Commit 13e2408d authored by Eric Biggers's avatar Eric Biggers
Browse files

fsverity: simplify error handling in verify_data_block() 

Clean up the error handling in verify_data_block() to (a) eliminate the
'err' variable which has caused some confusion because the function
actually returns a bool, (b) reduce the compiled code size slightly, and
(c) execute one fewer branch in the success case.

Link: https://lore.kernel.org/r/20230604022312.48532-1-ebiggers@kernel.org


Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
parent d1f0c5ea

fs/verity/verify.c

+21 −34
Original line number Diff line number Diff line
@@ -12,23 +12,6 @@ 


static struct workqueue_struct *fsverity_read_workqueue;



static inline int cmp_hashes(const struct fsverity_info *vi,

			     const u8 *want_hash, const u8 *real_hash,

			     u64 data_pos, int level)

{

	const unsigned int hsize = vi->tree_params.digest_size;



	if (memcmp(want_hash, real_hash, hsize) == 0)

		return 0;



	fsverity_err(vi->inode,

		     "FILE CORRUPTED! pos=%llu, level=%d, want_hash=%s:%*phN, real_hash=%s:%*phN",

		     data_pos, level,

		     vi->tree_params.hash_alg->name, hsize, want_hash,

		     vi->tree_params.hash_alg->name, hsize, real_hash);

	return -EBADMSG;

}



/*

 * Returns true if the hash block with index @hblock_idx in the tree, located in

 * @hpage, has already been verified.
@@ -131,7 +114,6 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi, 
	 * index of that block's hash within the current level.

	 */

	u64 hidx = data_pos >> params->log_blocksize;

	int err;



	/* Up to 1 + FS_VERITY_MAX_LEVELS pages may be mapped at once */

	BUILD_BUG_ON(1 + FS_VERITY_MAX_LEVELS > KM_MAX_IDX);
@@ -191,11 +173,10 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi, 
				hpage_idx, level == 0 ? min(max_ra_pages,

					params->tree_pages - hpage_idx) : 0);

		if (IS_ERR(hpage)) {

			err = PTR_ERR(hpage);

			fsverity_err(inode,

				     "Error %d reading Merkle tree page %lu",

				     err, hpage_idx);

			goto out;

				     "Error %ld reading Merkle tree page %lu",

				     PTR_ERR(hpage), hpage_idx);

			goto error;

		}

		haddr = kmap_local_page(hpage) + hblock_offset_in_page;

		if (is_hash_block_verified(vi, hpage, hblock_idx)) {
@@ -221,12 +202,10 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi, 
		unsigned long hblock_idx = hblocks[level - 1].index;

		unsigned int hoffset = hblocks[level - 1].hoffset;



		err = fsverity_hash_block(params, inode, haddr, real_hash);

		if (err)

			goto out;

		err = cmp_hashes(vi, want_hash, real_hash, data_pos, level - 1);

		if (err)

			goto out;

		if (fsverity_hash_block(params, inode, haddr, real_hash) != 0)

			goto error;

		if (memcmp(want_hash, real_hash, hsize) != 0)

			goto corrupted;

		/*

		 * Mark the hash block as verified.  This must be atomic and

		 * idempotent, as the same hash block might be verified by
@@ -243,16 +222,24 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi, 
	}



	/* Finally, verify the data block. */

	err = fsverity_hash_block(params, inode, data, real_hash);

	if (err)

		goto out;

	err = cmp_hashes(vi, want_hash, real_hash, data_pos, -1);

out:

	if (fsverity_hash_block(params, inode, data, real_hash) != 0)

		goto error;

	if (memcmp(want_hash, real_hash, hsize) != 0)

		goto corrupted;

	return true;



corrupted:

	fsverity_err(inode,

		     "FILE CORRUPTED! pos=%llu, level=%d, want_hash=%s:%*phN, real_hash=%s:%*phN",

		     data_pos, level - 1,

		     params->hash_alg->name, hsize, want_hash,

		     params->hash_alg->name, hsize, real_hash);

error:

	for (; level > 0; level--) {

		kunmap_local(hblocks[level - 1].addr);

		put_page(hblocks[level - 1].page);

	}

	return err == 0;

	return false;

}



static bool