[PATCH 0/3] Add traces and file attributes for fs-verity

[PATCH 0/3] Add traces and file attributes for fs-verity

[Andrey Albershteyn]

Hi all,

This two small patches grew from fs-verity XFS patchset. I think
they're self-contained improvements which could go without XFS
implementation.

Andrey Albershteyn <aalbersh@kernel.org>:
  fs: add FS_XFLAG_VERITY for fs-verity files
  fsverity: add tracepoints

Diffstat:
  Documentation/filesystems/fsverity.rst |  16 ++++++++++++++++
  MAINTAINERS                            |   1 +
  fs/file_attr.c                         |   4 ++++
  fs/verity/enable.c                     |   4 ++++
  fs/verity/fsverity_private.h           |   2 ++
  fs/verity/init.c                       |   1 +
  fs/verity/verify.c                     |   9 +++++++++
  include/linux/fileattr.h               |   2 +-
  include/trace/events/fsverity.h        | 143 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  include/uapi/linux/fs.h                |   1 +
  10 files changed, 182 insertions(+), 1 deletion(-)

-- 
- Andrey

[PATCH 1/2] fs: add FS_XFLAG_VERITY for fs-verity files

[Andrey Albershteyn]

fs-verity introduced inode flag for inodes with enabled fs-verity on
them. This patch adds FS_XFLAG_VERITY file attribute which can be
retrieved with FS_IOC_FSGETXATTR ioctl() and file_getattr() syscall. This
flag is read-only and can not be set with corresponding set ioctl() and
file_setattr().

Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
---
 Documentation/filesystems/fsverity.rst | 16 ++++++++++++++++
 fs/file_attr.c                         |  4 ++++
 include/linux/fileattr.h               |  2 +-
 include/uapi/linux/fs.h                |  1 +
 4 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/Documentation/filesystems/fsverity.rst b/Documentation/filesystems/fsverity.rst
index 412cf11e32..541ac4af4b 100644
--- a/Documentation/filesystems/fsverity.rst
+++ b/Documentation/filesystems/fsverity.rst
@@ -341,6 +341,22 @@
 FS_IOC_GETFLAGS and FS_IOC_MEASURE_VERITY because it doesn't require
 opening the file, and opening verity files can be expensive.
 
+FS_IOC_FSGETXATTR
+-----------------
+
+Since Linux v6.19, the FS_IOC_FSGETXATTR ioctl sets FS_XFLAG_VERITY (0x00020000)
+in the returned flags when the file has verity enabled. Note that this attribute
+cannot be set with FS_IOC_FSSETXATTR as enabling verity requires input
+parameters. See FS_IOC_ENABLE_VERITY.
+
+file_getattr
+------------
+
+Since Linux v6.19, the file_getattr() syscall sets FS_XFLAG_VERITY (0x00020000)
+in the returned flags when the file has verity enabled. Note that this attribute
+cannot be set with file_setattr() as enabling verity requires input parameters.
+See FS_IOC_ENABLE_VERITY.
+
 .. _accessing_verity_files:
 
 Accessing verity files
diff --git a/fs/file_attr.c b/fs/file_attr.c
index 13cdb31a3e..f44c873af9 100644
--- a/fs/file_attr.c
+++ b/fs/file_attr.c
@@ -37,6 +37,8 @@
 		fa->flags |= FS_DAX_FL;
 	if (fa->fsx_xflags & FS_XFLAG_PROJINHERIT)
 		fa->flags |= FS_PROJINHERIT_FL;
+	if (fa->fsx_xflags & FS_XFLAG_VERITY)
+		fa->flags |= FS_VERITY_FL;
 }
 EXPORT_SYMBOL(fileattr_fill_xflags);
 
@@ -67,6 +69,8 @@
 		fa->fsx_xflags |= FS_XFLAG_DAX;
 	if (fa->flags & FS_PROJINHERIT_FL)
 		fa->fsx_xflags |= FS_XFLAG_PROJINHERIT;
+	if (fa->flags & FS_VERITY_FL)
+		fa->fsx_xflags |= FS_XFLAG_VERITY;
 }
 EXPORT_SYMBOL(fileattr_fill_flags);
 
diff --git a/include/linux/fileattr.h b/include/linux/fileattr.h
index f89dcfad3f..6aebfd63bd 100644
--- a/include/linux/fileattr.h
+++ b/include/linux/fileattr.h
@@ -16,7 +16,7 @@
 
