2 * Copyright (C) 2012 Red Hat, Inc.
4 * Author: Mikulas Patocka <mpatocka@redhat.com>
6 * Based on Chromium dm-verity driver (C) 2011 The Chromium OS Authors
8 * This file is released under the GPLv2.
10 * In the file "/sys/module/dm_verity/parameters/prefetch_cluster" you can set
11 * default prefetch value. Data are read in "prefetch_cluster" chunks from the
12 * hash device. Setting this greatly improves performance when data and hash
13 * are on the same disk on different partitions on devices with poor random
19 #include <linux/module.h>
20 #include <linux/device-mapper.h>
21 #include <linux/reboot.h>
22 #include <crypto/hash.h>
24 #define DM_MSG_PREFIX "verity"
26 #define DM_VERITY_ENV_LENGTH 42
27 #define DM_VERITY_ENV_VAR_NAME "DM_VERITY_ERR_BLOCK_NR"
29 #define DM_VERITY_DEFAULT_PREFETCH_SIZE 262144
31 #define DM_VERITY_MAX_LEVELS 63
32 #define DM_VERITY_MAX_CORRUPTED_ERRS 100
34 #define DM_VERITY_OPT_LOGGING "ignore_corruption"
35 #define DM_VERITY_OPT_RESTART "restart_on_corruption"
37 static unsigned dm_verity_prefetch_cluster = DM_VERITY_DEFAULT_PREFETCH_SIZE;
39 module_param_named(prefetch_cluster, dm_verity_prefetch_cluster, uint, S_IRUGO | S_IWUSR);
43 DM_VERITY_MODE_LOGGING,
44 DM_VERITY_MODE_RESTART
47 enum verity_block_type {
48 DM_VERITY_BLOCK_TYPE_DATA,
49 DM_VERITY_BLOCK_TYPE_METADATA
53 struct dm_dev *data_dev;
54 struct dm_dev *hash_dev;
56 struct dm_bufio_client *bufio;
58 struct crypto_shash *tfm;
59 u8 *root_digest; /* digest of the root block */
60 u8 *salt; /* salt: its size is salt_size */
62 sector_t data_start; /* data offset in 512-byte sectors */
63 sector_t hash_start; /* hash start in blocks */
64 sector_t data_blocks; /* the number of data blocks */
65 sector_t hash_blocks; /* the number of hash blocks */
66 unsigned char data_dev_block_bits; /* log2(data blocksize) */
67 unsigned char hash_dev_block_bits; /* log2(hash blocksize) */
68 unsigned char hash_per_block_bits; /* log2(hashes in hash block) */
69 unsigned char levels; /* the number of tree levels */
70 unsigned char version;
71 unsigned digest_size; /* digest size for the current hash algorithm */
72 unsigned shash_descsize;/* the size of temporary space for crypto */
73 int hash_failed; /* set to 1 if hash of any block failed */
74 enum verity_mode mode; /* mode for handling verification errors */
75 unsigned corrupted_errs;/* Number of errors for corrupted blocks */
77 struct workqueue_struct *verify_wq;
79 /* starting blocks for each tree level. 0 is the lowest level. */
80 sector_t hash_level_block[DM_VERITY_MAX_LEVELS];
86 /* original value of bio->bi_end_io */
87 bio_end_io_t *orig_bi_end_io;
92 struct bvec_iter iter;
94 struct work_struct work;
97 * Three variably-size fields follow this struct:
99 * u8 hash_desc[v->shash_descsize];
100 * u8 real_digest[v->digest_size];
101 * u8 want_digest[v->digest_size];
103 * To access them use: io_hash_desc(), io_real_digest() and io_want_digest().
107 struct dm_verity_prefetch_work {
108 struct work_struct work;
114 static struct shash_desc *io_hash_desc(struct dm_verity *v, struct dm_verity_io *io)
116 return (struct shash_desc *)(io + 1);
119 static u8 *io_real_digest(struct dm_verity *v, struct dm_verity_io *io)
121 return (u8 *)(io + 1) + v->shash_descsize;
124 static u8 *io_want_digest(struct dm_verity *v, struct dm_verity_io *io)
126 return (u8 *)(io + 1) + v->shash_descsize + v->digest_size;
130 * Auxiliary structure appended to each dm-bufio buffer. If the value
131 * hash_verified is nonzero, hash of the block has been verified.
