Create hash image if doesn't exist in veritysetup format.

ChangeLog

@@ -1,6 +1,7 @@
 2012-08-12  Milan Broz  <gmazyland@gmail.com>
 	* Allocate loop device late (only when real block device needed).
 	* Rework underlying device/file access functions.
+	* Create hash image if doesn't exist in veritysetup format.
 
 2012-07-10  Milan Broz  <gmazyland@gmail.com>
 	* Version 1.5.0.

man/veritysetup.8

@@ -23,9 +23,8 @@ by \-\-hash\-offset option.
 Note you need to provide root hash string for device verification
 or activation. Root hash must be trusted.
 
-If data or hash device argument points to regular file, veritysetup
-allocates loopback device. In this case, hash file size must be enough
-to store the hash area.
+The data or hash device argument can be block device or file image.
+If hash device path doesn't exist, it will be created as file.
 
 \fB<options>\fR can be [\-\-hash, \-\-no-superblock, \-\-format,
 \-\-data-block-size, \-\-hash-block-size, \-\-data-blocks, \-\-hash-offset,

src/veritysetup.c

@@ -26,7 +26,9 @@
 #include <inttypes.h>
 #include <popt.h>
 #include <limits.h>
+#include <sys/types.h>
 #include <sys/stat.h>
+#include <fcntl.h>
 
 #include "cryptsetup.h"
 
@@ -140,8 +142,20 @@ static int action_format(int arg)
 	struct crypt_device *cd = NULL;
 	struct crypt_params_verity params = {};
 	uint32_t flags = CRYPT_VERITY_CREATE_HASH;
+	struct stat st;
 	int r;
 
+	/* Try to create hash image if doesn't exist */
+	if (stat(action_argv[1], &st) < 0) {
+		log_dbg("Creating hash image %s.", action_argv[1]);
+		r = open(action_argv[1], O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR);
+		if (r < 0) {
+			log_err(_("Cannot create hash image %s for writing.\n"), action_argv[1]);
+			return -EINVAL;
+		}
+		close(r);
+	}
+
 	if ((r = crypt_init(&cd, action_argv[1])))
 		goto out;
 

tests/verity-compat-test

@@ -11,7 +11,6 @@ function remove_mapping()
 {
 	[ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
 	[ ! -z "$LOOPDEV1" ] && losetup -d $LOOPDEV1 >/dev/null 2>&1
-	[ ! -z "$LOOPDEV2" ] && losetup -d $LOOPDEV2 >/dev/null 2>&1
 	rm -f $IMG $IMG_HASH $DEV_OUT >/dev/null 2>&1
 	LOOPDEV1=""
 	LOOPDEV2=""
@@ -42,17 +41,13 @@ function prepare() # $1 dev1_siz [$2 dev2_size]
 	losetup $LOOPDEV1 $IMG
 
 	[ -z "$2" ] && return
-	dd if=/dev/zero of=$IMG_HASH bs=1k count=$2 >/dev/null 2>&1
-	LOOPDEV2=$(losetup -f 2>/dev/null)
-	[ -z "$LOOPDEV2" ] && fail "No free loop device"
-	losetup $LOOPDEV2 $IMG_HASH
+	LOOPDEV2=$IMG_HASH
 }
 
 function wipe()
 {
 	dd if=/dev/zero of=$LOOPDEV1 bs=256k >/dev/null 2>&1
-	dd if=/dev/zero of=$LOOPDEV2 bs=256k >/dev/null 2>&1
-	rm -f $DEV_OUT >/dev/null 2>&1
+	rm -f $IMG_HASH $DEV_OUT >/dev/null 2>&1
 }
 
 function check_exists()
@@ -111,14 +106,14 @@ function check_root_hash() # $1 size, $2 hash, $3 salt, $4 version, $5 hash, [$6
 
 	case $fail in
 	data)
-		dd if=/dev/urandom of=$LOOPDEV1 bs=1 seek=3456 count=8 2>/dev/null
+		dd if=/dev/urandom of=$LOOPDEV1 bs=1 seek=3456 count=8 conv=notrunc 2>/dev/null
 		TXT="data_dev"
 		;;
 	hash)
 		if [ -z "$LOOPDEV2" ] ; then
-			dd if=/dev/urandom of=$LOOPDEV1 bs=1 seek=$((8193 + $4)) count=8 2>/dev/null
+			dd if=/dev/urandom of=$LOOPDEV1 bs=1 seek=$((8193 + $4)) count=8 conv=notrunc 2>/dev/null
 		else
-			dd if=/dev/urandom of=$LOOPDEV2 bs=1 seek=8193 count=8 2>/dev/null
+			dd if=/dev/urandom of=$LOOPDEV2 bs=1 seek=8193 count=8 conv=notrunc 2>/dev/null
 		fi
                 TXT="hash_dev"
 		;;