UPSTREAM: dm verity: add ignore_zero_blocks feature

      notify user space.

ignore_zero_blocks

    Do not verify blocks that are expected to contain zeroes and always return

    zeroes instead. This may be useful if the partition contains unused blocks

    that are not guaranteed to contain zeroes.

use_fec_from_device <fec_dev>

    Use forward error correction (FEC) to recover from corruption if hash

    verification fails. Use encoding data from the specified device. This

			 u64 rsb, u64 target, unsigned block_offset,

			 int *neras)

{

	bool is_zero;

	int i, j, target_index = -1;

	struct dm_buffer *buf;

	struct dm_bufio_client *bufio;

		/* locate erasures if the block is on the data device */

		if (bufio == v->fec->data_bufio &&

		    verity_hash_for_block(v, io, block, want_digest) == 0) {

		    verity_hash_for_block(v, io, block, want_digest,

					  &is_zero) == 0) {

			/* skip known zero blocks entirely */

			if (is_zero)

				continue;

			/*

			 * skip if we have already found the theoretical

			 * maximum number (i.e. fec->roots) of erasures

#define DM_VERITY_OPT_LOGGING		"ignore_corruption"

#define DM_VERITY_OPT_RESTART		"restart_on_corruption"

#define DM_VERITY_OPT_IGN_ZEROES	"ignore_zero_blocks"

#define DM_VERITY_OPTS_MAX		(1 + DM_VERITY_OPTS_FEC)

#define DM_VERITY_OPTS_MAX		(2 + DM_VERITY_OPTS_FEC)

static unsigned dm_verity_prefetch_cluster = DM_VERITY_DEFAULT_PREFETCH_SIZE;

 * of the hash tree if necessary.

 */

int verity_hash_for_block(struct dm_verity *v, struct dm_verity_io *io,

			  sector_t block, u8 *digest)

			  sector_t block, u8 *digest, bool *is_zero)

{

	int i;

	int r;

	int r = 0, i;

	if (likely(v->levels)) {

		/*

		 */

		r = verity_verify_level(v, io, block, 0, true, digest);

		if (likely(r <= 0))

			return r;

			goto out;

	}

	memcpy(digest, v->root_digest, v->digest_size);

	for (i = v->levels - 1; i >= 0; i--) {

		r = verity_verify_level(v, io, block, i, false, digest);

		if (unlikely(r))

			return r;

			goto out;

	}

out:

	if (!r && v->zero_digest)

		*is_zero = !memcmp(v->zero_digest, digest, v->digest_size);

	else

		*is_zero = false;

	return 0;

	return r;

}

/*

	return verity_hash_update(v, verity_io_hash_desc(v, io), data, len);

}

static int verity_bv_zero(struct dm_verity *v, struct dm_verity_io *io,

			  u8 *data, size_t len)

{

	memset(data, 0, len);

	return 0;

}

/*

 * Verify one "dm_verity_io" structure.

 */

static int verity_verify_io(struct dm_verity_io *io)

{

	bool is_zero;

	struct dm_verity *v = io->v;

	struct bvec_iter start;

	unsigned b;

		struct shash_desc *desc = verity_io_hash_desc(v, io);

		r = verity_hash_for_block(v, io, io->block + b,

					  verity_io_want_digest(v, io));

					  verity_io_want_digest(v, io),

					  &is_zero);

		if (unlikely(r < 0))

			return r;

		if (is_zero) {

			/*

			 * If we expect a zero block, don't validate, just

			 * return zeros.

			 */

			r = verity_for_bv_block(v, io, &io->iter,

						verity_bv_zero);

			if (unlikely(r < 0))

				return r;

			continue;

		}

		r = verity_hash_init(v, desc);

		if (unlikely(r < 0))

			return r;

			args++;

		if (verity_fec_is_enabled(v))

			args += DM_VERITY_OPTS_FEC;

		if (v->zero_digest)

			args++;

		if (!args)

			return;

		DMEMIT(" %u", args);

				BUG();

			}

		}

		if (v->zero_digest)

			DMEMIT(" " DM_VERITY_OPT_IGN_ZEROES);

		sz = verity_fec_status_table(v, sz, result, maxlen);

		break;

	}

	kfree(v->salt);

	kfree(v->root_digest);

	kfree(v->zero_digest);

	if (v->tfm)

		crypto_free_shash(v->tfm);

	kfree(v);

}

static int verity_alloc_zero_digest(struct dm_verity *v)

{

	int r = -ENOMEM;

	struct shash_desc *desc;

	u8 *zero_data;

	v->zero_digest = kmalloc(v->digest_size, GFP_KERNEL);

	if (!v->zero_digest)

		return r;

	desc = kmalloc(v->shash_descsize, GFP_KERNEL);

	if (!desc)

		return r; /* verity_dtr will free zero_digest */

	zero_data = kzalloc(1 << v->data_dev_block_bits, GFP_KERNEL);

	if (!zero_data)

		goto out;

	r = verity_hash(v, desc, zero_data, 1 << v->data_dev_block_bits,

			v->zero_digest);

out:

	kfree(desc);

	kfree(zero_data);

	return r;

}

static int verity_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v)

{

	int r;

			v->mode = DM_VERITY_MODE_RESTART;

			continue;

		} else if (!strcasecmp(arg_name, DM_VERITY_OPT_IGN_ZEROES)) {

			r = verity_alloc_zero_digest(v);

			if (r) {

				ti->error = "Cannot allocate zero digest";

				return r;

			}

			continue;

		} else if (verity_is_fec_opt_arg(arg_name)) {

			r = verity_fec_parse_opt_args(as, v, &argc, arg_name);

			if (r)

	struct crypto_shash *tfm;

	u8 *root_digest;	/* digest of the root block */

	u8 *salt;		/* salt: its size is salt_size */

	u8 *zero_digest;	/* digest for a zero block */

	unsigned salt_size;

	sector_t data_start;	/* data offset in 512-byte sectors */

	sector_t hash_start;	/* hash start in blocks */

		       const u8 *data, size_t len, u8 *digest);

extern int verity_hash_for_block(struct dm_verity *v, struct dm_verity_io *io,

				 sector_t block, u8 *digest);

				 sector_t block, u8 *digest, bool *is_zero);

#endif /* DM_VERITY_H */