D, E, F, G, H) { A, B, C, NULL, A ## _ID, D, E }, +#include "veritysetup_arg_list.h" +#undef arg + POPT_TABLEEND + }; static struct poptOption popt_options[] = { { NULL, '\0', POPT_ARG_INCLUDE_TABLE, popt_help_options, 0, N_("Help options:"), NULL }, - { "verbose", 'v', POPT_ARG_NONE, &opt_verbose, 0, N_("Shows more detailed error messages"), NULL }, - { "debug", '\0', POPT_ARG_NONE, &opt_debug, 0, N_("Show debug messages"), NULL }, - { "no-superblock", 0, POPT_ARG_VAL, &opt_use_superblock, 0, N_("Do not use verity superblock"), NULL }, - { "format", 0, POPT_ARG_INT, &opt_hash_type, 0, N_("Format type (1 - normal, 0 - original Chrome OS)"), N_("number") }, - { "data-block-size", 0, POPT_ARG_INT, &opt_data_block_size, 0, N_("Block size on the data device"), N_("bytes") }, - { "hash-block-size", 0, POPT_ARG_INT, &opt_hash_block_size, 0, N_("Block size on the hash device"), N_("bytes") }, - { "fec-roots", 0, POPT_ARG_INT, &opt_fec_roots, 0, N_("FEC parity bytes"), N_("bytes") }, - { "data-blocks", 0, POPT_ARG_STRING, NULL, 1, N_("The number of blocks in the data file"), N_("blocks") }, - { "fec-device", 0, POPT_ARG_STRING, &opt_fec_device, 0, N_("Path to device with error correction data"), N_("path") }, - { "hash-offset", 0, POPT_ARG_STRING, NULL, 2, N_("Starting offset on the hash device"), N_("bytes") }, - { "fec-offset", 0, POPT_ARG_STRING, NULL, 3, N_("Starting offset on the FEC device"), N_("bytes") }, - { "hash", 'h', POPT_ARG_STRING, &opt_hash_algorithm, 0, N_("Hash algorithm"), N_("string") }, - { "salt", 's', POPT_ARG_STRING, &opt_salt, 0, N_("Salt"), N_("hex string") }, - { "uuid", '\0', POPT_ARG_STRING, &opt_uuid, 0, N_("UUID for device to use"), NULL }, - { "root-hash-signature",'\0', POPT_ARG_STRING, &opt_root_hash_signature, 0, N_("Path to root hash signature file"), NULL }, - { "restart-on-corruption", 0,POPT_ARG_NONE,&opt_restart_on_corruption, 0, N_("Restart kernel if corruption is detected"), NULL }, - { "ignore-corruption", 0, POPT_ARG_NONE, &opt_ignore_corruption, 0, N_("Ignore corruption, log it only"), NULL }, - { "ignore-zero-blocks", 0, POPT_ARG_NONE, &opt_ignore_zero_blocks, 0, N_("Do not verify zeroed blocks"), NULL }, - { "check-at-most-once", 0, POPT_ARG_NONE, &opt_check_at_most_once, 0, N_("Verify data block only the first time it is read"), NULL }, + { NULL, '\0', POPT_ARG_INCLUDE_TABLE, popt_basic_options, 0, NULL, NULL }, POPT_TABLEEND }; @@ -508,34 +484,7 @@ int main(int argc, const char **argv) poptSetOtherOptionHelp(popt_context, _("[OPTION...] ")); - while((r = poptGetNextOpt(popt_context)) > 0) { - unsigned long long ull_value; - char *endp, *str = poptGetOptArg(popt_context); - - errno = 0; - ull_value = strtoull(str, &endp, 10); - if (*endp || !