Rename hash-start to hash-offset and switch to use bytes units.

man/veritysetup.8

@@ -18,7 +18,7 @@ Veritysetup supports these operations:
 .IP
 Calculates and permanently stores hash verification data for data_device.
 Hash area can be located on the same device after data if specified
-by \-\-hash\-start option.
+by \-\-hash\-offset option.
 
 Note you need to provide root hash string for device verification
 or activation. Root hash must be trusted.
@@ -28,7 +28,7 @@ allocates loopback device. In this case, hash file size must be enough
 to store the hash area.
 
 \fB<options>\fR can be [\-\-hash, \-\-no-superblock, \-\-format,
-\-\-data-block-size, \-\-hash-block-size, \-\-data-blocks, \-\-hash-start,
+\-\-data-block-size, \-\-hash-block-size, \-\-data-blocks, \-\-hash-offset,
 \-\-salt, \-\-uuid]
 .PP
 \fIcreate\fR <name> <data_device> <hash_device> <root_hash>
@@ -38,7 +38,7 @@ Creates a mapping with <name> backed by device <data_device> and using
 
 The <root_hash> is a hexadecimal string.
 
-\fB<options>\fR can be [\-\-hash-start, \-\-no-superblock]
+\fB<options>\fR can be [\-\-hash-offset, \-\-no-superblock]
 
 If option \-\-no-superblock is used, you have to use as the same options
 as in initial format operation.
@@ -84,8 +84,9 @@ Used block size for the hash device.
 Size of data device used in verification.
 If not specified, the whole device is used.
 .TP
-.B "\-\-hash-start=512-bytes sectors"
+.B "\-\-hash-offset=bytes"
 Offset of hash area/superblock on hash_device.
+Value must be aligned to disk sector offset.
 .TP
 .B "\-\-salt=hex string"
 Salt used for format or verification.

src/veritysetup.c

@@ -40,7 +40,7 @@ static int data_block_size = DEFAULT_VERITY_DATA_BLOCK;
 static int hash_block_size = DEFAULT_VERITY_HASH_BLOCK;
 static uint64_t data_blocks = 0;
 static const char *salt_string = NULL;
-static uint64_t hash_start = 0;
+static uint64_t hash_offset = 0;
 static const char *opt_uuid = NULL;
 
 static int opt_verbose = 0;
@@ -139,7 +139,7 @@ static int _prepare_format(struct crypt_params_verity *params,
 	params->data_block_size = data_block_size;
 	params->hash_block_size = hash_block_size;
 	params->data_size = data_blocks;
-	params->hash_area_offset = hash_start;
+	params->hash_area_offset = hash_offset;
 	params->hash_type = hash_type;
 	params->flags = flags;
 
@@ -189,7 +189,7 @@ static int _activate(const char *dm_device,
 
 	if (use_superblock) {
 		params.flags = flags;
-		params.hash_area_offset = hash_start;
+		params.hash_area_offset = hash_offset;
 		r = crypt_load(cd, CRYPT_VERITY, &params);
 	} else {
 		r = _prepare_format(&params, data_device, flags | CRYPT_VERITY_NO_HEADER);
@@ -349,7 +349,7 @@ static int action_dump(int arg)
 	if ((r = crypt_init(&cd, action_argv[0])))
 		return r;
 
