From: Paul Meyer <katexochen0@gmail.com>
Date: Wed, 17 Jun 2026 15:21:51 +0000 (+0200)
Subject: veritysetup: don't measure root hash signature after unsigned fallback
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=de2ec842d1a79895bcd3ba998c8230200bbba2fb;p=thirdparty%2Fsystemd.git

veritysetup: don't measure root hash signature after unsigned fallback

verb_attach() falls back to unsigned activation (crypt_activate_by_volume_key)
when signed activation fails, but still passed the signature to
pcrextend_verity_now(). The signer is parsed out of the (unverified)
signature and folded into the dm_verity NvPCR measurement, making an
unsigned fallback indistinguishable from a genuinely signed activation to
an attester. Only measure the signature when signed activation succeeded.

Signed-off-by: Paul Meyer <katexochen0@gmail.com>
---

diff --git a/src/veritysetup/veritysetup.c b/src/veritysetup/veritysetup.c
index 42e5356b115..2b02694b9b1 100644
--- a/src/veritysetup/veritysetup.c
+++ b/src/veritysetup/veritysetup.c
@@ -429,6 +429,7 @@ static int verb_attach(int argc, char *argv[], uintptr_t _data, void *userdata)
         if (r < 0)
                 return log_error_errno(r, "Failed to configure data device: %m");
 
+        bool signed_activation = false;
         if (arg_root_hash_signature_size > 0) {
                 r = sym_crypt_activate_by_signed_key(cd, volume, rh, rh_size, arg_root_hash_signature, arg_root_hash_signature_size, arg_activate_flags);
                 if (r < 0) {
@@ -439,7 +440,8 @@ static int verb_attach(int argc, char *argv[], uintptr_t _data, void *userdata)
                                 return log_error_errno(r, "Failed to activate verity device '%s' both with and without root hash signature: %m", volume);
 
                         log_info("Activation of verity device '%s' succeeded without root hash signature.", volume);
-                }
+                } else
+                        signed_activation = true;
         } else
                 r = sym_crypt_activate_by_volume_key(cd, volume, rh, rh_size, arg_activate_flags);
         if (r < 0)
@@ -448,7 +450,7 @@ static int verb_attach(int argc, char *argv[], uintptr_t _data, void *userdata)
         (void) pcrextend_verity_now(
                         volume,
                         &IOVEC_MAKE(rh, rh_size),
-                        &IOVEC_MAKE(arg_root_hash_signature, arg_root_hash_signature_size));
+                        signed_activation ? &IOVEC_MAKE(arg_root_hash_signature, arg_root_hash_signature_size) : NULL);
 
         return 0;
 }