From: "Theodore Ts'o" <tytso@mit.edu>
To: Eric Biggers <ebiggers@kernel.org>
Cc: "Darrick J . Wong" <darrick.wong@oracle.com>,
linux-api@vger.kernel.org, Dave Chinner <david@fromorbit.com>,
linux-f2fs-devel@lists.sourceforge.net,
linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Jaegeuk Kim <jaegeuk@kernel.org>,
linux-integrity@vger.kernel.org, linux-ext4@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Christoph Hellwig <hch@lst.de>,
Victor Hsieh <victorhsieh@google.com>
Subject: Re: [PATCH v6 14/17] ext4: add basic fs-verity support
Date: Sun, 7 Jul 2019 14:51:17 -0400 [thread overview]
Message-ID: <20190707185117.GC19775@mit.edu> (raw)
In-Reply-To: <20190701153237.1777-15-ebiggers@kernel.org>
On Mon, Jul 01, 2019 at 08:32:34AM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> Add most of fs-verity support to ext4. fs-verity is a filesystem
> feature that enables transparent integrity protection and authentication
> of read-only files. It uses a dm-verity like mechanism at the file
> level: a Merkle tree is used to verify any block in the file in
> log(filesize) time. It is implemented mainly by helper functions in
> fs/verity/. See Documentation/filesystems/fsverity.rst for the full
> documentation.
>
> This commit adds all of ext4 fs-verity support except for the actual
> data verification, including:
>
> - Adding a filesystem feature flag and an inode flag for fs-verity.
>
> - Implementing the fsverity_operations to support enabling verity on an
> inode and reading/writing the verity metadata.
>
> - Updating ->write_begin(), ->write_end(), and ->writepages() to support
> writing verity metadata pages.
>
> - Calling the fs-verity hooks for ->open(), ->setattr(), and ->ioctl().
>
> ext4 stores the verity metadata (Merkle tree and fsverity_descriptor)
> past the end of the file, starting at the first 64K boundary beyond
> i_size. This approach works because (a) verity files are readonly, and
> (b) pages fully beyond i_size aren't visible to userspace but can be
> read/written internally by ext4 with only some relatively small changes
> to ext4. This approach avoids having to depend on the EA_INODE feature
> and on rearchitecturing ext4's xattr support to support paging
> multi-gigabyte xattrs into memory, and to support encrypting xattrs.
> Note that the verity metadata *must* be encrypted when the file is,
> since it contains hashes of the plaintext data.
>
> This patch incorporates work by Theodore Ts'o and Chandan Rajendra.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Looks good. You can add:
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Thanks,
- Ted
WARNING: multiple messages have this Message-ID (diff)
From: "Theodore Ts'o" <tytso@mit.edu>
To: Eric Biggers <ebiggers@kernel.org>
Cc: linux-fscrypt@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org,
linux-integrity@vger.kernel.org, Jaegeuk Kim <jaegeuk@kernel.org>,
Victor Hsieh <victorhsieh@google.com>,
Chandan Rajendra <chandan@linux.vnet.ibm.com>,
Dave Chinner <david@fromorbit.com>,
Christoph Hellwig <hch@lst.de>,
"Darrick J . Wong" <darrick.wong@oracle.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH v6 14/17] ext4: add basic fs-verity support
Date: Sun, 7 Jul 2019 14:51:17 -0400 [thread overview]
Message-ID: <20190707185117.GC19775@mit.edu> (raw)
In-Reply-To: <20190701153237.1777-15-ebiggers@kernel.org>
On Mon, Jul 01, 2019 at 08:32:34AM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> Add most of fs-verity support to ext4. fs-verity is a filesystem
> feature that enables transparent integrity protection and authentication
> of read-only files. It uses a dm-verity like mechanism at the file
> level: a Merkle tree is used to verify any block in the file in
> log(filesize) time. It is implemented mainly by helper functions in
> fs/verity/. See Documentation/filesystems/fsverity.rst for the full
> documentation.
>
> This commit adds all of ext4 fs-verity support except for the actual
> data verification, including:
>
> - Adding a filesystem feature flag and an inode flag for fs-verity.
>
> - Implementing the fsverity_operations to support enabling verity on an
> inode and reading/writing the verity metadata.
>
> - Updating ->write_begin(), ->write_end(), and ->writepages() to support
> writing verity metadata pages.
>
> - Calling the fs-verity hooks for ->open(), ->setattr(), and ->ioctl().
>
> ext4 stores the verity metadata (Merkle tree and fsverity_descriptor)
> past the end of the file, starting at the first 64K boundary beyond
> i_size. This approach works because (a) verity files are readonly, and
> (b) pages fully beyond i_size aren't visible to userspace but can be
> read/written internally by ext4 with only some relatively small changes
> to ext4. This approach avoids having to depend on the EA_INODE feature
> and on rearchitecturing ext4's xattr support to support paging
> multi-gigabyte xattrs into memory, and to support encrypting xattrs.
> Note that the verity metadata *must* be encrypted when the file is,
> since it contains hashes of the plaintext data.
>
> This patch incorporates work by Theodore Ts'o and Chandan Rajendra.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Looks good. You can add:
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Thanks,
- Ted
WARNING: multiple messages have this Message-ID (diff)
From: "Theodore Ts'o" <tytso@mit.edu>
To: Eric Biggers <ebiggers@kernel.org>
Cc: "Darrick J . Wong" <darrick.wong@oracle.com>,
linux-api@vger.kernel.org, Dave Chinner <david@fromorbit.com>,
linux-f2fs-devel@lists.sourceforge.net,
linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Jaegeuk Kim <jaegeuk@kernel.org>,
linux-integrity@vger.kernel.org, linux-ext4@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Christoph Hellwig <hch@lst.de>,
Victor Hsieh <victorhsieh@google.com>
Subject: Re: [f2fs-dev] [PATCH v6 14/17] ext4: add basic fs-verity support
Date: Sun, 7 Jul 2019 14:51:17 -0400 [thread overview]
Message-ID: <20190707185117.GC19775@mit.edu> (raw)
In-Reply-To: <20190701153237.1777-15-ebiggers@kernel.org>
On Mon, Jul 01, 2019 at 08:32:34AM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> Add most of fs-verity support to ext4. fs-verity is a filesystem
> feature that enables transparent integrity protection and authentication
> of read-only files. It uses a dm-verity like mechanism at the file
> level: a Merkle tree is used to verify any block in the file in
> log(filesize) time. It is implemented mainly by helper functions in
> fs/verity/. See Documentation/filesystems/fsverity.rst for the full
> documentation.
>
> This commit adds all of ext4 fs-verity support except for the actual
> data verification, including:
>
> - Adding a filesystem feature flag and an inode flag for fs-verity.
>
> - Implementing the fsverity_operations to support enabling verity on an
> inode and reading/writing the verity metadata.
>
> - Updating ->write_begin(), ->write_end(), and ->writepages() to support
> writing verity metadata pages.
>
> - Calling the fs-verity hooks for ->open(), ->setattr(), and ->ioctl().
>
> ext4 stores the verity metadata (Merkle tree and fsverity_descriptor)
> past the end of the file, starting at the first 64K boundary beyond
> i_size. This approach works because (a) verity files are readonly, and
> (b) pages fully beyond i_size aren't visible to userspace but can be
> read/written internally by ext4 with only some relatively small changes
> to ext4. This approach avoids having to depend on the EA_INODE feature
> and on rearchitecturing ext4's xattr support to support paging
> multi-gigabyte xattrs into memory, and to support encrypting xattrs.
> Note that the verity metadata *must* be encrypted when the file is,
> since it contains hashes of the plaintext data.
>
> This patch incorporates work by Theodore Ts'o and Chandan Rajendra.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Looks good. You can add:
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Thanks,
- Ted
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2019-07-07 18:51 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-01 15:32 [PATCH v6 00/17] fs-verity: read-only file-based authenticity protection Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 01/17] fs-verity: add a documentation file Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 02/17] fs-verity: add MAINTAINERS file entry Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 03/17] fs-verity: add UAPI header Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 04/17] fs: uapi: define verity bit for FS_IOC_GETFLAGS Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 05/17] fs-verity: add Kconfig and the helper functions for hashing Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 06/17] fs-verity: add inode and superblock fields Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 07/17] fs-verity: add the hook for file ->open() Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 08/17] fs-verity: add the hook for file ->setattr() Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 09/17] fs-verity: add data verification hooks for ->readpages() Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 10/17] fs-verity: implement FS_IOC_ENABLE_VERITY ioctl Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-03 20:14 ` Eric Biggers
2019-07-03 20:14 ` [f2fs-dev] " Eric Biggers
2019-07-03 20:14 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 11/17] fs-verity: implement FS_IOC_MEASURE_VERITY ioctl Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 12/17] fs-verity: add SHA-512 support Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-01 15:32 ` [PATCH v6 13/17] fs-verity: support builtin file signatures Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-07 18:47 ` Theodore Ts'o
2019-07-07 18:47 ` [f2fs-dev] " Theodore Ts'o
2019-07-07 18:47 ` Theodore Ts'o
2019-07-01 15:32 ` [PATCH v6 14/17] ext4: add basic fs-verity support Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-07 18:51 ` Theodore Ts'o [this message]
2019-07-07 18:51 ` [f2fs-dev] " Theodore Ts'o
2019-07-07 18:51 ` Theodore Ts'o
2019-07-01 15:32 ` [PATCH v6 15/17] ext4: add fs-verity read support Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-07 18:54 ` Theodore Ts'o
2019-07-07 18:54 ` [f2fs-dev] " Theodore Ts'o
2019-07-07 18:54 ` Theodore Ts'o
2019-07-01 15:32 ` [PATCH v6 16/17] ext4: update on-disk format documentation for fs-verity Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-07 18:54 ` Theodore Ts'o
2019-07-07 18:54 ` [f2fs-dev] " Theodore Ts'o
2019-07-07 18:54 ` Theodore Ts'o
2019-07-01 15:32 ` [PATCH v6 17/17] f2fs: add fs-verity support Eric Biggers
2019-07-01 15:32 ` [f2fs-dev] " Eric Biggers
2019-07-01 15:32 ` Eric Biggers
2019-07-03 1:25 ` Chao Yu
2019-07-03 1:25 ` [f2fs-dev] " Chao Yu
2019-07-03 1:25 ` Chao Yu
2019-07-03 1:25 ` Chao Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190707185117.GC19775@mit.edu \
--to=tytso@mit.edu \
--cc=darrick.wong@oracle.com \
--cc=david@fromorbit.com \
--cc=ebiggers@kernel.org \
--cc=hch@lst.de \
--cc=jaegeuk@kernel.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=victorhsieh@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.