From: "Darrick J. Wong" <djwong@kernel.org>
To: Andrey Albershteyn <aalbersh@kernel.org>
Cc: linux-xfs@vger.kernel.org, fsverity@lists.linux.dev,
linux-fsdevel@vger.kernel.org, ebiggers@kernel.org, hch@lst.de
Subject: Re: [PATCH v3 01/35] fsverity: report validation errors back to the filesystem
Date: Wed, 18 Feb 2026 13:40:37 -0800 [thread overview]
Message-ID: <20260218214037.GA6467@frogsfrogsfrogs> (raw)
In-Reply-To: <20260217231937.1183679-2-aalbersh@kernel.org>
On Wed, Feb 18, 2026 at 12:19:01AM +0100, Andrey Albershteyn wrote:
> From: "Darrick J. Wong" <djwong@kernel.org>
>
> Provide a new function call so that validation errors can be reported
> back to the filesystem.
>
> Signed-off-by: Darrick J. Wong <djwong@kernel.org>
> Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
> ---
> fs/verity/verify.c | 4 ++++
> include/linux/fsverity.h | 14 ++++++++++++++
> include/trace/events/fsverity.h | 19 +++++++++++++++++++
> 3 files changed, 37 insertions(+)
>
> diff --git a/fs/verity/verify.c b/fs/verity/verify.c
> index 404ab68aaf9b..8f930b2ed9c0 100644
> --- a/fs/verity/verify.c
> +++ b/fs/verity/verify.c
> @@ -312,6 +312,10 @@ static bool verify_data_block(struct fsverity_info *vi,
> data_pos, level - 1, params->hash_alg->name, hsize, want_hash,
> params->hash_alg->name, hsize,
> level == 0 ? dblock->real_hash : real_hash);
> + trace_fsverity_file_corrupt(inode, data_pos, params->block_size);
> + if (inode->i_sb->s_vop->file_corrupt)
> + inode->i_sb->s_vop->file_corrupt(inode, data_pos,
> + params->block_size);
Once 7.0-rc1 lands you could turn this into:
fserror_report_data_lost(inode, data_pos, params->block_size,
GFP_WHATEVER);
--D
> error:
> for (; level > 0; level--) {
> kunmap_local(hblocks[level - 1].addr);
> diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
> index fed91023bea9..d8b581e3ce48 100644
> --- a/include/linux/fsverity.h
> +++ b/include/linux/fsverity.h
> @@ -132,6 +132,20 @@ struct fsverity_operations {
> */
> int (*write_merkle_tree_block)(struct file *file, const void *buf,
> u64 pos, unsigned int size);
> +
> + /**
> + * Notify the filesystem that file data is corrupt.
> + *
> + * @inode: the inode being validated
> + * @pos: the file position of the invalid data
> + * @len: the length of the invalid data
> + *
> + * This function is called when fs-verity detects that a portion of a
> + * file's data is inconsistent with the Merkle tree, or a Merkle tree
> + * block needed to validate the data is inconsistent with the level
> + * above it.
> + */
> + void (*file_corrupt)(struct inode *inode, loff_t pos, size_t len);
> };
>
> #ifdef CONFIG_FS_VERITY
> diff --git a/include/trace/events/fsverity.h b/include/trace/events/fsverity.h
> index a8c52f21cbd5..0c842aaa4158 100644
> --- a/include/trace/events/fsverity.h
> +++ b/include/trace/events/fsverity.h
> @@ -140,6 +140,25 @@ TRACE_EVENT(fsverity_verify_merkle_block,
> __entry->hidx)
> );
>
> +TRACE_EVENT(fsverity_file_corrupt,
> + TP_PROTO(const struct inode *inode, loff_t pos, size_t len),
> + TP_ARGS(inode, pos, len),
> + TP_STRUCT__entry(
> + __field(ino_t, ino)
> + __field(loff_t, pos)
> + __field(size_t, len)
> + ),
> + TP_fast_assign(
> + __entry->ino = inode->i_ino;
> + __entry->pos = pos;
> + __entry->len = len;
> + ),
> + TP_printk("ino %lu pos %llu len %zu",
> + (unsigned long) __entry->ino,
> + __entry->pos,
> + __entry->len)
> +);
> +
> #endif /* _TRACE_FSVERITY_H */
>
> /* This part must be outside protection */
> --
> 2.51.2
>
>
next prev parent reply other threads:[~2026-02-18 21:40 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-17 23:19 [PATCH v3 00/35] fs-verity support for XFS with post EOF merkle tree Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 01/35] fsverity: report validation errors back to the filesystem Andrey Albershteyn
2026-02-18 21:40 ` Darrick J. Wong [this message]
2026-02-17 23:19 ` [PATCH v3 02/35] fsverity: expose ensure_fsverity_info() Andrey Albershteyn
2026-02-18 21:41 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 03/35] fsverity: add consolidated pagecache offset for metadata Andrey Albershteyn
2026-02-18 6:17 ` Christoph Hellwig
2026-02-18 21:57 ` Darrick J. Wong
2026-02-19 13:09 ` Andrey Albershteyn
2026-02-19 17:16 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 04/35] fsverity: generate and store zero-block hash Andrey Albershteyn
2026-02-18 22:04 ` Darrick J. Wong
2026-02-19 13:00 ` Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 05/35] fsverity: introduce fsverity_folio_zero_hash() Andrey Albershteyn
2026-02-18 22:53 ` Darrick J. Wong
2026-02-19 12:45 ` Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 06/35] fsverity: pass digest size and hash of the empty block to ->write Andrey Albershteyn
2026-02-18 6:18 ` Christoph Hellwig
2026-02-18 12:17 ` Andrey Albershteyn
2026-02-19 5:58 ` Christoph Hellwig
2026-02-19 6:30 ` Eric Biggers
