From: "Darrick J. Wong" <djwong@kernel.org>
To: Andrey Albershteyn <aalbersh@redhat.com>
Cc: fsverity@lists.linux.dev, linux-xfs@vger.kernel.org,
ebiggers@kernel.org, linux-fsdevel@vger.kernel.org,
aalbersh@kernel.org, david@fromorbit.com, hch@lst.de
Subject: Re: [PATCH v2 13/22] xfs: introduce XFS_FSVERITY_REGION_START constant
Date: Tue, 13 Jan 2026 10:06:55 -0800 [thread overview]
Message-ID: <20260113180655.GY15551@frogsfrogsfrogs> (raw)
In-Reply-To: <5ax7476dl472kpg3djnlojoxo2k4pmfbzwzsw4mo4jnaoqumeh@t3l4aesjfhwz>
On Tue, Jan 13, 2026 at 01:23:06PM +0100, Andrey Albershteyn wrote:
> On 2026-01-12 14:46:31, Darrick J. Wong wrote:
> > On Mon, Jan 12, 2026 at 03:51:25PM +0100, Andrey Albershteyn wrote:
> > > This constant defines location of fsverity metadata in page cache of
> > > an inode.
> > >
> > > Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
> > > ---
> > > fs/xfs/libxfs/xfs_fs.h | 22 ++++++++++++++++++++++
> > > 1 file changed, 22 insertions(+), 0 deletions(-)
> > >
> > > diff --git a/fs/xfs/libxfs/xfs_fs.h b/fs/xfs/libxfs/xfs_fs.h
> > > index 12463ba766..b73458a7c2 100644
> > > --- a/fs/xfs/libxfs/xfs_fs.h
> > > +++ b/fs/xfs/libxfs/xfs_fs.h
> > > @@ -1106,4 +1106,26 @@
> > > #define BBTOB(bbs) ((bbs) << BBSHIFT)
> > > #endif
> > >
> > > +/* Merkle tree location in page cache. We take memory region from the inode's
> >
> > Dumb nit: new line after opening the multiline comment.
> >
> > /*
> > * Merkle tree location in page cache...
> >
> > also, isn't (1U<<53) the location of the Merkle tree ondisk in addition
> > to its location in the page cache?
>
> yes, it's file offset
>
> >
> > That occurs to me, what happens on 32-bit systems where the pagecache
> > can only address up to 16T of data? Maybe we just don't allow fsverity
> > on 32-bit xfs.
>
> hmm right, check in begin_enable() will be probably enough
I think that would probably be more of a mount-time prohibition?
Which would be worse -- any fsverity filesystem refuses to mount on
32-bit; or it mounts but none of the fsverity files are readable?
Alternately I guess for 32-bit you could cheat in ->iomap_begin
by loading the fsverity artifacts into the pagecache at 1<<39 instead of
1<<53, provided the file is smaller than 1<<39 bytes. Writing the
fsverity metadata would perform the reverse translation.
(Or again we just don't allow mounting of fsverity on 32-bit kernels.)
--D
> > > + * address space for Merkle tree.
> > > + *
> > > + * At maximum of 8 levels with 128 hashes per block (32 bytes SHA-256) maximum
> > > + * tree size is ((128^8 − 1)/(128 − 1)) = 567*10^12 blocks. This should fit in 53
> > > + * bits address space.
> > > + *
> > > + * At this Merkle tree size we can cover 295EB large file. This is much larger
> > > + * than the currently supported file size.
> > > + *
> > > + * For sha512 the largest file we can cover ends at 1 << 50 offset, this is also
> > > + * good.
> > > + *
> > > + * The metadata is stored on disk as follows:
> > > + *
> > > + * [merkle tree...][descriptor.............desc_size]
> > > + * ^ (1 << 53) ^ (block border) ^ (end of the block)
> > > + * ^--------------------------------^
> > > + * Can be FS_VERITY_MAX_DESCRIPTOR_SIZE
> > > + */
> > > +#define XFS_FSVERITY_REGION_START (1ULL << 53)
> >
> > Is this in fsblocks or in bytes? I think the comment should state that
> > explicitly.
