1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 2 /* 3 * fs-verity user API 4 * 5 * These ioctls can be used on filesystems that support fs-verity. See the 6 * "User API" section of Documentation/filesystems/fsverity.rst. 7 * 8 * Copyright 2019 Google LLC 9 */ 10 #ifndef _UAPI_LINUX_FSVERITY_H 11 #define _UAPI_LINUX_FSVERITY_H 12 13 #include <linux/ioctl.h> 14 #include <linux/types.h> 15 16 #define FS_VERITY_HASH_ALG_SHA256 1 17 #define FS_VERITY_HASH_ALG_SHA512 2 18 19 struct fsverity_enable_arg { 20 __u32 version; 21 __u32 hash_algorithm; 22 __u32 block_size; 23 __u32 salt_size; 24 __u64 salt_ptr; 25 __u32 sig_size; 26 __u32 __reserved1; 27 __u64 sig_ptr; 28 __u64 __reserved2[11]; 29 }; 30 31 struct fsverity_digest { 32 __u16 digest_algorithm; 33 __u16 digest_size; /* input/output */ 34 __u8 digest[]; 35 }; 36 37 #define FS_IOC_ENABLE_VERITY _IOW('f', 133, struct fsverity_enable_arg) 38 #define FS_IOC_MEASURE_VERITY _IOWR('f', 134, struct fsverity_digest) 39 40 struct code_sign_enable_arg { 41 __u32 version; 42 __u32 hash_algorithm; 43 __u32 block_size; 44 __u32 salt_size; 45 __u64 salt_ptr; 46 __u32 sig_size; 47 __u32 __reserved1; 48 __u64 sig_ptr; 49 __u64 __reserved2[5]; 50 __u32 __reserved3; 51 __u32 pgtypeinfo_size; 52 __u64 pgtypeinfo_off; 53 __u64 tree_offset; 54 __u64 root_hash_ptr; 55 __u64 data_size; 56 __u32 flags; 57 __u32 cs_version; 58 }; 59 60 #define FS_IOC_ENABLE_CODE_SIGN _IOW('f', 200, struct code_sign_enable_arg) 61 62 #endif /* _UAPI_LINUX_FSVERITY_H */ 63