public inbox for linux-fsdevel@vger.kernel.org
 help / color / mirror / Atom feed
From: Andrey Albershteyn <aalbersh@kernel.org>
To: linux-xfs@vger.kernel.org, fsverity@lists.linux.dev,
	linux-fsdevel@vger.kernel.org, ebiggers@kernel.org
Cc: Andrey Albershteyn <aalbersh@kernel.org>,
	hch@lst.de, linux-ext4@vger.kernel.org,
	linux-f2fs-devel@lists.sourceforge.net,
	linux-btrfs@vger.kernel.org, djwong@kernel.org
Subject: [PATCH v5 05/25] fsverity: pass digest size and hash of the empty block to ->write
Date: Thu, 19 Mar 2026 18:01:52 +0100	[thread overview]
Message-ID: <20260319170231.1455553-6-aalbersh@kernel.org> (raw)
In-Reply-To: <20260319170231.1455553-1-aalbersh@kernel.org>

Let filesystem iterate over hashes in the block and check if these are
hashes of zeroed data blocks. XFS will use this to decide if it want to
store tree block full of these hashes.

Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
Reviewed-by: "Darrick J. Wong" <djwong@kernel.org>
---
 fs/btrfs/verity.c        | 6 +++++-
 fs/ext4/verity.c         | 4 +++-
 fs/f2fs/verity.c         | 4 +++-
 fs/verity/enable.c       | 4 +++-
 include/linux/fsverity.h | 6 +++++-
 5 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/fs/btrfs/verity.c b/fs/btrfs/verity.c
index 0062b3a55781..6d8d3808d75d 100644
--- a/fs/btrfs/verity.c
+++ b/fs/btrfs/verity.c
@@ -773,11 +773,15 @@ static struct page *btrfs_read_merkle_tree_page(struct inode *inode,
  * @buf:	Merkle tree block to write
  * @pos:	the position of the block in the Merkle tree (in bytes)
  * @size:	the Merkle tree block size (in bytes)
+ * @zero_digest:	the hash of a merkle block-sized buffer of zeroes
+ * @digest_size:	size of zero_digest, in bytes
  *
  * Returns 0 on success or negative error code on failure
  */
 static int btrfs_write_merkle_tree_block(struct file *file, const void *buf,
-					 u64 pos, unsigned int size)
+					 u64 pos, unsigned int size,
+					 const u8 *zero_digest,
+					 unsigned int digest_size)
 {
 	struct inode *inode = file_inode(file);
 	loff_t merkle_pos = merkle_file_pos(inode);
diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c
index ca61da53f313..347945ac23a4 100644
--- a/fs/ext4/verity.c
+++ b/fs/ext4/verity.c
@@ -374,7 +374,9 @@ static void ext4_readahead_merkle_tree(struct inode *inode, pgoff_t index,
 }
 
 static int ext4_write_merkle_tree_block(struct file *file, const void *buf,
-					u64 pos, unsigned int size)
+					u64 pos, unsigned int size,
+					const u8 *zero_digest,
+					unsigned int digest_size)
 {
 	pos += ext4_verity_metadata_pos(file_inode(file));
 
diff --git a/fs/f2fs/verity.c b/fs/f2fs/verity.c
index 92ebcc19cab0..b3b3e71604ac 100644
--- a/fs/f2fs/verity.c
+++ b/fs/f2fs/verity.c
@@ -270,7 +270,9 @@ static void f2fs_readahead_merkle_tree(struct inode *inode, pgoff_t index,
 }
 
 static int f2fs_write_merkle_tree_block(struct file *file, const void *buf,
-					u64 pos, unsigned int size)
+					u64 pos, unsigned int size,
+					const u8 *zero_digest,
+					unsigned int digest_size)
 {
 	pos += f2fs_verity_metadata_pos(file_inode(file));
 
diff --git a/fs/verity/enable.c b/fs/verity/enable.c
index 42dfed1ce0ce..ad4ff71d7dd9 100644
--- a/fs/verity/enable.c
+++ b/fs/verity/enable.c
@@ -50,7 +50,9 @@ static int write_merkle_tree_block(struct file *file, const u8 *buf,
 	int err;
 
 	err = inode->i_sb->s_vop->write_merkle_tree_block(file, buf, pos,
-							  params->block_size);
+							  params->block_size,
+							  params->zero_digest,
+							  params->digest_size);
 	if (err)
 		fsverity_err(inode, "Error %d writing Merkle tree block %lu",
 			     err, index);
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index 35bb76093de5..535e16a9c37d 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -124,6 +124,8 @@ struct fsverity_operations {
 	 * @buf: the Merkle tree block to write
 	 * @pos: the position of the block in the Merkle tree (in bytes)
 	 * @size: the Merkle tree block size (in bytes)
+	 * @zero_digest: the hash of a merkle block-sized buffer of zeroes
+	 * @digest_size: size of zero_digest, in bytes
 	 *
 	 * This is only called between ->begin_enable_verity() and
 	 * ->end_enable_verity().
@@ -131,7 +133,9 @@ struct fsverity_operations {
 	 * Return: 0 on success, -errno on failure
 	 */
 	int (*write_merkle_tree_block)(struct file *file, const void *buf,
-				       u64 pos, unsigned int size);
+				       u64 pos, unsigned int size,
+				       const u8 *zero_digest,
+				       unsigned int digest_size);
 };
 
 #ifdef CONFIG_FS_VERITY
-- 
2.51.2


  parent reply	other threads:[~2026-03-19 17:02 UTC|newest]

Thread overview: 56+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-03-19 17:01 [PATCH v5 00/25] fs-verity support for XFS with post EOF merkle tree Andrey Albershteyn
2026-03-19 17:01 ` [PATCH v5 01/25] fsverity: report validation errors through fserror to fsnotify Andrey Albershteyn
2026-03-19 17:15   ` Darrick J. Wong
2026-03-25  7:54   ` Christoph Hellwig
2026-03-25 11:41     ` Andrey Albershteyn
2026-03-25 16:02       ` Darrick J. Wong
2026-03-26  6:20       ` Christoph Hellwig
2026-03-19 17:01 ` [PATCH v5 02/25] fsverity: expose ensure_fsverity_info() Andrey Albershteyn
2026-03-25  7:56   ` Christoph Hellwig
2026-03-19 17:01 ` [PATCH v5 03/25] fsverity: generate and store zero-block hash Andrey Albershteyn
2026-03-25  7:57   ` Christoph Hellwig
2026-03-25 12:03     ` Andrey Albershteyn
2026-03-25 16:07       ` Darrick J. Wong
2026-03-19 17:01 ` [PATCH v5 04/25] fsverity: introduce fsverity_folio_zero_hash() Andrey Albershteyn
2026-03-25  7:57   ` Christoph Hellwig
2026-03-19 17:01 ` Andrey Albershteyn [this message]
2026-03-19 17:01 ` [PATCH v5 06/25] fsverity: hoist pagecache_read from f2fs/ext4 to fsverity Andrey Albershteyn
2026-03-25  7:58   ` Christoph Hellwig
2026-03-19 17:01 ` [PATCH v5 07/25] iomap: introduce IOMAP_F_FSVERITY and teach writeback to handle fsverity Andrey Albershteyn
2026-03-25  8:00   ` Christoph Hellwig
2026-03-25 12:38     ` Andrey Albershteyn
2026-03-25 16:26       ` Darrick J. Wong
2026-03-19 17:01 ` [PATCH v5 08/25] iomap: obtain fsverity info for read path Andrey Albershteyn
2026-03-19 17:01 ` [PATCH v5 09/25] iomap: issue readahead for fsverity merkle tree Andrey Albershteyn
2026-03-25  8:04   ` Christoph Hellwig
2026-03-25 12:08     ` Andrey Albershteyn
2026-03-19 17:01 ` [PATCH v5 10/25] iomap: teach iomap to handle fsverity holes and verify data holes Andrey Albershteyn
2026-03-25 16:29   ` Darrick J. Wong
2026-03-19 17:01 ` [PATCH v5 11/25] iomap: introduce iomap_fsverity_write() for writing fsverity metadata Andrey Albershteyn
2026-03-25  8:05   ` Christoph Hellwig
2026-03-19 17:01 ` [PATCH v5 12/25] xfs: introduce fsverity on-disk changes Andrey Albershteyn
2026-03-25  8:05   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 13/25] xfs: initialize fs-verity on file open Andrey Albershteyn
2026-03-25  8:06   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 14/25] xfs: don't allow to enable DAX on fs-verity sealed inode Andrey Albershteyn
2026-03-25  8:06   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 15/25] xfs: disable direct read path for fs-verity files Andrey Albershteyn
2026-03-25  8:06   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 16/25] xfs: handle fsverity I/O in write/read path Andrey Albershteyn
2026-03-25  8:07   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 17/25] xfs: use read ioend for fsverity data verification Andrey Albershteyn
2026-03-25  8:07   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 18/25] xfs: add fs-verity support Andrey Albershteyn
2026-03-25  8:08   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 19/25] xfs: remove unwritten extents after preallocations in fsverity metadata Andrey Albershteyn
2026-03-25  8:09   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 20/25] xfs: add fs-verity ioctls Andrey Albershteyn
2026-03-25  8:09   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 21/25] xfs: advertise fs-verity being available on filesystem Andrey Albershteyn
2026-03-25  8:10   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 22/25] xfs: check and repair the verity inode flag state Andrey Albershteyn
2026-03-25  8:10   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 23/25] xfs: introduce health state for corrupted fsverity metadata Andrey Albershteyn
2026-03-25  8:10   ` Christoph Hellwig
2026-03-19 17:02 ` [PATCH v5 24/25] xfs: add fsverity traces Andrey Albershteyn
2026-03-19 17:02 ` [PATCH v5 25/25] xfs: enable ro-compat fs-verity flag Andrey Albershteyn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260319170231.1455553-6-aalbersh@kernel.org \
    --to=aalbersh@kernel.org \
    --cc=djwong@kernel.org \
    --cc=ebiggers@kernel.org \
    --cc=fsverity@lists.linux.dev \
    --cc=hch@lst.de \
    --cc=linux-btrfs@vger.kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-f2fs-devel@lists.sourceforge.net \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-xfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox