Blame SOURCES/0025-Generate-a-zero-length-signature-for-symlinks.patch
|
 |
657fb1 |
From 813e39af6ee4abea3bacb5c9f5af85757e52e73f Mon Sep 17 00:00:00 2001
|
|
|
657fb1 |
From: Jes Sorensen <jsorensen@fb.com>
|
|
|
657fb1 |
Date: Tue, 14 Apr 2020 10:33:32 -0400
|
|
|
657fb1 |
Subject: [PATCH 25/33] Generate a zero-length signature for symlinks
|
|
|
657fb1 |
|
|
|
657fb1 |
The fsverity utility follows the symlink when generating a signature.
|
|
|
657fb1 |
Since we don't want to sign the same file twice, we need to skip these
|
|
|
657fb1 |
links, and instead just generate a dummy zero-length signature here.
|
|
|
657fb1 |
|
|
|
657fb1 |
Signed-off-by: Jes Sorensen <jsorensen@fb.com>
|
|
|
657fb1 |
---
|
|
|
657fb1 |
sign/rpmsignverity.c | 5 ++++-
|
|
|
657fb1 |
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
657fb1 |
|
|
|
657fb1 |
diff --git a/sign/rpmsignverity.c b/sign/rpmsignverity.c
|
|
|
657fb1 |
index 177561957..2c7d21620 100644
|
|
|
657fb1 |
--- a/sign/rpmsignverity.c
|
|
|
657fb1 |
+++ b/sign/rpmsignverity.c
|
|
|
657fb1 |
@@ -45,7 +45,10 @@ static char *rpmVeritySignFile(rpmfi fi, size_t *sig_size, char *key,
|
|
|
657fb1 |
uint8_t *sig = NULL;
|
|
|
657fb1 |
int status;
|
|
|
657fb1 |
|
|
|
657fb1 |
- file_size = rpmfiFSize(fi);
|
|
|
657fb1 |
+ if (S_ISLNK(rpmfiFMode(fi)))
|
|
|
657fb1 |
+ file_size = 0;
|
|
|
657fb1 |
+ else
|
|
|
657fb1 |
+ file_size = rpmfiFSize(fi);
|
|
|
657fb1 |
|
|
|
657fb1 |
memset(¶ms, 0, sizeof(struct libfsverity_merkle_tree_params));
|
|
|
657fb1 |
params.version = 1;
|
|
|
657fb1 |
--
|
|
|
657fb1 |
2.13.5
|
|
|
657fb1 |
|