From: Eric Biggers <ebiggers@kernel.org>
To: Christoph Hellwig <hch@lst.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>,
Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
David Sterba <dsterba@suse.com>, Theodore Ts'o <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>, Chao Yu <chao@kernel.org>,
Andrey Albershteyn <aalbersh@redhat.com>,
"Matthew Wilcox (Oracle)" <willy@infradead.org>,
linux-fsdevel@vger.kernel.org, linux-btrfs@vger.kernel.org,
linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net, fsverity@lists.linux.dev
Subject: Re: [PATCH 11/11] fsverity: use a hashtable to find the fsverity_info
Date: Sat, 24 Jan 2026 17:31:04 -0800 [thread overview]
Message-ID: <20260125013104.GA2255@sol> (raw)
In-Reply-To: <20260122082214.452153-12-hch@lst.de>
On Thu, Jan 22, 2026 at 09:22:07AM +0100, Christoph Hellwig wrote:
> +int fsverity_set_info(struct fsverity_info *vi)
> {
> - /*
> - * Multiple tasks may race to set the inode's verity info pointer, so
> - * use cmpxchg_release(). This pairs with the smp_load_acquire() in
> - * fsverity_get_info(). I.e., publish the pointer with a RELEASE
> - * barrier so that other tasks can ACQUIRE it.
> - */
> - if (cmpxchg_release(fsverity_info_addr(inode), NULL, vi) != NULL) {
> - /* Lost the race, so free the verity info we allocated. */
> - fsverity_free_info(vi);
> - /*
> - * Afterwards, the caller may access the inode's verity info
> - * directly, so make sure to ACQUIRE the winning verity info.
> - */
> - (void)fsverity_get_info(inode);
> - }
> + return rhashtable_lookup_insert_fast(&fsverity_info_hash,
> + &vi->rhash_head, fsverity_info_hash_params);
> }
>
> -void fsverity_free_info(struct fsverity_info *vi)
> +struct fsverity_info *__fsverity_get_info(const struct inode *inode)
> {
> - if (!vi)
> - return;
> - kfree(vi->tree_params.hashstate);
> - kvfree(vi->hash_block_verified);
> - kmem_cache_free(fsverity_info_cachep, vi);
> + return rhashtable_lookup_fast(&fsverity_info_hash, &inode,
> + fsverity_info_hash_params);
[...]
> + /*
> + * Multiple tasks may race to set the inode's verity info, in which case
> + * we might find an existing fsverity_info in the hash table.
> + */
> + found = rhashtable_lookup_get_insert_fast(&fsverity_info_hash,
> + &vi->rhash_head, fsverity_info_hash_params);
> + if (found) {
> + fsverity_free_info(vi);
> + if (IS_ERR(found))
> + err = PTR_ERR(found);
> + }
Is there any explanation for why it's safe to use the *_fast variants of
these functions?
> * fsverity_active() - do reads from the inode need to go through fs-verity?
> * @inode: inode to check
> *
> - * This checks whether the inode's verity info has been set.
> - *
> - * Filesystems call this from ->readahead() to check whether the pages need to
> - * be verified or not. Don't use IS_VERITY() for this purpose; it's subject to
> - * a race condition where the file is being read concurrently with
> - * FS_IOC_ENABLE_VERITY completing. (S_VERITY is set before the verity info.)
> + * This checks whether the inode's verity info has been set, and reads need
> + * to verify the verity information.
> *
> * Return: true if reads need to go through fs-verity, otherwise false
> */
> static inline bool fsverity_active(const struct inode *inode)
> {
> - return fsverity_get_info(inode) != NULL;
> + /*
> + * The memory barrier pairs with the try_cmpxchg in set_mask_bits used
> + * to set the S_VERITY bit in i_flags.
> + */
> + smp_mb();
> + return IS_ENABLED(CONFIG_FS_VERITY) && IS_VERITY(inode);
> +}
This looks incorrect. The memory barrier is needed after reading the
flag, not before. (See how smp_load_acquire() works.)
Also, it's needed only for verity inodes.
Maybe do:
if (IS_ENABLED(CONFIG_FS_VERITY) && IS_VERITY(inode)) {
/*
* This pairs with the try_cmpxchg in set_mask_bits()
* used to set the S_VERITY bit in i_flags.
*/
smp_mb();
return true;
}
return false;
- Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net>
To: Christoph Hellwig <hch@lst.de>
Cc: fsverity@lists.linux.dev, Christian Brauner <brauner@kernel.org>,
Theodore Ts'o <tytso@mit.edu>,
Andrey Albershteyn <aalbersh@redhat.com>,
"Matthew Wilcox \(Oracle\)" <willy@infradead.org>,
linux-f2fs-devel@lists.sourceforge.net,
linux-fsdevel@vger.kernel.org, Al Viro <viro@zeniv.linux.org.uk>,
Jaegeuk Kim <jaegeuk@kernel.org>, David Sterba <dsterba@suse.com>,
Jan Kara <jack@suse.cz>,
linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org
Subject: Re: [f2fs-dev] [PATCH 11/11] fsverity: use a hashtable to find the fsverity_info
Date: Sat, 24 Jan 2026 17:31:04 -0800 [thread overview]
Message-ID: <20260125013104.GA2255@sol> (raw)
In-Reply-To: <20260122082214.452153-12-hch@lst.de>
On Thu, Jan 22, 2026 at 09:22:07AM +0100, Christoph Hellwig wrote:
> +int fsverity_set_info(struct fsverity_info *vi)
> {
> - /*
> - * Multiple tasks may race to set the inode's verity info pointer, so
> - * use cmpxchg_release(). This pairs with the smp_load_acquire() in
> - * fsverity_get_info(). I.e., publish the pointer with a RELEASE
> - * barrier so that other tasks can ACQUIRE it.
