From: Eric Biggers <ebiggers@kernel.org>
To: Christoph Hellwig <hch@lst.de>
Cc: Matthew Wilcox <willy@infradead.org>,
Al Viro <viro@zeniv.linux.org.uk>,
Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
David Sterba <dsterba@suse.com>, Theodore Ts'o <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>, Chao Yu <chao@kernel.org>,
Andrey Albershteyn <aalbersh@redhat.com>,
linux-fsdevel@vger.kernel.org, linux-btrfs@vger.kernel.org,
linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net, fsverity@lists.linux.dev
Subject: Re: [PATCH 11/11] fsverity: use a hashtable to find the fsverity_info
Date: Mon, 26 Jan 2026 12:12:06 -0800 [thread overview]
Message-ID: <20260126201206.GA30838@quark> (raw)
In-Reply-To: <20260126044432.GE30803@lst.de>
On Mon, Jan 26, 2026 at 05:44:32AM +0100, Christoph Hellwig wrote:
> On Sun, Jan 25, 2026 at 09:48:22PM +0000, Matthew Wilcox wrote:
> > Is there a reason not to do as DAX did:
>
> > +#ifdef CONFIG_FS_VERITY
> > #define S_VERITY (1 << 16) /* Verity file (using fs/verity/) */
> > +#else
> > +#define S_VERITY 0 /* Make all the verity checks disappear */
> > +#endif
> > #define S_KERNEL_FILE (1 << 17) /* File is in use by the kernel (eg. fs/cachefiles) */
> > #define S_ANON_INODE (1 << 19) /* Inode is an anonymous inode */
> >
> >
> > and then we can drop the CONFIG_FS_VERITY check here and in (at leaast)
> > three other places
>
> I looked into this, but wasn't entirely sure about all callers. Also
> in at least some places we might need the barrier in fsverity_active,
> so my plan was to see how many of the checks should simply be converted
> to fsverity_active in a follow on and how much is left after that first.
When CONFIG_FS_VERITY=n, there can still be inodes that have fsverity
enabled, since they might have already been present on the filesystem.
The S_VERITY flag and the corresponding IS_VERITY() macro are being used
to identify such inodes and handle them appropriately.
Consider fsverity_file_open() for example:
static inline int fsverity_file_open(struct inode *inode, struct file *filp)
{
if (IS_VERITY(inode))
return __fsverity_file_open(inode, filp);
return 0;
}
When CONFIG_FS_VERITY=n, __fsverity_file_open() resolves to the stub:
static inline int __fsverity_file_open(struct inode *inode, struct file *filp)
{
return -EOPNOTSUPP;
}
So the result is that on a kernel that doesn't have fsverity support
enabled, trying to open an fsverity file fails with EOPNOTSUPP.
But this relies on IS_VERITY() still working correctly.
Similar code that relies on IS_VERITY() working correctly exists in
other places as well, for example in the implementation of statx().
So IS_VERITY() can't be changed to always return false when
CONFIG_FS_VERITY=n, unless we identified all the callers like these and
updated them to check the underlying filesystem-specific flag instead.
- Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net>
To: Christoph Hellwig <hch@lst.de>
Cc: fsverity@lists.linux.dev, Christian Brauner <brauner@kernel.org>,
Theodore Ts'o <tytso@mit.edu>,
Andrey Albershteyn <aalbersh@redhat.com>,
Matthew Wilcox <willy@infradead.org>,
linux-f2fs-devel@lists.sourceforge.net,
linux-fsdevel@vger.kernel.org, Al Viro <viro@zeniv.linux.org.uk>,
Jaegeuk Kim <jaegeuk@kernel.org>, David Sterba <dsterba@suse.com>,
Jan Kara <jack@suse.cz>,
linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org
Subject: Re: [f2fs-dev] [PATCH 11/11] fsverity: use a hashtable to find the fsverity_info
Date: Mon, 26 Jan 2026 12:12:06 -0800 [thread overview]
Message-ID: <20260126201206.GA30838@quark> (raw)
In-Reply-To: <20260126044432.GE30803@lst.de>
On Mon, Jan 26, 2026 at 05:44:32AM +0100, Christoph Hellwig wrote:
> On Sun, Jan 25, 2026 at 09:48:22PM +0000, Matthew Wilcox wrote:
> > Is there a reason not to do as DAX did:
>
> > +#ifdef CONFIG_FS_VERITY
> > #define S_VERITY (1 << 16) /* Verity file (using fs/verity/) */
> > +#else
> > +#define S_VERITY 0 /* Make all the verity checks disappear */
> > +#endif
> > #define S_KERNEL_FILE (1 << 17) /* File is in use by the kernel (eg. fs/cachefiles) */
> > #define S_ANON_INODE (1 << 19) /* Inode is an anonymous inode */
> >
> >
> > and then we can drop the CONFIG_FS_VERITY check here and in (at leaast)
> > three other places
>
> I looked into this, but wasn't entirely sure about all callers. Also
> in at least some places we might need the barrier in fsverity_active,
> so my plan was to see how many of the checks should simply be converted
> to fsverity_active in a follow on and how much is left after that first.