 /* Read-only inode flags */
 #define FS_XFLAG_RDONLY_MASK \
-	(FS_XFLAG_PREALLOC | FS_XFLAG_HASATTR)
+	(FS_XFLAG_PREALLOC | FS_XFLAG_HASATTR | FS_XFLAG_VERITY)
 
 /* Flags to indicate valid value of fsx_ fields */
 #define FS_XFLAG_VALUES_MASK \
diff --git a/include/uapi/linux/fs.h b/include/uapi/linux/fs.h
index 66ca526cf7..70b2b661f4 100644
--- a/include/uapi/linux/fs.h
+++ b/include/uapi/linux/fs.h
@@ -253,6 +253,7 @@
 #define FS_XFLAG_FILESTREAM	0x00004000	/* use filestream allocator */
 #define FS_XFLAG_DAX		0x00008000	/* use DAX for IO */
 #define FS_XFLAG_COWEXTSIZE	0x00010000	/* CoW extent size allocator hint */
+#define FS_XFLAG_VERITY		0x00020000	/* fs-verity enabled */
 #define FS_XFLAG_HASATTR	0x80000000	/* no DIFLAG for this	*/
 
 /* the read-only stuff doesn't really belong here, but any other place is

-- 
- Andrey

[PATCH 2/2] fsverity: add tracepoints

[Andrey Albershteyn]

fs-verity previously had debug printk but it was removed. This patch
adds trace points to the same places where printk were used (with a
few additional ones).

Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
[djwong: fix formatting]
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
---
 MAINTAINERS                     |   1 +
 fs/verity/enable.c              |   4 +
 fs/verity/fsverity_private.h    |   2 +
 fs/verity/init.c                |   1 +
 fs/verity/verify.c              |   9 ++
 include/trace/events/fsverity.h | 143 ++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 160 insertions(+), 0 deletions(-)

diff --git a/MAINTAINERS b/MAINTAINERS
index 12f49de7fe..17607340df 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -10311,6 +10311,7 @@
 F:	Documentation/filesystems/fsverity.rst
 F:	fs/verity/
 F:	include/linux/fsverity.h
+F:	include/trace/events/fsverity.h
 F:	include/uapi/linux/fsverity.h
 
 FT260 FTDI USB-HID TO I2C BRIDGE DRIVER
diff --git a/fs/verity/enable.c b/fs/verity/enable.c
index 95ec42b847..8718d943b4 100644
--- a/fs/verity/enable.c
+++ b/fs/verity/enable.c
@@ -222,6 +222,8 @@
 	if (err)
 		goto out;
 
+	trace_fsverity_enable(inode, &params);
+
 	/*
 	 * Start enabling verity on this file, serialized by the inode lock.
 	 * Fail if verity is already enabled or is already being enabled.
@@ -264,6 +266,8 @@
 		goto rollback;
 	}
 
+	trace_fsverity_tree_done(inode, vi, &params);
+
 	/*
 	 * Tell the filesystem to finish enabling verity on the file.
 	 * Serialized with ->begin_enable_verity() by the inode lock.
diff --git a/fs/verity/fsverity_private.h b/fs/verity/fsverity_private.h
index dd20b138d4..4b7ae1748f 100644
--- a/fs/verity/fsverity_private.h
+++ b/fs/verity/fsverity_private.h
@@ -161,4 +161,6 @@
 
 void __init fsverity_init_workqueue(void);
 
+#include <trace/events/fsverity.h>
+
 #endif /* _FSVERITY_PRIVATE_H */
diff --git a/fs/verity/init.c b/fs/verity/init.c
index 6e8d33b502..d652066085 100644
--- a/fs/verity/init.c
+++ b/fs/verity/init.c
@@ -5,6 +5,7 @@
  * Copyright 2019 Google LLC
  */
 
+#define CREATE_TRACE_POINTS
 #include "fsverity_private.h"
 
 #include <linux/ratelimit.h>
diff --git a/fs/verity/verify.c b/fs/verity/verify.c
index 86067c8b40..47a66f088f 100644
--- a/fs/verity/verify.c
+++ b/fs/verity/verify.c
@@ -135,6 +135,9 @@
 		/* Byte offset of the wanted hash relative to @addr */
 		unsigned int hoffset;
 	} hblocks[FS_VERITY_MAX_LEVELS];
+
+	trace_fsverity_verify_data_block(inode, params, data_pos);
+
 	/*
 	 * The index of the previous level's block within that level; also the
 	 * index of that block's hash within the current level.
@@ -214,6 +217,9 @@
 			want_hash = _want_hash;
 			kunmap_local(haddr);
 			put_page(hpage);
+			trace_fsverity_merkle_hit(inode, data_pos, hblock_idx,
+					level,
+					hoffset >> params->log_digestsize);
 			goto descend;
 		}
 		hblocks[level].page = hpage;
@@ -248,6 +254,9 @@
 		want_hash = _want_hash;
 		kunmap_local(haddr);
 		put_page(hpage);
+		trace_fsverity_verify_merkle_block(inode,
+				hblock_idx << params->log_blocksize,
+				level, hoffset >> params->log_digestsize);
 	}
 
 	/* Finally, verify the hash of the data block. */
diff --git a/include/trace/events/fsverity.h b/include/trace/events/fsverity.h
new file mode 100644
index 0000000000..dab220884b
--- /dev/null
+++ b/include/trace/events/fsverity.h
@@ -0,0 +1,143 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#undef TRACE_SYSTEM
+#define TRACE_SYSTEM fsverity
+
+#if !defined(_TRACE_FSVERITY_H) || defined(TRACE_HEADER_MULTI_READ)
+#define _TRACE_FSVERITY_H
+
+#include <linux/tracepoint.h>
+
+struct fsverity_descriptor;
+struct merkle_tree_params;
+struct fsverity_info;
+
+TRACE_EVENT(fsverity_enable,
+	TP_PROTO(const struct inode *inode,
+		 const struct merkle_tree_params *params),
+	TP_ARGS(inode, params),
+	TP_STRUCT__entry(
+		__field(ino_t, ino)
+		__field(u64, data_size)
+		__field(unsigned int, block_size)
+		__field(unsigned int, num_levels)
+		__field(u64, tree_size)
+	),
+	TP_fast_assign(
+		__entry->ino = inode->i_ino;
+		__entry->data_size = i_size_read(inode);
+		__entry->block_size = params->block_size;
+		__entry->num_levels = params->num_levels;
+		__entry->tree_size = params->tree_size;
+	),
+	TP_printk("ino %lu data size %llu tree size %llu block size %u levels %u",
+		(unsigned long) __entry->ino,
+		__entry->data_size,
+		__entry->tree_size,
+		__entry->block_size,
+		__entry->num_levels)
+);
+
+TRACE_EVENT(fsverity_tree_done,
+	TP_PROTO(const struct inode *inode, const struct fsverity_info *vi,
+		 const struct merkle_tree_params *params),
+	TP_ARGS(inode, vi, params),
+	TP_STRUCT__entry(
+		__field(ino_t, ino)
+		__field(unsigned int, levels)
+		__field(unsigned int, block_size)
+		__field(u64, tree_size)
+		__dynamic_array(u8, root_hash, params->digest_size)
+		__dynamic_array(u8, file_digest, params->digest_size)
+	),
+	TP_fast_assign(
+		__entry->ino = inode->i_ino;
+		__entry->levels = params->num_levels;
+		__entry->block_size = params->block_size;
+		__entry->tree_size = params->tree_size;
+		memcpy(__get_dynamic_array(root_hash), vi->root_hash, __get_dynamic_array_len(root_hash));
+		memcpy(__get_dynamic_array(file_digest), vi->file_digest, __get_dynamic_array_len(file_digest));
+	),
+	TP_printk("ino %lu levels %d block_size %d tree_size %lld root_hash %s digest %s",
+		(unsigned long) __entry->ino,
+		__entry->levels,
+		__entry->block_size,
+		__entry->tree_size,
+		__print_hex_str(__get_dynamic_array(root_hash), __get_dynamic_array_len(root_hash)),
+		__print_hex_str(__get_dynamic_array(file_digest), __get_dynamic_array_len(file_digest)))
+);
+
+TRACE_EVENT(fsverity_verify_data_block,
+	TP_PROTO(const struct inode *inode,
+		 const struct merkle_tree_params *params,
+		 u64 data_pos),
+	TP_ARGS(inode, params, data_pos),
+	TP_STRUCT__entry(
+		__field(ino_t, ino)
+		__field(u64, data_pos)
+		__field(unsigned int, block_size)
+	),
+	TP_fast_assign(
+		__entry->ino = inode->i_ino;
+		__entry->data_pos = data_pos;
+		__entry->block_size = params->block_size;
+	),
+	TP_printk("ino %lu pos %lld merkle_blocksize %u",
+		(unsigned long) __entry->ino,
+		__entry->data_pos,
+		__entry->block_size)
+);
+
+TRACE_EVENT(fsverity_merkle_hit,
+	TP_PROTO(const struct inode *inode, u64 data_pos,
+		 unsigned long hblock_idx, unsigned int level,
+		 unsigned int hidx),
+	TP_ARGS(inode, data_pos, hblock_idx, level, hidx),
+	TP_STRUCT__entry(
+		__field(ino_t, ino)
+		__field(u64, data_pos)
+		__field(unsigned long, hblock_idx)
+		__field(unsigned int, level)
+		__field(unsigned int, hidx)
+	),
+	TP_fast_assign(
+		__entry->ino = inode->i_ino;
+		__entry->data_pos = data_pos;
+		__entry->hblock_idx = hblock_idx;
+		__entry->level = level;
+		__entry->hidx = hidx;
+	),
+	TP_printk("ino %lu data_pos %llu hblock_idx %lu level %u hidx %u",
+		(unsigned long) __entry->ino,
+		__entry->data_pos,
+		__entry->hblock_idx,
+		__entry->level,
+		__entry->hidx)
+);
+
+TRACE_EVENT(fsverity_verify_merkle_block,
+	TP_PROTO(const struct inode *inode, unsigned long index,
+		 unsigned int level, unsigned int hidx),
+	TP_ARGS(inode, index, level, hidx),
+	TP_STRUCT__entry(
+		__field(ino_t, ino)
+		__field(unsigned long, index)
+		__field(unsigned int, level)
+		__field(unsigned int, hidx)
+	),
+	TP_fast_assign(
+		__entry->ino = inode->i_ino;
+		__entry->index = index;
+		__entry->level = level;
+		__entry->hidx = hidx;
+	),
+	TP_printk("ino %lu index %lu level %u hidx %u",
+		(unsigned long) __entry->ino,
+		__entry->index,
+		__entry->level,
+		__entry->hidx)
+);
+
+#endif /* _TRACE_FSVERITY_H */
+
+/* This part must be outside protection */
+#include <trace/define_trace.h>

-- 
- Andrey

Re: [PATCH 1/2] fs: add FS_XFLAG_VERITY for fs-verity files

[Darrick J. Wong]

On Mon, Jan 12, 2026 at 01:14:21PM +0100, Andrey Albershteyn wrote:
> fs-verity introduced inode flag for inodes with enabled fs-verity on
> them. This patch adds FS_XFLAG_VERITY file attribute which can be
> retrieved with FS_IOC_FSGETXATTR ioctl() and file_getattr() syscall. This
> flag is read-only and can not be set with corresponding set ioctl() and
> file_setattr().
> 
> Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
> ---
>  Documentation/filesystems/fsverity.rst | 16 ++++++++++++++++
>  fs/file_attr.c                         |  4 ++++
>  include/linux/fileattr.h               |  2 +-
>  include/uapi/linux/fs.h                |  1 +
>  4 files changed, 22 insertions(+), 1 deletion(-)
> 
> diff --git a/Documentation/filesystems/fsverity.rst b/Documentation/filesystems/fsverity.rst
> index 412cf11e32..541ac4af4b 100644
> --- a/Documentation/filesystems/fsverity.rst
> +++ b/Documentation/filesystems/fsverity.rst
> @@ -341,6 +341,22 @@
>  FS_IOC_GETFLAGS and FS_IOC_MEASURE_VERITY because it doesn't require
>  opening the file, and opening verity files can be expensive.
>  
> +FS_IOC_FSGETXATTR
> +-----------------
> +
> +Since Linux v6.19, the FS_IOC_FSGETXATTR ioctl sets FS_XFLAG_VERITY (0x00020000)

We're headed to v7.0 now, please update that.

