~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,20 +1,8 @@
	1	+/* SPDX-License-Identifier: GPL-2.0-only */
1	2	/*
2	3	* This file is part of UBIFS.
3	4	*
4	5	* Copyright (C) 2006-2008 Nokia Corporation.
5		- *
6		- * This program is free software; you can redistribute it and/or modify it
7		- * under the terms of the GNU General Public License version 2 as published by
8		- * the Free Software Foundation.
9		- *
10		- * This program is distributed in the hope that it will be useful, but WITHOUT
11		- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12		- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13		- * more details.
14		- *
15		- * You should have received a copy of the GNU General Public License along with
16		- * this program; if not, write to the Free Software Foundation, Inc., 51
17		- * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18	6	*
19	7	* Authors: Artem Bityutskiy (Битюцкий Артём)
20	8	* Adrian Hunter
..	..	@@ -286,6 +274,9 @@
286	274	#define UBIFS_IDX_NODE_SZ sizeof(struct ubifs_idx_node)
287	275	#define UBIFS_CS_NODE_SZ sizeof(struct ubifs_cs_node)
288	276	#define UBIFS_ORPH_NODE_SZ sizeof(struct ubifs_orph_node)
	277	+#define UBIFS_AUTH_NODE_SZ sizeof(struct ubifs_auth_node)
	278	+#define UBIFS_SIG_NODE_SZ sizeof(struct ubifs_sig_node)
	279	+
289	280	/* Extended attribute entry nodes are identical to directory entry nodes */
290	281	#define UBIFS_XENT_NODE_SZ UBIFS_DENT_NODE_SZ
291	282	/* Only this does not have to be multiple of 8 bytes */
..	..	@@ -300,12 +291,20 @@
300	291	/* The largest UBIFS node */
301	292	#define UBIFS_MAX_NODE_SZ UBIFS_MAX_INO_NODE_SZ
302	293
	294	+/* The maxmimum size of a hash, enough for sha512 */
	295	+#define UBIFS_MAX_HASH_LEN 64
	296	+
	297	+/* The maxmimum size of a hmac, enough for hmac(sha512) */
	298	+#define UBIFS_MAX_HMAC_LEN 64
	299	+
303	300	/*
304	301	* xattr name of UBIFS encryption context, we don't use a prefix
305	302	* nor a long name to not waste space on the flash.
306	303	*/
307	304	#define UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT "c"
308	305
	306	+/* Type field in ubifs_sig_node */
	307	+#define UBIFS_SIGNATURE_TYPE_PKCS7 1
309	308
310	309	/*
311	310	* On-flash inode flags.
..	..	@@ -341,12 +340,14 @@
341	340	* UBIFS_COMPR_NONE: no compression
342	341	* UBIFS_COMPR_LZO: LZO compression
343	342	* UBIFS_COMPR_ZLIB: ZLIB compression
	343	+ * UBIFS_COMPR_ZSTD: ZSTD compression
344	344	* UBIFS_COMPR_TYPES_CNT: count of supported compression types
345	345	*/
346	346	enum {
347	347	UBIFS_COMPR_NONE,
348	348	UBIFS_COMPR_LZO,
349	349	UBIFS_COMPR_ZLIB,
	350	+ UBIFS_COMPR_ZSTD,
350	351	UBIFS_COMPR_TYPES_CNT,
351	352	};
352	353
..	..	@@ -365,6 +366,8 @@
365	366	* UBIFS_IDX_NODE: index node
366	367	* UBIFS_CS_NODE: commit start node
367	368	* UBIFS_ORPH_NODE: orphan node
	369	+ * UBIFS_AUTH_NODE: authentication node
	370	+ * UBIFS_SIG_NODE: signature node
368	371	* UBIFS_NODE_TYPES_CNT: count of supported node types
369	372	*
370	373	* Note, we index arrays by these numbers, so keep them low and contiguous.
..	..	@@ -384,6 +387,8 @@
384	387	UBIFS_IDX_NODE,
385	388	UBIFS_CS_NODE,
386	389	UBIFS_ORPH_NODE,
	390	+ UBIFS_AUTH_NODE,
	391	+ UBIFS_SIG_NODE,
387	392	UBIFS_NODE_TYPES_CNT,
388	393	};
389	394
..	..	@@ -421,15 +426,19 @@
421	426	* UBIFS_FLG_DOUBLE_HASH: store a 32bit cookie in directory entry nodes to
422	427	* support 64bit cookies for lookups by hash
423	428	* UBIFS_FLG_ENCRYPTION: this filesystem contains encrypted files
	429	+ * UBIFS_FLG_AUTHENTICATION: this filesystem contains hashes for authentication
424	430	*/
425	431	enum {
426	432	UBIFS_FLG_BIGLPT = 0x02,
427	433	UBIFS_FLG_SPACE_FIXUP = 0x04,
428	434	UBIFS_FLG_DOUBLE_HASH = 0x08,
429	435	UBIFS_FLG_ENCRYPTION = 0x10,
	436	+ UBIFS_FLG_AUTHENTICATION = 0x20,
430	437	};
431	438
432		-#define UBIFS_FLG_MASK (UBIFS_FLG_BIGLPT\|UBIFS_FLG_SPACE_FIXUP\|UBIFS_FLG_DOUBLE_HASH\|UBIFS_FLG_ENCRYPTION)
	439	+#define UBIFS_FLG_MASK (UBIFS_FLG_BIGLPT \| UBIFS_FLG_SPACE_FIXUP \| \
	440	+ UBIFS_FLG_DOUBLE_HASH \| UBIFS_FLG_ENCRYPTION \| \
	441	+ UBIFS_FLG_AUTHENTICATION)
433	442
434	443	/**
435	444	* struct ubifs_ch - common header node.