*str || !isdigit(*str) || - (errno == ERANGE && ull_value == ULLONG_MAX) || - (errno != 0 && ull_value == 0)) - r = POPT_ERROR_BADNUMBER; - - free(str); - - switch(r) { - case 1: - data_blocks = ull_value; - break; - case 2: - hash_offset = ull_value; - break; - case 3: - fec_offset = ull_value; - break; - } - - if (r < 0) - break; - } + while((r = poptGetNextOpt(popt_context)) > 0) {} if (r < -1) usage(popt_context, EXIT_FAILURE, poptStrerror(r), @@ -583,33 +532,22 @@ int main(int argc, const char **argv) poptGetInvocationName(popt_context)); } - if (opt_data_block_size < 0 || opt_hash_block_size < 0 || opt_hash_type < 0) { - usage(popt_context, EXIT_FAILURE, - _("Negative number for option not permitted."), - poptGetInvocationName(popt_context)); - } + tools_check_args(action->type, tool_core_args, ARRAY_SIZE(tool_core_args), popt_context); - if ((opt_ignore_corruption || opt_restart_on_corruption || opt_ignore_zero_blocks) && strcmp(aname, "open")) - usage(popt_context, EXIT_FAILURE, - _("Option --ignore-corruption, --restart-on-corruption or --ignore-zero-blocks is allowed only for open operation."), - poptGetInvocationName(popt_context)); - - if (opt_root_hash_signature && strcmp(aname, "open")) - usage(popt_context, EXIT_FAILURE, - _("Option --root-hash-signature can be used only for open operation."), - poptGetInvocationName(popt_context)); - - if (opt_ignore_corruption && opt_restart_on_corruption) + if (ARG_SET(OPT_IGNORE_CORRUPTION_ID) && ARG_SET(OPT_RESTART_ON_CORRUPTION_ID)) usage(popt_context, EXIT_FAILURE, _("Option --ignore-corruption and --restart-on-corruption cannot be used together."), poptGetInvocationName(popt_context)); - if (opt_debug) { - opt_verbose = 1; + if (ARG_SET(OPT_DEBUG_ID)) { + ARG_SET(OPT_VERBOSE_ID) = true; crypt_set_debug_level(CRYPT_DEBUG_ALL); dbg_version_and_cmd(argc, argv); } + opt_verbose = ARG_SET(OPT_VERBOSE_ID) ? 1 : 0; + opt_debug = ARG_SET(OPT_DEBUG_ID) ? 1 : 0; + r = run_action(action); tools_cleanup(); poptFreeContext(popt_context); diff --git a/src/veritysetup_arg_list.h b/src/veritysetup_arg_list.h new file mode 100644 index 00000000..51ce0941 --- /dev/null +++ b/src/veritysetup_arg_list.h @@ -0,0 +1,60 @@ +/* + * Veritysetup command line arguments list + * + * Copyright (C) 2020 Red Hat, Inc. All rights reserved. + * Copyright (C) 2020 Ondrej Kozina + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +/* long name, short name, popt type, help description, units, internal argument type, default value, allowed actions (empty=global) */ + +ARG(OPT_CHECK_AT_MOST_ONCE, '\0', POPT_ARG_NONE, N_("Verify data block only the first time it is read"), NULL, CRYPT_ARG_BOOL, {}, {}) + +ARG(OPT_DATA_BLOCK_SIZE, '\0', POPT_ARG_STRING, N_("Block size on the data device"), N_("bytes"), CRYPT_ARG_UINT32, { .u32_value = DEFAULT_VERITY_DATA_BLOCK }, {}) + +ARG(OPT_DATA_BLOCKS, '\0', POPT_ARG_STRING, N_("The number of blocks in the data file"), N_("blocks"), CRYPT_ARG_UINT64, {}, {}) + +ARG(OPT_DEBUG, '\0', POPT_ARG_NONE, N_("Show debug messages"), NULL, CRYPT_ARG_BOOL, {}, {}) + +ARG(OPT_FEC_DEVICE, '\0', POPT_ARG_STRING, N_("Path to device with error correction data"), N_("path"), CRYPT_ARG_STRING, {}, {}) + +ARG(OPT_FEC_OFFSET, '\0', POPT_ARG_STRING, N_("Starting offset on the FEC