> +in the returned flags when the file has verity enabled. Note that this attribute
> +cannot be set with FS_IOC_FSSETXATTR as enabling verity requires input
> +parameters. See FS_IOC_ENABLE_VERITY.
> +
> +file_getattr
> +------------
> +
> +Since Linux v6.19, the file_getattr() syscall sets FS_XFLAG_VERITY (0x00020000)
> +in the returned flags when the file has verity enabled. Note that this attribute
> +cannot be set with file_setattr() as enabling verity requires input parameters.
> +See FS_IOC_ENABLE_VERITY.
> +
>  .. _accessing_verity_files:
>  
>  Accessing verity files
> diff --git a/fs/file_attr.c b/fs/file_attr.c
> index 13cdb31a3e..f44c873af9 100644
> --- a/fs/file_attr.c
> +++ b/fs/file_attr.c
> @@ -37,6 +37,8 @@
>  		fa->flags |= FS_DAX_FL;
>  	if (fa->fsx_xflags & FS_XFLAG_PROJINHERIT)
>  		fa->flags |= FS_PROJINHERIT_FL;
> +	if (fa->fsx_xflags & FS_XFLAG_VERITY)
> +		fa->flags |= FS_VERITY_FL;
>  }
>  EXPORT_SYMBOL(fileattr_fill_xflags);
>  
> @@ -67,6 +69,8 @@
>  		fa->fsx_xflags |= FS_XFLAG_DAX;
>  	if (fa->flags & FS_PROJINHERIT_FL)
>  		fa->fsx_xflags |= FS_XFLAG_PROJINHERIT;
> +	if (fa->flags & FS_VERITY_FL)
> +		fa->fsx_xflags |= FS_XFLAG_VERITY;
>  }
>  EXPORT_SYMBOL(fileattr_fill_flags);
>  
> diff --git a/include/linux/fileattr.h b/include/linux/fileattr.h
> index f89dcfad3f..6aebfd63bd 100644
> --- a/include/linux/fileattr.h
> +++ b/include/linux/fileattr.h
> @@ -16,7 +16,7 @@
>  
>  /* Read-only inode flags */
>  #define FS_XFLAG_RDONLY_MASK \
> -	(FS_XFLAG_PREALLOC | FS_XFLAG_HASATTR)
> +	(FS_XFLAG_PREALLOC | FS_XFLAG_HASATTR | FS_XFLAG_VERITY)
>  
>  /* Flags to indicate valid value of fsx_ fields */
>  #define FS_XFLAG_VALUES_MASK \
> diff --git a/include/uapi/linux/fs.h b/include/uapi/linux/fs.h
> index 66ca526cf7..70b2b661f4 100644
> --- a/include/uapi/linux/fs.h
> +++ b/include/uapi/linux/fs.h
> @@ -253,6 +253,7 @@
>  #define FS_XFLAG_FILESTREAM	0x00004000	/* use filestream allocator */
>  #define FS_XFLAG_DAX		0x00008000	/* use DAX for IO */
>  #define FS_XFLAG_COWEXTSIZE	0x00010000	/* CoW extent size allocator hint */
> +#define FS_XFLAG_VERITY		0x00020000	/* fs-verity enabled */

Is the indentation broken       ^^^^^^^^ here?

Otherwise this looks fine to me.

--D

>  #define FS_XFLAG_HASATTR	0x80000000	/* no DIFLAG for this	*/
>  
>  /* the read-only stuff doesn't really belong here, but any other place is
> 
> -- 
> - Andrey
> 

Re: [PATCH 1/2] fs: add FS_XFLAG_VERITY for fs-verity files

[Andrey Albershteyn]

On 2026-01-12 14:02:57, Darrick J. Wong wrote:
> On Mon, Jan 12, 2026 at 01:14:21PM +0100, Andrey Albershteyn wrote:
> > fs-verity introduced inode flag for inodes with enabled fs-verity on
> > them. This patch adds FS_XFLAG_VERITY file attribute which can be
> > retrieved with FS_IOC_FSGETXATTR ioctl() and file_getattr() syscall. This
> > flag is read-only and can not be set with corresponding set ioctl() and
> > file_setattr().
> > 
> > Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
> > ---
> >  Documentation/filesystems/fsverity.rst | 16 ++++++++++++++++
> >  fs/file_attr.c                         |  4 ++++
> >  include/linux/fileattr.h               |  2 +-
> >  include/uapi/linux/fs.h                |  1 +
> >  4 files changed, 22 insertions(+), 1 deletion(-)
> > 
> > diff --git a/Documentation/filesystems/fsverity.rst b/Documentation/filesystems/fsverity.rst
> > index 412cf11e32..541ac4af4b 100644
> > --- a/Documentation/filesystems/fsverity.rst
> > +++ b/Documentation/filesystems/fsverity.rst
> > @@ -341,6 +341,22 @@
> >  FS_IOC_GETFLAGS and FS_IOC_MEASURE_VERITY because it doesn't require
> >  opening the file, and opening verity files can be expensive.
> >  
> > +FS_IOC_FSGETXATTR
> > +-----------------
> > +
> > +Since Linux v6.19, the FS_IOC_FSGETXATTR ioctl sets FS_XFLAG_VERITY (0x00020000)
> 
> We're headed to v7.0 now, please update that.
> 
> > +in the returned flags when the file has verity enabled. Note that this attribute
> > +cannot be set with FS_IOC_FSSETXATTR as enabling verity requires input
> > +parameters. See FS_IOC_ENABLE_VERITY.
> > +
> > +file_getattr
> > +------------
> > +
> > +Since Linux v6.19, the file_getattr() syscall sets FS_XFLAG_VERITY (0x00020000)
> > +in the returned flags when the file has verity enabled. Note that this attribute
> > +cannot be set with file_setattr() as enabling verity requires input parameters.
> > +See FS_IOC_ENABLE_VERITY.
> > +
> >  .. _accessing_verity_files:
> >  
> >  Accessing verity files
> > diff --git a/fs/file_attr.c b/fs/file_attr.c
> > index 13cdb31a3e..f44c873af9 100644
> > --- a/fs/file_attr.c
> > +++ b/fs/file_attr.c
> > @@ -37,6 +37,8 @@
> >  		fa->flags |= FS_DAX_FL;
> >  	if (fa->fsx_xflags & FS_XFLAG_PROJINHERIT)
> >  		fa->flags |= FS_PROJINHERIT_FL;
> > +	if (fa->fsx_xflags & FS_XFLAG_VERITY)
> > +		fa->flags |= FS_VERITY_FL;
> >  }
> >  EXPORT_SYMBOL(fileattr_fill_xflags);
> >  
> > @@ -67,6 +69,8 @@
> >  		fa->fsx_xflags |= FS_XFLAG_DAX;
> >  	if (fa->flags & FS_PROJINHERIT_FL)
> >  		fa->fsx_xflags |= FS_XFLAG_PROJINHERIT;
> > +	if (fa->flags & FS_VERITY_FL)
> > +		fa->fsx_xflags |= FS_XFLAG_VERITY;
> >  }
> >  EXPORT_SYMBOL(fileattr_fill_flags);
> >  
> > diff --git a/include/linux/fileattr.h b/include/linux/fileattr.h
> > index f89dcfad3f..6aebfd63bd 100644
> > --- a/include/linux/fileattr.h
> > +++ b/include/linux/fileattr.h
> > @@ -16,7 +16,7 @@
> >  
> >  /* Read-only inode flags */
> >  #define FS_XFLAG_RDONLY_MASK \
> > -	(FS_XFLAG_PREALLOC | FS_XFLAG_HASATTR)
> > +	(FS_XFLAG_PREALLOC | FS_XFLAG_HASATTR | FS_XFLAG_VERITY)
> >  
> >  /* Flags to indicate valid value of fsx_ fields */
> >  #define FS_XFLAG_VALUES_MASK \
> > diff --git a/include/uapi/linux/fs.h b/include/uapi/linux/fs.h
> > index 66ca526cf7..70b2b661f4 100644
> > --- a/include/uapi/linux/fs.h
> > +++ b/include/uapi/linux/fs.h
> > @@ -253,6 +253,7 @@
> >  #define FS_XFLAG_FILESTREAM	0x00004000	/* use filestream allocator */
> >  #define FS_XFLAG_DAX		0x00008000	/* use DAX for IO */
> >  #define FS_XFLAG_COWEXTSIZE	0x00010000	/* CoW extent size allocator hint */
> > +#define FS_XFLAG_VERITY		0x00020000	/* fs-verity enabled */
> 
> Is the indentation broken       ^^^^^^^^ here?

I think it's fine (there's two tabs one of them is single char
width), I suppose it shows like this due to + at the line start.

