From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 54F2F48CFC;
	Mon,  2 Feb 2026 06:08:06 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.137.202.133
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1770012491; cv=none; b=EQpCkH6ssUf+pt2FvSqCQlV2LFLGCXMWl7imUg+8ihu0YfMF/djhJL/nuZCNpKJBQdK5POW3EAQQ+XUfkVTJ0CFlMhxj7nIadRQF+JIpPVs+uN3EypGrCxpjReSibCcfZJ1iOs/dEXnkkHfkVDXYQyK72b5trmVIeIGRGAMPymg=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1770012491; c=relaxed/simple;
	bh=59sKMYHYUkHcuzmycWYRWJqMLtKg4/oxldleCjxqwio=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=dHfWOv8eF0HRDSi8NesqBMdZwn2MCjMQXgqDcHnFmOI04r6zGe6XMeETy3CjXEUOwu7YJg6PwK9z4JAW09ccYbUpSOTtToRvrin2pVU4Mj8iAW1G3pjAGJG0iISDxymiFG1d9G2+1KhpOsZm7OCKhyXAv86tQ3k6xtZpuFp/x1I=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=lst.de; spf=none smtp.mailfrom=bombadil.srs.infradead.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b=Jra1hwO/; arc=none smtp.client-ip=198.137.202.133
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=lst.de
Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=bombadil.srs.infradead.org
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="Jra1hwO/"
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=bombadil.20210309; h=Content-Transfer-Encoding:
	MIME-Version:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
	Content-ID:Content-Description:In-Reply-To:References;
	bh=oTPY6jfHkqoUdgBhijgDg7Uy+7YMZ6k6go+QoIjkenI=; b=Jra1hwO/RMjiIcL+dw8Uk4as9f
	Tskg/31TTNJRxn6dlkqX7TocDdZMNpfkqeMfKIbiJ6IGWI/5D7HxToyBXx2Wq5GvHn6PMPU7gcBWV
	LkevtmUSLkPC4n4Sq7hV7XciuurRs/q4NXx88JaJzpcnE1A5OlQ2c7tUN78V4HHFlx2PcOuD0tWeg
	ncMmgaw4F18ytwj4huPjyf5YBhDMkT+TKDIlRRhX5sfNWBiczZVNZ9oQzbcuqNNjsRBXFGuGRlmux
	VuTka/qlk9387FpcLAmWMWf9ze8mIimrs9YXsWNp7aSrI/clH6QduExNY7iQvaKC/CUVHKXH4McO+
	eMJJysBA==;
Received: from 2a02-8389-2341-5b80-d601-7564-c2e0-491c.cable.dynamic.v6.surfer.at ([2a02:8389:2341:5b80:d601:7564:c2e0:491c] helo=localhost)
	by bombadil.infradead.org with esmtpsa (Exim 4.98.2 #2 (Red Hat Linux))
	id 1vmn6N-00000004UjI-3VFw;
	Mon, 02 Feb 2026 06:08:00 +0000
From: Christoph Hellwig <hch@lst.de>
To: Eric Biggers <ebiggers@kernel.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>,
	Christian Brauner <brauner@kernel.org>,
	Jan Kara <jack@suse.cz>,
	David Sterba <dsterba@suse.com>,
	"Theodore Ts'o" <tytso@mit.edu>,
	Jaegeuk Kim <jaegeuk@kernel.org>,
	Chao Yu <chao@kernel.org>,
	Andrey Albershteyn <aalbersh@redhat.com>,
	Matthew Wilcox <willy@infradead.org>,
	linux-fsdevel@vger.kernel.org,
	linux-btrfs@vger.kernel.org,
	linux-ext4@vger.kernel.org,
	linux-f2fs-devel@lists.sourceforge.net,
	fsverity@lists.linux.dev
Subject: fsverity speedup and memory usage optimization v5
Date: Mon,  2 Feb 2026 07:06:29 +0100
Message-ID: <20260202060754.270269-1-hch@lst.de>
X-Mailer: git-send-email 2.47.3
Precedence: bulk
X-Mailing-List: linux-fsdevel@vger.kernel.org
List-Id: <linux-fsdevel.vger.kernel.org>
List-Subscribe: <mailto:linux-fsdevel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-fsdevel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SRS-Rewrite: SMTP reverse-path rewritten from <hch@infradead.org> by bombadil.infradead.org. See http://www.infradead.org/rpr.html

Hi all,

this series has a hodge podge of fsverity enhances that I looked into as
part of the review of the xfs fsverity support series.

