From: "Darrick J. Wong" <djwong@kernel.org>
To: "Darrick J. Wong" <aalbersh@redhat.com>
Cc: fsverity@lists.linux.dev, linux-xfs@vger.kernel.org,
ebiggers@kernel.org, linux-fsdevel@vger.kernel.org,
aalbersh@kernel.org, david@fromorbit.com, hch@lst.de
Subject: Re: [PATCH v2 1/22] fsverity: report validation errors back to the filesystem
Date: Mon, 12 Jan 2026 17:29:11 -0800 [thread overview]
Message-ID: <20260113012911.GU15551@frogsfrogsfrogs> (raw)
In-Reply-To: <dx6z2f5lrnevosqoqr4a2aa5bmxldmishn6ln22hvdkuxxmjqa@rddd4kri6bce>
> To: "Darrick J. Wong" <aalbersh@redhat.com>
Say ^^^^^^^ what?
On Mon, Jan 12, 2026 at 03:49:50PM +0100, Darrick J. Wong wrote:
> Provide a new function call so that validation errors can be reported
> back to the filesystem.
>
> Signed-off-by: Darrick J. Wong <djwong@kernel.org>
> Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
> ---
> fs/verity/verify.c | 4 ++++
> include/linux/fsverity.h | 14 ++++++++++++++
> include/trace/events/fsverity.h | 19 +++++++++++++++++++
> 3 files changed, 37 insertions(+), 0 deletions(-)
>
> diff --git a/fs/verity/verify.c b/fs/verity/verify.c
> index 47a66f088f..ef411cf5d8 100644
> --- a/fs/verity/verify.c
> +++ b/fs/verity/verify.c
> @@ -271,6 +271,10 @@
> data_pos, level - 1, params->hash_alg->name, hsize, want_hash,
> params->hash_alg->name, hsize,
> level == 0 ? dblock->real_hash : real_hash);
> + trace_fsverity_file_corrupt(inode, data_pos, params->block_size);
> + if (inode->i_sb->s_vop->file_corrupt)
> + inode->i_sb->s_vop->file_corrupt(inode, data_pos,
> + params->block_size);
If fserror_report[1] gets merged before this series, I think we should
add a new FSERR_ type and call fserror_report instead.
https://lore.kernel.org/linux-fsdevel/176826402610.3490369.4378391061533403171.stgit@frogsfrogsfrogs/T/#u
--D
> error:
> for (; level > 0; level--) {
> kunmap_local(hblocks[level - 1].addr);
> diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
> index 5bc7280425..b75e232890 100644
> --- a/include/linux/fsverity.h
> +++ b/include/linux/fsverity.h
> @@ -128,6 +128,20 @@
> */
> int (*write_merkle_tree_block)(struct inode *inode, const void *buf,
> u64 pos, unsigned int size);
> +
> + /**
> + * Notify the filesystem that file data is corrupt.
> + *
> + * @inode: the inode being validated
> + * @pos: the file position of the invalid data
> + * @len: the length of the invalid data
> + *
> + * This function is called when fs-verity detects that a portion of a
> + * file's data is inconsistent with the Merkle tree, or a Merkle tree
> + * block needed to validate the data is inconsistent with the level
> + * above it.
> + */
> + void (*file_corrupt)(struct inode *inode, loff_t pos, size_t len);
> };
>
> #ifdef CONFIG_FS_VERITY
> diff --git a/include/trace/events/fsverity.h b/include/trace/events/fsverity.h
> index dab220884b..375fdddac6 100644
> --- a/include/trace/events/fsverity.h
> +++ b/include/trace/events/fsverity.h
> @@ -137,6 +137,25 @@
> __entry->hidx)
> );
>
> +TRACE_EVENT(fsverity_file_corrupt,
> + TP_PROTO(const struct inode *inode, loff_t pos, size_t len),
> + TP_ARGS(inode, pos, len),
> + TP_STRUCT__entry(
> + __field(ino_t, ino)
> + __field(loff_t, pos)
> + __field(size_t, len)
> + ),
> + TP_fast_assign(
> + __entry->ino = inode->i_ino;
> + __entry->pos = pos;
> + __entry->len = len;
> + ),
> + TP_printk("ino %lu pos %llu len %zu",
> + (unsigned long) __entry->ino,
> + __entry->pos,
> + __entry->len)
> +);
> +
> #endif /* _TRACE_FSVERITY_H */
>
> /* This part must be outside protection */
>
> --
> - Andrey
>
>
next prev parent reply other threads:[~2026-01-13 1:29 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-12 14:49 [PATCH v2 0/23] fs-verity support for XFS with post EOF merkle tree Andrey Albershteyn
2026-01-12 14:49 ` [PATCH v2 1/22] fsverity: report validation errors back to the filesystem Darrick J. Wong
2026-01-13 1:29 ` Darrick J. Wong [this message]
2026-01-13 8:09 ` Christoph Hellwig
2026-01-13 10:27 ` Andrey Albershteyn
2026-01-13 17:52 ` Darrick J. Wong
2026-01-12 14:49 ` [PATCH v2 2/22] fsverity: expose ensure_fsverity_info() Andrey Albershteyn
2026-01-12 22:05 ` Darrick J. Wong
2026-01-12 14:50 ` [PATCH v2 3/22] iomap: introduce IOMAP_F_BEYOND_EOF Andrey Albershteyn
2026-01-12 22:18 ` Darrick J. Wong
2026-01-12 22:31 ` Darrick J. Wong
2026-01-13 10:39 ` Andrey Albershteyn