> 
> Otherwise this looks fine to me.
> 
> --D
> 
> >  #define FS_XFLAG_HASATTR	0x80000000	/* no DIFLAG for this	*/
> >  
> >  /* the read-only stuff doesn't really belong here, but any other place is
> > 
> > -- 
> > - Andrey
> > 
> 

-- 
- Andrey

Re: [PATCH 1/2] fs: add FS_XFLAG_VERITY for fs-verity files

[Eric Biggers]

On Mon, Jan 12, 2026 at 01:14:21PM +0100, Andrey Albershteyn wrote:
> fs-verity introduced inode flag for inodes with enabled fs-verity on
> them. This patch adds FS_XFLAG_VERITY file attribute which can be
> retrieved with FS_IOC_FSGETXATTR ioctl() and file_getattr() syscall. This
> flag is read-only and can not be set with corresponding set ioctl() and
> file_setattr().
> 
> Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>

Sender and signed-off-by email addresses don't match:

    WARNING: From:/Signed-off-by: email address mismatch: 'From: Andrey Albershteyn <aalbersh@redhat.com>' != 'Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>'

> diff --git a/include/linux/fileattr.h b/include/linux/fileattr.h
> index f89dcfad3f..6aebfd63bd 100644
> --- a/include/linux/fileattr.h
> +++ b/include/linux/fileattr.h
> @@ -16,7 +16,7 @@
>  
>  /* Read-only inode flags */
>  #define FS_XFLAG_RDONLY_MASK \
> -	(FS_XFLAG_PREALLOC | FS_XFLAG_HASATTR)
> +	(FS_XFLAG_PREALLOC | FS_XFLAG_HASATTR | FS_XFLAG_VERITY)

Don't FS_COMMON_FL and FS_XFLAG_COMMON need to be updated too?

- Eric

Re: [PATCH 2/2] fsverity: add tracepoints

[Eric Biggers]

On Mon, Jan 12, 2026 at 01:15:02PM +0100, Andrey Albershteyn wrote:
> fs-verity previously had debug printk but it was removed. This patch
> adds trace points to the same places where printk were used (with a
> few additional ones).

They're not the same places.  Which is the right choice: the locations
of the old debug messages aren't necessarily the places the tracepoints
should be.  But the commit message shouldn't claim otherwise.

> diff --git a/fs/verity/verify.c b/fs/verity/verify.c
> index 86067c8b40..47a66f088f 100644
> --- a/fs/verity/verify.c
> +++ b/fs/verity/verify.c
> @@ -135,6 +135,9 @@
>  		/* Byte offset of the wanted hash relative to @addr */
>  		unsigned int hoffset;
>  	} hblocks[FS_VERITY_MAX_LEVELS];
> +
> +	trace_fsverity_verify_data_block(inode, params, data_pos);
> +
>  	/*
>  	 * The index of the previous level's block within that level; also the
>  	 * index of that block's hash within the current level.
> @@ -214,6 +217,9 @@
>  			want_hash = _want_hash;
>  			kunmap_local(haddr);
>  			put_page(hpage);
> +			trace_fsverity_merkle_hit(inode, data_pos, hblock_idx,
> +					level,
> +					hoffset >> params->log_digestsize);
>  			goto descend;
>  		}
>  		hblocks[level].page = hpage;
> @@ -248,6 +254,9 @@
>  		want_hash = _want_hash;
>  		kunmap_local(haddr);
>  		put_page(hpage);
> +		trace_fsverity_verify_merkle_block(inode,
> +				hblock_idx << params->log_blocksize,
> +				level, hoffset >> params->log_digestsize);
>  	}

The second argument to trace_fsverity_verify_merkle_block() is wrong.
It's "unsigned long index", but the caller passes a byte position.  Note
that byte positions should be u64.  Perhaps you intended for it to be
"unsigned long hblock_idx", like trace_fsverity_merkle_hit(), and for
the caller to pass hblock_idx?

Also note that if the hash doesn't match, then
trace_fsverity_verify_merkle_block() isn't called.  Perhaps it should be
called before the hash check is done?  That's the case for
trace_fsverity_verify_data_block().

- Eric

Re: [PATCH 0/3] Add traces and file attributes for fs-verity

[Eric Biggers]

On Mon, Jan 12, 2026 at 01:13:35PM +0100, Andrey Albershteyn wrote:
> Hi all,
> 
> This two small patches grew from fs-verity XFS patchset. I think
> they're self-contained improvements which could go without XFS
> implementation.
> 
> Andrey Albershteyn <aalbersh@kernel.org>:
>   fs: add FS_XFLAG_VERITY for fs-verity files
>   fsverity: add tracepoints

I assume there wasn't intended to be a third patch, despite the cover
letter saying 0/3?

- Eric