Commit f52236e0 authored by Gilad Ben-Yossef's avatar Gilad Ben-Yossef Committed by Mike Snitzer

dm verity: fix no salt use case

DM-Verity has an (undocumented) mode where no salt is used.  This was
never handled directly by the DM-Verity code, instead working due to the
fact that calling crypto_shash_update() with a zero length data is an
implicit noop.

This is no longer the case now that we have switched to
crypto_ahash_update().  Fix the issue by introducing explicit handling
of the no salt use case to DM-Verity.
Signed-off-by: default avatarGilad Ben-Yossef <gilad@benyossef.com>
Reported-by: default avatarMarian Csontos <mcsontos@redhat.com>
Fixes: d1ac3ff0 ("dm verity: switch to using asynchronous hash crypto API")
Tested-by: default avatarMilan Broz <gmazyland@gmail.com>
Signed-off-by: default avatarMike Snitzer <snitzer@redhat.com>
parent 08332893
......@@ -166,7 +166,7 @@ static int verity_hash_init(struct dm_verity *v, struct ahash_request *req,
return r;
}
if (likely(v->version >= 1))
if (likely(v->salt_size && (v->version >= 1)))
r = verity_hash_update(v, req, v->salt, v->salt_size, res);
return r;
......@@ -177,7 +177,7 @@ static int verity_hash_final(struct dm_verity *v, struct ahash_request *req,
{
int r;
if (unlikely(!v->version)) {
if (unlikely(v->salt_size && (!v->version))) {
r = verity_hash_update(v, req, v->salt, v->salt_size, res);
if (r < 0) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment