From: Gao Xiang <hsiangkao@linux.alibaba.com>
To: Christoph Hellwig <hch@infradead.org>,
Christian Brauner <brauner@kernel.org>
Cc: "Darrick J. Wong" <djwong@kernel.org>,
Amir Goldstein <amir73il@gmail.com>,
Alexander Viro <viro@zeniv.linux.org.uk>, Jan Kara <jack@suse.cz>,
Daniel Borkmann <daniel@iogearbox.net>,
Alexei Starovoitov <ast@kernel.org>,
linux-fsdevel@vger.kernel.org, bpf@vger.kernel.org
Subject: Re: [PATCH] bpf: add bpf_real_inode() kfunc
Date: Thu, 9 Apr 2026 22:37:46 +0800 [thread overview]
Message-ID: <d889ed2b-ca34-4e95-ae5b-1d66636b515d@linux.alibaba.com> (raw)
In-Reply-To: <ade2nskzkdcsvF55@infradead.org>
On 2026/4/9 22:24, Christoph Hellwig wrote:
> On Thu, Apr 09, 2026 at 03:19:27PM +0200, Christian Brauner wrote:
>>> ways to do full file system verity [1] much more efficiently inside the
>>> file systems, and it would be good to not lock in a specific solution
>>
>> Note about that: we generally don't rely on any verity implementation
>> that makes the verity information itself part of the on-disk filesystem
>> format. The nice property of dm-verity is that the integrity is
>> completely separate from the filesystem format and it's basically simple
>> math that is trivially to prove correct.
>
> Any file system integrated version storing the hashed in the extended
> LBA data (which Linux also confusingly calls intgrity data) would be
> even simpler and easier to verify. But yes, we need to clearly
> document what we want.
Yes, you could keep hash / checksum in the extended OOB area, but
I guess you still don't know if the hash / checksum of the
particular data can be trusted (or is changed by attackers).
I think the key point of merkle tree approach is not only for
data integrity but also to distribute the trust between all
hashes by calculating the hash (of the hashes) of the hashes
so that you could get the only one root hash value regardless
of how to organize the container filesystem (meta)data so
that it's totally seperated from individual filesystem layouts
and can be proven seperately and even implemented easily by
hardware/firmware rather than inside the specific filesystem
implementation.
Thanks,
Gao Xiang
next prev parent reply other threads:[~2026-04-09 14:37 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-26 16:53 [PATCH] bpf: add bpf_real_inode() kfunc Christian Brauner
2026-03-26 17:02 ` Amir Goldstein
2026-03-27 5:28 ` Christoph Hellwig
2026-03-27 6:05 ` Darrick J. Wong
2026-04-07 10:25 ` Christian Brauner
2026-04-07 14:54 ` Christoph Hellwig
2026-04-09 13:19 ` Christian Brauner
2026-04-09 14:24 ` Christoph Hellwig
2026-04-09 14:37 ` Gao Xiang [this message]
2026-04-09 16:11 ` Christoph Hellwig
2026-04-09 16:42 ` Gao Xiang
2026-04-10 6:15 ` Christoph Hellwig
2026-04-10 6:46 ` Gao Xiang
2026-04-10 7:06 ` Christoph Hellwig
2026-04-10 7:29 ` Gao Xiang
2026-03-27 12:19 ` bot+bpf-ci
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d889ed2b-ca34-4e95-ae5b-1d66636b515d@linux.alibaba.com \
--to=hsiangkao@linux.alibaba.com \
--cc=amir73il@gmail.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brauner@kernel.org \
--cc=daniel@iogearbox.net \
--cc=djwong@kernel.org \
--cc=hch@infradead.org \
--cc=jack@suse.cz \
--cc=linux-fsdevel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox