diff --git a/arch/arm64/boot/dts/qcom/dm-verity-boot.dtsi b/arch/arm64/boot/dts/qcom/dm-verity-boot.dtsi deleted file mode 100644 index 3aee6a4295f9..000000000000 --- a/arch/arm64/boot/dts/qcom/dm-verity-boot.dtsi +++ /dev/null @@ -1,28 +0,0 @@ -/* Copyright (c) 2019, The Linux Foundation. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 and - * only version 2 as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ -dm_verity { - dmname="disabled"; - version="1"; - data_device="/dev/sda6"; - hash_device="/dev/sda6"; - data_block_size="4096"; - hash_block_size="4096"; - number_of_data_blocks="262144"; - hash_start_block="262145"; - algorithm="sha256"; - // root hash: 64 bytes long - digest= - "b0fe12d7da6e23a1e19b5a69252c7aaf7b249191eb13bba3f566d630b3f2828a"; - salt="a2df040e00f02c3b2a19e90e5aa76fe1a303f4e08584aaf40e87f088a32b7709"; - // restart_on_corruption ignore_corruption ignore_zero_blocks - opt="restart_on_corruption"; -}; diff --git a/arch/arm64/boot/dts/qcom/sa8155.dtsi b/arch/arm64/boot/dts/qcom/sa8155.dtsi index 41d628155f3c..78c9105d505b 100644 --- a/arch/arm64/boot/dts/qcom/sa8155.dtsi +++ b/arch/arm64/boot/dts/qcom/sa8155.dtsi @@ -671,8 +671,6 @@ read-only; ranges; }; - - /include/ "dm-verity-boot.dtsi" }; &ipa_hw { diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index 33d6011ac461..787afba77b2e 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -6,7 +6,6 @@ */ #include "dm-core.h" -#include "dm-ioctrl.h" #include #include @@ -2057,37 +2056,3 @@ out: return r; } - -int __init dm_ioctrl(uint cmd, struct dm_ioctl *param) -{ - int r = 0; - int ioctl_flags; - ioctl_fn fn = NULL; - size_t input_param_size; - - /* - * Nothing more to do for the version command. - */ - if (cmd == DM_VERSION_CMD) - return 0; - - DMDEBUG("dm_ctl_ioctl: command 0x%x", cmd); - - fn = lookup_ioctl(cmd, &ioctl_flags); - if (!fn) { - DMWARN("dm_ctl_ioctl: unknown command 0x%x", cmd); - return -ENOTTY; - } - - input_param_size = param->data_size; - param->data_size = sizeof(*param); - - r = fn(NULL, param, input_param_size); - - if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) && - unlikely(ioctl_flags & IOCTL_FLAGS_NO_PARAMS)) - DMERR("ioctl %d but has IOCTL_FLAGS_NO_PARAMS set", cmd); - - return r; -} -EXPORT_SYMBOL(dm_ioctrl); diff --git a/drivers/md/dm-ioctrl.h b/drivers/md/dm-ioctrl.h deleted file mode 100644 index d331fcd83df4..000000000000 --- a/drivers/md/dm-ioctrl.h +++ /dev/null @@ -1,20 +0,0 @@ -/* Copyright (c) 2019, The Linux Foundation. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 and - * only version 2 as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ - -#ifndef DM_IOCTRL_INTERNAL_H -#define DM_IOCTRL_INTERNAL_H - -#include - -int dm_ioctrl(uint cmd, struct dm_ioctl *param); - -#endif diff --git a/init/Makefile b/init/Makefile index 00b39d4cf5d9..0320e1a0705d 100644 --- a/init/Makefile +++ b/init/Makefile @@ -19,7 +19,6 @@ mounts-$(CONFIG_BLK_DEV_RAM) += do_mounts_rd.o mounts-$(CONFIG_BLK_DEV_INITRD) += do_mounts_initrd.o mounts-$(CONFIG_BLK_DEV_MD) += do_mounts_md.o mounts-$(CONFIG_BLK_DEV_DM) += do_mounts_dm.o -mounts-$(CONFIG_BLK_DEV_DM) += do_mounts_verity.o # dependencies on generated files need to be listed explicitly $(obj)/version.o: include/generated/compile.h diff --git a/init/do_mounts.c b/init/do_mounts.c index f44460bc8372..ca5de99f311c 100644 --- a/init/do_mounts.c +++ b/init/do_mounts.c @@ -576,7 +576,6 @@ void __init prepare_namespace(void) md_run_setup(); dm_run_setup(); - dm_verity_setup(); if (saved_root_name[0]) { root_device_name = saved_root_name; diff --git a/init/do_mounts.h b/init/do_mounts.h index 9dfd4138aca8..cd201124714b 100644 --- a/init/do_mounts.h +++ b/init/do_mounts.h @@ -8,8 +8,6 @@ #include #include #include -#include "uapi/linux/dm-ioctl.h" -#include void change_floppy(char *fmt, ...); void mount_block_root(char *name, int flags); @@ -73,15 +71,3 @@ void dm_run_setup(void); static inline void dm_run_setup(void) {} #endif - -#ifdef CONFIG_BLK_DEV_DM - -void dm_verity_setup(void); -extern int dm_ioctrl(uint cmd, struct dm_ioctl *param); -extern void dm_table_destroy(struct dm_table *t); - -#else - -static inline void dm_verity_setup(void) {} - -#endif diff --git a/init/do_mounts_verity.c b/init/do_mounts_verity.c deleted file mode 100644 index aa5893db2a01..000000000000 --- a/init/do_mounts_verity.c +++ /dev/null @@ -1,193 +0,0 @@ -/* Copyright (c) 2019, The Linux Foundation. All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 and - * only version 2 as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ - -#include -#include -#include -#include "uapi/linux/dm-ioctl.h" -#include -#include -#include "do_mounts.h" - -#define DM_BUF_SIZE 4096 - -#define DM_MSG_PREFIX "verity" - -static void __init init_param(struct dm_ioctl *param, const char *name) -{ - memset(param, 0, DM_BUF_SIZE); - param->data_size = DM_BUF_SIZE; - param->data_start = sizeof(struct dm_ioctl); - param->version[0] = 4; - param->version[1] = 0; - param->version[2] = 0; - param->flags = DM_READONLY_FLAG; - strlcpy(param->name, name, sizeof(param->name)); -} - -static void __init dm_setup_drive(void) -{ - struct device_node *dt_node; - const char *name; - const char *version; - const char *data_device; - const char *hash_device; - const char *data_block_size; - const char *hash_block_size; - const char *number_of_data_blocks; - const char *hash_start_block; - const char *algorithm; - const char *digest; - const char *salt; - const char *opt; - int len; - unsigned long long data_blocks; - char dummy; - char *verity_params; - size_t bufsize; - char *buffer = kzalloc(DM_BUF_SIZE, GFP_KERNEL); - struct dm_ioctl *param = (struct dm_ioctl *) buffer; - size_t dm_sz = sizeof(struct dm_ioctl); - struct dm_target_spec *tgt = (struct dm_target_spec *) &buffer[dm_sz]; - - if (!buffer) - goto fail; - dt_node = of_find_node_by_path("/soc/dm_verity"); - if (!dt_node) { - DMERR("(E) Failed to find device-tree node: /soc/dm_verity"); - goto fail; - } - - name = of_get_property(dt_node, "dmname", &len); - if (name == NULL) - goto fail; - DMDEBUG("(I) name=%s", name); - - if (strcmp(name, "disabled") == 0) { - pr_info("dm: dm-verity is disabled."); - kfree(buffer); - return; - } - - version = of_get_property(dt_node, "version", &len); - if (version == NULL) - goto fail; - DMDEBUG("(I) version=%s", version); - - data_device = of_get_property(dt_node, "data_device", &len); - if (data_device == NULL) - goto fail; - DMDEBUG("(I) data_device=%s", data_device); - - hash_device = of_get_property(dt_node, "hash_device", &len); - if (hash_device == NULL) - goto fail; - DMDEBUG("(I) hash_device=%s", hash_device); - - data_block_size = of_get_property(dt_node, "data_block_size", &len); - if (data_block_size == NULL) - goto fail; - DMDEBUG("(I) data_block_size=%s", data_block_size); - - hash_block_size = of_get_property(dt_node, "hash_block_size", &len); - if (hash_block_size == NULL) - goto fail; - DMDEBUG("(I) hash_block_size=%s", hash_block_size); - - number_of_data_blocks = of_get_property(dt_node, - "number_of_data_blocks", - &len); - if (number_of_data_blocks == NULL) - goto fail; - DMDEBUG("(I) number_of_data_blocks=%s", number_of_data_blocks); - - hash_start_block = of_get_property(dt_node, "hash_start_block", &len); - if (hash_start_block == NULL) - goto fail; - DMDEBUG("(I) hash_start_block=%s", hash_start_block); - - algorithm = of_get_property(dt_node, "algorithm", &len); - if (algorithm == NULL) - goto fail; - DMDEBUG("(I) algorithm=%s", algorithm); - - digest = of_get_property(dt_node, "digest", &len); - if (digest == NULL) - goto fail; - DMDEBUG("(I) digest=%s", digest); - - salt = of_get_property(dt_node, "salt", &len); - if (salt == NULL) - goto fail; - DMDEBUG("(I) salt=%s", salt); - - opt = of_get_property(dt_node, "opt", &len); - if (opt == NULL) - goto fail; - DMDEBUG("(I) opt=%s", opt); - - init_param(param, name); - if (dm_ioctrl(DM_DEV_CREATE_CMD, param)) { - DMERR("(E) failed to create the device"); - goto fail; - } - - init_param(param, name); - param->target_count = 1; - /* set tgt arguments */ - tgt->status = 0; - tgt->sector_start = 0; - if (sscanf(number_of_data_blocks, "%llu%c", &data_blocks, &dummy) != 1) - goto fail; - - tgt->length = data_blocks*4096/512; /* size in sector of data dev */ - strlcpy(tgt->target_type, "verity", sizeof(tgt->target_type)); - /* build the verity params here */ - verity_params = buffer + dm_sz + sizeof(struct dm_target_spec); - bufsize = DM_BUF_SIZE - (verity_params - buffer); - - verity_params += snprintf(verity_params, bufsize, - "%s %s %s %s %s %s %s %s %s %s 1 %s", - version, - data_device, hash_device, - data_block_size, hash_block_size, - number_of_data_blocks, hash_start_block, - algorithm, digest, salt, opt); - - tgt->next = verity_params - buffer; - if (dm_ioctrl(DM_TABLE_LOAD_CMD, param)) { - DMERR("(E) failed to load the device"); - goto fail; - } - - init_param(param, name); - if (dm_ioctrl(DM_DEV_SUSPEND_CMD, param)) { - DMERR("(E) failed to suspend the device"); - goto fail; - } - - pr_info("dm: dm-0 (%s) is ready", data_device); - kfree(buffer); - return; - -fail: - pr_info("dm: starting dm-0 failed"); - kfree(buffer); - return; - -} - -void __init dm_verity_setup(void) -{ - pr_info("dm: attempting early device configuration."); - dm_setup_drive(); -}