2026-02-23 13:23 ` Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 07/35] iomap: introduce IOMAP_F_FSVERITY Andrey Albershteyn
2026-02-18 23:03 ` Darrick J. Wong
2026-02-19 6:00 ` Christoph Hellwig
2026-02-19 6:04 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 08/35] iomap: don't limit fsverity metadata by EOF in writeback Andrey Albershteyn
2026-02-18 23:05 ` Darrick J. Wong
2026-02-19 12:27 ` Andrey Albershteyn
2026-02-20 16:42 ` Matthew Wilcox
2026-02-20 16:44 ` Christoph Hellwig
2026-02-17 23:19 ` [PATCH v3 09/35] iomap: obtain fsverity info for read path Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 10/35] iomap: issue readahead for fsverity merkle tree Andrey Albershteyn
2026-02-18 23:06 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 11/35] iomap: allow filesystem to read fsverity metadata beyound EOF Andrey Albershteyn
2026-02-18 6:36 ` Christoph Hellwig
2026-02-18 9:41 ` Andrey Albershteyn
2026-02-19 6:04 ` Christoph Hellwig
2026-02-19 11:11 ` Andrey Albershteyn
2026-02-19 13:38 ` Christoph Hellwig
2026-02-19 14:23 ` Andrey Albershteyn
2026-02-20 15:31 ` Christoph Hellwig
2026-02-23 15:10 ` Andrey Albershteyn
2026-02-24 14:42 ` Christoph Hellwig
2026-02-17 23:19 ` [PATCH v3 12/35] iomap: let fsverity verify holes Andrey Albershteyn
2026-02-18 23:09 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 13/35] xfs: use folio host instead of file struct Andrey Albershteyn
2026-02-18 6:32 ` Christoph Hellwig
2026-02-18 9:42 ` Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 14/35] xfs: add fs-verity ro-compat flag Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 15/35] xfs: add inode on-disk VERITY flag Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 16/35] xfs: initialize fs-verity on file open Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 17/35] xfs: don't allow to enable DAX on fs-verity sealed inode Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 18/35] xfs: disable direct read path for fs-verity files Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 19/35] xfs: introduce XFS_FSVERITY_CONSTRUCTION inode flag Andrey Albershteyn
2026-02-18 23:10 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 20/35] xfs: introduce XFS_FSVERITY_REGION_START constant Andrey Albershteyn
2026-02-18 6:33 ` Christoph Hellwig
2026-02-18 23:11 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 21/35] xfs: disable preallocations for fsverity Merkle tree writes Andrey Albershteyn
2026-02-18 23:12 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 22/35] xfs: add iomap write/writeback and reading of Merkle tree pages Andrey Albershteyn
2026-02-18 6:35 ` Christoph Hellwig
2026-02-18 10:18 ` Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 23/35] xfs: add helper to check that inode data need fsverity verification Andrey Albershteyn
2026-02-18 6:38 ` Christoph Hellwig
2026-02-18 9:46 ` Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 24/35] xfs: use read ioend for fsverity data verification Andrey Albershteyn
2026-02-18 6:39 ` Christoph Hellwig
2026-02-17 23:19 ` [PATCH v3 25/35] xfs: add helpers to convert between pagecache and on-disk offset Andrey Albershteyn
2026-02-18 23:20 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 26/35] xfs: add a helper to decide if bmbt record needs offset conversion Andrey Albershteyn
2026-02-19 17:41 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 27/35] xfs: use different on-disk and pagecache offset for fsverity Andrey Albershteyn
2026-02-19 19:30 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 28/35] xfs: add fs-verity support Andrey Albershteyn
2026-02-18 6:44 ` Christoph Hellwig
2026-02-18 9:57 ` Andrey Albershteyn
2026-02-19 6:11 ` Christoph Hellwig
2026-02-19 9:51 ` Andrey Albershteyn
2026-02-19 13:41 ` Christoph Hellwig
2026-02-19 14:38 ` Andrey Albershteyn
2026-02-19 17:29 ` Darrick J. Wong
2026-02-17 23:19 ` [PATCH v3 29/35] xfs: add fs-verity ioctls Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 30/35] xfs: advertise fs-verity being available on filesystem Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 31/35] xfs: check and repair the verity inode flag state Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 32/35] xfs: report verity failures through the health system Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 33/35] xfs: introduce health state for corrupted fsverity metadata Andrey Albershteyn
2026-02-19 17:34 ` Darrick J. Wong
2026-02-23 18:19 ` Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 34/35] xfs: add fsverity traces Andrey Albershteyn
2026-02-19 17:36 ` Darrick J. Wong
2026-02-23 18:12 ` Andrey Albershteyn
2026-02-17 23:19 ` [PATCH v3 35/35] xfs: enable ro-compat fs-verity flag Andrey Albershteyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260218214037.GA6467@frogsfrogsfrogs \
--to=djwong@kernel.org \
--cc=aalbersh@kernel.org \
--cc=ebiggers@kernel.org \
--cc=fsverity@lists.linux.dev \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.