[dm-devel] [PATCH 0/7] device mapper target measurements using IMA
Alasdair G Kergon
agk at redhat.com
Wed Jul 28 21:33:50 UTC 2021
On Tue, Jul 27, 2021 at 12:18:02PM +0200, Thore Sommer wrote:
> How is the measured uuid created? The format seems to be
> "CRYPT-VERITY-UUID-NAME" where UUID is uuid from the verity device and NAME is
> the device mapper name. Does this naming come from the kernel or libcryptsetup?
See libdevmapper.h:
/*
* Configure default UUID prefix string.
* Conventionally this is a short capitalised prefix indicating the subsystem
* that is managing the devices, e.g. "LVM-" or "MPATH-".
* To support stacks of devices from different subsystems, recursive functions
* stop recursing if they reach a device with a different prefix.
*/
int dm_set_uuid_prefix(const char *uuid_prefix);
Each device-mapper device may have a uuid of up to 128 characters plus
trailing NUL. Whichever piece software activates the device assigns the
uuid (so userspace or kernel boot parameters). By convention each such
piece of software uses a short prefix ending with a hyphen that
identifies that software as the "owner" (manager) of that dm device.
This means each piece of software can easily filter out the devices for
which it is responsible and ignore all the others etc. It can use the
remainder of the UUID to identify the device uniquely to itself.
Another convention is that when one device is a 'wrapper' of some sort
around another, it may create the uuid by adding its prefix to the uuid
of the device it is wrapping - this might give you stacked prefixes.
When there's a complex one-composed-from-many device structure, suffices
may be used to identify the components.
Think of the 'name' as the human-friendly device name and the uuid as
a software-friendly internal name.
Alasdair
More information about the dm-devel
mailing list