Add --shared option in veritysetup open action.

The option allows data device to be used in multiple DM table mappings and exclusive access is not checked anymore in-before device activation. It also allows correct concurrent verity device activation. With --shared option if multiple processes compete for same DM verity name using same underlying data device we can now guarantee one process succeeds and all other fails with -EEXIST.
mbroz · Jul 24, 2024 · 002f73b · 002f73b
1 parent ec9b97a
commit 002f73b
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 3 deletions.
diff --git a/man/veritysetup.8.adoc b/man/veritysetup.8.adoc
@@ -58,7 +58,8 @@ The <root_hash> is a hexadecimal string.
 
 *<options>* can be [--hash-offset, --no-superblock, --ignore-corruption
 or --restart-on-corruption, --panic-on-corruption, --ignore-zero-blocks,
---check-at-most-once, --root-hash-signature, --root-hash-file, --use-tasklets].
+--check-at-most-once, --root-hash-signature, --root-hash-file, --use-tasklets,
+--shared].
 
 If option --root-hash-file is used, the root hash is read from <path>
 instead of from the command line parameter. Expects hex-encoded text,
@@ -223,6 +224,11 @@ recent.
 *--salt=hex string*::
 Salt used for format or verification. Format is a hexadecimal string.
 
+*--shared*::
+Allows data device to be used in shared mode. The data device is not checked
+for exclusive access in-before the device activation and may be mapped in multiple
+verity mappings.
+
 *--usage*::
 Show short option help.
 

diff --git a/src/veritysetup.c b/src/veritysetup.c
@@ -173,6 +173,8 @@ static int _activate(const char *dm_device,
 		activate_flags |= CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE;
 	if (ARG_SET(OPT_USE_TASKLETS_ID))
 		activate_flags |= CRYPT_ACTIVATE_TASKLETS;
+	if (ARG_SET(OPT_SHARED_ID))
+		activate_flags |= CRYPT_ACTIVATE_SHARED;
 
 	if (!ARG_SET(OPT_NO_SUPERBLOCK_ID)) {
 		params.flags = flags;

diff --git a/src/veritysetup_arg_list.h b/src/veritysetup_arg_list.h
@@ -50,6 +50,8 @@ ARG(OPT_ROOT_HASH_SIGNATURE, '\0', POPT_ARG_STRING, N_("Path to root hash signat
 
 ARG(OPT_SALT, 's', POPT_ARG_STRING, N_("Salt"), N_("hex string"), CRYPT_ARG_STRING, {}, {})
 
+ARG(OPT_SHARED, '\0', POPT_ARG_NONE, N_("Share data device with another verity segment"), NULL, CRYPT_ARG_BOOL, {}, OPT_SHARED_ACTIONS )
+
 ARG(OPT_USE_TASKLETS, '\0', POPT_ARG_NONE, N_("Use kernel tasklets for performance"), NULL, CRYPT_ARG_BOOL, {}, OPT_USE_TASKLETS_ACTIONS)
 
 ARG(OPT_UUID, '\0', POPT_ARG_STRING, N_("UUID for device to use"), NULL, CRYPT_ARG_STRING, {}, {})

diff --git a/src/veritysetup_args.h b/src/veritysetup_args.h
@@ -27,6 +27,7 @@
 #define OPT_ROOT_HASH_FILE_ACTIONS		{ FORMAT_ACTION, OPEN_ACTION, VERIFY_ACTION }
 #define OPT_ROOT_HASH_SIGNATURE_ACTIONS		{ OPEN_ACTION }
 #define OPT_USE_TASKLETS_ACTIONS		{ OPEN_ACTION }
+#define OPT_SHARED_ACTIONS			{ OPEN_ACTION }
 
 enum {
 OPT_UNUSED_ID = 0,

diff --git a/tests/verity-compat-test b/tests/verity-compat-test
@@ -419,8 +419,8 @@ function check_concurrent() # $1 hash
 	# not gracefully recoverable. Either could fail depending on scheduling, so just check that
 	# the libdevmapper error does not appear in either of the outputs.
 	cat /dev/null >$DEV_OUT
-	$VERITYSETUP create -v $DEV_NAME $DEV_PARAMS $1 >>$DEV_OUT 2>&1 &
-	$VERITYSETUP create -v $DEV_NAME $DEV_PARAMS $1 >>$DEV_OUT 2>&1 &
+	$VERITYSETUP create -v --shared $DEV_NAME $DEV_PARAMS $1 >>$DEV_OUT 2>&1 &
+	$VERITYSETUP create -v --shared $DEV_NAME $DEV_PARAMS $1 >>$DEV_OUT 2>&1 &
 	wait
 	grep -q "Command failed with code .* (wrong or missing parameters)" $DEV_OUT && fail
 	grep -q "Command failed with code .* (wrong device or file specified)." $DEV_OUT && fail