2026-01-13 8:12 ` Christoph Hellwig
2026-01-13 10:50 ` Andrey Albershteyn
2026-01-13 16:22 ` Christoph Hellwig
2026-01-13 17:57 ` Darrick J. Wong
2026-01-16 21:52 ` Matthew Wilcox
2026-01-17 2:11 ` Darrick J. Wong
2026-01-12 14:50 ` [PATCH v2 4/22] iomap: allow iomap_file_buffered_write() take iocb without file Andrey Albershteyn
2026-01-12 22:22 ` Darrick J. Wong
2026-01-13 8:15 ` Christoph Hellwig
2026-01-13 10:53 ` Andrey Albershteyn
2026-01-13 16:43 ` Matthew Wilcox
2026-01-14 4:49 ` Matthew Wilcox
2026-01-14 6:41 ` Christoph Hellwig
2026-01-14 16:43 ` Darrick J. Wong
2026-01-12 14:50 ` [PATCH v2 5/22] iomap: integrate fs-verity verification into iomap's read path Andrey Albershteyn
2026-01-12 22:35 ` Darrick J. Wong
2026-01-13 11:16 ` Andrey Albershteyn
2026-01-13 16:23 ` Christoph Hellwig
2026-01-13 8:19 ` Christoph Hellwig
2026-01-12 14:50 ` [PATCH v2 6/22] xfs: add fs-verity ro-compat flag Andrey Albershteyn
2026-01-12 14:50 ` [PATCH v2 7/22] xfs: add inode on-disk VERITY flag Andrey Albershteyn
2026-01-12 14:50 ` [PATCH v2 8/22] xfs: initialize fs-verity on file open and cleanup on inode destruction Andrey Albershteyn
2026-01-12 14:50 ` [PATCH v2 9/22] xfs: don't allow to enable DAX on fs-verity sealed inode Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 10/22] xfs: disable direct read path for fs-verity files Andrey Albershteyn
2026-01-13 8:20 ` Christoph Hellwig
2026-01-13 11:22 ` Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 11/22] xfs: add verity info pointer to xfs inode Andrey Albershteyn
2026-01-12 22:39 ` Darrick J. Wong
2026-01-13 8:21 ` Christoph Hellwig
2026-01-13 18:02 ` Darrick J. Wong
2026-01-14 6:43 ` Christoph Hellwig
2026-01-12 14:51 ` [PATCH v2 12/22] xfs: introduce XFS_FSVERITY_CONSTRUCTION inode flag Andrey Albershteyn
2026-01-12 22:42 ` Darrick J. Wong
2026-01-13 11:24 ` Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 13/22] xfs: introduce XFS_FSVERITY_REGION_START constant Andrey Albershteyn
2026-01-12 22:46 ` Darrick J. Wong
2026-01-13 12:23 ` Andrey Albershteyn
2026-01-13 18:06 ` Darrick J. Wong
2026-01-14 6:47 ` Christoph Hellwig
2026-01-14 7:59 ` Andrey Albershteyn
2026-01-14 16:50 ` Darrick J. Wong
2026-01-12 14:51 ` [PATCH v2 14/22] xfs: disable preallocations for fsverity Merkle tree writes Andrey Albershteyn
2026-01-12 22:49 ` Darrick J. Wong
2026-01-12 14:51 ` [PATCH v2 15/22] xfs: add writeback and iomap reading of Merkle tree pages Andrey Albershteyn
2026-01-12 22:51 ` Darrick J. Wong
2026-01-13 8:23 ` Christoph Hellwig
2026-01-13 12:31 ` Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 16/22] xfs: add fs-verity support Andrey Albershteyn
2026-01-12 23:05 ` Darrick J. Wong
2026-01-13 18:32 ` Andrey Albershteyn
2026-01-14 16:40 ` Darrick J. Wong
2026-01-16 14:52 ` Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 17/22] xfs: add fs-verity ioctls Andrey Albershteyn
2026-01-12 14:52 ` [PATCH v2 18/22] xfs: advertise fs-verity being available on filesystem Darrick J. Wong
2026-01-12 14:52 ` [PATCH v2 19/22] xfs: check and repair the verity inode flag state Darrick J. Wong
2026-01-12 14:52 ` [PATCH v2 20/22] xfs: report verity failures through the health system Darrick J. Wong
2026-01-12 14:52 ` [PATCH v2 21/22] xfs: add fsverity traces Andrey Albershteyn
2026-01-12 23:07 ` Darrick J. Wong
2026-01-12 14:52 ` [PATCH v2 22/22] xfs: enable ro-compat fs-verity flag Andrey Albershteyn
2026-01-13 16:36 ` [PATCH v2 0/23] fs-verity support for XFS with post EOF merkle tree Matthew Wilcox
2026-01-13 18:45 ` Andrey Albershteyn
2026-01-14 5:00 ` Matthew Wilcox
2026-01-14 6:15 ` Darrick J. Wong
2026-01-14 8:20 ` Andrey Albershteyn
2026-01-14 9:53 ` Andrey Albershteyn
2026-01-14 16:42 ` Darrick J. Wong
2026-01-19 6:33 ` fsverity metadata offset, was: " Christoph Hellwig
2026-01-19 19:32 ` Eric Biggers
2026-01-19 19:58 ` Darrick J. Wong
2026-01-20 7:32 ` Christoph Hellwig
2026-01-20 11:44 ` Andrey Albershteyn
2026-01-20 17:34 ` Darrick J. Wong
2026-01-21 15:03 ` Christoph Hellwig
2026-01-19 20:00 ` Matthew Wilcox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260113012911.GU15551@frogsfrogsfrogs \
--to=djwong@kernel.org \
--cc=aalbersh@kernel.org \
--cc=aalbersh@redhat.com \
--cc=david@fromorbit.com \
--cc=ebiggers@kernel.org \
--cc=fsverity@lists.linux.dev \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox