From: Eric Biggers <ebiggers@kernel.org>
To: Chandan Rajendra <chandan@linux.vnet.ibm.com>
Cc: linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-doc@vger.kernel.org, linux-mips@linux-mips.org,
linux-s390@vger.kernel.org, linux-mtd@lists.infradead.org,
linux-fsdevel@vger.kernel.org, tytso@mit.edu,
adilger.kernel@dilger.ca, jaegeuk@kernel.org, yuchao0@huawei.com,
corbet@lwn.net, ralf@linux-mips.org, paul.burton@mips.com,
jhogan@kernel.org, green.hu@gmail.com, deanbo422@gmail.com,
schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com,
richard@nod.at, dedekind1@gmail.com, adrian.hunter@intel.com,
viro@zeniv.linux.org.uk
Subject: Re: [PATCH V3 8/9] fsverity: Move verity status check to fsverity_file_open
Date: Mon, 10 Dec 2018 09:26:11 -0800 [thread overview]
Message-ID: <20181210172610.GA92174@gmail.com> (raw)
In-Reply-To: <20181208065144.19486-9-chandan@linux.vnet.ibm.com>
Hi Chandan,
On Sat, Dec 08, 2018 at 12:21:43PM +0530, Chandan Rajendra wrote:
> Instead of conditionally checking for verity status of an inode before
> invoking fsverity_file_open(), this commit moves the check inside the
> definition of fsverity_file_open().
>
> Signed-off-by: Chandan Rajendra <chandan@linux.vnet.ibm.com>
> ---
> fs/ext4/file.c | 8 +++-----
> fs/f2fs/file.c | 8 +++-----
> fs/verity/setup.c | 3 +++
> 3 files changed, 9 insertions(+), 10 deletions(-)
>
> diff --git a/fs/ext4/file.c b/fs/ext4/file.c
> index 30fbd663354f..b404a857cd48 100644
> --- a/fs/ext4/file.c
> +++ b/fs/ext4/file.c
> @@ -444,11 +444,9 @@ static int ext4_file_open(struct inode * inode, struct file * filp)
> if (ret)
> return ret;
>
> - if (IS_VERITY(inode)) {
> - ret = fsverity_file_open(inode, filp);
> - if (ret)
> - return ret;
> - }
> + ret = fsverity_file_open(inode, filp);
> + if (ret)
> + return ret;
>
> /*
> * Set up the jbd2_inode if we are opening the inode for
> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
> index 2eb4821d95d1..925c0d9608da 100644
> --- a/fs/f2fs/file.c
> +++ b/fs/f2fs/file.c
> @@ -491,11 +491,9 @@ static int f2fs_file_open(struct inode *inode, struct file *filp)
> if (err)
> return err;
>
> - if (IS_VERITY(inode)) {
> - err = fsverity_file_open(inode, filp);
> - if (err)
> - return err;
> - }
> + err = fsverity_file_open(inode, filp);
> + if (err)
> + return err;
>
> filp->f_mode |= FMODE_NOWAIT;
>
> diff --git a/fs/verity/setup.c b/fs/verity/setup.c
> index 08b609127531..bc463dc601b1 100644
> --- a/fs/verity/setup.c
> +++ b/fs/verity/setup.c
> @@ -771,6 +771,9 @@ static int setup_fsverity_info(struct inode *inode)
> */
> int fsverity_file_open(struct inode *inode, struct file *filp)
> {
> + if (!IS_VERITY(inode))
> + return 0;
> +
> if (filp->f_mode & FMODE_WRITE) {
> pr_debug("Denying opening verity file (ino %lu) for write\n",
> inode->i_ino);
> --
> 2.19.1
>
This will break ext4 and f2fs when !CONFIG_FS_VERITY because then:
static inline int fsverity_file_open(struct inode *inode, struct file *filp)
{
return -EOPNOTSUPP;
}
Can you please make it like fscrypt_file_open()?
static inline int fsverity_file_open(struct inode *inode, struct file *filp)
{
if (IS_VERITY(inode))
return -EOPNOTSUPP;
return 0;
}
Same with fsverity_prepare_setattr().
- Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Chandan Rajendra <chandan@linux.vnet.ibm.com>
Cc: linux-mips@linux-mips.org, linux-doc@vger.kernel.org,
jhogan@kernel.org, heiko.carstens@de.ibm.com,
linux-mtd@lists.infradead.org, deanbo422@gmail.com,
linux-s390@vger.kernel.org, corbet@lwn.net, richard@nod.at,
linux-ext4@vger.kernel.org, linux-fsdevel@vger.kernel.org,
green.hu@gmail.com, jaegeuk@kernel.org, tytso@mit.edu,
dedekind1@gmail.com, adrian.hunter@intel.com,
ralf@linux-mips.org, linux-f2fs-devel@lists.sourceforge.net,
paul.burton@mips.com, schwidefsky@de.ibm.com,
adilger.kernel@dilger.ca, viro@zeniv.linux.org.uk
Subject: Re: [PATCH V3 8/9] fsverity: Move verity status check to fsverity_file_open
Date: Mon, 10 Dec 2018 09:26:11 -0800 [thread overview]
Message-ID: <20181210172610.GA92174@gmail.com> (raw)
In-Reply-To: <20181208065144.19486-9-chandan@linux.vnet.ibm.com>
Hi Chandan,
On Sat, Dec 08, 2018 at 12:21:43PM +0530, Chandan Rajendra wrote:
> Instead of conditionally checking for verity status of an inode before
> invoking fsverity_file_open(), this commit moves the check inside the
> definition of fsverity_file_open().
>
> Signed-off-by: Chandan Rajendra <chandan@linux.vnet.ibm.com>
> ---
> fs/ext4/file.c | 8 +++-----
> fs/f2fs/file.c | 8 +++-----
> fs/verity/setup.c | 3 +++
> 3 files changed, 9 insertions(+), 10 deletions(-)
>
> diff --git a/fs/ext4/file.c b/fs/ext4/file.c
> index 30fbd663354f..b404a857cd48 100644
> --- a/fs/ext4/file.c
> +++ b/fs/ext4/file.c
> @@ -444,11 +444,9 @@ static int ext4_file_open(struct inode * inode, struct file * filp)
> if (ret)
> return ret;
>
> - if (IS_VERITY(inode)) {
> - ret = fsverity_file_open(inode, filp);
> - if (ret)
> - return ret;
> - }
> + ret = fsverity_file_open(inode, filp);
> + if (ret)
> + return ret;
>
> /*
> * Set up the jbd2_inode if we are opening the inode for
> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
> index 2eb4821d95d1..925c0d9608da 100644
> --- a/fs/f2fs/file.c
> +++ b/fs/f2fs/file.c
> @@ -491,11 +491,9 @@ static int f2fs_file_open(struct inode *inode, struct file *filp)
> if (err)
> return err;
>
> - if (IS_VERITY(inode)) {
> - err = fsverity_file_open(inode, filp);
> - if (err)
> - return err;
> - }
> + err = fsverity_file_open(inode, filp);
> + if (err)
> + return err;
>
> filp->f_mode |= FMODE_NOWAIT;
>
> diff --git a/fs/verity/setup.c b/fs/verity/setup.c
> index 08b609127531..bc463dc601b1 100644
> --- a/fs/verity/setup.c
> +++ b/fs/verity/setup.c
> @@ -771,6 +771,9 @@ static int setup_fsverity_info(struct inode *inode)
> */
> int fsverity_file_open(struct inode *inode, struct file *filp)
> {
> + if (!IS_VERITY(inode))
> + return 0;
> +
> if (filp->f_mode & FMODE_WRITE) {
> pr_debug("Denying opening verity file (ino %lu) for write\n",
> inode->i_ino);
> --
> 2.19.1
>
This will break ext4 and f2fs when !CONFIG_FS_VERITY because then:
static inline int fsverity_file_open(struct inode *inode, struct file *filp)
{
return -EOPNOTSUPP;
}
Can you please make it like fscrypt_file_open()?
static inline int fsverity_file_open(struct inode *inode, struct file *filp)
{
if (IS_VERITY(inode))
return -EOPNOTSUPP;
return 0;
}
Same with fsverity_prepare_setattr().
- Eric
next prev parent reply other threads:[~2018-12-10 17:26 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-08 6:51 [PATCH V3 0/9] Remove fs specific fscrypt and fsverity build config options Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-08 6:51 ` [PATCH V3 1/9] ext4: use IS_ENCRYPTED() to check encryption status Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-08 6:51 ` [PATCH V3 2/9] f2fs: " Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-10 18:06 ` Eric Biggers
2018-12-10 18:06 ` Eric Biggers
2018-12-08 6:51 ` [PATCH V3 3/9] fscrypt: remove filesystem specific build config option Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-10 18:13 ` Eric Biggers
2018-12-10 18:13 ` Eric Biggers
2018-12-08 6:51 ` [PATCH V3 4/9] Add S_VERITY and IS_VERITY() Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-08 6:51 ` [PATCH V3 5/9] ext4: use IS_VERITY() to check inode's fsverity status Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-08 6:51 ` [PATCH V3 6/9] f2fs: " Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-10 18:17 ` Eric Biggers
2018-12-10 18:17 ` Eric Biggers
2018-12-08 6:51 ` [PATCH V3 7/9] fsverity: Remove filesystem specific build config option Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-10 18:19 ` Eric Biggers
2018-12-10 18:19 ` Eric Biggers
2018-12-08 6:51 ` [PATCH V3 8/9] fsverity: Move verity status check to fsverity_file_open Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-10 17:26 ` Eric Biggers [this message]
2018-12-10 17:26 ` Eric Biggers
2018-12-08 6:51 ` [PATCH V3 9/9] fsverity: Move verity status check to fsverity_prepare_setattr Chandan Rajendra
2018-12-08 6:51 ` Chandan Rajendra
2018-12-10 6:06 ` [PATCH V3 0/9] Remove fs specific fscrypt and fsverity build config options Theodore Y. Ts'o
2018-12-10 6:06 ` Theodore Y. Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181210172610.GA92174@gmail.com \
--to=ebiggers@kernel.org \
--cc=adilger.kernel@dilger.ca \
--cc=adrian.hunter@intel.com \
--cc=chandan@linux.vnet.ibm.com \
--cc=corbet@lwn.net \
--cc=deanbo422@gmail.com \
--cc=dedekind1@gmail.com \
--cc=green.hu@gmail.com \
--cc=heiko.carstens@de.ibm.com \
--cc=jaegeuk@kernel.org \
--cc=jhogan@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mips@linux-mips.org \
--cc=linux-mtd@lists.infradead.org \
--cc=linux-s390@vger.kernel.org \
--cc=paul.burton@mips.com \
--cc=ralf@linux-mips.org \
--cc=richard@nod.at \
--cc=schwidefsky@de.ibm.com \
--cc=tytso@mit.edu \
--cc=viro@zeniv.linux.org.uk \
--cc=yuchao0@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.