Google Git
Sign in
kernel / pub / scm / linux / kernel / git / jes / fsverity-utils / 3b40b2e3a101b63784752eeb4d56fec0d3f43e23^! / .
commit3b40b2e3a101b63784752eeb4d56fec0d3f43e23[log] [tgz]
authorEric Biggers <ebiggers@google.com>Wed Jun 20 22:44:42 2018 -0700
committerEric Biggers <ebiggers@google.com>Wed Jun 20 22:44:42 2018 -0700
tree8c5540a5483c6d54036885fef817058a96423551
parent3deb80a29b03fd69d3bcd23f0f837c91f2ff6726 [diff]
fsveritysetup: by default, don't depend on 'veritysetup' program

Signed-off-by: Eric Biggers <ebiggers@google.com>

diff --git a/fsveritysetup b/fsveritysetup
index 490a961..af158b7 100755
--- a/fsveritysetup
+++ b/fsveritysetup

@@ -315,9 +315,9 @@
     if self.patches_and_elisions is None:
       self.patches_and_elisions = []
 
-    self.builtin_veritysetup = kwargs.get('builtin_veritysetup')
-    if self.builtin_veritysetup is None:
-      self.builtin_veritysetup = False
+    self.external_veritysetup = kwargs.get('external_veritysetup')
+    if self.external_veritysetup is None:
+      self.external_veritysetup = False
 
     self.signing_key_file = kwargs.get('signing_key_file')
     self.signature_file = kwargs.get('signature_file')
@@ -390,10 +390,7 @@
     with self._open_tmpfile('wb') as f:
       tree_filename = f.name
 
-    if self.builtin_veritysetup:
-      root_hash = veritysetup(data_filename, tree_filename, self.salt,
-                              self.algorithm)
-    else:
+    if self.external_veritysetup:
       # Delegate to 'veritysetup' to actually build the Merkle tree.
       cmd = [
           'veritysetup',
@@ -417,6 +414,9 @@
           break
       if root_hash is None:
         raise OSError('Root hash not found in veritysetup output!')
+    else: # builtin veritysetup
+      root_hash = veritysetup(data_filename, tree_filename, self.salt,
+                              self.algorithm)
     return root_hash, tree_filename
 
   def _generate_footer(self):
@@ -658,11 +658,11 @@
       beginning at <offset> in the original file and continuing for <length>
       bytes will not be verified.""")
   parser.add_argument(
-      '--builtin-veritysetup',
+      '--external-veritysetup',
       action='store_const',
       const=True,
-      help="""Use the built-in Merkle tree generation algorithm rather than
-      invoking the external veritysetup program.  They should produce the same
+      help="""Invoke the external veritysetup program rather than using the
+      built-in Merkle tree generation algorithm.  They should produce the same
       result.""")
   parser.add_argument(
       '--signing-key',
@@ -687,7 +687,7 @@
         args.hash,
         salt=args.salt,
         patches_and_elisions=args.patches_and_elisions,
-        builtin_veritysetup=args.builtin_veritysetup,
+        external_veritysetup=args.external_veritysetup,
         signing_key_file=args.signing_key,
         signature_file=args.signature)
   except BadPatchOrElisionError as e: