From: Christoph Hellwig <hch@infradead.org>
To: "Darrick J. Wong" <djwong@kernel.org>
Cc: Christoph Hellwig <hch@infradead.org>,
aalbersh@redhat.com, ebiggers@kernel.org,
linux-xfs@vger.kernel.org, alexl@redhat.com, walters@verbum.org,
fsverity@lists.linux.dev, linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH 04/18] fsverity: support block-based Merkle tree caching
Date: Wed, 1 May 2024 21:42:07 -0700 [thread overview]
Message-ID: <ZjMZnxgFZ_X6c9aB@infradead.org> (raw)
In-Reply-To: <20240501223519.GG360919@frogsfrogsfrogs>
On Wed, May 01, 2024 at 03:35:19PM -0700, Darrick J. Wong wrote:
> Got a link? This is the first I've heard of this, but TBH I've been
> ignoring a /lot/ of things trying to get online repair merged (thank
> you!) over the past months...
This was long before I got involved with repair :)
Below is what I found in my local tree. It doesn't have a proper commit
log, so I probably only sent it out as a RFC in reply to a patch series
posting, most likely untested:
commit c11dcbe101a240c7a9e9bae7efaff2779d88b292
Author: Christoph Hellwig <hch@lst.de>
Date: Mon Oct 16 14:14:11 2023 +0200
fsverity block interface
diff --git a/Documentation/filesystems/fsverity.rst b/Documentation/filesystems/fsverity.rst
index af889512c6ac99..c616d530a89086 100644
--- a/Documentation/filesystems/fsverity.rst
+++ b/Documentation/filesystems/fsverity.rst
@@ -648,7 +648,7 @@ which verifies data that has been read into the pagecache of a verity
inode. The containing folio must still be locked and not Uptodate, so
it's not yet readable by userspace. As needed to do the verification,
fsverity_verify_blocks() will call back into the filesystem to read
-hash blocks via fsverity_operations::read_merkle_tree_page().
+hash blocks via fsverity_operations::read_merkle_tree_block().
fsverity_verify_blocks() returns false if verification failed; in this
case, the filesystem must not set the folio Uptodate. Following this,
diff --git a/fs/btrfs/verity.c b/fs/btrfs/verity.c
index 2b34796f68d349..4b6134923232e7 100644
--- a/fs/btrfs/verity.c
+++ b/fs/btrfs/verity.c
@@ -713,20 +713,20 @@ int btrfs_get_verity_descriptor(struct inode *inode, void *buf, size_t buf_size)
*
* Returns the page we read, or an ERR_PTR on error.
*/
-static struct page *btrfs_read_merkle_tree_page(struct inode *inode,
- pgoff_t index,
- unsigned long num_ra_pages,
- u8 log_blocksize)
+static int btrfs_read_merkle_tree_block(struct inode *inode,
+ unsigned int offset, struct fsverity_block *block,
+ unsigned long num_ra_pages)
{
struct folio *folio;
+ pgoff_t index = offset >> PAGE_SHIFT;
u64 off = (u64)index << PAGE_SHIFT;
loff_t merkle_pos = merkle_file_pos(inode);
int ret;
if (merkle_pos < 0)
- return ERR_PTR(merkle_pos);
+ return merkle_pos;
if (merkle_pos > inode->i_sb->s_maxbytes - off - PAGE_SIZE)
- return ERR_PTR(-EFBIG);
+ return -EFBIG;
index += merkle_pos >> PAGE_SHIFT;
again:
folio = __filemap_get_folio(inode->i_mapping, index, FGP_ACCESSED, 0);
@@ -739,7 +739,7 @@ static struct page *btrfs_read_merkle_tree_page(struct inode *inode,
if (!folio_test_uptodate(folio)) {
folio_unlock(folio);
folio_put(folio);
- return ERR_PTR(-EIO);
+ return -EIO;
}
folio_unlock(folio);
goto out;
@@ -748,7 +748,7 @@ static struct page *btrfs_read_merkle_tree_page(struct inode *inode,
folio = filemap_alloc_folio(mapping_gfp_constraint(inode->i_mapping, ~__GFP_FS),
0);
if (!folio)
- return ERR_PTR(-ENOMEM);
+ return -ENOMEM;
ret = filemap_add_folio(inode->i_mapping, folio, index, GFP_NOFS);
if (ret) {
@@ -756,7 +756,7 @@ static struct page *btrfs_read_merkle_tree_page(struct inode *inode,
/* Did someone else insert a folio here? */
if (ret == -EEXIST)
goto again;
- return ERR_PTR(ret);
+ return ret;
}
/*
@@ -769,7 +769,7 @@ static struct page *btrfs_read_merkle_tree_page(struct inode *inode,
folio_address(folio), PAGE_SIZE, &folio->page);
if (ret < 0) {
folio_put(folio);
- return ERR_PTR(ret);
+ return ret;
}
if (ret < PAGE_SIZE)
folio_zero_segment(folio, ret, PAGE_SIZE);
@@ -778,7 +778,8 @@ static struct page *btrfs_read_merkle_tree_page(struct inode *inode,
folio_unlock(folio);
out:
- return folio_file_page(folio, index);
+ return fsverity_set_block_page(block, folio_file_page(folio, index),
+ offset);
}
/*
@@ -809,6 +810,7 @@ const struct fsverity_operations btrfs_verityops = {
.begin_enable_verity = btrfs_begin_enable_verity,
.end_enable_verity = btrfs_end_enable_verity,
.get_verity_descriptor = btrfs_get_verity_descriptor,
- .read_merkle_tree_page = btrfs_read_merkle_tree_page,
+ .read_merkle_tree_block = btrfs_read_merkle_tree_block,
.write_merkle_tree_block = btrfs_write_merkle_tree_block,
+ .drop_merkle_tree_block = fsverity_drop_page_merke_tree_block,
};
diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c
index 4e2f01f048c09b..5623e2c1c302e8 100644
--- a/fs/ext4/verity.c
+++ b/fs/ext4/verity.c
@@ -358,15 +358,13 @@ static int ext4_get_verity_descriptor(struct inode *inode, void *buf,
return desc_size;
}
-static struct page *ext4_read_merkle_tree_page(struct inode *inode,
- pgoff_t index,
- unsigned long num_ra_pages,
- u8 log_blocksize)
+static int ext4_read_merkle_tree_block(struct inode *inode, unsigned int offset,
+ struct fsverity_block *block, unsigned long num_ra_pages)
{
struct folio *folio;
+ pgoff_t index;
- index += ext4_verity_metadata_pos(inode) >> PAGE_SHIFT;
-
+ index = (ext4_verity_metadata_pos(inode) + offset) >> PAGE_SHIFT;
folio = __filemap_get_folio(inode->i_mapping, index, FGP_ACCESSED, 0);
if (IS_ERR(folio) || !folio_test_uptodate(folio)) {
DEFINE_READAHEAD(ractl, NULL, NULL, inode->i_mapping, index);
@@ -377,9 +375,10 @@ static struct page *ext4_read_merkle_tree_page(struct inode *inode,
page_cache_ra_unbounded(&ractl, num_ra_pages, 0);
folio = read_mapping_folio(inode->i_mapping, index, NULL);
if (IS_ERR(folio))
- return ERR_CAST(folio);
+ return PTR_ERR(folio);
}
- return folio_file_page(folio, index);
+ return fsverity_set_block_page(block, folio_file_page(folio, index),
+ offset);
}
static int ext4_write_merkle_tree_block(struct inode *inode, const void *buf,
@@ -394,6 +393,7 @@ const struct fsverity_operations ext4_verityops = {
.begin_enable_verity = ext4_begin_enable_verity,
.end_enable_verity = ext4_end_enable_verity,
.get_verity_descriptor = ext4_get_verity_descriptor,
- .read_merkle_tree_page = ext4_read_merkle_tree_page,
+ .read_merkle_tree_block = ext4_read_merkle_tree_block,
.write_merkle_tree_block = ext4_write_merkle_tree_block,
+ .drop_merkle_tree_block = fsverity_drop_page_merke_tree_block,
};
diff --git a/fs/f2fs/verity.c b/fs/f2fs/verity.c
index 601ab9f0c02492..aac9281e9c4565 100644
--- a/fs/f2fs/verity.c
+++ b/fs/f2fs/verity.c
@@ -255,15 +255,13 @@ static int f2fs_get_verity_descriptor(struct inode *inode, void *buf,
return size;
}
-static struct page *f2fs_read_merkle_tree_page(struct inode *inode,
- pgoff_t index,
- unsigned long num_ra_pages,
- u8 log_blocksize)
+static int f2fs_read_merkle_tree_block(struct inode *inode, unsigned int offset,
+ struct fsverity_block *block, unsigned long num_ra_pages)
{
struct page *page;
+ pgoff_t index;
- index += f2fs_verity_metadata_pos(inode) >> PAGE_SHIFT;
-
+ index = (f2fs_verity_metadata_pos(inode) + offset) >> PAGE_SHIFT;
page = find_get_page_flags(inode->i_mapping, index, FGP_ACCESSED);
if (!page || !PageUptodate(page)) {
DEFINE_READAHEAD(ractl, NULL, NULL, inode->i_mapping, index);
@@ -274,7 +272,7 @@ static struct page *f2fs_read_merkle_tree_page(struct inode *inode,
page_cache_ra_unbounded(&ractl, num_ra_pages, 0);
page = read_mapping_page(inode->i_mapping, index, NULL);
}
- return page;
+ return fsverity_set_block_page(block, page, offset);
}
static int f2fs_write_merkle_tree_block(struct inode *inode, const void *buf,
@@ -289,6 +287,7 @@ const struct fsverity_operations f2fs_verityops = {
.begin_enable_verity = f2fs_begin_enable_verity,
.end_enable_verity = f2fs_end_enable_verity,
.get_verity_descriptor = f2fs_get_verity_descriptor,
- .read_merkle_tree_page = f2fs_read_merkle_tree_page,
+ .read_merkle_tree_block = f2fs_read_merkle_tree_block,
.write_merkle_tree_block = f2fs_write_merkle_tree_block,
+ .drop_merkle_tree_block = fsverity_drop_page_merke_tree_block,
};
diff --git a/fs/verity/read_metadata.c b/fs/verity/read_metadata.c
index 182bddf5dec54c..5e362f8562bd5d 100644
--- a/fs/verity/read_metadata.c
+++ b/fs/verity/read_metadata.c
@@ -12,10 +12,33 @@
#include <linux/sched/signal.h>
#include <linux/uaccess.h>
+int fsverity_set_block_page(struct fsverity_block *block,
+ struct page *page, unsigned int index)
+{
+ if (IS_ERR(page))
+ return PTR_ERR(page);
+ block->kaddr = page_address(page) + (index % PAGE_SIZE);
+ block->cached = PageChecked(page);
+ block->context = page;
+ return 0;
+}
+EXPORT_SYMBOL_GPL(fsverity_set_block_page);
+
+void fsverity_drop_page_merke_tree_block(struct fsverity_block *block)
+{
+ struct page *page = block->context;
+
+ if (block->verified)
+ SetPageChecked(page);
+ put_page(page);
+}
+EXPORT_SYMBOL_GPL(fsverity_drop_page_merke_tree_block);
+
static int fsverity_read_merkle_tree(struct inode *inode,
const struct fsverity_info *vi,
void __user *buf, u64 offset, int length)
{
+ const struct fsverity_operations *vop = inode->i_sb->s_vop;
u64 end_offset;
unsigned int offs_in_block;
unsigned int block_size = vi->tree_params.block_size;
@@ -45,20 +68,19 @@ static int fsverity_read_merkle_tree(struct inode *inode,
struct fsverity_block block;
block.len = block_size;
- if (fsverity_read_merkle_tree_block(inode,
- index << vi->tree_params.log_blocksize,
- &block, num_ra_pages)) {
- fsverity_drop_block(inode, &block);
+ if (vop->read_merkle_tree_block(inode,
+ index << vi->tree_params.log_blocksize,
+ &block, num_ra_pages)) {
err = -EFAULT;
break;
}
if (copy_to_user(buf, block.kaddr + offs_in_block, bytes_to_copy)) {
- fsverity_drop_block(inode, &block);
+ vop->drop_merkle_tree_block(&block);
err = -EFAULT;
break;
}
- fsverity_drop_block(inode, &block);
+ vop->drop_merkle_tree_block(&block);
block.kaddr = NULL;
retval += bytes_to_copy;
diff --git a/fs/verity/verify.c b/fs/verity/verify.c
index dfe01f12184341..9b84262a6fa413 100644
--- a/fs/verity/verify.c
+++ b/fs/verity/verify.c
@@ -42,6 +42,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
const void *data, u64 data_pos, unsigned long max_ra_pages)
{
const struct merkle_tree_params *params = &vi->tree_params;
+ const struct fsverity_operations *vop = inode->i_sb->s_vop;
const unsigned int hsize = params->digest_size;
int level;
int err;
@@ -115,9 +116,9 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
block->len = params->block_size;
num_ra_pages = level == 0 ?
min(max_ra_pages, params->tree_pages - hpage_idx) : 0;
- err = fsverity_read_merkle_tree_block(
- inode, hblock_idx << params->log_blocksize, block,
- num_ra_pages);
+ err = vop->read_merkle_tree_block(inode,
+ hblock_idx << params->log_blocksize, block,
+ num_ra_pages);
if (err) {
fsverity_err(inode,
"Error %d reading Merkle tree block %lu",
@@ -127,7 +128,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
if (is_hash_block_verified(vi, hblock_idx, block->cached)) {
memcpy(_want_hash, block->kaddr + hoffset, hsize);
want_hash = _want_hash;
- fsverity_drop_block(inode, block);
+ vop->drop_merkle_tree_block(block);
goto descend;
}
hblocks[level].index = hblock_idx;
@@ -157,7 +158,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
block->verified = true;
memcpy(_want_hash, haddr + hoffset, hsize);
want_hash = _want_hash;
- fsverity_drop_block(inode, block);
+ vop->drop_merkle_tree_block(block);
}
/* Finally, verify the data block. */
@@ -174,9 +175,8 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
params->hash_alg->name, hsize, want_hash,
params->hash_alg->name, hsize, real_hash);
error:
- for (; level > 0; level--) {
- fsverity_drop_block(inode, &hblocks[level - 1].block);
- }
+ for (; level > 0; level--)
+ vop->drop_merkle_tree_block(&hblocks[level - 1].block);
return false;
}
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index ce37a430bc97f2..ae9ae7719af558 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -104,27 +104,6 @@ struct fsverity_operations {
int (*get_verity_descriptor)(struct inode *inode, void *buf,
size_t bufsize);
- /**
- * Read a Merkle tree page of the given inode.
- *
- * @inode: the inode
- * @index: 0-based index of the page within the Merkle tree
- * @num_ra_pages: The number of Merkle tree pages that should be
- * prefetched starting at @index if the page at @index
- * isn't already cached. Implementations may ignore this
- * argument; it's only a performance optimization.
- *
- * This can be called at any time on an open verity file. It may be
- * called by multiple processes concurrently, even with the same page.
- *
- * Note that this must retrieve a *page*, not necessarily a *block*.
- *
- * Return: the page on success, ERR_PTR() on failure
- */
- struct page *(*read_merkle_tree_page)(struct inode *inode,
- pgoff_t index,
- unsigned long num_ra_pages,
- u8 log_blocksize);
/**
* Read a Merkle tree block of the given inode.
* @inode: the inode
@@ -162,13 +141,12 @@ struct fsverity_operations {
/**
* Release the reference to a Merkle tree block
- *
- * @page: the block to release
+ * @block: the block to release
*
* This is called when fs-verity is done with a block obtained with
* ->read_merkle_tree_block().
*/
- void (*drop_block)(struct fsverity_block *block);
+ void (*drop_merkle_tree_block)(struct fsverity_block *block);
};
#ifdef CONFIG_FS_VERITY
@@ -217,74 +195,16 @@ static inline void fsverity_cleanup_inode(struct inode *inode)
int fsverity_ioctl_read_metadata(struct file *filp, const void __user *uarg);
+int fsverity_set_block_page(struct fsverity_block *block,
+ struct page *page, unsigned int index);
+void fsverity_drop_page_merke_tree_block(struct fsverity_block *block);
+
/* verify.c */
bool fsverity_verify_blocks(struct folio *folio, size_t len, size_t offset);
void fsverity_verify_bio(struct bio *bio);
void fsverity_enqueue_verify_work(struct work_struct *work);
-/**
- * fsverity_drop_block() - drop block obtained with ->read_merkle_tree_block()
- * @inode: inode in use for verification or metadata reading
- * @block: block to be dropped
- *
- * Generic put_page() method. Calls out back to filesystem if ->drop_block() is
- * set, otherwise do nothing.
- *
- */
-static inline void fsverity_drop_block(struct inode *inode,
- struct fsverity_block *block)
-{
- if (inode->i_sb->s_vop->drop_block)
- inode->i_sb->s_vop->drop_block(block);
- else {
- struct page *page = (struct page *)block->context;
-
- if (block->verified)
- SetPageChecked(page);
-
- put_page(page);
- }
-}
-
-/**
- * fsverity_read_block_from_page() - layer between fs using read page
- * and read block
- * @inode: inode in use for verification or metadata reading
- * @index: index of the block in the tree (offset into the tree)
- * @block: block to be read
- * @num_ra_pages: number of pages to readahead, may be ignored
- *
- * Depending on fs implementation use read_merkle_tree_block or
- * read_merkle_tree_page.
- */
-static inline int fsverity_read_merkle_tree_block(struct inode *inode,
- unsigned int index,
- struct fsverity_block *block,
- unsigned long num_ra_pages)
-{
- struct page *page;
-
- if (inode->i_sb->s_vop->read_merkle_tree_block)
- return inode->i_sb->s_vop->read_merkle_tree_block(
- inode, index, block, num_ra_pages);
-
- page = inode->i_sb->s_vop->read_merkle_tree_page(
- inode, index >> PAGE_SHIFT, num_ra_pages,
- block->len);
-
- block->kaddr = page_address(page) + (index % PAGE_SIZE);
- block->cached = PageChecked(page);
- block->context = page;
-
- if (IS_ERR(page))
- return PTR_ERR(page);
- else
- return 0;
-}
-
-
-
#else /* !CONFIG_FS_VERITY */
static inline struct fsverity_info *fsverity_get_info(const struct inode *inode)
@@ -362,20 +282,6 @@ static inline void fsverity_enqueue_verify_work(struct work_struct *work)
WARN_ON_ONCE(1);
}
-static inline void fsverity_drop_page(struct inode *inode, struct page *page)
-{
- WARN_ON_ONCE(1);
-}
-
-static inline int fsverity_read_merkle_tree_block(struct inode *inode,
- unsigned int index,
- struct fsverity_block *block,
- unsigned long num_ra_pages)
-{
- WARN_ON_ONCE(1);
- return -EOPNOTSUPP;
-}
-
#endif /* !CONFIG_FS_VERITY */
static inline bool fsverity_verify_folio(struct folio *folio)
next prev parent reply other threads:[~2024-05-02 4:42 UTC|newest]
Thread overview: 165+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-30 3:11 [PATCHBOMB v5.6] fs-verity support for XFS Darrick J. Wong
2024-04-30 3:18 ` [PATCHSET v5.6 1/2] fs-verity: support merkle tree access by blocks Darrick J. Wong
2024-04-30 3:19 ` [PATCH 01/18] fs: add FS_XFLAG_VERITY for verity files Darrick J. Wong
2024-04-30 3:19 ` [PATCH 02/18] fsverity: pass tree_blocksize to end_enable_verity() Darrick J. Wong
2024-04-30 3:20 ` [PATCH 03/18] fsverity: convert verification to use byte instead of page offsets Darrick J. Wong
2024-05-01 7:33 ` Christoph Hellwig
2024-05-01 22:33 ` Darrick J. Wong
2024-05-02 0:42 ` Eric Biggers
2024-05-08 20:14 ` Darrick J. Wong
2024-04-30 3:20 ` [PATCH 04/18] fsverity: support block-based Merkle tree caching Darrick J. Wong
2024-05-01 7:36 ` Christoph Hellwig
2024-05-01 22:35 ` Darrick J. Wong
2024-05-02 4:42 ` Christoph Hellwig [this message]
2024-05-15 2:16 ` Eric Biggers
2024-04-30 3:20 ` [PATCH 05/18] fsverity: pass the merkle tree block level to fsverity_read_merkle_tree_block Darrick J. Wong
2024-04-30 3:20 ` [PATCH 06/18] fsverity: add per-sb workqueue for post read processing Darrick J. Wong
2024-04-30 3:21 ` [PATCH 07/18] fsverity: add tracepoints Darrick J. Wong
2024-04-30 3:21 ` [PATCH 08/18] fsverity: pass the new tree size and block size to ->begin_enable_verity Darrick J. Wong
2024-04-30 3:21 ` [PATCH 09/18] fsverity: expose merkle tree geometry to callers Darrick J. Wong
2024-04-30 3:22 ` [PATCH 10/18] fsverity: box up the write_merkle_tree_block parameters too Darrick J. Wong
2024-04-30 3:22 ` [PATCH 11/18] fsverity: pass the zero-hash value to the implementation Darrick J. Wong
2024-04-30 3:22 ` [PATCH 12/18] fsverity: report validation errors back to the filesystem Darrick J. Wong
2024-04-30 3:22 ` [PATCH 13/18] fsverity: pass super_block to fsverity_enqueue_verify_work Darrick J. Wong
2024-04-30 3:23 ` [PATCH 14/18] ext4: use a per-superblock fsverity workqueue Darrick J. Wong
2024-04-30 3:23 ` [PATCH 15/18] f2fs: " Darrick J. Wong
2024-04-30 3:23 ` [PATCH 16/18] btrfs: " Darrick J. Wong
2024-04-30 3:23 ` [PATCH 17/18] fsverity: remove system-wide workqueue Darrick J. Wong
2024-04-30 3:24 ` [PATCH 18/18] iomap: integrate fs-verity verification into iomap's read path Darrick J. Wong
2024-05-01 7:10 ` Christoph Hellwig
2024-05-01 22:37 ` Darrick J. Wong
2024-04-30 3:18 ` [PATCHSET v5.6 2/2] xfs: fs-verity support Darrick J. Wong
2024-04-30 3:24 ` [PATCH 01/26] xfs: use unsigned ints for non-negative quantities in xfs_attr_remote.c Darrick J. Wong
2024-05-01 6:55 ` Christoph Hellwig
2024-05-01 22:39 ` Darrick J. Wong
2024-05-02 4:56 ` Christoph Hellwig
2024-05-02 5:56 ` Chandan Babu R
2024-05-02 6:34 ` Christoph Hellwig
2024-04-30 3:24 ` [PATCH 02/26] xfs: turn XFS_ATTR3_RMT_BUF_SPACE into a function Darrick J. Wong
2024-05-01 6:55 ` Christoph Hellwig
2024-04-30 3:24 ` [PATCH 03/26] xfs: create a helper to compute the blockcount of a max sized remote value Darrick J. Wong
2024-05-01 6:56 ` Christoph Hellwig
2024-04-30 3:25 ` [PATCH 04/26] xfs: minor cleanups of xfs_attr3_rmt_blocks Darrick J. Wong
2024-05-01 6:56 ` Christoph Hellwig
2024-04-30 3:25 ` [PATCH 05/26] xfs: use an empty transaction to protect xfs_attr_get from deadlocks Darrick J. Wong
2024-05-01 6:57 ` Christoph Hellwig
2024-05-01 22:42 ` Darrick J. Wong
2024-04-30 3:25 ` [PATCH 06/26] xfs: add attribute type for fs-verity Darrick J. Wong
2024-04-30 3:25 ` [PATCH 07/26] xfs: do not use xfs_attr3_rmt_hdr for remote verity value blocks Darrick J. Wong
2024-04-30 3:26 ` [PATCH 08/26] xfs: add fs-verity ro-compat flag Darrick J. Wong
2024-04-30 3:26 ` [PATCH 09/26] xfs: add inode on-disk VERITY flag Darrick J. Wong
2024-04-30 3:26 ` [PATCH 10/26] xfs: initialize fs-verity on file open and cleanup on inode destruction Darrick J. Wong
2024-04-30 3:26 ` [PATCH 11/26] xfs: don't allow to enable DAX on fs-verity sealed inode Darrick J. Wong
2024-04-30 3:27 ` [PATCH 12/26] xfs: disable direct read path for fs-verity files Darrick J. Wong
2024-04-30 3:27 ` [PATCH 13/26] xfs: widen flags argument to the xfs_iflags_* helpers Darrick J. Wong
2024-05-01 6:54 ` Christoph Hellwig
2024-05-01 22:44 ` Darrick J. Wong
2024-04-30 3:27 ` [PATCH 14/26] xfs: add fs-verity support Darrick J. Wong
2024-04-30 3:28 ` [PATCH 15/26] xfs: create a per-mount shrinker for verity inodes merkle tree blocks Darrick J. Wong
2024-04-30 3:28 ` [PATCH 16/26] xfs: shrink verity blob cache Darrick J. Wong
2024-04-30 3:28 ` [PATCH 17/26] xfs: don't store trailing zeroes of merkle tree blocks Darrick J. Wong
2024-04-30 3:28 ` [PATCH 18/26] xfs: use merkle tree offset as attr hash Darrick J. Wong
2024-05-01 6:53 ` Christoph Hellwig
2024-05-01 7:23 ` Christoph Hellwig
2024-05-07 21:24 ` Darrick J. Wong
2024-05-08 11:47 ` Christoph Hellwig
2024-05-08 20:26 ` Darrick J. Wong
2024-05-09 5:02 ` Christoph Hellwig
2024-05-09 20:02 ` Darrick J. Wong
2024-05-10 5:08 ` Christoph Hellwig
2024-05-10 6:20 ` Christoph Hellwig
2024-05-17 17:17 ` Darrick J. Wong
2024-05-20 12:39 ` Christoph Hellwig
2024-05-20 16:02 ` Darrick J. Wong
2024-05-22 14:37 ` Christoph Hellwig
2024-05-22 18:29 ` Eric Biggers
2024-05-31 21:28 ` Darrick J. Wong
2024-05-31 21:45 ` Eric Biggers
2024-05-09 17:46 ` Eric Biggers
2024-05-09 18:04 ` Darrick J. Wong
2024-05-09 18:36 ` Eric Biggers
2024-04-30 3:29 ` [PATCH 19/26] xfs: don't bother storing merkle tree blocks for zeroed data blocks Darrick J. Wong
2024-05-01 6:47 ` Christoph Hellwig
2024-05-01 22:47 ` Darrick J. Wong
2024-05-02 0:01 ` Eric Biggers
2024-05-08 20:26 ` Darrick J. Wong
2024-04-30 3:29 ` [PATCH 20/26] xfs: add fs-verity ioctls Darrick J. Wong
2024-04-30 3:29 ` [PATCH 21/26] xfs: advertise fs-verity being available on filesystem Darrick J. Wong
2024-04-30 3:29 ` [PATCH 22/26] xfs: check and repair the verity inode flag state Darrick J. Wong
2024-04-30 3:30 ` [PATCH 23/26] xfs: teach online repair to evaluate fsverity xattrs Darrick J. Wong
2024-04-30 3:30 ` [PATCH 24/26] xfs: report verity failures through the health system Darrick J. Wong
2024-04-30 3:30 ` [PATCH 25/26] xfs: make it possible to disable fsverity Darrick J. Wong
2024-05-01 6:48 ` Christoph Hellwig
2024-05-01 22:50 ` Darrick J. Wong
2024-05-02 0:15 ` Eric Biggers
2024-05-08 20:31 ` Darrick J. Wong
2024-05-09 5:04 ` Christoph Hellwig
2024-05-09 14:45 ` Darrick J. Wong
2024-05-09 15:06 ` Christoph Hellwig
2024-05-09 15:09 ` Darrick J. Wong
2024-05-09 15:13 ` Christoph Hellwig
2024-05-09 15:43 ` Darrick J. Wong
2024-05-17 19:36 ` Theodore Ts'o
2024-04-30 3:30 ` [PATCH 26/26] xfs: enable ro-compat fs-verity flag Darrick J. Wong
2024-04-30 3:19 ` [PATCHSET v5.6] xfsprogs: fs-verity support for XFS Darrick J. Wong
2024-04-30 3:31 ` [PATCH 01/38] fs: add FS_XFLAG_VERITY for verity files Darrick J. Wong
2024-04-30 3:31 ` [PATCH 02/38] xfs: use unsigned ints for non-negative quantities in xfs_attr_remote.c Darrick J. Wong
2024-04-30 3:31 ` [PATCH 03/38] xfs: turn XFS_ATTR3_RMT_BUF_SPACE into a function Darrick J. Wong
2024-04-30 3:31 ` [PATCH 04/38] xfs: create a helper to compute the blockcount of a max sized remote value Darrick J. Wong
2024-04-30 3:32 ` [PATCH 05/38] xfs: minor cleanups of xfs_attr3_rmt_blocks Darrick J. Wong
2024-04-30 3:32 ` [PATCH 06/38] xfs: use an empty transaction to protect xfs_attr_get from deadlocks Darrick J. Wong
2024-04-30 3:32 ` [PATCH 07/38] xfs: add attribute type for fs-verity Darrick J. Wong
2024-04-30 3:32 ` [PATCH 08/38] xfs: do not use xfs_attr3_rmt_hdr for remote verity value blocks Darrick J. Wong
2024-04-30 3:33 ` [PATCH 09/38] xfs: add fs-verity ro-compat flag Darrick J. Wong
2024-04-30 3:33 ` [PATCH 10/38] xfs: add inode on-disk VERITY flag Darrick J. Wong
2024-04-30 3:33 ` [PATCH 11/38] xfs: add fs-verity support Darrick J. Wong
2024-04-30 3:34 ` [PATCH 12/38] xfs: use merkle tree offset as attr hash Darrick J. Wong
2024-04-30 3:34 ` [PATCH 13/38] xfs: advertise fs-verity being available on filesystem Darrick J. Wong
2024-04-30 3:34 ` [PATCH 14/38] xfs: report verity failures through the health system Darrick J. Wong
2024-04-30 3:34 ` [PATCH 15/38] xfs: enable ro-compat fs-verity flag Darrick J. Wong
2024-04-30 3:35 ` [PATCH 16/38] libfrog: add fsverity to xfs_report_geom output Darrick J. Wong
2024-04-30 3:35 ` [PATCH 17/38] xfs_db: introduce attr_modify command Darrick J. Wong
2024-04-30 3:35 ` [PATCH 18/38] xfs_db: add ATTR_PARENT support to " Darrick J. Wong
2024-04-30 3:35 ` [PATCH 19/38] xfs_db: make attr_set/remove/modify be able to handle fs-verity attrs Darrick J. Wong
2024-04-30 3:36 ` [PATCH 20/38] man: document attr_modify command Darrick J. Wong
2024-04-30 3:36 ` [PATCH 21/38] xfs_db: create hex string as a field type Darrick J. Wong
2024-04-30 3:36 ` [PATCH 22/38] xfs_db: dump verity features and metadata Darrick J. Wong
2024-04-30 3:36 ` [PATCH 23/38] xfs_db: dump merkle tree data Darrick J. Wong
2024-04-30 3:37 ` [PATCH 24/38] xfs_db: dump the verity descriptor Darrick J. Wong
2024-04-30 3:37 ` [PATCH 25/38] xfs_db: don't obfuscate verity xattrs Darrick J. Wong
2024-04-30 3:37 ` [PATCH 26/38] xfs_db: dump the inode verity flag Darrick J. Wong
2024-04-30 3:37 ` [PATCH 27/38] xfs_db: compute hashes of merkle tree blocks Darrick J. Wong
2024-04-30 3:38 ` [PATCH 28/38] xfs_repair: junk fsverity xattrs when unnecessary Darrick J. Wong
2024-04-30 3:38 ` [PATCH 29/38] xfs_repair: clear verity iflag when verity isn't supported Darrick J. Wong
2024-04-30 3:38 ` [PATCH 30/38] xfs_repair: handle verity remote attrs Darrick J. Wong
2024-04-30 3:38 ` [PATCH 31/38] xfs_repair: allow upgrading filesystems with verity Darrick J. Wong
2024-04-30 3:39 ` [PATCH 32/38] xfs_scrub: check verity file metadata Darrick J. Wong
2024-04-30 3:39 ` [PATCH 33/38] xfs_scrub: validate verity file contents when doing a media scan Darrick J. Wong
2024-04-30 3:39 ` [PATCH 34/38] xfs_scrub: use MADV_POPULATE_READ to check verity files Darrick J. Wong
2024-04-30 3:40 ` [PATCH 35/38] xfs_spaceman: report data corruption Darrick J. Wong
2024-04-30 3:40 ` [PATCH 36/38] xfs_io: report fsverity status via statx Darrick J. Wong
2024-04-30 3:40 ` [PATCH 37/38] xfs_io: create magic command to disable verity Darrick J. Wong
2024-04-30 3:40 ` [PATCH 38/38] mkfs.xfs: add verity parameter Darrick J. Wong
2024-04-30 3:19 ` [PATCHSET v5.6] fstests: fs-verity support for XFS Darrick J. Wong
2024-04-30 3:41 ` [PATCH 1/6] common/verity: enable fsverity " Darrick J. Wong
2024-04-30 12:39 ` Andrey Albershteyn
2024-04-30 15:35 ` Darrick J. Wong
2024-04-30 3:41 ` [PATCH 2/6] xfs/{021,122}: adapt to fsverity xattrs Darrick J. Wong
2024-04-30 12:46 ` Andrey Albershteyn
2024-04-30 15:36 ` Darrick J. Wong
2024-04-30 3:41 ` [PATCH 3/6] xfs/122: adapt to fsverity Darrick J. Wong
2024-04-30 12:45 ` Andrey Albershteyn
2024-04-30 15:37 ` Darrick J. Wong
2024-04-30 3:41 ` [PATCH 4/6] xfs: test xfs_scrub detection and correction of corrupt fsverity metadata Darrick J. Wong
2024-04-30 12:29 ` Andrey Albershteyn
2024-04-30 15:43 ` Darrick J. Wong
2024-04-30 3:42 ` [PATCH 5/6] xfs: test disabling fsverity Darrick J. Wong
2024-04-30 12:56 ` Andrey Albershteyn
2024-04-30 13:11 ` Andrey Albershteyn
2024-04-30 15:48 ` Darrick J. Wong
2024-04-30 18:06 ` Andrey Albershteyn
2024-04-30 3:42 ` [PATCH 6/6] common/populate: add verity files to populate xfs images Darrick J. Wong
2024-04-30 13:22 ` Andrey Albershteyn
2024-04-30 15:49 ` Darrick J. Wong
2024-05-11 5:01 ` [PATCHSET v5.6] fstests: fs-verity support for XFS Zorro Lang
2024-05-17 15:56 ` Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZjMZnxgFZ_X6c9aB@infradead.org \
--to=hch@infradead.org \
--cc=aalbersh@redhat.com \
--cc=alexl@redhat.com \
--cc=djwong@kernel.org \
--cc=ebiggers@kernel.org \
--cc=fsverity@lists.linux.dev \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=walters@verbum.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).