..	..	@@ -633,6 +642,12 @@
633	642	* @time_gran: time granularity in nanoseconds
634	643	* @uuid: UUID generated when the file system image was created
635	644	* @ro_compat_version: UBIFS R/O compatibility version
	645	+ * @hmac: HMAC to authenticate the superblock node
	646	+ * @hmac_wkm: HMAC of a well known message (the string "UBIFS") as a convenience
	647	+ * to the user to check if the correct key is passed.
	648	+ * @hash_algo: The hash algo used for this filesystem (one of enum hash_algo)
	649	+ * @hash_mst: hash of the master node, only valid for signed images in which the
	650	+ * master node does not contain a hmac
636	651	*/
637	652	struct ubifs_sb_node {
638	653	struct ubifs_ch ch;
..	..	@@ -660,7 +675,11 @@
660	675	__le32 time_gran;
661	676	__u8 uuid[16];
662	677	__le32 ro_compat_version;
663		- __u8 padding2[3968];
	678	+ __u8 hmac[UBIFS_MAX_HMAC_LEN];
	679	+ __u8 hmac_wkm[UBIFS_MAX_HMAC_LEN];
	680	+ __le16 hash_algo;
	681	+ __u8 hash_mst[UBIFS_MAX_HASH_LEN];
	682	+ __u8 padding2[3774];
664	683	} __packed;
665	684
666	685	/**
..	..	@@ -695,6 +714,9 @@
695	714	* @empty_lebs: number of empty logical eraseblocks
696	715	* @idx_lebs: number of indexing logical eraseblocks
697	716	* @leb_cnt: count of LEBs used by file-system
	717	+ * @hash_root_idx: the hash of the root index node
	718	+ * @hash_lpt: the hash of the LPT
	719	+ * @hmac: HMAC to authenticate the master node
698	720	* @padding: reserved for future, zeroes
699	721	*/
700	722	struct ubifs_mst_node {
..	..	@@ -727,7 +749,10 @@
727	749	__le32 empty_lebs;
728	750	__le32 idx_lebs;
729	751	__le32 leb_cnt;
730		- __u8 padding[344];
	752	+ __u8 hash_root_idx[UBIFS_MAX_HASH_LEN];
	753	+ __u8 hash_lpt[UBIFS_MAX_HASH_LEN];
	754	+ __u8 hmac[UBIFS_MAX_HMAC_LEN];
	755	+ __u8 padding[152];
731	756	} __packed;
732	757
733	758	/**
..	..	@@ -747,11 +772,42 @@
747	772	} __packed;
748	773
749	774	/**
	775	+ * struct ubifs_auth_node - node for authenticating other nodes
	776	+ * @ch: common header
	777	+ * @hmac: The HMAC
	778	+ */
	779	+struct ubifs_auth_node {
	780	+ struct ubifs_ch ch;
	781	+ __u8 hmac[];
	782	+} __packed;
	783	+
	784	+/**
	785	+ * struct ubifs_sig_node - node for signing other nodes
	786	+ * @ch: common header
	787	+ * @type: type of the signature, currently only UBIFS_SIGNATURE_TYPE_PKCS7
	788	+ * supported
	789	+ * @len: The length of the signature data
	790	+ * @padding: reserved for future, zeroes
	791	+ * @sig: The signature data
	792	+ */
	793	+struct ubifs_sig_node {
	794	+ struct ubifs_ch ch;
	795	+ __le32 type;
	796	+ __le32 len;
	797	+ __u8 padding[32];
	798	+ __u8 sig[];
	799	+} __packed;
	800	+
	801	+/**
750	802	* struct ubifs_branch - key/reference/length branch
751	803	* @lnum: LEB number of the target node
752	804	* @offs: offset within @lnum
753	805	* @len: target node length
754	806	* @key: key
	807	+ *
	808	+ * In an authenticated UBIFS we have the hash of the referenced node after @key.
	809	+ * This can't be added to the struct type definition because @key is a
	810	+ * dynamically sized element already.
755	811	*/
756	812	struct ubifs_branch {
757	813	__le32 lnum;