-	params.hash_area_offset = hash_start;
+	params.hash_area_offset = hash_offset;
 	r = crypt_load(cd, CRYPT_VERITY, &params);
 	if (!r)
 		crypt_dump(cd);
@@ -506,7 +506,7 @@ int main(int argc, const char **argv)
 		{ "data-block-size", 0,    POPT_ARG_INT,  &data_block_size,  0, N_("Block size on the data device"), N_("bytes") },
 		{ "hash-block-size", 0,    POPT_ARG_INT,  &hash_block_size,  0, N_("Block size on the hash device"), N_("bytes") },
 		{ "data-blocks",     0,    POPT_ARG_STRING, &popt_tmp,       1, N_("The number of blocks in the data file"), N_("blocks") },
-		{ "hash-start",      0,    POPT_ARG_STRING, &popt_tmp,       2, N_("Starting block on the hash device"), N_("512-byte sectors") },
+		{ "hash-offset",     0,    POPT_ARG_STRING, &popt_tmp,       2, N_("Starting offset on the hash device"), N_("bytes") },
 		{ "hash",            'h',  POPT_ARG_STRING, &hash_algorithm, 0, N_("Hash algorithm"), N_("string") },
 		{ "salt",            's',  POPT_ARG_STRING, &salt_string,    0, N_("Salt"), N_("hex string") },
 		{ "uuid",            '\0', POPT_ARG_STRING, &opt_uuid,       0, N_("UUID for device to use."), NULL },
@@ -544,9 +544,7 @@ int main(int argc, const char **argv)
 				data_blocks = ull_value;
 				break;
 			case 2:
-				hash_start = ull_value * 512;
-				if (hash_start / 512 != ull_value)
-					r = POPT_ERROR_BADNUMBER;
+				hash_offset = ull_value;
 				break;
 		}
 

tests/verity-compat-test

@@ -70,9 +70,9 @@ function compare_out() # $1 what, $2 expected
 function check_root_hash() # $1 size, $2 hash, $3 salt, $4 version, $5 hash, [$6 offset]
 {
 	if [ -z "$LOOPDEV2" ] ; then
-		BLOCKS=$(($6 * 512 / $1))
+		BLOCKS=$(($6 / $1))
 		DEV_PARAMS="$LOOPDEV1 $LOOPDEV1 \
-			   --hash-start $6 \
+			   --hash-offset $6 \
 			   --data-blocks=$BLOCKS --debug"
 	else
 		DEV_PARAMS="$LOOPDEV1 $LOOPDEV2"
@@ -173,16 +173,16 @@ check_root_hash 1024 73509e8e868be6b8ac939817a98a3d35121413b2 dadada 1 sha1
 
 echo "Verity tests [one device offset]"
 prepare $((8192 + 1024))
-check_root_hash  512 9de18652fe74edfb9b805aaed72ae2aa48f94333f1ba5c452ac33b1c39325174 $SALT 1 sha256 16384
-check_root_hash 1024 54d92778750495d1f80832b486ebd007617d746271511bbf0e295e143da2b3df $SALT 1 sha256 16384
-check_root_hash 4096 e522df0f97da4febb882ac40f30b37dc0b444bf6df418929463fa25280f09d5c $SALT 1 sha256 16384
+check_root_hash  512 9de18652fe74edfb9b805aaed72ae2aa48f94333f1ba5c452ac33b1c39325174 $SALT 1 sha256 8388608
+check_root_hash 1024 54d92778750495d1f80832b486ebd007617d746271511bbf0e295e143da2b3df $SALT 1 sha256 8388608
+check_root_hash 4096 e522df0f97da4febb882ac40f30b37dc0b444bf6df418929463fa25280f09d5c $SALT 1 sha256 8388608
 # version 0
-check_root_hash 4096 cbbf4ebd004ef65e29b935bb635a39cf754d677f3fa10b0126da725bbdf10f7d $SALT 0 sha256 16384
+check_root_hash 4096 cbbf4ebd004ef65e29b935bb635a39cf754d677f3fa10b0126da725bbdf10f7d $SALT 0 sha256 8388608
 # no salt
-check_root_hash 4096 ef29c902d87350f1da4bfa536e16cebc162a909bf89abe448b81ec500d4fb9bf - 1 sha256 16384
+check_root_hash 4096 ef29c902d87350f1da4bfa536e16cebc162a909bf89abe448b81ec500d4fb9bf - 1 sha256 8388608
 # sha1
-check_root_hash 1024 d0e9163ca8844aaa2e88fe5265a8c5d9ee494a99 $SALT 1 sha1 16384
-check_root_hash 1024 73509e8e868be6b8ac939817a98a3d35121413b2 dadada 1 sha1 16384
+check_root_hash 1024 d0e9163ca8844aaa2e88fe5265a8c5d9ee494a99 $SALT 1 sha1 8388608
+check_root_hash 1024 73509e8e868be6b8ac939817a98a3d35121413b2 dadada 1 sha1 8388608
 
 remove_mapping
 exit 0