133 * The variable hash_verified is set to 0 when allocating the buffer, then
134 * it can be changed to 1 and it is never reset to 0 again.
136 * There is no lock around this value, a race condition can at worst cause
137 * that multiple processes verify the hash of the same buffer simultaneously
138 * and write 1 to hash_verified simultaneously.
139 * This condition is harmless, so we don't need locking.
146 * Initialize struct buffer_aux for a freshly created buffer.
148 static void dm_bufio_alloc_callback(struct dm_buffer *buf)
150 struct buffer_aux *aux = dm_bufio_get_aux_data(buf);
152 aux->hash_verified = 0;
156 * Translate input sector number to the sector number on the target device.
158 static sector_t verity_map_sector(struct dm_verity *v, sector_t bi_sector)
160 return v->data_start + dm_target_offset(v->ti, bi_sector);
164 * Return hash position of a specified block at a specified tree level
165 * (0 is the lowest level).
166 * The lowest "hash_per_block_bits"-bits of the result denote hash position
167 * inside a hash block. The remaining bits denote location of the hash block.
169 static sector_t verity_position_at_level(struct dm_verity *v, sector_t block,
172 return block >> (level * v->hash_per_block_bits);
175 static void verity_hash_at_level(struct dm_verity *v, sector_t block, int level,
176 sector_t *hash_block, unsigned *offset)
178 sector_t position = verity_position_at_level(v, block, level);
181 *hash_block = v->hash_level_block[level] + (position >> v->hash_per_block_bits);
186 idx = position & ((1 << v->hash_per_block_bits) - 1);
188 *offset = idx * v->digest_size;
190 *offset = idx << (v->hash_dev_block_bits - v->hash_per_block_bits);
194 * Handle verification errors.
196 static int verity_handle_err(struct dm_verity *v, enum verity_block_type type,
197 unsigned long long block)
199 char verity_env[DM_VERITY_ENV_LENGTH];
200 char *envp[] = { verity_env, NULL };
201 const char *type_str = "";
202 struct mapped_device *md = dm_table_get_md(v->ti->table);
204 /* Corruption should be visible in device status in all modes */
207 if (v->corrupted_errs >= DM_VERITY_MAX_CORRUPTED_ERRS)
213 case DM_VERITY_BLOCK_TYPE_DATA:
216 case DM_VERITY_BLOCK_TYPE_METADATA:
217 type_str = "metadata";
223 DMERR("%s: %s block %llu is corrupted", v->data_dev->name, type_str,
226 if (v->corrupted_errs == DM_VERITY_MAX_CORRUPTED_ERRS)
227 DMERR("%s: reached maximum errors", v->data_dev->name);
229 snprintf(verity_env, DM_VERITY_ENV_LENGTH, "%s=%d,%llu",
230 DM_VERITY_ENV_VAR_NAME, type, block);
232 kobject_uevent_env(&disk_to_dev(dm_disk(md))->kobj, KOBJ_CHANGE, envp);
235 if (v->mode == DM_VERITY_MODE_LOGGING)
238 if (v->mode == DM_VERITY_MODE_RESTART)
239 kernel_restart("dm-verity device corrupted");
245 * Verify hash of a metadata block pertaining to the specified data block
246 * ("block" argument) at a specified level ("level" argument).
248 * On successful return, io_want_digest(v, io) contains the hash value for
249 * a lower tree level or for the data block (if we're at the lowest leve).
251 * If "skip_unverified" is true, unverified buffer is skipped and 1 is returned.
252 * If "skip_unverified" is false, unverified buffer is hashed and verified
253 * against current value of io_want_digest(v, io).
255 static int verity_verify_level(struct dm_verity_io *io, sector_t block,
256 int level, bool skip_unverified)
258 struct dm_verity *v = io->v;
259 struct dm_buffer *buf;
260 struct buffer_aux *aux;
266 verity_hash_at_level(v, block, level, &hash_block, &offset);
268 data = dm_bufio_read(v->bufio, hash_block, &buf);
270 return PTR_ERR(data);
272 aux = dm_bufio_get_aux_data(buf);
274 if (!aux->hash_verified) {
275 struct shash_desc *desc;
278 if (skip_unverified) {
283 desc = io_hash_desc(v, io);
285 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
286 r = crypto_shash_init(desc);
288 DMERR("crypto_shash_init failed: %d", r);
292 if (likely(v->version >= 1)) {
293 r = crypto_shash_update(desc, v->salt, v->salt_size);
295 DMERR("crypto_shash_update failed: %d", r);
300 r = crypto_shash_update(desc, data, 1 << v->hash_dev_block_bits);
302 DMERR("crypto_shash_update failed: %d", r);
307 r = crypto_shash_update(desc, v->salt, v->salt_size);
309 DMERR("crypto_shash_update failed: %d", r);
314 result = io_real_digest(v, io);
315 r = crypto_shash_final(desc, result);
317 DMERR("crypto_shash_final failed: %d", r);
320 if (unlikely(memcmp(result, io_want_digest(v, io), v->digest_size))) {
321 if (verity_handle_err(v, DM_VERITY_BLOCK_TYPE_METADATA,
327 aux->hash_verified = 1;
332 memcpy(io_want_digest(v, io), data, v->digest_size);
334 dm_bufio_release(buf);
338 dm_bufio_release(buf);
344 * Verify one "dm_verity_io" structure.
346 static int verity_verify_io(struct dm_verity_io *io)
348 struct dm_verity *v = io->v;
349 struct bio *bio = dm_bio_from_per_bio_data(io,
350 v->ti->per_bio_data_size);
354 for (b = 0; b < io->n_blocks; b++) {
355 struct shash_desc *desc;
360 if (likely(v->levels)) {
362 * First, we try to get the requested hash for
363 * the current block. If the hash block itself is
364 * verified, zero is returned. If it isn't, this
365 * function returns 0 and we fall back to whole
366 * chain verification.
368 int r = verity_verify_level(io, io->block + b, 0, true);
370 goto test_block_hash;
375 memcpy(io_want_digest(v, io), v->root_digest, v->digest_size);
377 for (i = v->levels - 1; i >= 0; i--) {
378 int r = verity_verify_level(io, io->block + b, i, false);
384 desc = io_hash_desc(v, io);
386 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
387 r = crypto_shash_init(desc);
389 DMERR("crypto_shash_init failed: %d", r);
393 if (likely(v->version >= 1)) {
394 r = crypto_shash_update(desc, v->salt, v->salt_size);
396 DMERR("crypto_shash_update failed: %d", r);
400 todo = 1 << v->data_dev_block_bits;
404 struct bio_vec bv = bio_iter_iovec(bio, io->iter);
406 page = kmap_atomic(bv.bv_page);
408 if (likely(len >= todo))
410 r = crypto_shash_update(desc, page + bv.bv_offset, len);
414 DMERR("crypto_shash_update failed: %d", r);
418 bio_advance_iter(bio, &io->iter, len);
423 r = crypto_shash_update(desc, v->salt, v->salt_size);
425 DMERR("crypto_shash_update failed: %d", r);
430 result = io_real_digest(v, io);
431 r = crypto_shash_final(desc, result);
433 DMERR("crypto_shash_final failed: %d", r);
436 if (unlikely(memcmp(result, io_want_digest(v, io), v->digest_size))) {
437 if (verity_handle_err(v, DM_VERITY_BLOCK_TYPE_DATA,
447 * End one "io" structure with a given error.
449 static void verity_finish_io(struct dm_verity_io *io, int error)
451 struct dm_verity *v = io->v;
452 struct bio *bio = dm_bio_from_per_bio_data(io, v->ti->per_bio_data_size);
454 bio->bi_end_io = io->orig_bi_end_io;
455 bio->bi_error = error;
460 static void verity_work(struct work_struct *w)
462 struct dm_verity_io *io = container_of(w, struct dm_verity_io, work);
464 verity_finish_io(io, verity_verify_io(io));
467 static void verity_end_io(struct bio *bio)
469 struct dm_verity_io *io = bio->bi_private;
472 verity_finish_io(io, bio->bi_error);
476 INIT_WORK(&io->work, verity_work);
477 queue_work(io->v->verify_wq, &io->work);
481 * Prefetch buffers for the specified io.
482 * The root buffer is not prefetched, it is assumed that it will be cached
485 static void verity_prefetch_io(struct work_struct *work)
487 struct dm_verity_prefetch_work *pw =
488 container_of(work, struct dm_verity_prefetch_work, work);
489 struct dm_verity *v = pw->v;
492 for (i = v->levels - 2; i >= 0; i--) {
493 sector_t hash_block_start;
494 sector_t hash_block_end;
495 verity_hash_at_level(v, pw->block, i, &hash_block_start, NULL);
496 verity_hash_at_level(v, pw->block + pw->n_blocks - 1, i, &hash_block_end, NULL);
498 unsigned cluster = ACCESS_ONCE(dm_verity_prefetch_cluster);
500 cluster >>= v->data_dev_block_bits;
501 if (unlikely(!cluster))
502 goto no_prefetch_cluster;
504 if (unlikely(cluster & (cluster - 1)))
505 cluster = 1 << __fls(cluster);
507 hash_block_start &= ~(sector_t)(cluster - 1);
508 hash_block_end |= cluster - 1;
509 if (unlikely(hash_block_end >= v->hash_blocks))
510 hash_block_end = v->hash_blocks - 1;
513 dm_bufio_prefetch(v->bufio, hash_block_start,
514 hash_block_end - hash_block_start + 1);
520 static void verity_submit_prefetch(struct dm_verity *v, struct dm_verity_io *io)
522 struct dm_verity_prefetch_work *pw;
524 pw = kmalloc(sizeof(struct dm_verity_prefetch_work),
525 GFP_NOIO | __GFP_NORETRY | __GFP_NOMEMALLOC | __GFP_NOWARN);
530 INIT_WORK(&pw->work, verity_prefetch_io);
532 pw->block = io->block;
533 pw->n_blocks = io->n_blocks;
534 queue_work(v->verify_wq, &pw->work);
538 * Bio map function. It allocates dm_verity_io structure and bio vector and
539 * fills them. Then it issues prefetches and the I/O.
541 static int verity_map(struct dm_target *ti, struct bio *bio)
543 struct dm_verity *v = ti->private;
544 struct dm_verity_io *io;
546 bio->bi_bdev = v->data_dev->bdev;
547 bio->bi_iter.bi_sector = verity_map_sector(v, bio->bi_iter.bi_sector);
549 if (((unsigned)bio->bi_iter.bi_sector | bio_sectors(bio)) &
550 ((1 << (v->data_dev_block_bits - SECTOR_SHIFT)) - 1)) {
551 DMERR_LIMIT("unaligned io");
555 if (bio_end_sector(bio) >>
556 (v->data_dev_block_bits - SECTOR_SHIFT) > v->data_blocks) {
557 DMERR_LIMIT("io out of range");
561 if (bio_data_dir(bio) == WRITE)
564 io = dm_per_bio_data(bio, ti->per_bio_data_size);
566 io->orig_bi_end_io = bio->bi_end_io;
567 io->block = bio->bi_iter.bi_sector >> (v->data_dev_block_bits - SECTOR_SHIFT);
568 io->n_blocks = bio->bi_iter.bi_size >> v->data_dev_block_bits;
570 bio->bi_end_io = verity_end_io;
571 bio->bi_private = io;
572 io->iter = bio->bi_iter;
574 verity_submit_prefetch(v, io);
576 generic_make_request(bio);
578 return DM_MAPIO_SUBMITTED;
582 * Status: V (valid) or C (corruption found)
584 static void verity_status(struct dm_target *ti, status_type_t type,
585 unsigned status_flags, char *result, unsigned maxlen)
587 struct dm_verity *v = ti->private;
592 case STATUSTYPE_INFO:
593 DMEMIT("%c", v->hash_failed ? 'C' : 'V');
595 case STATUSTYPE_TABLE:
596 DMEMIT("%u %s %s %u %u %llu %llu %s ",
600 1 << v->data_dev_block_bits,
601 1 << v->hash_dev_block_bits,
602 (unsigned long long)v->data_blocks,
603 (unsigned long long)v->hash_start,
606 for (x = 0; x < v->digest_size; x++)
607 DMEMIT("%02x", v->root_digest[x]);
612 for (x = 0; x < v->salt_size; x++)
613 DMEMIT("%02x", v->salt[x]);
614 if (v->mode != DM_VERITY_MODE_EIO) {
617 case DM_VERITY_MODE_LOGGING:
618 DMEMIT(DM_VERITY_OPT_LOGGING);
620 case DM_VERITY_MODE_RESTART:
621 DMEMIT(DM_VERITY_OPT_RESTART);
631 static int verity_prepare_ioctl(struct dm_target *ti,
632 struct block_device **bdev, fmode_t *mode)
634 struct dm_verity *v = ti->private;
636 *bdev = v->data_dev->bdev;
639 ti->len != i_size_read(v->data_dev->bdev->bd_inode) >> SECTOR_SHIFT)
644 static int verity_iterate_devices(struct dm_target *ti,
645 iterate_devices_callout_fn fn, void *data)
647 struct dm_verity *v = ti->private;
649 return fn(ti, v->data_dev, v->data_start, ti->len, data);
652 static void verity_io_hints(struct dm_target *ti, struct queue_limits *limits)
654 struct dm_verity *v = ti->private;
656 if (limits->logical_block_size < 1 << v->data_dev_block_bits)
657 limits->logical_block_size = 1 << v->data_dev_block_bits;
659 if (limits->physical_block_size < 1 << v->data_dev_block_bits)
660 limits->physical_block_size = 1 << v->data_dev_block_bits;
662 blk_limits_io_min(limits, limits->logical_block_size);
665 static void verity_dtr(struct dm_target *ti)
667 struct dm_verity *v = ti->private;
670 destroy_workqueue(v->verify_wq);
673 dm_bufio_client_destroy(v->bufio);
676 kfree(v->root_digest);
679 crypto_free_shash(v->tfm);
684 dm_put_device(ti, v->hash_dev);
687 dm_put_device(ti, v->data_dev);
694 * <version> The current format is version 1.
695 * Vsn 0 is compatible with original Chromium OS releases.
700 * <the number of data blocks>
704 * <salt> Hex string or "-" if no salt.
706 static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
709 struct dm_arg_set as;
710 const char *opt_string;
711 unsigned int num, opt_params;
712 unsigned long long num_ll;
715 sector_t hash_position;
718 static struct dm_arg _args[] = {
719 {0, 1, "Invalid number of feature args"},
722 v = kzalloc(sizeof(struct dm_verity), GFP_KERNEL);
724 ti->error = "Cannot allocate verity structure";
730 if ((dm_table_get_mode(ti->table) & ~FMODE_READ)) {
731 ti->error = "Device must be readonly";
737 ti->error = "Not enough arguments";
742 if (sscanf(argv[0], "%u%c", &num, &dummy) != 1 ||
744 ti->error = "Invalid version";
750 r = dm_get_device(ti, argv[1], FMODE_READ, &v->data_dev);
752 ti->error = "Data device lookup failed";
756 r = dm_get_device(ti, argv[2], FMODE_READ, &v->hash_dev);
758 ti->error = "Data device lookup failed";
762 if (sscanf(argv[3], "%u%c", &num, &dummy) != 1 ||
763 !num || (num & (num - 1)) ||
764 num < bdev_logical_block_size(v->data_dev->bdev) ||
766 ti->error = "Invalid data device block size";
770 v->data_dev_block_bits = __ffs(num);
772 if (sscanf(argv[4], "%u%c", &num, &dummy) != 1 ||
773 !num || (num & (num - 1)) ||
774 num < bdev_logical_block_size(v->hash_dev->bdev) ||
776 ti->error = "Invalid hash device block size";
780 v->hash_dev_block_bits = __ffs(num);
782 if (sscanf(argv[5], "%llu%c", &num_ll, &dummy) != 1 ||
783 (sector_t)(num_ll << (v->data_dev_block_bits - SECTOR_SHIFT))
784 >> (v->data_dev_block_bits - SECTOR_SHIFT) != num_ll) {
785 ti->error = "Invalid data blocks";
789 v->data_blocks = num_ll;
791 if (ti->len > (v->data_blocks << (v->data_dev_block_bits - SECTOR_SHIFT))) {
792 ti->error = "Data device is too small";
797 if (sscanf(argv[6], "%llu%c", &num_ll, &dummy) != 1 ||
798 (sector_t)(num_ll << (v->hash_dev_block_bits - SECTOR_SHIFT))
799 >> (v->hash_dev_block_bits - SECTOR_SHIFT) != num_ll) {
800 ti->error = "Invalid hash start";
804 v->hash_start = num_ll;
806 v->alg_name = kstrdup(argv[7], GFP_KERNEL);
808 ti->error = "Cannot allocate algorithm name";
813 v->tfm = crypto_alloc_shash(v->alg_name, 0, 0);
814 if (IS_ERR(v->tfm)) {
815 ti->error = "Cannot initialize hash function";
820 v->digest_size = crypto_shash_digestsize(v->tfm);
821 if ((1 << v->hash_dev_block_bits) < v->digest_size * 2) {
822 ti->error = "Digest size too big";
827 sizeof(struct shash_desc) + crypto_shash_descsize(v->tfm);
829 v->root_digest = kmalloc(v->digest_size, GFP_KERNEL);
830 if (!v->root_digest) {
831 ti->error = "Cannot allocate root digest";
835 if (strlen(argv[8]) != v->digest_size * 2 ||
836 hex2bin(v->root_digest, argv[8], v->digest_size)) {
837 ti->error = "Invalid root digest";
842 if (strcmp(argv[9], "-")) {
843 v->salt_size = strlen(argv[9]) / 2;
844 v->salt = kmalloc(v->salt_size, GFP_KERNEL);
846 ti->error = "Cannot allocate salt";
850 if (strlen(argv[9]) != v->salt_size * 2 ||
851 hex2bin(v->salt, argv[9], v->salt_size)) {
852 ti->error = "Invalid salt";
861 /* Optional parameters */
866 r = dm_read_arg_group(_args, &as, &opt_params, &ti->error);
872 opt_string = dm_shift_arg(&as);
874 ti->error = "Not enough feature arguments";
879 if (!strcasecmp(opt_string, DM_VERITY_OPT_LOGGING))
880 v->mode = DM_VERITY_MODE_LOGGING;
881 else if (!strcasecmp(opt_string, DM_VERITY_OPT_RESTART))
882 v->mode = DM_VERITY_MODE_RESTART;
884 ti->error = "Invalid feature arguments";
891 v->hash_per_block_bits =
892 __fls((1 << v->hash_dev_block_bits) / v->digest_size);
896 while (v->hash_per_block_bits * v->levels < 64 &&
897 (unsigned long long)(v->data_blocks - 1) >>
898 (v->hash_per_block_bits * v->levels))
901 if (v->levels > DM_VERITY_MAX_LEVELS) {
902 ti->error = "Too many tree levels";
907 hash_position = v->hash_start;
908 for (i = v->levels - 1; i >= 0; i--) {
910 v->hash_level_block[i] = hash_position;
911 s = (v->data_blocks + ((sector_t)1 << ((i + 1) * v->hash_per_block_bits)) - 1)
912 >> ((i + 1) * v->hash_per_block_bits);
913 if (hash_position + s < hash_position) {
914 ti->error = "Hash device offset overflow";
920 v->hash_blocks = hash_position;
922 v->bufio = dm_bufio_client_create(v->hash_dev->bdev,
923 1 << v->hash_dev_block_bits, 1, sizeof(struct buffer_aux),
924 dm_bufio_alloc_callback, NULL);
925 if (IS_ERR(v->bufio)) {
926 ti->error = "Cannot initialize dm-bufio";
927 r = PTR_ERR(v->bufio);
932 if (dm_bufio_get_device_size(v->bufio) < v->hash_blocks) {
933 ti->error = "Hash device is too small";
938 ti->per_bio_data_size = roundup(sizeof(struct dm_verity_io) + v->shash_descsize + v->digest_size * 2, __alignof__(struct dm_verity_io));
940 /* WQ_UNBOUND greatly improves performance when running on ramdisk */
941 v->verify_wq = alloc_workqueue("kverityd", WQ_CPU_INTENSIVE | WQ_MEM_RECLAIM | WQ_UNBOUND, num_online_cpus());
943 ti->error = "Cannot allocate workqueue";
956 static struct target_type verity_target = {
958 .version = {1, 2, 0},
959 .module = THIS_MODULE,
963 .status = verity_status,
964 .prepare_ioctl = verity_prepare_ioctl,
965 .iterate_devices = verity_iterate_devices,
966 .io_hints = verity_io_hints,
969 static int __init dm_verity_init(void)
973 r = dm_register_target(&verity_target);
975 DMERR("register failed %d", r);
980 static void __exit dm_verity_exit(void)
982 dm_unregister_target(&verity_target);
985 module_init(dm_verity_init);
986 module_exit(dm_verity_exit);
988 MODULE_AUTHOR("Mikulas Patocka <mpatocka@redhat.com>");
989 MODULE_AUTHOR("Mandeep Baines <msb@chromium.org>");
990 MODULE_AUTHOR("Will Drewry <wad@chromium.org>");
991 MODULE_DESCRIPTION(DM_NAME " target for transparent disk integrity checking");
992 MODULE_LICENSE("GPL");