* Re: [PATCH 00/61] vfs: change inode->i_ino from unsigned long to u64
From: Christian Brauner @ 2026-02-27 10:06 UTC (permalink / raw)
To: Jeff Layton
Cc: Alexander Viro, Jan Kara, Steven Rostedt, Masami Hiramatsu,
Mathieu Desnoyers, Dan Williams, Matthew Wilcox, Eric Biggers,
Theodore Y. Ts'o, Muchun Song, Oscar Salvador,
David Hildenbrand, David Howells, Paulo Alcantara, Andreas Dilger,
Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust, Anna Schumaker,
Chuck Lever, NeilBrown, Olga Kornievskaia, Dai Ngo, Tom Talpey,
Steve French, Ronnie Sahlberg, Shyam Prasad N, Bharath SM,
Alexander Aring, Ryusuke Konishi, Viacheslav Dubeyko,
Eric Van Hensbergen, Latchesar Ionkov, Dominique Martinet,
Christian Schoenebeck, David Sterba, Marc Dionne, Ian Kent,
Luis de Bethencourt, Salah Triki, Tigran A. Aivazian,
Ilya Dryomov, Alex Markuze, Jan Harkes, coda, Nicolas Pitre,
Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Zhihao Cheng, Damien Le Moal, Naohiro Aota, Johannes Thumshirn,
John Johansen, Paul Moore, James Morris, Serge E. Hallyn,
Mimi Zohar, Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, Sumit Semwal,
Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
David S. Miller, Jakub Kicinski, Simon Horman, Oleg Nesterov,
Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, James Clark, Darrick J. Wong,
Martin Schiller, linux-fsdevel, linux-kernel, linux-trace-kernel,
nvdimm, fsverity, linux-mm, netfs, linux-ext4, linux-f2fs-devel,
linux-nfs, linux-cifs, samba-technical, linux-nilfs, v9fs,
linux-afs, autofs, ceph-devel, codalist, ecryptfs, linux-mtd,
jfs-discussion, ntfs3, ocfs2-devel, devel, linux-unionfs,
apparmor, linux-security-module, linux-integrity, selinux,
amd-gfx, dri-devel, linux-media, linaro-mm-sig, netdev,
linux-perf-users, linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-0-ccceff366db9@kernel.org>
On Thu, Feb 26, 2026 at 10:55:02AM -0500, Jeff Layton wrote:
> Christian said [1] to "just do it" when I proposed this, so here we are!
>
> For historical reasons, the inode->i_ino field is an unsigned long,
> which means that it's 32 bits on 32 bit architectures. This has caused a
> number of filesystems to implement hacks to hash a 64-bit identifier
> into a 32-bit field, and deprives us of a universal identifier field for
> an inode.
>
> This patchset changes the inode->i_ino field from an unsigned long to a
> u64. This shouldn't make any material difference on 64-bit hosts, but
> 32-bit hosts will see struct inode grow by at least 4 bytes. This could
> have effects on slabcache sizes and field alignment.
>
> The bulk of the changes are to format strings and tracepoints, since the
> kernel itself doesn't care that much about the i_ino field. The first
> patch changes some vfs function arguments, so check that one out
> carefully.
>
> With this change, we may be able to shrink some inode structures. For
> instance, struct nfs_inode has a fileid field that holds the 64-bit
> inode number. With this set of changes, that field could be eliminated.
> I'd rather leave that sort of cleanups for later just to keep this
> simple.
>
> Much of this set was generated by LLM, but I attributed it to myself
> since I consider this to be in the "menial tasks" category of LLM usage.
>
> [1]: https://lore.kernel.org/linux-fsdevel/20260219-portrait-winkt-959070cee42f@brauner/
I'm working under the assumption that we have crossed the threshold and
people send patches they did completely themselves and also patches that
were done with the help of or almost completely by a tool. You have to
defend it one way or the other.
Frankly, as long as you understand what you're doing in general well and
I know that you are a trusted and thorough developer/maintainer I could
not care less if you tell me whether or not you did this all on your
own or with the help of some tool. In my experience, laziness grows with
experience but so does the amount of ideas.
So attribute it to yourself or attribute it partially to the tool. I
personally don't care.
^ permalink raw reply
* Re: [PATCH 00/61] vfs: change inode->i_ino from unsigned long to u64
From: Christian König @ 2026-02-27 9:30 UTC (permalink / raw)
To: Jeff Layton, Alexander Viro, Christian Brauner, Jan Kara,
Steven Rostedt, Masami Hiramatsu, Mathieu Desnoyers, Dan Williams,
Matthew Wilcox, Eric Biggers, Theodore Y. Ts'o, Muchun Song,
Oscar Salvador, David Hildenbrand, David Howells, Paulo Alcantara,
Andreas Dilger, Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust,
Anna Schumaker, Chuck Lever, NeilBrown, Olga Kornievskaia,
Dai Ngo, Tom Talpey, Steve French, Ronnie Sahlberg,
Shyam Prasad N, Bharath SM, Alexander Aring, Ryusuke Konishi,
Viacheslav Dubeyko, Eric Van Hensbergen, Latchesar Ionkov,
Dominique Martinet, Christian Schoenebeck, David Sterba,
Marc Dionne, Ian Kent, Luis de Bethencourt, Salah Triki,
Tigran A. Aivazian, Ilya Dryomov, Alex Markuze, Jan Harkes, coda,
Nicolas Pitre, Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Zhihao Cheng, Damien Le Moal, Naohiro Aota, Johannes Thumshirn,
John Johansen, Paul Moore, James Morris, Serge E. Hallyn,
Mimi Zohar, Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
David Airlie, Simona Vetter, Sumit Semwal, Eric Dumazet,
Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn, David S. Miller,
Jakub Kicinski, Simon Horman, Oleg Nesterov, Peter Zijlstra,
Ingo Molnar, Arnaldo Carvalho de Melo, Namhyung Kim, Mark Rutland,
Alexander Shishkin, Jiri Olsa, Ian Rogers, Adrian Hunter,
James Clark, Darrick J. Wong, Martin Schiller
Cc: linux-fsdevel, linux-kernel, linux-trace-kernel, nvdimm, fsverity,
linux-mm, netfs, linux-ext4, linux-f2fs-devel, linux-nfs,
linux-cifs, samba-technical, linux-nilfs, v9fs, linux-afs, autofs,
ceph-devel, codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3,
ocfs2-devel, devel, linux-unionfs, apparmor,
linux-security-module, linux-integrity, selinux, amd-gfx,
dri-devel, linux-media, linaro-mm-sig, netdev, linux-perf-users,
linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-0-ccceff366db9@kernel.org>
On 2/26/26 16:55, Jeff Layton wrote:
> Christian said [1] to "just do it" when I proposed this, so here we are!