>
> sure, will add it
>
> --
> - Andrey
>
>
next prev parent reply other threads:[~2026-01-13 18:06 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-12 14:49 [PATCH v2 0/23] fs-verity support for XFS with post EOF merkle tree Andrey Albershteyn
2026-01-12 14:49 ` [PATCH v2 1/22] fsverity: report validation errors back to the filesystem Darrick J. Wong
2026-01-13 1:29 ` Darrick J. Wong
2026-01-13 8:09 ` Christoph Hellwig
2026-01-13 10:27 ` Andrey Albershteyn
2026-01-13 17:52 ` Darrick J. Wong
2026-01-12 14:49 ` [PATCH v2 2/22] fsverity: expose ensure_fsverity_info() Andrey Albershteyn
2026-01-12 22:05 ` Darrick J. Wong
2026-01-12 14:50 ` [PATCH v2 3/22] iomap: introduce IOMAP_F_BEYOND_EOF Andrey Albershteyn
2026-01-12 22:18 ` Darrick J. Wong
2026-01-12 22:31 ` Darrick J. Wong
2026-01-13 10:39 ` Andrey Albershteyn
2026-01-13 8:12 ` Christoph Hellwig
2026-01-13 10:50 ` Andrey Albershteyn
2026-01-13 16:22 ` Christoph Hellwig
2026-01-13 17:57 ` Darrick J. Wong
2026-01-16 21:52 ` Matthew Wilcox
2026-01-17 2:11 ` Darrick J. Wong
2026-01-12 14:50 ` [PATCH v2 4/22] iomap: allow iomap_file_buffered_write() take iocb without file Andrey Albershteyn
2026-01-12 22:22 ` Darrick J. Wong
2026-01-13 8:15 ` Christoph Hellwig
2026-01-13 10:53 ` Andrey Albershteyn
2026-01-13 16:43 ` Matthew Wilcox
2026-01-14 4:49 ` Matthew Wilcox
2026-01-14 6:41 ` Christoph Hellwig
2026-01-14 16:43 ` Darrick J. Wong
2026-01-12 14:50 ` [PATCH v2 5/22] iomap: integrate fs-verity verification into iomap's read path Andrey Albershteyn
2026-01-12 22:35 ` Darrick J. Wong
2026-01-13 11:16 ` Andrey Albershteyn
2026-01-13 16:23 ` Christoph Hellwig
2026-01-13 8:19 ` Christoph Hellwig
2026-01-12 14:50 ` [PATCH v2 6/22] xfs: add fs-verity ro-compat flag Andrey Albershteyn
2026-01-12 14:50 ` [PATCH v2 7/22] xfs: add inode on-disk VERITY flag Andrey Albershteyn
2026-01-12 14:50 ` [PATCH v2 8/22] xfs: initialize fs-verity on file open and cleanup on inode destruction Andrey Albershteyn
2026-01-12 14:50 ` [PATCH v2 9/22] xfs: don't allow to enable DAX on fs-verity sealed inode Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 10/22] xfs: disable direct read path for fs-verity files Andrey Albershteyn
2026-01-13 8:20 ` Christoph Hellwig
2026-01-13 11:22 ` Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 11/22] xfs: add verity info pointer to xfs inode Andrey Albershteyn
2026-01-12 22:39 ` Darrick J. Wong
2026-01-13 8:21 ` Christoph Hellwig
2026-01-13 18:02 ` Darrick J. Wong
2026-01-14 6:43 ` Christoph Hellwig
2026-01-12 14:51 ` [PATCH v2 12/22] xfs: introduce XFS_FSVERITY_CONSTRUCTION inode flag Andrey Albershteyn
2026-01-12 22:42 ` Darrick J. Wong
2026-01-13 11:24 ` Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 13/22] xfs: introduce XFS_FSVERITY_REGION_START constant Andrey Albershteyn
2026-01-12 22:46 ` Darrick J. Wong
2026-01-13 12:23 ` Andrey Albershteyn
2026-01-13 18:06 ` Darrick J. Wong [this message]
2026-01-14 6:47 ` Christoph Hellwig
2026-01-14 7:59 ` Andrey Albershteyn
2026-01-14 16:50 ` Darrick J. Wong
2026-01-12 14:51 ` [PATCH v2 14/22] xfs: disable preallocations for fsverity Merkle tree writes Andrey Albershteyn
2026-01-12 22:49 ` Darrick J. Wong
2026-01-12 14:51 ` [PATCH v2 15/22] xfs: add writeback and iomap reading of Merkle tree pages Andrey Albershteyn
2026-01-12 22:51 ` Darrick J. Wong
2026-01-13 8:23 ` Christoph Hellwig
2026-01-13 12:31 ` Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 16/22] xfs: add fs-verity support Andrey Albershteyn
2026-01-12 23:05 ` Darrick J. Wong
2026-01-13 18:32 ` Andrey Albershteyn
2026-01-14 16:40 ` Darrick J. Wong
2026-01-16 14:52 ` Andrey Albershteyn
2026-01-12 14:51 ` [PATCH v2 17/22] xfs: add fs-verity ioctls Andrey Albershteyn
2026-01-12 14:52 ` [PATCH v2 18/22] xfs: advertise fs-verity being available on filesystem Darrick J. Wong
2026-01-12 14:52 ` [PATCH v2 19/22] xfs: check and repair the verity inode flag state Darrick J. Wong
2026-01-12 14:52 ` [PATCH v2 20/22] xfs: report verity failures through the health system Darrick J. Wong
2026-01-12 14:52 ` [PATCH v2 21/22] xfs: add fsverity traces Andrey Albershteyn
2026-01-12 23:07 ` Darrick J. Wong
2026-01-12 14:52 ` [PATCH v2 22/22] xfs: enable ro-compat fs-verity flag Andrey Albershteyn
2026-01-13 16:36 ` [PATCH v2 0/23] fs-verity support for XFS with post EOF merkle tree Matthew Wilcox
2026-01-13 18:45 ` Andrey Albershteyn
2026-01-14 5:00 ` Matthew Wilcox
2026-01-14 6:15 ` Darrick J. Wong
2026-01-14 8:20 ` Andrey Albershteyn
2026-01-14 9:53 ` Andrey Albershteyn
2026-01-14 16:42 ` Darrick J. Wong
2026-01-19 6:33 ` fsverity metadata offset, was: " Christoph Hellwig
2026-01-19 19:32 ` Eric Biggers
2026-01-19 19:58 ` Darrick J. Wong
2026-01-20 7:32 ` Christoph Hellwig
2026-01-20 11:44 ` Andrey Albershteyn
2026-01-20 17:34 ` Darrick J. Wong
2026-01-21 15:03 ` Christoph Hellwig
2026-01-19 20:00 ` Matthew Wilcox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260113180655.GY15551@frogsfrogsfrogs \
--to=djwong@kernel.org \
--cc=aalbersh@kernel.org \
--cc=aalbersh@redhat.com \
--cc=david@fromorbit.com \
--cc=ebiggers@kernel.org \
--cc=fsverity@lists.linux.dev \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox