From 8e564bbb5cff56d365434022a9a44dd78bb77ced Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Tue, 23 Feb 2021 12:23:20 +0100 Subject: [PATCH] veritysetup: do not increase hash image size if hash area is not used. Do not write more than needed header if hash area is not used later. All space in hash area is then used in FEC calculation, so it makes no sense to add unused area. --- lib/verity/verity.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/verity/verity.c b/lib/verity/verity.c index d0295103..0d5873a1 100644 --- a/lib/verity/verity.c +++ b/lib/verity/verity.c @@ -162,6 +162,7 @@ int VERITY_write_sb(struct crypt_device *cd, struct device *device = crypt_metadata_device(cd); struct verity_sb sb = {}; ssize_t hdr_size = sizeof(struct verity_sb); + size_t block_size; char *algorithm; uuid_t uuid; int r, devfd; @@ -181,6 +182,13 @@ int VERITY_write_sb(struct crypt_device *cd, return -EINVAL; } + /* Avoid possible increasing of image size - FEC could fail later because of it */ + block_size = device_block_size(cd, device); + if (block_size > params->hash_block_size) { + device_disable_direct_io(device); + block_size = params->hash_block_size; + } + devfd = device_open(cd, device, O_RDWR); if (devfd < 0) { log_err(cd, _("Cannot open device %s."), device_path(device)); @@ -204,7 +212,7 @@ int VERITY_write_sb(struct crypt_device *cd, memcpy(sb.salt, params->salt, params->salt_size); memcpy(sb.uuid, uuid, sizeof(sb.uuid)); - r = write_lseek_blockwise(devfd, device_block_size(cd, device), device_alignment(device), + r = write_lseek_blockwise(devfd, block_size, device_alignment(device), (char*)&sb, hdr_size, sb_offset) < hdr_size ? -EIO : 0; if (r) log_err(cd, _("Error during update of verity header on device %s."),