device"), N_("bytes"), CRYPT_ARG_UINT64, {}, {}) + +ARG(OPT_FEC_ROOTS, '\0', POPT_ARG_STRING, N_("FEC parity bytes"), N_("bytes"), CRYPT_ARG_UINT32, { .u32_value = DEFAULT_VERITY_FEC_ROOTS }, {}) + +ARG(OPT_FORMAT, '\0', POPT_ARG_STRING, N_("Format type (1 - normal, 0 - original Chrome OS)"), N_("number"), CRYPT_ARG_UINT32, { .u32_value = 1 }, {}) + +ARG(OPT_HASH, 'h', POPT_ARG_STRING, N_("Hash algorithm"), N_("string"), CRYPT_ARG_STRING, { .str_value = CONST_CAST(void *)DEFAULT_VERITY_HASH }, {}) + +ARG(OPT_HASH_BLOCK_SIZE, '\0', POPT_ARG_STRING, N_("Block size on the hash device"), N_("bytes"), CRYPT_ARG_UINT32, { .u32_value = DEFAULT_VERITY_HASH_BLOCK }, {}) + +ARG(OPT_HASH_OFFSET, '\0', POPT_ARG_STRING, N_("Starting offset on the hash device"), N_("bytes"), CRYPT_ARG_UINT64, {}, {}) + +ARG(OPT_IGNORE_CORRUPTION, '\0', POPT_ARG_NONE, N_("Ignore corruption, log it only"), NULL, CRYPT_ARG_BOOL, {}, OPT_IGNORE_CORRUPTION_ACTIONS) + +ARG(OPT_IGNORE_ZERO_BLOCKS, '\0', POPT_ARG_NONE, N_("Do not verify zeroed blocks"), NULL, CRYPT_ARG_BOOL, {}, OPT_IGNORE_ZERO_BLOCKS_ACTIONS) + +ARG(OPT_NO_SUPERBLOCK, '\0', POPT_ARG_NONE, N_("Do not use verity superblock"), NULL, CRYPT_ARG_BOOL, {}, {}) + +ARG(OPT_RESTART_ON_CORRUPTION, '\0', POPT_ARG_NONE, N_("Restart kernel if corruption is detected"), NULL, CRYPT_ARG_BOOL, {}, OPT_RESTART_ON_CORRUPTION_ACTIONS) + +ARG(OPT_ROOT_HASH_SIGNATURE, '\0', POPT_ARG_STRING, N_("Path to root hash signature file"), NULL, CRYPT_ARG_STRING, {}, OPT_ROOT_HASH_SIGNATURE_ACTIONS) + +ARG(OPT_SALT, 's', POPT_ARG_STRING, N_("Salt"), N_("hex string"), CRYPT_ARG_STRING, {}, {}) + +ARG(OPT_UUID, '\0', POPT_ARG_STRING, N_("UUID for device to use"), NULL, CRYPT_ARG_STRING, {}, {}) + +ARG(OPT_VERBOSE, 'v', POPT_ARG_NONE, N_("Shows more detailed error messages"), NULL, CRYPT_ARG_BOOL, {}, {}) diff --git a/src/veritysetup_args.h b/src/veritysetup_args.h new file mode 100644 index 00000000..0220ba23 --- /dev/null +++ b/src/veritysetup_args.h @@ -0,0 +1,53 @@ +/* + * Command line arguments helpers + * + * Copyright (C) 2020 Red Hat, Inc. All rights reserved. + * Copyright (C) 2020 Ondrej Kozina + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef VERITYSETUP_ARGS_H +#define VERITYSETUP_ARGS_H + +#include "utils_arg_names.h" +#include "utils_arg_macros.h" + +#define CLOSE_ACTION "close" +#define DUMP_ACTION "dump" +#define FORMAT_ACTION "format" +#define OPEN_ACTION "open" +#define STATUS_ACTION "status" +#define VERIFY_ACTION "verify" + +#define OPT_IGNORE_CORRUPTION_ACTIONS { OPEN_ACTION } +#define OPT_IGNORE_ZERO_BLOCKS_ACTIONS { OPEN_ACTION } +#define OPT_RESTART_ON_CORRUPTION_ACTIONS { OPEN_ACTION } +#define OPT_ROOT_HASH_SIGNATURE_ACTIONS { OPEN_ACTION } + +enum { +OPT_UNUSED_ID = 0, +#define ARG(A, B, C, D, E, F, G, H) A ## _ID, +#include "veritysetup_arg_list.h" +#undef ARG +}; + +static struct tools_arg tool_core_args[] = { { NULL, false, CRYPT_ARG_BOOL }, // UNUSED +#define ARG(A, B, C, D, E, F, G, H) { A, false, F, G, H }, +#include "veritysetup_arg_list.h" +#undef ARG +}; + +#endif