The first part optimizes the fsverity read path by kicking off readahead
for the fsverity hashes from the data read submission context, which in my
simply testing showed huge benefits for sequential reads using dd.
I haven't been able to get fio to run on a preallocated fio file, but
I expect random read benefits would be significantly better than that
still.

The second part avoids the need for a pointer in every inode for fsverity
and instead uses a rhashtable lookup, which is done once per read_folio
or ->readahead invocation plus for btrfs only for each bio completion.
Right now this does not increse the number of inodes in
each slab, but for ext4 we are getting very close to that (within
16 bytes by my count).

Changes since v5:
 - drop already merged patches
 - fix a bisection hazard for non-ENOENT error returns from
   generic_read_merkle_tree_page
 - don't recurse on invalidate_lock
 - refactor page_cache_ra_unbounded locking to support the above
 - refactor ext4 and f2fs fsverity readahead to remove the need for the
   first_folio branch in the main readpages loop

Changes since v4:
 - drop the constification of ctx->vi again
 - fix __filemap_get_folio error handling again
 - don't use "pgoff_t long"
 - improve documentation of the new pagecache helpers
 - reduce the number of fsverity_info lookups in btrfs
 - improve the documentation for fsverity_active

Changes since v2:
 - use sizeof_field for .key_len
 - fix a rebase error that caused an extra fsverity_get_info in
   fsverity_init_verification_context
 - add verify.o to the build in the correct patch
 - fix handling of non-ENOENT ERR_PTR folios in
   generic_readahead_merkle_tree
 - split fixing the __filemap_get_folio error handling into a
   separate patch
 - fix the readahead range in fsverity_read_merkle_tree
 - remove __fsverity_readahead as a result of the above
 - simplify the start/end_hidx calculation in fsverity_readahead
 - drop the > i_size check in fsverity_readahead
 - use pgoff_t where applicable
 - constify fsverity_info pointers in the verification path
 - use IS_ENABLED to disable code not used for non-fsverity builds in
   ext4 and f2fs
 - allow bisection for non-fsverity builds by provinding a stub
   fsverity_info_addr prototype
 - drop the now superflous inode argument to
   fsverity_init_verification_context
 - improve the kerneldoc for fsverity_readahead
 - improve various commit messages
 - fix the barrier placement in fsverity_active
 - mark fsverity_active to work around stupid compilers

Changes since v1:
 - reorder to keep the most controversial part last
 - drop moving the open handling to common code (for now)
 - factor the page cache read code into common code
 - reduce the number of hash lookups
 - add a barrier in the fsverity_active that pairs with the cmpxchg
   that sets the inode flag.

Diffstat:
 fs/btrfs/btrfs_inode.h       |    4 -
 fs/btrfs/extent_io.c         |   53 ++++++++++------
 fs/btrfs/inode.c             |    3 
 fs/btrfs/verity.c            |    6 -
 fs/buffer.c                  |   25 +++----
 fs/ext4/ext4.h               |    8 --
 fs/ext4/inode.c              |   27 --------
 fs/ext4/readpage.c           |   62 +++++++++++++++----
 fs/ext4/super.c              |    3 
 fs/ext4/verity.c             |   15 +++-
 fs/f2fs/compress.c           |    7 +-
 fs/f2fs/data.c               |   88 +++++++++++++++++----------
 fs/f2fs/f2fs.h               |   12 ---
 fs/f2fs/file.c               |    2 
 fs/f2fs/super.c              |    3 
 fs/f2fs/verity.c             |   15 +++-
 fs/verity/enable.c           |   30 +++++----
 fs/verity/fsverity_private.h |   21 +++---
 fs/verity/open.c             |   77 +++++++++++++++---------
 fs/verity/pagecache.c        |   44 ++++++++++---
 fs/verity/read_metadata.c    |   19 ++++--
 fs/verity/verify.c           |   94 ++++++++++++++++++-----------
 include/linux/fsverity.h     |  136 ++++++++++++++++++++++---------------------
 mm/readahead.c               |   13 ++--
 24 files changed, 440 insertions(+), 327 deletions(-)