From c940c5a0f207531b385ba8e9d181dc3f4a616eea Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Mon, 27 May 2024 08:05:30 -0400
Subject: [PATCH] lib: Add a thin public API wrapper for `FS_IOC_ENABLE_VERITY`

The main thing is this helps ensure that other external
software using the library uses the same fsverity parameters.
There's also the aspect that using ioctl() from some non-C
languages is tricky.

Signed-off-by: Colin Walters <walters@verbum.org>
---
 libcomposefs/lcfs-writer.c | 22 ++++++++++++++++++++++
 libcomposefs/lcfs-writer.h |  1 +
 tools/mkcomposefs.c        | 20 +-------------------
 3 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/libcomposefs/lcfs-writer.c b/libcomposefs/lcfs-writer.c
index f7e2ef88..fabbc44b 100644
--- a/libcomposefs/lcfs-writer.c
+++ b/libcomposefs/lcfs-writer.c
@@ -635,6 +635,28 @@ static int read_content(int fd, size_t size, uint8_t *buf)
 	return 0;
 }
 
+// Given a file descriptor, enable fsverity.  This
+// is a thin wrapper for the underlying `FS_IOC_ENABLE_VERITY`
+// ioctl.  For example, it is an error if the file already
+// has verity enabled.
+int lcfs_fd_enable_fsverity(int fd)
+{
+	struct fsverity_enable_arg arg = {};
+
+	arg.version = 1;
+	arg.hash_algorithm = FS_VERITY_HASH_ALG_SHA256;
+	arg.block_size = 4096;
+	arg.salt_size = 0;
+	arg.salt_ptr = 0;
+	arg.sig_size = 0;
+	arg.sig_ptr = 0;
+
+	if (ioctl(fd, FS_IOC_ENABLE_VERITY, &arg) != 0) {
+		return -errno;
+	}
+	return 0;
+}
+
 static void digest_to_path(const uint8_t *csum, char *buf)
 {
 	static const char hexchars[] = "0123456789abcdef";
diff --git a/libcomposefs/lcfs-writer.h b/libcomposefs/lcfs-writer.h
index 756e0e2d..10927fb7 100644
--- a/libcomposefs/lcfs-writer.h
+++ b/libcomposefs/lcfs-writer.h
@@ -157,5 +157,6 @@ LCFS_EXTERN int lcfs_fd_get_fsverity(uint8_t *digest, int fd);
 
 LCFS_EXTERN int lcfs_node_set_from_content(struct lcfs_node_s *node, int dirfd,
 					   const char *fname, int buildflags);
+LCFS_EXTERN int lcfs_fd_enable_fsverity(int fd);
 
 #endif
diff --git a/tools/mkcomposefs.c b/tools/mkcomposefs.c
index 5e78db8b..fd0d6645 100644
--- a/tools/mkcomposefs.c
+++ b/tools/mkcomposefs.c
@@ -702,24 +702,6 @@ static int join_paths(char **out, const char *path1, const char *path2)
 	return asprintf(out, "%.*s%s%s", len, path1, sep, path2);
 }
 
-static errint_t enable_verity(int fd)
-{
-	struct fsverity_enable_arg arg = {};
-
-	arg.version = 1;
-	arg.hash_algorithm = FS_VERITY_HASH_ALG_SHA256;
-	arg.block_size = 4096;
-	arg.salt_size = 0;
-	arg.salt_ptr = 0;
-	arg.sig_size = 0;
-	arg.sig_ptr = 0;
-
-	if (ioctl(fd, FS_IOC_ENABLE_VERITY, &arg) != 0) {
-		return -errno;
-	}
-	return 0;
-}
-
 static void cleanup_unlink_freep(void *pp)
 {
 	char *filename = *(char **)pp;
@@ -981,7 +963,7 @@ static int copy_file_with_dirs_if_needed(const char *src, const char *dst_base,
 		}
 
 		if (fstat(dfd, &statbuf) == 0) {
-			err = enable_verity(dfd);
+			err = lcfs_fd_enable_fsverity(dfd);
 			if (err < 0) {
 				/* Ignore errors, we're only trying to enable it */
 			}