When CONFIG_FS_VERITY=n, there can still be inodes that have fsverity
enabled, since they might have already been present on the filesystem.
The S_VERITY flag and the corresponding IS_VERITY() macro are being used
to identify such inodes and handle them appropriately.
Consider fsverity_file_open() for example:
static inline int fsverity_file_open(struct inode *inode, struct file *filp)
{
if (IS_VERITY(inode))
return __fsverity_file_open(inode, filp);
return 0;
}
When CONFIG_FS_VERITY=n, __fsverity_file_open() resolves to the stub:
static inline int __fsverity_file_open(struct inode *inode, struct file *filp)
{
return -EOPNOTSUPP;
}
So the result is that on a kernel that doesn't have fsverity support
enabled, trying to open an fsverity file fails with EOPNOTSUPP.
But this relies on IS_VERITY() still working correctly.
Similar code that relies on IS_VERITY() working correctly exists in
other places as well, for example in the implementation of statx().
So IS_VERITY() can't be changed to always return false when
CONFIG_FS_VERITY=n, unless we identified all the callers like these and
updated them to check the underlying filesystem-specific flag instead.
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2026-01-26 20:12 UTC|newest]
Thread overview: 105+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-22 8:21 fsverity cleanups, speedup and memory usage optimization v2 Christoph Hellwig
2026-01-22 8:21 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:21 ` [PATCH 01/11] fs,fsverity: reject size changes on fsverity files in setattr_prepare Christoph Hellwig
2026-01-22 8:21 ` [f2fs-dev] [PATCH 01/11] fs, fsverity: " Christoph Hellwig
2026-01-22 9:12 ` [PATCH 01/11] fs,fsverity: " Jan Kara
2026-01-22 9:12 ` [f2fs-dev] [PATCH 01/11] fs, fsverity: " Jan Kara
2026-01-22 21:21 ` [PATCH 01/11] fs,fsverity: " Darrick J. Wong
2026-01-22 21:21 ` [f2fs-dev] [PATCH 01/11] fs, fsverity: " Darrick J. Wong via Linux-f2fs-devel
2026-01-22 8:21 ` [PATCH 02/11] fs,fsverity: clear out fsverity_info from common code Christoph Hellwig
2026-01-22 8:21 ` [f2fs-dev] [PATCH 02/11] fs, fsverity: " Christoph Hellwig
2026-01-22 9:15 ` [PATCH 02/11] fs,fsverity: " Jan Kara
2026-01-22 9:15 ` [f2fs-dev] [PATCH 02/11] fs, fsverity: " Jan Kara
2026-01-22 21:22 ` [PATCH 02/11] fs,fsverity: " Darrick J. Wong
2026-01-22 21:22 ` [f2fs-dev] [PATCH 02/11] fs, fsverity: " Darrick J. Wong via Linux-f2fs-devel
2026-01-22 8:21 ` [PATCH 03/11] fsverity: pass struct file to ->write_merkle_tree_block Christoph Hellwig
2026-01-22 8:21 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 10:04 ` Andrey Albershteyn
2026-01-22 10:04 ` [f2fs-dev] " Andrey Albershteyn via Linux-f2fs-devel
2026-01-22 21:23 ` Darrick J. Wong
2026-01-22 21:23 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-22 8:22 ` [PATCH 04/11] fsverity: start consolidating pagecache code Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 9:18 ` Jan Kara
2026-01-22 9:18 ` [f2fs-dev] " Jan Kara
2026-01-22 10:12 ` Andrey Albershteyn
2026-01-22 10:12 ` [f2fs-dev] " Andrey Albershteyn via Linux-f2fs-devel
2026-01-22 21:27 ` Darrick J. Wong
2026-01-22 21:27 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:12 ` Christoph Hellwig
2026-01-23 5:12 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:21 ` Darrick J. Wong
2026-01-23 7:21 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-24 19:27 ` Eric Biggers
2026-01-24 19:27 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-26 4:27 ` Christoph Hellwig
2026-01-26 4:27 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 05/11] fsverity: kick off hash readahead at data I/O submission time Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 21:42 ` Darrick J. Wong
2026-01-22 21:42 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:14 ` Christoph Hellwig
2026-01-23 5:14 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:22 ` Darrick J. Wong
2026-01-23 7:22 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-24 20:53 ` Eric Biggers
2026-01-24 20:53 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-26 4:30 ` Christoph Hellwig
2026-01-26 4:30 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 06/11] fsverity: push out fsverity_info lookup Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 21:45 ` Darrick J. Wong
2026-01-22 21:45 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-24 21:19 ` Eric Biggers
2026-01-24 21:19 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-26 4:33 ` Christoph Hellwig
2026-01-26 4:33 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 07/11] fs: consolidate fsverity_info lookup in buffer.c Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 21:49 ` Darrick J. Wong
2026-01-22 21:49 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:15 ` Christoph Hellwig
2026-01-23 5:15 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:23 ` Darrick J. Wong
2026-01-23 7:23 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 7:24 ` Christoph Hellwig
2026-01-23 7:24 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 08/11] ext4: consolidate fsverity_info lookup Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 21:54 ` Darrick J. Wong
2026-01-22 21:54 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:18 ` Christoph Hellwig
2026-01-23 5:18 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:25 ` Darrick J. Wong
2026-01-23 7:25 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-22 8:22 ` [PATCH 09/11] f2fs: " Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 10/11] btrfs: " Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 8:22 ` [PATCH 11/11] fsverity: use a hashtable to find the fsverity_info Christoph Hellwig
2026-01-22 8:22 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 22:04 ` Darrick J. Wong
2026-01-22 22:04 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 5:27 ` Christoph Hellwig
2026-01-23 5:27 ` [f2fs-dev] " Christoph Hellwig
2026-01-23 7:27 ` Darrick J. Wong
2026-01-23 7:27 ` [f2fs-dev] " Darrick J. Wong via Linux-f2fs-devel
2026-01-23 7:30 ` Christoph Hellwig
2026-01-23 7:30 ` [f2fs-dev] " Christoph Hellwig
2026-01-25 1:31 ` Eric Biggers
2026-01-25 1:31 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-25 21:48 ` Matthew Wilcox
2026-01-25 21:48 ` [f2fs-dev] " Matthew Wilcox
2026-01-26 4:44 ` Christoph Hellwig
2026-01-26 4:44 ` [f2fs-dev] " Christoph Hellwig
2026-01-26 20:12 ` Eric Biggers [this message]
2026-01-26 20:12 ` Eric Biggers via Linux-f2fs-devel
2026-01-28 21:38 ` Matthew Wilcox
2026-01-28 21:38 ` [f2fs-dev] " Matthew Wilcox
2026-01-28 22:14 ` Eric Biggers
2026-01-28 22:14 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2026-01-26 4:43 ` Christoph Hellwig
2026-01-26 4:43 ` [f2fs-dev] " Christoph Hellwig
2026-01-22 15:42 ` fsverity cleanups, speedup and memory usage optimization v2 David Sterba
2026-01-22 15:42 ` [f2fs-dev] " David Sterba
-- strict thread matches above, loose matches on Subject: below --
2026-02-02 6:06 fsverity speedup and memory usage optimization v5 Christoph Hellwig
2026-02-02 6:06 ` [PATCH 11/11] fsverity: use a hashtable to find the fsverity_info Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260126201206.GA30838@quark \
--to=ebiggers@kernel.org \
--cc=aalbersh@redhat.com \
--cc=brauner@kernel.org \
--cc=chao@kernel.org \
--cc=dsterba@suse.com \
--cc=fsverity@lists.linux.dev \
--cc=hch@lst.de \
--cc=jack@suse.cz \
--cc=jaegeuk@kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=viro@zeniv.linux.org.uk \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.