> - */
> - if (cmpxchg_release(fsverity_info_addr(inode), NULL, vi) != NULL) {
> - /* Lost the race, so free the verity info we allocated. */
> - fsverity_free_info(vi);
> - /*
> - * Afterwards, the caller may access the inode's verity info
> - * directly, so make sure to ACQUIRE the winning verity info.
> - */
> - (void)fsverity_get_info(inode);
> - }
> + return rhashtable_lookup_insert_fast(&fsverity_info_hash,
> + &vi->rhash_head, fsverity_info_hash_params);
> }
>
> -void fsverity_free_info(struct fsverity_info *vi)
> +struct fsverity_info *__fsverity_get_info(const struct inode *inode)
> {
> - if (!vi)
> - return;
> - kfree(vi->tree_params.hashstate);
> - kvfree(vi->hash_block_verified);
> - kmem_cache_free(fsverity_info_cachep, vi);
> + return rhashtable_lookup_fast(&fsverity_info_hash, &inode,
> + fsverity_info_hash_params);
[...]
> + /*
> + * Multiple tasks may race to set the inode's verity info, in which case
> + * we might find an existing fsverity_info in the hash table.
> + */
> + found = rhashtable_lookup_get_insert_fast(&fsverity_info_hash,
> + &vi->rhash_head, fsverity_info_hash_params);
> + if (found) {
> + fsverity_free_info(vi);
> + if (IS_ERR(found))
> + err = PTR_ERR(found);
> + }
Is there any explanation for why it's safe to use the *_fast variants of
these functions?
> * fsverity_active() - do reads from the inode need to go through fs-verity?
> * @inode: inode to check
> *
> - * This checks whether the inode's verity info has been set.
> - *
> - * Filesystems call this from ->readahead() to check whether the pages need to
> - * be verified or not. Don't use IS_VERITY() for this purpose; it's subject to
> - * a race condition where the file is being read concurrently with
> - * FS_IOC_ENABLE_VERITY completing. (S_VERITY is set before the verity info.)
> + * This checks whether the inode's verity info has been set, and reads need
> + * to verify the verity information.
> *
> * Return: true if reads need to go through fs-verity, otherwise false
> */
> static inline bool fsverity_active(const struct inode *inode)
> {
> - return fsverity_get_info(inode) != NULL;
> + /*
> + * The memory barrier pairs with the try_cmpxchg in set_mask_bits used
> + * to set the S_VERITY bit in i_flags.
> + */
> + smp_mb();
> + return IS_ENABLED(CONFIG_FS_VERITY) && IS_VERITY(inode);
> +}
This looks incorrect. The memory barrier is needed after reading the
flag, not before. (See how smp_load_acquire() works.)
Also, it's needed only for verity inodes.
Maybe do:
if (IS_ENABLED(CONFIG_FS_VERITY) && IS_VERITY(inode)) {
/*
* This pairs with the try_cmpxchg in set_mask_bits()
* used to set the S_VERITY bit in i_flags.
