1// SPDX-License-Identifier: MIT 2/* 3 * The 'fsverity measure' command 4 * 5 * Copyright 2018 Google LLC 6 * 7 * Use of this source code is governed by an MIT-style 8 * license that can be found in the LICENSE file or at 9 * https://opensource.org/licenses/MIT. 10 */ 11 12#include "fsverity.h" 13 14#include <fcntl.h> 15#include <sys/ioctl.h> 16 17/* Display the fs-verity digest of the given verity file(s). */ 18int fsverity_cmd_measure(const struct fsverity_command *cmd, 19 int argc, char *argv[]) 20{ 21 struct fsverity_digest *d = NULL; 22 struct filedes file; 23 char digest_hex[FS_VERITY_MAX_DIGEST_SIZE * 2 + 1]; 24 char _hash_alg_name[32]; 25 const char *hash_alg_name; 26 int status; 27 int i; 28 29 if (argc < 2) 30 goto out_usage; 31 32 d = xzalloc(sizeof(*d) + FS_VERITY_MAX_DIGEST_SIZE); 33 34 for (i = 1; i < argc; i++) { 35 d->digest_size = FS_VERITY_MAX_DIGEST_SIZE; 36 37 if (!open_file(&file, argv[i], O_RDONLY, 0)) 38 goto out_err; 39 if (ioctl(file.fd, FS_IOC_MEASURE_VERITY, d) != 0) { 40 error_msg_errno("FS_IOC_MEASURE_VERITY failed on '%s'", 41 file.name); 42 filedes_close(&file); 43 goto out_err; 44 } 45 filedes_close(&file); 46 47 ASSERT(d->digest_size <= FS_VERITY_MAX_DIGEST_SIZE); 48 bin2hex(d->digest, d->digest_size, digest_hex); 49 hash_alg_name = libfsverity_get_hash_name(d->digest_algorithm); 50 if (!hash_alg_name) { 51 sprintf(_hash_alg_name, "ALG_%u", d->digest_algorithm); 52 hash_alg_name = _hash_alg_name; 53 } 54 printf("%s:%s %s\n", hash_alg_name, digest_hex, argv[i]); 55 } 56 status = 0; 57out: 58 free(d); 59 return status; 60 61out_err: 62 status = 1; 63 goto out; 64 65out_usage: 66 usage(cmd, stderr); 67 status = 2; 68 goto out; 69} 70