From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-btrfs@vger.kernel.org, linux-xfs@vger.kernel.org
Subject: [PATCH 2/4] fsverity: optimize fsverity_prepare_setattr() on non-verity files
Date: Wed, 14 Dec 2022 14:43:02 -0800 [thread overview]
Message-ID: <20221214224304.145712-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20221214224304.145712-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Make fsverity_prepare_setattr() an inline function that does the
IS_VERITY() check, then (if needed) calls __fsverity_prepare_setattr()
to do the real work. This reduces the overhead on non-verity files.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
fs/verity/open.c | 16 +++-------------
include/linux/fsverity.h | 26 ++++++++++++++++++++++----
2 files changed, 25 insertions(+), 17 deletions(-)
diff --git a/fs/verity/open.c b/fs/verity/open.c
index 673d6db9abdf..e1e531d5e09a 100644
--- a/fs/verity/open.c
+++ b/fs/verity/open.c
@@ -337,26 +337,16 @@ int __fsverity_file_open(struct inode *inode, struct file *filp)
}
EXPORT_SYMBOL_GPL(__fsverity_file_open);
-/**
- * fsverity_prepare_setattr() - prepare to change a verity inode's attributes
- * @dentry: dentry through which the inode is being changed
- * @attr: attributes to change
- *
- * Verity files are immutable, so deny truncates. This isn't covered by the
- * open-time check because sys_truncate() takes a path, not a file descriptor.
- *
- * Return: 0 on success, -errno on failure
- */
-int fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr)
+int __fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr)
{
- if (IS_VERITY(d_inode(dentry)) && (attr->ia_valid & ATTR_SIZE)) {
+ if (attr->ia_valid & ATTR_SIZE) {
pr_debug("Denying truncate of verity file (ino %lu)\n",
d_inode(dentry)->i_ino);
return -EPERM;
}
return 0;
}
-EXPORT_SYMBOL_GPL(fsverity_prepare_setattr);
+EXPORT_SYMBOL_GPL(__fsverity_prepare_setattr);
/**
* fsverity_cleanup_inode() - free the inode's verity info, if present
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index 326bf2e2b903..84b498fff7ec 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -149,7 +149,7 @@ int fsverity_get_digest(struct inode *inode,
/* open.c */
int __fsverity_file_open(struct inode *inode, struct file *filp);
-int fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr);
+int __fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr);
void fsverity_cleanup_inode(struct inode *inode);
/* read_metadata.c */
@@ -198,10 +198,10 @@ static inline int __fsverity_file_open(struct inode *inode, struct file *filp)
return -EOPNOTSUPP;
}
-static inline int fsverity_prepare_setattr(struct dentry *dentry,
- struct iattr *attr)
+static inline int __fsverity_prepare_setattr(struct dentry *dentry,
+ struct iattr *attr)
{
- return IS_VERITY(d_inode(dentry)) ? -EOPNOTSUPP : 0;
+ return -EOPNOTSUPP;
}
static inline void fsverity_cleanup_inode(struct inode *inode)
@@ -274,4 +274,22 @@ static inline int fsverity_file_open(struct inode *inode, struct file *filp)
return 0;
}
+/**
+ * fsverity_prepare_setattr() - prepare to change a verity inode's attributes
+ * @dentry: dentry through which the inode is being changed
+ * @attr: attributes to change
+ *
+ * Verity files are immutable, so deny truncates. This isn't covered by the
+ * open-time check because sys_truncate() takes a path, not a file descriptor.
+ *
+ * Return: 0 on success, -errno on failure
+ */
+static inline int fsverity_prepare_setattr(struct dentry *dentry,
+ struct iattr *attr)
+{
+ if (IS_VERITY(d_inode(dentry)))
+ return __fsverity_prepare_setattr(dentry, attr);
+ return 0;
+}
+
#endif /* _LINUX_FSVERITY_H */
--
2.38.1
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: linux-xfs@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-btrfs@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net
Subject: [f2fs-dev] [PATCH 2/4] fsverity: optimize fsverity_prepare_setattr() on non-verity files
Date: Wed, 14 Dec 2022 14:43:02 -0800 [thread overview]
Message-ID: <20221214224304.145712-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20221214224304.145712-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Make fsverity_prepare_setattr() an inline function that does the
IS_VERITY() check, then (if needed) calls __fsverity_prepare_setattr()
to do the real work. This reduces the overhead on non-verity files.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
fs/verity/open.c | 16 +++-------------
include/linux/fsverity.h | 26 ++++++++++++++++++++++----
2 files changed, 25 insertions(+), 17 deletions(-)
diff --git a/fs/verity/open.c b/fs/verity/open.c
index 673d6db9abdf..e1e531d5e09a 100644
--- a/fs/verity/open.c
+++ b/fs/verity/open.c
@@ -337,26 +337,16 @@ int __fsverity_file_open(struct inode *inode, struct file *filp)
}
EXPORT_SYMBOL_GPL(__fsverity_file_open);
-/**
- * fsverity_prepare_setattr() - prepare to change a verity inode's attributes
- * @dentry: dentry through which the inode is being changed
- * @attr: attributes to change
- *
- * Verity files are immutable, so deny truncates. This isn't covered by the
- * open-time check because sys_truncate() takes a path, not a file descriptor.
- *
- * Return: 0 on success, -errno on failure
- */
-int fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr)
+int __fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr)
{
- if (IS_VERITY(d_inode(dentry)) && (attr->ia_valid & ATTR_SIZE)) {
+ if (attr->ia_valid & ATTR_SIZE) {
pr_debug("Denying truncate of verity file (ino %lu)\n",
d_inode(dentry)->i_ino);
return -EPERM;
}
return 0;
}
-EXPORT_SYMBOL_GPL(fsverity_prepare_setattr);
+EXPORT_SYMBOL_GPL(__fsverity_prepare_setattr);
/**
* fsverity_cleanup_inode() - free the inode's verity info, if present
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index 326bf2e2b903..84b498fff7ec 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -149,7 +149,7 @@ int fsverity_get_digest(struct inode *inode,
/* open.c */
int __fsverity_file_open(struct inode *inode, struct file *filp);
-int fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr);
+int __fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr);
void fsverity_cleanup_inode(struct inode *inode);
/* read_metadata.c */
@@ -198,10 +198,10 @@ static inline int __fsverity_file_open(struct inode *inode, struct file *filp)
return -EOPNOTSUPP;
}
-static inline int fsverity_prepare_setattr(struct dentry *dentry,
- struct iattr *attr)
+static inline int __fsverity_prepare_setattr(struct dentry *dentry,
+ struct iattr *attr)
{
- return IS_VERITY(d_inode(dentry)) ? -EOPNOTSUPP : 0;
+ return -EOPNOTSUPP;
}
static inline void fsverity_cleanup_inode(struct inode *inode)
@@ -274,4 +274,22 @@ static inline int fsverity_file_open(struct inode *inode, struct file *filp)
return 0;
}
+/**
+ * fsverity_prepare_setattr() - prepare to change a verity inode's attributes
+ * @dentry: dentry through which the inode is being changed
+ * @attr: attributes to change
+ *
+ * Verity files are immutable, so deny truncates. This isn't covered by the
+ * open-time check because sys_truncate() takes a path, not a file descriptor.
+ *
+ * Return: 0 on success, -errno on failure
+ */
+static inline int fsverity_prepare_setattr(struct dentry *dentry,
+ struct iattr *attr)
+{
+ if (IS_VERITY(d_inode(dentry)))
+ return __fsverity_prepare_setattr(dentry, attr);
+ return 0;
+}
+
#endif /* _LINUX_FSVERITY_H */
--
2.38.1
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2022-12-14 22:46 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-14 22:43 [PATCH 0/4] fsverity cleanups Eric Biggers
2022-12-14 22:43 ` [f2fs-dev] " Eric Biggers
2022-12-14 22:43 ` [PATCH 1/4] fsverity: optimize fsverity_file_open() on non-verity files Eric Biggers
2022-12-14 22:43 ` [f2fs-dev] " Eric Biggers
2022-12-14 22:43 ` Eric Biggers [this message]
2022-12-14 22:43 ` [f2fs-dev] [PATCH 2/4] fsverity: optimize fsverity_prepare_setattr() " Eric Biggers
2022-12-14 22:43 ` [PATCH 3/4] fsverity: optimize fsverity_cleanup_inode() " Eric Biggers
2022-12-14 22:43 ` [f2fs-dev] " Eric Biggers
2022-12-14 22:43 ` [PATCH 4/4] fsverity: pass pos and size to ->write_merkle_tree_block Eric Biggers
2022-12-14 22:43 ` [f2fs-dev] " Eric Biggers
[not found] ` <20230125122227.lgwp2t5tdzten3dk@aalbersh.remote.csb>
2023-01-25 18:12 ` Eric Biggers
2023-01-25 18:12 ` [f2fs-dev] " Eric Biggers
2022-12-14 23:10 ` [PATCH 0/4] fsverity cleanups Dave Chinner
2022-12-14 23:10 ` [f2fs-dev] " Dave Chinner
2023-01-04 6:58 ` Eric Biggers
2023-01-04 6:58 ` [f2fs-dev] " Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221214224304.145712-3-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.