*/
smp_mb();
return true;
}
return false;
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2026-01-25 1:31 UTC|newest]
Thread overview: 105+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-22 8:21 fsverity cleanups, speedup and memory usage optimization v2 Christoph Hellwig
2026-01-22 8:21 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:21 ` [PATCH 01/11] fs,fsverity: reject size changes on fsverity files in setattr_prepare Christoph Hellwig
2026-01-22 8:21 ` [f2fs-dev] [PATCH 01/11] fs, fsverity: " Christoph Hellwig
2026-01-22 9:12 ` [PATCH 01/11] fs,fsverity: " Jan Kara
2026-01-22 9:12 ` [f2fs-dev] [PATCH 01/11] fs, fsverity: " Jan Kara
2026-01-22 21:21 ` [PATCH 01/11] fs,fsverity: " Darrick J. Wong
2026-01-22 21:21 ` [f2fs-dev] [PATCH 01/11] fs, fsverity: " Darrick J. Wong via Linux-f2fs-devel
2026-01-22 8:21 ` [PATCH 02/11] fs,fsverity: clear out fsverity_info from common code Christoph Hellwig
2026-01-22 8:21 ` [f2fs-dev] [PATCH 02/11] fs, fsverity: " Christoph Hellwig
2026-01-22 9:15 ` [PATCH 02/11] fs,fsverity: " Jan Kara
2026-01-22 9:15 ` [f2fs-dev] [PATCH 02/11] fs, fsverity: " Jan Kara
2026-01-22 21:22 ` [PATCH 02/11] fs,fsverity: " Darrick J. Wong
2026-01-22 21:22 ` [f2fs-dev] [PATCH 02/11] fs, fsverity: " Darrick J. Wong via Linux-f2fs-devel
2026-01-22 8:21 ` [PATCH 03/11] fsverity: pass struct file to ->write_merkle_tree_block Christoph Hellwig
2026-01-22 8:21 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 10:04 ` Andrey Albershteyn
2026-01-22 10:04 ` [f2fs-dev] " Andrey Albershteyn via Linux-f2fs-devel
2026-01-22 21:23 ` Darrick J. Wong
2026-01-22 21:23 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-22 8:22 ` [PATCH 04/11] fsverity: start consolidating pagecache code Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 9:18 ` Jan Kara
2026-01-22 9:18 ` [f2fs-dev] " Jan Kara
2026-01-22 10:12 ` Andrey Albershteyn
2026-01-22 10:12 ` [f2fs-dev] " Andrey Albershteyn via Linux-f2fs-devel
2026-01-22 21:27 ` Darrick J. Wong
2026-01-22 21:27 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:12 ` Christoph Hellwig
2026-01-23 5:12 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:21 ` Darrick J. Wong
2026-01-23 7:21 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-24 19:27 ` Eric Biggers
2026-01-24 19:27 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-26 4:27 ` Christoph Hellwig
2026-01-26 4:27 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 05/11] fsverity: kick off hash readahead at data I/O submission time Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 21:42 ` Darrick J. Wong
2026-01-22 21:42 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:14 ` Christoph Hellwig
2026-01-23 5:14 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:22 ` Darrick J. Wong
2026-01-23 7:22 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-24 20:53 ` Eric Biggers
2026-01-24 20:53 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-26 4:30 ` Christoph Hellwig
2026-01-26 4:30 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 06/11] fsverity: push out fsverity_info lookup Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 21:45 ` Darrick J. Wong
2026-01-22 21:45 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-24 21:19 ` Eric Biggers
2026-01-24 21:19 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-26 4:33 ` Christoph Hellwig
2026-01-26 4:33 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 07/11] fs: consolidate fsverity_info lookup in buffer.c Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 21:49 ` Darrick J. Wong
2026-01-22 21:49 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:15 ` Christoph Hellwig
2026-01-23 5:15 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:23 ` Darrick J. Wong
2026-01-23 7:23 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 7:24 ` Christoph Hellwig
2026-01-23 7:24 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 08/11] ext4: consolidate fsverity_info lookup Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 21:54 ` Darrick J. Wong
2026-01-22 21:54 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:18 ` Christoph Hellwig
2026-01-23 5:18 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:25 ` Darrick J. Wong
2026-01-23 7:25 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-22 8:22 ` [PATCH 09/11] f2fs: " Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 10/11] btrfs: " Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 11/11] fsverity: use a hashtable to find the fsverity_info Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 22:04 ` Darrick J. Wong
2026-01-22 22:04 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:27 ` Christoph Hellwig
2026-01-23 5:27 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:27 ` Darrick J. Wong
2026-01-23 7:27 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 7:30 ` Christoph Hellwig
2026-01-23 7:30 ` [f2fs-dev] " Christoph Hellwig
2026-01-25 1:31 ` Eric Biggers [this message]
2026-01-25 1:31 ` Eric Biggers via Linux-f2fs-devel
2026-01-25 21:48 ` Matthew Wilcox
2026-01-25 21:48 ` [f2fs-dev] " Matthew Wilcox
2026-01-26 4:44 ` Christoph Hellwig
2026-01-26 4:44 ` [f2fs-dev] " Christoph Hellwig
2026-01-26 20:12 ` Eric Biggers
2026-01-26 20:12 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-28 21:38 ` Matthew Wilcox
2026-01-28 21:38 ` [f2fs-dev] " Matthew Wilcox
2026-01-28 22:14 ` Eric Biggers
2026-01-28 22:14 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-26 4:43 ` Christoph Hellwig
2026-01-26 4:43 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 15:42 ` fsverity cleanups, speedup and memory usage optimization v2 David Sterba
2026-01-22 15:42 ` [f2fs-dev] " David Sterba
-- strict thread matches above, loose matches on Subject: below --
2026-02-02 6:06 fsverity speedup and memory usage optimization v5 Christoph Hellwig
2026-02-02 6:06 ` [PATCH 11/11] fsverity: use a hashtable to find the fsverity_info Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260125013104.GA2255@sol \
--to=ebiggers@kernel.org \
--cc=aalbersh@redhat.com \
--cc=brauner@kernel.org \
--cc=chao@kernel.org \
--cc=dsterba@suse.com \
--cc=fsverity@lists.linux.dev \
--cc=hch@lst.de \
--cc=jack@suse.cz \
--cc=jaegeuk@kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=viro@zeniv.linux.org.uk \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.