Implement ioctl with enable verity

ioctl with FS_IOC_ENABLE_VERITY is added to verity file system to enable a file as verity file. For a file, a Merkle tree is built with its data. For a directory, a Merkle tree is built with the root hashes of its children. PiperOrigin-RevId: 330604368
author: gVisor bot <gvisor-bot@google.com> 2020-09-08 15:52:01 -0700
committer: Andrei Vagin <avagin@gmail.com> 2020-09-09 17:53:10 -0700
commit: 0170be90f67b4dc075710d1cd82ccd8d3ac9156a (patch)
tree: 8dc666ce2532f1c12b845531cb9d1cffb3858b93 /pkg/abi
parent: a530de2b29c5f5fa0236ce95f7bc788effab446a (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/pkg/abi/linux/ioctl.go b/pkg/abi/linux/ioctl.go
index d6dbedc3e..a4fe7501d 100644
--- a/pkg/abi/linux/ioctl.go
+++ b/pkg/abi/linux/ioctl.go
@@ -113,6 +113,11 @@ const (
 	_IOC_DIRSHIFT  = _IOC_SIZESHIFT + _IOC_SIZEBITS
 )
 
+// Constants from uapi/linux/fsverity.h.
+const (
+	FS_IOC_ENABLE_VERITY = 1082156677
+)
+
 // IOC outputs the result of _IOC macro in asm-generic/ioctl.h.
 func IOC(dir, typ, nr, size uint32) uint32 {
 	return uint32(dir)<<_IOC_DIRSHIFT | typ<<_IOC_TYPESHIFT | nr<<_IOC_NRSHIFT | size<<_IOC_SIZESHIFT
author	gVisor bot <gvisor-bot@google.com>	2020-09-08 15:52:01 -0700
committer	Andrei Vagin <avagin@gmail.com>	2020-09-09 17:53:10 -0700
commit	0170be90f67b4dc075710d1cd82ccd8d3ac9156a (patch)
tree	8dc666ce2532f1c12b845531cb9d1cffb3858b93 /pkg/abi
parent	a530de2b29c5f5fa0236ce95f7bc788effab446a (diff)