package dmverity

hcsshim – github.com/Microsoft/hcsshim/ext4/dmverity Index | Files

import "github.com/Microsoft/hcsshim/ext4/dmverity"

Index ¶

Constants
Variables
func ComputeAndWriteHashDevice(r io.ReadSeeker, w io.Writer) error
func MerkleTree(r io.Reader) ([]byte, error)
func NewDMVeritySuperblock(size uint64) *dmveritySuperblock
func RootHash(tree []byte) []byte
type VerityInfo

func ReadDMVerityInfo(vhdPath string, offsetInBytes int64) (*VerityInfo, error)
func ReadDMVerityInfoReader(r io.Reader) (*VerityInfo, error)

Constants ¶

const (

	// MerkleTreeBufioSize is a default buffer size to use with bufio.Reader
	MerkleTreeBufioSize = memory.MiB // 1MB
	// RecommendedVHDSizeGB is the recommended size in GB for VHDs, which is not a hard limit.
	RecommendedVHDSizeGB = 128 * memory.GiB
	// VeritySignature is a value written to dm-verity super-block.
	VeritySignature = "verity"
)

Variables ¶

var (
	ErrSuperBlockReadFailure  = errors.New("failed to read dm-verity super block")
	ErrSuperBlockParseFailure = errors.New("failed to parse dm-verity super block")
	ErrRootHashReadFailure    = errors.New("failed to read dm-verity root hash")
	ErrNotVeritySuperBlock    = errors.New("invalid dm-verity super-block signature")
)

Functions ¶

func ComputeAndWriteHashDevice ¶

func ComputeAndWriteHashDevice(r io.ReadSeeker, w io.Writer) error

ComputeAndWriteHashDevice builds merkle tree from a given io.ReadSeeker and writes the result hash device (dm-verity super-block combined with merkle tree) to io.Writer.

func MerkleTree ¶

func MerkleTree(r io.Reader) ([]byte, error)

MerkleTree constructs dm-verity hash-tree for a given io.Reader with a fixed salt (0-byte) and algorithm (sha256).

func NewDMVeritySuperblock ¶

func NewDMVeritySuperblock(size uint64) *dmveritySuperblock

NewDMVeritySuperblock returns a dm-verity superblock for a device with a given size, salt, algorithm and versions are fixed.

func RootHash ¶

func RootHash(tree []byte) []byte

RootHash computes root hash of dm-verity hash-tree

Types ¶

type VerityInfo ¶

type VerityInfo struct {
	// Offset in blocks on hash device
	HashOffsetInBlocks int64
	// Set to true, when dm-verity super block is also written on the hash device
	SuperBlock    bool
	RootDigest    string
	Salt          string
	Algorithm     string
	DataBlockSize uint32
	HashBlockSize uint32
	DataBlocks    uint64
	Version       uint32
}

VerityInfo is minimal exported version of dmveritySuperblock

func ReadDMVerityInfo ¶

func ReadDMVerityInfo(vhdPath string, offsetInBytes int64) (*VerityInfo, error)

ReadDMVerityInfo extracts dm-verity super block information and merkle tree root hash

func ReadDMVerityInfoReader ¶

func ReadDMVerityInfoReader(r io.Reader) (*VerityInfo, error)

Source Files ¶

dmverity.go

Version: v0.13.0 (latest)
Published: Apr 21, 2025
Platform: linux/amd64
Imports: 11 packages
Last checked: 11 hours ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples