diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index 5ab0f9fe183..724aedc532e 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -3172,6 +3172,33 @@ void verity_settings_done(VeritySettings *v) { v->data_path = mfree(v->data_path); } +VeritySettings* verity_settings_free(VeritySettings *v) { + if (!v) + return NULL; + + verity_settings_done(v); + return mfree(v); +} + +void verity_settings_hash_func(const VeritySettings *s, struct siphash *state) { + assert(s); + + siphash24_compress_typesafe(s->root_hash_size, state); + siphash24_compress(s->root_hash, s->root_hash_size, state); +} + +int verity_settings_compare_func(const VeritySettings *x, const VeritySettings *y) { + int r; + + r = CMP(x->root_hash_size, y->root_hash_size); + if (r != 0) + return r; + + return memcmp(x->root_hash, y->root_hash, x->root_hash_size); +} + +DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(verity_settings_hash_ops, VeritySettings, verity_settings_hash_func, verity_settings_compare_func, VeritySettings, verity_settings_free); + int verity_settings_load( VeritySettings *verity, const char *image, diff --git a/src/shared/dissect-image.h b/src/shared/dissect-image.h index c001915e894..9de93039da6 100644 --- a/src/shared/dissect-image.h +++ b/src/shared/dissect-image.h @@ -211,6 +211,12 @@ static inline bool verity_settings_set(const VeritySettings *settings) { } void verity_settings_done(VeritySettings *verity); +VeritySettings* verity_settings_free(VeritySettings *v); +void verity_settings_hash_func(const VeritySettings *s, struct siphash *state); +int verity_settings_compare_func(const VeritySettings *x, const VeritySettings *y); + +DEFINE_TRIVIAL_CLEANUP_FUNC(VeritySettings*, verity_settings_free); +extern const struct hash_ops verity_settings_hash_ops; static inline bool verity_settings_data_covers(const VeritySettings *verity, PartitionDesignator d) { /* Returns true if the verity settings contain sufficient information to cover the specified partition */