>
> For historical reasons, the inode->i_ino field is an unsigned long,
> which means that it's 32 bits on 32 bit architectures. This has caused a
> number of filesystems to implement hacks to hash a 64-bit identifier
> into a 32-bit field, and deprives us of a universal identifier field for
> an inode.
>
> This patchset changes the inode->i_ino field from an unsigned long to a
> u64. This shouldn't make any material difference on 64-bit hosts, but
> 32-bit hosts will see struct inode grow by at least 4 bytes. This could
> have effects on slabcache sizes and field alignment.
>
> The bulk of the changes are to format strings and tracepoints, since the
> kernel itself doesn't care that much about the i_ino field. The first
> patch changes some vfs function arguments, so check that one out
> carefully.
>
> With this change, we may be able to shrink some inode structures. For
> instance, struct nfs_inode has a fileid field that holds the 64-bit
> inode number. With this set of changes, that field could be eliminated.
> I'd rather leave that sort of cleanups for later just to keep this
> simple.
>
> Much of this set was generated by LLM, but I attributed it to myself
> since I consider this to be in the "menial tasks" category of LLM usage.
Sounds reasonable to me, should get_next_ino() also be changed to return an 64bit ino?
Currently it is always only 32bit and we have workarounds for that in DMA-buf for example.
Thanks,
Christian.
>
> [1]: https://lore.kernel.org/linux-fsdevel/20260219-portrait-winkt-959070cee42f@brauner/
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> Jeff Layton (61):
> vfs: widen inode hash/lookup functions to u64
> vfs: change i_ino from unsigned long to u64
> trace: update VFS-layer trace events for u64 i_ino
> ext4: update for u64 i_ino
> jbd2: update format strings for u64 i_ino
> f2fs: update for u64 i_ino
> lockd: update format strings for u64 i_ino
> nfs: update for u64 i_ino
> nfs: remove nfs_fattr_to_ino_t() and nfs_fileid_to_ino_t()
> nfs: remove nfs_compat_user_ino64()
> nfs: remove enable_ino64 module parameter
> nfsd: update format strings for u64 i_ino
> smb: store full 64-bit uniqueid in i_ino
> smb: remove cifs_uniqueid_to_ino_t()
> locks: update /proc/locks format for u64 i_ino
> proc: update /proc/PID/maps for u64 i_ino
> nilfs2: update for u64 i_ino
> 9p: update format strings for u64 i_ino
> affs: update format strings for u64 i_ino
> afs: update format strings for u64 i_ino
> autofs: update format strings for u64 i_ino
> befs: update format strings for u64 i_ino
> bfs: update format strings for u64 i_ino
> cachefiles: update format strings for u64 i_ino
> ceph: update format strings for u64 i_ino
> coda: update format strings for u64 i_ino
> cramfs: update format strings for u64 i_ino
> ecryptfs: update format strings for u64 i_ino
> efs: update format strings for u64 i_ino
> exportfs: update format strings for u64 i_ino
> ext2: update format strings for u64 i_ino
> freevxfs: update format strings for u64 i_ino
> hfs: update format strings for u64 i_ino
> hfsplus: update format strings for u64 i_ino
> hpfs: update format strings for u64 i_ino
> isofs: update format strings for u64 i_ino
> jffs2: update format strings for u64 i_ino
> jfs: update format strings for u64 i_ino
> minix: update format strings for u64 i_ino
> nsfs: update format strings for u64 i_ino
> ntfs3: update format strings for u64 i_ino
> ocfs2: update format strings for u64 i_ino
> orangefs: update format strings for u64 i_ino
> overlayfs: update format strings for u64 i_ino
> qnx4: update format strings for u64 i_ino
> qnx6: update format strings for u64 i_ino
> ubifs: update format strings for u64 i_ino
> udf: update format strings for u64 i_ino
> ufs: update format strings for u64 i_ino
> zonefs: update format strings for u64 i_ino
> security: update audit format strings for u64 i_ino
> drm/amdgpu: update for u64 i_ino
> fsnotify: update fdinfo format strings for u64 i_ino
> net: update socket dname format for u64 i_ino
> uprobes: update format strings for u64 i_ino
> dma-buf: update format string for u64 i_ino
> fscrypt: update format strings for u64 i_ino
> fsverity: update format string for u64 i_ino
> iomap: update format string for u64 i_ino
> net: update legacy protocol format strings for u64 i_ino
> vfs: update core format strings for u64 i_ino
>
> drivers/dma-buf/dma-buf.c | 2 +-
> drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 4 +-
> fs/9p/vfs_addr.c | 4 +-
> fs/9p/vfs_inode.c | 6 +-
> fs/9p/vfs_inode_dotl.c | 6 +-
> fs/affs/amigaffs.c | 8 +-
> fs/affs/bitmap.c | 2 +-
> fs/affs/dir.c | 2 +-
> fs/affs/file.c | 20 +-
> fs/affs/inode.c | 12 +-
> fs/affs/namei.c | 14 +-
> fs/affs/symlink.c | 2 +-
> fs/afs/dir.c | 10 +-
> fs/afs/dir_search.c | 2 +-
> fs/afs/dynroot.c | 2 +-
> fs/afs/inode.c | 2 +-
> fs/autofs/inode.c | 2 +-
> fs/befs/linuxvfs.c | 28 +-
> fs/bfs/dir.c | 4 +-
> fs/cachefiles/io.c | 6 +-
> fs/cachefiles/namei.c | 12 +-
> fs/cachefiles/xattr.c | 2 +-
> fs/ceph/crypto.c | 4 +-
> fs/coda/dir.c | 2 +-
> fs/coda/inode.c | 2 +-
> fs/cramfs/inode.c | 2 +-
> fs/crypto/crypto.c | 2 +-
> fs/crypto/hooks.c | 2 +-
> fs/crypto/keysetup.c | 2 +-
> fs/dcache.c | 4 +-
> fs/ecryptfs/crypto.c | 6 +-
> fs/ecryptfs/file.c | 2 +-
> fs/efs/inode.c | 6 +-
> fs/eventpoll.c | 2 +-
> fs/exportfs/expfs.c | 4 +-
> fs/ext2/dir.c | 10 +-
> fs/ext2/ialloc.c | 9 +-
> fs/ext2/inode.c | 2 +-
> fs/ext2/xattr.c | 14 +-
> fs/ext4/dir.c | 2 +-
> fs/ext4/ext4.h | 4 +-
> fs/ext4/extents.c | 8 +-
> fs/ext4/extents_status.c | 28 +-
> fs/ext4/fast_commit.c | 8 +-
> fs/ext4/ialloc.c | 10 +-
> fs/ext4/indirect.c | 2 +-
> fs/ext4/inline.c | 14 +-
> fs/ext4/inode.c | 22 +-
> fs/ext4/ioctl.c | 4 +-
> fs/ext4/mballoc.c | 6 +-
> fs/ext4/migrate.c | 2 +-
> fs/ext4/move_extent.c | 20 +-
> fs/ext4/namei.c | 10 +-
> fs/ext4/orphan.c | 16 +-
> fs/ext4/page-io.c | 10 +-
> fs/ext4/super.c | 22 +-
> fs/ext4/xattr.c | 10 +-
> fs/f2fs/compress.c | 4 +-
> fs/f2fs/dir.c | 2 +-
> fs/f2fs/extent_cache.c | 8 +-
> fs/f2fs/f2fs.h | 6 +-
> fs/f2fs/file.c | 12 +-
> fs/f2fs/gc.c | 2 +-
> fs/f2fs/inline.c | 4 +-
> fs/f2fs/inode.c | 48 ++--
> fs/f2fs/namei.c | 8 +-
> fs/f2fs/node.c | 12 +-
> fs/f2fs/recovery.c | 10 +-
> fs/f2fs/xattr.c | 10 +-
> fs/freevxfs/vxfs_bmap.c | 4 +-
> fs/fserror.c | 2 +-
> fs/hfs/catalog.c | 2 +-
> fs/hfs/extent.c | 4 +-
> fs/hfs/inode.c | 4 +-
> fs/hfsplus/attributes.c | 10 +-
> fs/hfsplus/catalog.c | 2 +-
> fs/hfsplus/dir.c | 6 +-
> fs/hfsplus/extents.c | 6 +-
> fs/hfsplus/inode.c | 8 +-
> fs/hfsplus/super.c | 6 +-
> fs/hfsplus/xattr.c | 10 +-
> fs/hpfs/dir.c | 4 +-
> fs/hpfs/dnode.c | 4 +-
> fs/hpfs/ea.c | 4 +-
> fs/hpfs/inode.c | 4 +-
> fs/inode.c | 46 ++--
> fs/iomap/ioend.c | 2 +-
> fs/isofs/compress.c | 2 +-
> fs/isofs/dir.c | 2 +-
> fs/isofs/inode.c | 6 +-
> fs/isofs/namei.c | 2 +-
> fs/jbd2/journal.c | 4 +-
> fs/jbd2/transaction.c | 2 +-
> fs/jffs2/dir.c | 4 +-
> fs/jffs2/file.c | 4 +-
> fs/jffs2/fs.c | 18 +-
> fs/jfs/inode.c | 2 +-
> fs/jfs/jfs_imap.c | 2 +-
> fs/jfs/jfs_metapage.c | 2 +-
> fs/lockd/svclock.c | 8 +-
> fs/lockd/svcsubs.c | 2 +-
> fs/locks.c | 6 +-
> fs/minix/inode.c | 10 +-
> fs/nfs/dir.c | 22 +-
> fs/nfs/file.c | 8 +-
> fs/nfs/filelayout/filelayout.c | 8 +-
> fs/nfs/flexfilelayout/flexfilelayout.c | 8 +-
> fs/nfs/inode.c | 54 +---
> fs/nfs/nfs4proc.c | 4 +-
> fs/nfs/pnfs.c | 12 +-
> fs/nfsd/export.c | 2 +-
> fs/nfsd/nfs4state.c | 4 +-
> fs/nfsd/nfsfh.c | 4 +-
> fs/nfsd/vfs.c | 2 +-
> fs/nilfs2/alloc.c | 10 +-
> fs/nilfs2/bmap.c | 2 +-
> fs/nilfs2/btnode.c | 2 +-
> fs/nilfs2/btree.c | 12 +-
> fs/nilfs2/dir.c | 12 +-
> fs/nilfs2/direct.c | 4 +-
> fs/nilfs2/gcinode.c | 2 +-
> fs/nilfs2/inode.c | 8 +-
> fs/nilfs2/mdt.c | 2 +-
> fs/nilfs2/namei.c | 2 +-
> fs/nilfs2/segment.c | 2 +-
> fs/notify/fdinfo.c | 4 +-
> fs/nsfs.c | 4 +-
> fs/ntfs3/super.c | 2 +-
> fs/ocfs2/alloc.c | 2 +-
> fs/ocfs2/aops.c | 4 +-
> fs/ocfs2/dir.c | 8 +-
> fs/ocfs2/dlmfs/dlmfs.c | 10 +-
> fs/ocfs2/extent_map.c | 12 +-
> fs/ocfs2/inode.c | 2 +-
> fs/ocfs2/quota_local.c | 2 +-
> fs/ocfs2/refcounttree.c | 10 +-
> fs/ocfs2/xattr.c | 4 +-
> fs/orangefs/inode.c | 2 +-
> fs/overlayfs/export.c | 2 +-
> fs/overlayfs/namei.c | 4 +-
> fs/overlayfs/util.c | 2 +-
> fs/pipe.c | 2 +-
> fs/proc/fd.c | 2 +-
> fs/proc/task_mmu.c | 4 +-
> fs/qnx4/inode.c | 4 +-
> fs/qnx6/inode.c | 2 +-
> fs/smb/client/cifsfs.h | 17 --
> fs/smb/client/inode.c | 6 +-
> fs/smb/client/readdir.c | 2 +-
> fs/ubifs/debug.c | 8 +-
> fs/ubifs/dir.c | 28 +-
> fs/ubifs/file.c | 28 +-
> fs/ubifs/journal.c | 6 +-
> fs/ubifs/super.c | 16 +-
> fs/ubifs/tnc.c | 4 +-
> fs/ubifs/xattr.c | 14 +-
> fs/udf/directory.c | 18 +-
> fs/udf/file.c | 2 +-
> fs/udf/inode.c | 12 +-
> fs/udf/namei.c | 8 +-
> fs/udf/super.c | 2 +-
> fs/ufs/balloc.c | 6 +-
> fs/ufs/dir.c | 10 +-
> fs/ufs/ialloc.c | 6 +-
> fs/ufs/inode.c | 18 +-
> fs/ufs/ufs_fs.h | 6 +-
> fs/ufs/util.c | 2 +-
> fs/verity/init.c | 2 +-
> fs/zonefs/super.c | 8 +-
> include/linux/fs.h | 28 +-
> include/linux/nfs_fs.h | 10 -
> include/trace/events/cachefiles.h | 18 +-
> include/trace/events/ext4.h | 427 +++++++++++++++--------------
> include/trace/events/f2fs.h | 172 ++++++------
> include/trace/events/filelock.h | 16 +-
> include/trace/events/filemap.h | 20 +-
> include/trace/events/fs_dax.h | 20 +-
> include/trace/events/fsverity.h | 30 +-
> include/trace/events/hugetlbfs.h | 28 +-
> include/trace/events/netfs.h | 4 +-
> include/trace/events/nilfs2.h | 12 +-
> include/trace/events/readahead.h | 12 +-
> include/trace/events/timestamp.h | 12 +-
> include/trace/events/writeback.h | 148 +++++-----
> kernel/events/uprobes.c | 4 +-
> net/netrom/af_netrom.c | 4 +-
> net/rose/af_rose.c | 4 +-
> net/socket.c | 2 +-
> net/x25/x25_proc.c | 4 +-
> security/apparmor/apparmorfs.c | 4 +-
> security/integrity/integrity_audit.c | 2 +-
> security/ipe/audit.c | 2 +-
> security/lsm_audit.c | 10 +-
> security/selinux/hooks.c | 4 +-
> security/smack/smack_lsm.c | 12 +-
> 195 files changed, 1101 insertions(+), 1166 deletions(-)
> ---
> base-commit: 2bf35e96cf6c6c3a290b69b777d34be15888e364
> change-id: 20260224-iino-u64-b44a3a72543c
>
> Best regards,
^ permalink raw reply
* Re: [PATCH v6 0/6] Extend "trusted" keys to support a new trust source named the PowerVM Key Wrapping Module (PKWM)
From: Srish Srinivasan @ 2026-02-27 8:29 UTC (permalink / raw)
To: Christophe Leroy (CS GROUP), linux-integrity, keyrings,
linuxppc-dev
Cc: maddy, mpe, npiggin, James.Bottomley, jarkko, zohar, nayna,
rnsastry, linux-kernel, linux-security-module
In-Reply-To: <31dfcf7a-5b3d-406d-bdd4-c8b09f7eb1f0@kernel.org>
Hi Christophe,
On 2/27/26 1:21 PM, Christophe Leroy (CS GROUP) wrote:
>
>
> Le 01/02/2026 à 14:59, Srish Srinivasan a écrit :
>> Power11 has introduced a feature called the PowerVM Key Wrapping Module
>> (PKWM), where PowerVM in combination with Power LPAR Platform KeyStore
>> (PLPKS) [1] supports a new feature called "Key Wrapping" [2] to protect
>> user secrets by wrapping them using a hypervisor generated wrapping key.
>> This wrapping key is an AES-GCM-256 symmetric key that is stored as an
>> object in the PLPKS. It has policy based protections that prevents it
>> from
>> being read out or exposed to the user. This wrapping key can then be
>> used
>> by the OS to wrap or unwrap secrets via hypervisor calls.
>>
>> This patchset intends to add the PKWM, which is a combination of IBM
>> PowerVM and PLPKS, as a new trust source for trusted keys. The
>> wrapping key
>> does not exist by default and its generation is requested by the
>> kernel at
>> the time of PKWM initialization. This key is then persisted by the
>> PKWM and
>> is used for wrapping any kernel provided key, and is never exposed to
>> the
>> user. The kernel is aware of only the label to this wrapping key.
>>
>> Along with the PKWM implementation, this patchset includes two
>> preparatory
>> patches: one fixing the kernel-doc inconsistencies in the PLPKS code and
>> another reorganizing PLPKS config variables in the sysfs.
>>
>> Changelog:
>>
>> v6:
>
> Seems like v5 was applied, if needed can you send followup patch ?
>
> Christophe
I had sent out a patch on top of v5 to take care of this, and it has
been applied.
thanks,
Srish.
>
>>
>> * Patch 1 to Patch 3:
>> - Add Nayna's Tested-by tag
>> * Patch 4
>> - Fix build error reported by kernel test robot <lkp@intel.com>
>> - Add Nayna's Tested-by tag
>> * Patch 5
>> - Add Nayna's Tested-by tag
>>
>> v5:
>>
>> * Patch 1 to Patch 3:
>> - Add Nayna's Reviewed-by tag
>> * Patch 4:
>> - Fix build error identified by chleroy@kernel.org
>> - Add Nayna's Reviewed-by tag
>> * Patch 5:
>> - Add Reviewed-by tags from Nayna and Jarkko
>>
>> v4:
>>
>> * Patch 5:
>> - Add a per-backend private data pointer in trusted_key_options
>> to store a pointer to the backend-specific options structure
>> - Minor clean-up
>>
>> v3:
>>
>> * Patch 2:
>> - Add Mimi's Reviewed-by tag
>> * Patch 4:
>> - Minor tweaks to some print statements
>> - Fix typos
>> * Patch 5:
>> - Fix typos
>> - Add Mimi's Reviewed-by tag
>> * Patch 6:
>> - Add Mimi's Reviewed-by tag
>>
>> v2:
>>
>> * Patch 2:
>> - Fix build warning detected by the kernel test bot
>> * Patch 5:
>> - Use pr_debug inside dump_options
>> - Replace policyhande with wrap_flags inside dump_options
>> - Provide meaningful error messages with error codes
>>
>> Nayna Jain (1):
>> docs: trusted-encryped: add PKWM as a new trust source
>>
>> Srish Srinivasan (5):
>> pseries/plpks: fix kernel-doc comment inconsistencies
>> powerpc/pseries: move the PLPKS config inside its own sysfs directory
>> pseries/plpks: expose PowerVM wrapping features via the sysfs
>> pseries/plpks: add HCALLs for PowerVM Key Wrapping Module
>> keys/trusted_keys: establish PKWM as a trusted source
>>
>> .../ABI/testing/sysfs-firmware-plpks | 58 ++
>> Documentation/ABI/testing/sysfs-secvar | 65 --
>> .../admin-guide/kernel-parameters.txt | 1 +
>> Documentation/arch/powerpc/papr_hcalls.rst | 43 ++
>> .../security/keys/trusted-encrypted.rst | 50 ++
>> MAINTAINERS | 9 +
>> arch/powerpc/include/asm/hvcall.h | 4 +-
>> arch/powerpc/include/asm/plpks.h | 95 +--
>> arch/powerpc/include/asm/secvar.h | 1 -
>> arch/powerpc/kernel/secvar-sysfs.c | 21 +-
>> arch/powerpc/platforms/pseries/Makefile | 2 +-
>> arch/powerpc/platforms/pseries/plpks-secvar.c | 29 -
>> arch/powerpc/platforms/pseries/plpks-sysfs.c | 96 +++
>> arch/powerpc/platforms/pseries/plpks.c | 688 +++++++++++++++++-
>> include/keys/trusted-type.h | 7 +-
>> include/keys/trusted_pkwm.h | 33 +
>> security/keys/trusted-keys/Kconfig | 8 +
>> security/keys/trusted-keys/Makefile | 2 +
>> security/keys/trusted-keys/trusted_core.c | 6 +-
>> security/keys/trusted-keys/trusted_pkwm.c | 190 +++++
>> 20 files changed, 1207 insertions(+), 201 deletions(-)
>> create mode 100644 Documentation/ABI/testing/sysfs-firmware-plpks
>> create mode 100644 arch/powerpc/platforms/pseries/plpks-sysfs.c
>> create mode 100644 include/keys/trusted_pkwm.h
>> create mode 100644 security/keys/trusted-keys/trusted_pkwm.c
>>
>
^ permalink raw reply
* Re: [PATCH 47/61] ubifs: update format strings for u64 i_ino
From: Zhihao Cheng @ 2026-02-27 8:16 UTC (permalink / raw)
To: Jeff Layton, Alexander Viro, Christian Brauner, Jan Kara,
Steven Rostedt, Masami Hiramatsu, Mathieu Desnoyers, Dan Williams,
Matthew Wilcox, Eric Biggers, Theodore Y. Ts'o, Muchun Song,
Oscar Salvador, David Hildenbrand, David Howells, Paulo Alcantara,
Andreas Dilger, Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust,
Anna Schumaker, Chuck Lever, NeilBrown, Olga Kornievskaia,
Dai Ngo, Tom Talpey, Steve French, Ronnie Sahlberg,
Shyam Prasad N, Bharath SM, Alexander Aring, Ryusuke Konishi,
Viacheslav Dubeyko, Eric Van Hensbergen, Latchesar Ionkov,
Dominique Martinet, Christian Schoenebeck, David Sterba,
Marc Dionne, Ian Kent, Luis de Bethencourt, Salah Triki,
Tigran A. Aivazian, Ilya Dryomov, Alex Markuze, Jan Harkes, coda,
Nicolas Pitre, Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Damien Le Moal, Naohiro Aota, Johannes Thumshirn, John Johansen,
Paul Moore, James Morris, Serge E. Hallyn, Mimi Zohar,
Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, Sumit Semwal,
Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
David S. Miller, Jakub Kicinski, Simon Horman, Oleg Nesterov,
Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, James Clark, Darrick J. Wong,
Martin Schiller
Cc: linux-fsdevel, linux-kernel, linux-trace-kernel, nvdimm, fsverity,
linux-mm, netfs, linux-ext4, linux-f2fs-devel, linux-nfs,
linux-cifs, samba-technical, linux-nilfs, v9fs, linux-afs, autofs,
ceph-devel, codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3,
ocfs2-devel, devel, linux-unionfs, apparmor,
linux-security-module, linux-integrity, selinux, amd-gfx,
dri-devel, linux-media, linaro-mm-sig, netdev, linux-perf-users,
linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-47-ccceff366db9@kernel.org>
在 2026/2/26 23:55, Jeff Layton 写道:
> Update format strings and local variable types in ubifs for the
> i_ino type change from unsigned long to u64.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> fs/ubifs/debug.c | 8 ++++----
> fs/ubifs/dir.c | 28 ++++++++++++++--------------
> fs/ubifs/file.c | 28 ++++++++++++++--------------
> fs/ubifs/journal.c | 6 +++---
> fs/ubifs/super.c | 16 ++++++++--------
> fs/ubifs/tnc.c | 4 ++--
> fs/ubifs/xattr.c | 14 +++++++-------
> 7 files changed, 52 insertions(+), 52 deletions(-)
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
>
> diff --git a/fs/ubifs/debug.c b/fs/ubifs/debug.c
> index 160c16aa7b6e7088355582670357262ab3930225..5794de5a9069f20302b6630c39c1452183137acc 100644
> --- a/fs/ubifs/debug.c
> +++ b/fs/ubifs/debug.c
> @@ -230,7 +230,7 @@ void ubifs_dump_inode(struct ubifs_info *c, const struct inode *inode)
> int count = 2;
>
> pr_err("Dump in-memory inode:");
> - pr_err("\tinode %lu\n", inode->i_ino);
> + pr_err("\tinode %llu\n", inode->i_ino);
> pr_err("\tsize %llu\n",
> (unsigned long long)i_size_read(inode));
> pr_err("\tnlink %u\n", inode->i_nlink);
> @@ -1101,7 +1101,7 @@ int dbg_check_synced_i_size(const struct ubifs_info *c, struct inode *inode)
> if (ui->ui_size != ui->synced_i_size && !ui->dirty) {
> ubifs_err(c, "ui_size is %lld, synced_i_size is %lld, but inode is clean",
> ui->ui_size, ui->synced_i_size);
> - ubifs_err(c, "i_ino %lu, i_mode %#x, i_size %lld", inode->i_ino,
> + ubifs_err(c, "i_ino %llu, i_mode %#x, i_size %lld", inode->i_ino,
> inode->i_mode, i_size_read(inode));
> dump_stack();
> err = -EINVAL;
> @@ -1163,7 +1163,7 @@ int dbg_check_dir(struct ubifs_info *c, const struct inode *dir)
> kfree(pdent);
>
> if (i_size_read(dir) != size) {
> - ubifs_err(c, "directory inode %lu has size %llu, but calculated size is %llu",
> + ubifs_err(c, "directory inode %llu has size %llu, but calculated size is %llu",
> dir->i_ino, (unsigned long long)i_size_read(dir),
> (unsigned long long)size);
> ubifs_dump_inode(c, dir);
> @@ -1171,7 +1171,7 @@ int dbg_check_dir(struct ubifs_info *c, const struct inode *dir)
> return -EINVAL;
> }
> if (dir->i_nlink != nlink) {
> - ubifs_err(c, "directory inode %lu has nlink %u, but calculated nlink is %u",
> + ubifs_err(c, "directory inode %llu has nlink %u, but calculated nlink is %u",
> dir->i_ino, dir->i_nlink, nlink);
> ubifs_dump_inode(c, dir);
> dump_stack();
> diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
> index 4c9f57f3b2adbbd396b288878cb18fa87cdbd0df..86d41e077e4d621dbb8c448acd0065c8ac7ae225 100644
> --- a/fs/ubifs/dir.c
> +++ b/fs/ubifs/dir.c
> @@ -223,7 +223,7 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
> struct ubifs_info *c = dir->i_sb->s_fs_info;
> struct fscrypt_name nm;
>
> - dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
> + dbg_gen("'%pd' in dir ino %llu", dentry, dir->i_ino);
>
> err = fscrypt_prepare_lookup(dir, dentry, &nm);
> if (err == -ENOENT)
> @@ -281,7 +281,7 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
> if (IS_ENCRYPTED(dir) &&
> (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
> !fscrypt_has_permitted_context(dir, inode)) {
> - ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu",
> + ubifs_warn(c, "Inconsistent encryption contexts: %llu/%llu",
> dir->i_ino, inode->i_ino);
> iput(inode);
> inode = ERR_PTR(-EPERM);
> @@ -318,7 +318,7 @@ static int ubifs_create(struct mnt_idmap *idmap, struct inode *dir,
> * parent directory inode.
> */
>
> - dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
> + dbg_gen("dent '%pd', mode %#hx in dir ino %llu",
> dentry, mode, dir->i_ino);
>
> err = ubifs_budget_space(c, &req);
> @@ -386,7 +386,7 @@ static struct inode *create_whiteout(struct inode *dir, struct dentry *dentry)
> * atomically.
> */
>
> - dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
> + dbg_gen("dent '%pd', mode %#hx in dir ino %llu",
> dentry, mode, dir->i_ino);
>
> inode = ubifs_new_inode(c, dir, mode, false);
> @@ -460,7 +460,7 @@ static int ubifs_tmpfile(struct mnt_idmap *idmap, struct inode *dir,
> * be released via writeback.
> */
>
> - dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
> + dbg_gen("dent '%pd', mode %#hx in dir ino %llu",
> dentry, mode, dir->i_ino);
>
> err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
> @@ -589,7 +589,7 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx)
> bool encrypted = IS_ENCRYPTED(dir);
> struct ubifs_dir_data *data = file->private_data;
>
> - dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos);
> + dbg_gen("dir ino %llu, f_pos %#llx", dir->i_ino, ctx->pos);
>
> if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2)
> /*
> @@ -764,7 +764,7 @@ static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
> * changing the parent inode.
> */
>
> - dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu",
> + dbg_gen("dent '%pd' to ino %llu (nlink %d) in dir ino %llu",
> dentry, inode->i_ino,
> inode->i_nlink, dir->i_ino);
> ubifs_assert(c, inode_is_locked(dir));
> @@ -836,7 +836,7 @@ static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
> * deletions.
> */
>
> - dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu",
> + dbg_gen("dent '%pd' from ino %llu (nlink %d) in dir ino %llu",
> dentry, inode->i_ino,
> inode->i_nlink, dir->i_ino);
>
> @@ -941,7 +941,7 @@ static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
> * because we have extra space reserved for deletions.
> */
>
> - dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry,
> + dbg_gen("directory '%pd', ino %llu in dir ino %llu", dentry,
> inode->i_ino, dir->i_ino);
> ubifs_assert(c, inode_is_locked(dir));
> ubifs_assert(c, inode_is_locked(inode));
> @@ -1018,7 +1018,7 @@ static struct dentry *ubifs_mkdir(struct mnt_idmap *idmap, struct inode *dir,
> * directory inode.
> */
>
> - dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
> + dbg_gen("dent '%pd', mode %#hx in dir ino %llu",
> dentry, mode, dir->i_ino);
>
> err = ubifs_budget_space(c, &req);
> @@ -1096,7 +1096,7 @@ static int ubifs_mknod(struct mnt_idmap *idmap, struct inode *dir,
> * directory inode.
> */
>
> - dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino);
> + dbg_gen("dent '%pd' in dir ino %llu", dentry, dir->i_ino);
>
> if (S_ISBLK(mode) || S_ISCHR(mode)) {
> dev = kmalloc_obj(union ubifs_dev_desc, GFP_NOFS);
> @@ -1183,7 +1183,7 @@ static int ubifs_symlink(struct mnt_idmap *idmap, struct inode *dir,
> .dirtied_ino = 1 };
> struct fscrypt_name nm;
>
> - dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry,
> + dbg_gen("dent '%pd', target '%s' in dir ino %llu", dentry,
> symname, dir->i_ino);
>
> err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA,
> @@ -1349,7 +1349,7 @@ static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
> * ino_req: marks the target inode as dirty and does not write it.
> */
>
> - dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x",
> + dbg_gen("dent '%pd' ino %llu in dir ino %llu to dent '%pd' in dir ino %llu flags 0x%x",
> old_dentry, old_inode->i_ino, old_dir->i_ino,
> new_dentry, new_dir->i_ino, flags);
>
> @@ -1597,7 +1597,7 @@ static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry,
> * parent directory inodes.
> */
>
> - dbg_gen("dent '%pd' ino %lu in dir ino %lu exchange dent '%pd' ino %lu in dir ino %lu",
> + dbg_gen("dent '%pd' ino %llu in dir ino %llu exchange dent '%pd' ino %llu in dir ino %llu",
> old_dentry, fst_inode->i_ino, old_dir->i_ino,
> new_dentry, snd_inode->i_ino, new_dir->i_ino);
>
> diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c
> index cd04755e792a7f8e7d33ed4e67806cd202c71fad..e73c28b12f97fd1fbeb67510434e499eab84da70 100644
> --- a/fs/ubifs/file.c
> +++ b/fs/ubifs/file.c
> @@ -90,7 +90,7 @@ static int read_block(struct inode *inode, struct folio *folio, size_t offset,
> return 0;
>
> dump:
> - ubifs_err(c, "bad data node (block %u, inode %lu)",
> + ubifs_err(c, "bad data node (block %u, inode %llu)",
> block, inode->i_ino);
> ubifs_dump_node(c, dn, UBIFS_MAX_DATA_NODE_SZ);
> return -EINVAL;
> @@ -106,7 +106,7 @@ static int do_readpage(struct folio *folio)
> loff_t i_size = i_size_read(inode);
> size_t offset = 0;
>
> - dbg_gen("ino %lu, pg %lu, i_size %lld, flags %#lx",
> + dbg_gen("ino %llu, pg %lu, i_size %lld, flags %#lx",
> inode->i_ino, folio->index, i_size, folio->flags.f);
> ubifs_assert(c, !folio_test_checked(folio));
> ubifs_assert(c, !folio->private);
> @@ -162,7 +162,7 @@ static int do_readpage(struct folio *folio)
> dbg_gen("hole");
> err = 0;
> } else {
> - ubifs_err(c, "cannot read page %lu of inode %lu, error %d",
> + ubifs_err(c, "cannot read page %lu of inode %llu, error %d",
> folio->index, inode->i_ino, err);
> }
> }
> @@ -212,7 +212,7 @@ static int write_begin_slow(struct address_space *mapping,
> int err, appending = !!(pos + len > inode->i_size);
> struct folio *folio;
>
> - dbg_gen("ino %lu, pos %llu, len %u, i_size %lld",
> + dbg_gen("ino %llu, pos %llu, len %u, i_size %lld",
> inode->i_ino, pos, len, inode->i_size);
>
> /*
> @@ -526,7 +526,7 @@ static int ubifs_write_end(const struct kiocb *iocb,
> loff_t end_pos = pos + len;
> int appending = !!(end_pos > inode->i_size);
>
> - dbg_gen("ino %lu, pos %llu, pg %lu, len %u, copied %d, i_size %lld",
> + dbg_gen("ino %llu, pos %llu, pg %lu, len %u, copied %d, i_size %lld",
> inode->i_ino, pos, folio->index, len, copied, inode->i_size);
>
> if (unlikely(copied < len && !folio_test_uptodate(folio))) {
> @@ -599,7 +599,7 @@ static int populate_page(struct ubifs_info *c, struct folio *folio,
> size_t offset = 0;
> pgoff_t end_index;
>
> - dbg_gen("ino %lu, pg %lu, i_size %lld, flags %#lx",
> + dbg_gen("ino %llu, pg %lu, i_size %lld, flags %#lx",
> inode->i_ino, folio->index, i_size, folio->flags.f);
>
> end_index = (i_size - 1) >> PAGE_SHIFT;
> @@ -680,7 +680,7 @@ static int populate_page(struct ubifs_info *c, struct folio *folio,
> return 0;
>
> out_err:
> - ubifs_err(c, "bad data node (block %u, inode %lu)",
> + ubifs_err(c, "bad data node (block %u, inode %llu)",
> page_block, inode->i_ino);
> return -EINVAL;
> }
> @@ -913,7 +913,7 @@ static int do_writepage(struct folio *folio, size_t len)
> }
> if (err) {
> mapping_set_error(folio->mapping, err);
> - ubifs_err(c, "cannot write folio %lu of inode %lu, error %d",
> + ubifs_err(c, "cannot write folio %lu of inode %llu, error %d",
> folio->index, inode->i_ino, err);
> ubifs_ro_mode(c, err);
> }
> @@ -987,7 +987,7 @@ static int ubifs_writepage(struct folio *folio, struct writeback_control *wbc)
> loff_t i_size = i_size_read(inode), synced_i_size;
> int err, len = folio_size(folio);
>
> - dbg_gen("ino %lu, pg %lu, pg flags %#lx",
> + dbg_gen("ino %llu, pg %lu, pg flags %#lx",
> inode->i_ino, folio->index, folio->flags.f);
> ubifs_assert(c, folio->private != NULL);
>
> @@ -1106,7 +1106,7 @@ static int do_truncation(struct ubifs_info *c, struct inode *inode,
> int offset = new_size & (UBIFS_BLOCK_SIZE - 1), budgeted = 1;
> struct ubifs_inode *ui = ubifs_inode(inode);
>
> - dbg_gen("ino %lu, size %lld -> %lld", inode->i_ino, old_size, new_size);
> + dbg_gen("ino %llu, size %lld -> %lld", inode->i_ino, old_size, new_size);
> memset(&req, 0, sizeof(struct ubifs_budget_req));
>
> /*
> @@ -1258,7 +1258,7 @@ int ubifs_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
> struct inode *inode = d_inode(dentry);
> struct ubifs_info *c = inode->i_sb->s_fs_info;
>
> - dbg_gen("ino %lu, mode %#x, ia_valid %#x",
> + dbg_gen("ino %llu, mode %#x, ia_valid %#x",
> inode->i_ino, inode->i_mode, attr->ia_valid);
> err = setattr_prepare(&nop_mnt_idmap, dentry, attr);
> if (err)
> @@ -1308,7 +1308,7 @@ int ubifs_fsync(struct file *file, loff_t start, loff_t end, int datasync)
> struct ubifs_info *c = inode->i_sb->s_fs_info;
> int err;
>
> - dbg_gen("syncing inode %lu", inode->i_ino);
> + dbg_gen("syncing inode %llu", inode->i_ino);
>
> if (c->ro_mount)
> /*
> @@ -1495,7 +1495,7 @@ static vm_fault_t ubifs_vm_page_mkwrite(struct vm_fault *vmf)
> struct ubifs_budget_req req = { .new_page = 1 };
> int err, update_time;
>
> - dbg_gen("ino %lu, pg %lu, i_size %lld", inode->i_ino, folio->index,
> + dbg_gen("ino %llu, pg %lu, i_size %lld", inode->i_ino, folio->index,
> i_size_read(inode));
> ubifs_assert(c, !c->ro_media && !c->ro_mount);
>
> @@ -1531,7 +1531,7 @@ static vm_fault_t ubifs_vm_page_mkwrite(struct vm_fault *vmf)
> err = ubifs_budget_space(c, &req);
> if (unlikely(err)) {
> if (err == -ENOSPC)
> - ubifs_warn(c, "out of space for mmapped file (inode number %lu)",
> + ubifs_warn(c, "out of space for mmapped file (inode number %llu)",
> inode->i_ino);
> return VM_FAULT_SIGBUS;
> }
> diff --git a/fs/ubifs/journal.c b/fs/ubifs/journal.c
> index e28ab4395e5ca404d8e8d8f735c3113b58bcc941..40a95a2fad50039f39917e71da7b71a735237469 100644
> --- a/fs/ubifs/journal.c
> +++ b/fs/ubifs/journal.c
> @@ -982,7 +982,7 @@ int ubifs_jnl_write_inode(struct ubifs_info *c, const struct inode *inode)
> int kill_xattrs = ui->xattr_cnt && last_reference;
> u8 hash[UBIFS_HASH_ARR_SZ];
>
> - dbg_jnl("ino %lu, nlink %u", inode->i_ino, inode->i_nlink);
> + dbg_jnl("ino %llu, nlink %u", inode->i_ino, inode->i_nlink);
>
> if (kill_xattrs && ui->xattr_cnt > ubifs_xattr_max_cnt(c)) {
> ubifs_err(c, "Cannot delete inode, it has too many xattrs!");
> @@ -1743,7 +1743,7 @@ int ubifs_jnl_truncate(struct ubifs_info *c, const struct inode *inode,
> int dn_len = le32_to_cpu(dn->size);
>
> if (dn_len <= 0 || dn_len > UBIFS_BLOCK_SIZE) {
> - ubifs_err(c, "bad data node (block %u, inode %lu)",
> + ubifs_err(c, "bad data node (block %u, inode %llu)",
> blk, inode->i_ino);
> ubifs_dump_node(c, dn, dn_size);
> err = -EUCLEAN;
> @@ -1987,7 +1987,7 @@ int ubifs_jnl_change_xattr(struct ubifs_info *c, const struct inode *inode,
> u8 hash_host[UBIFS_HASH_ARR_SZ];
> u8 hash[UBIFS_HASH_ARR_SZ];
>
> - dbg_jnl("ino %lu, ino %lu", host->i_ino, inode->i_ino);
> + dbg_jnl("ino %llu, ino %llu", host->i_ino, inode->i_ino);
> ubifs_assert(c, inode->i_nlink > 0);
> ubifs_assert(c, mutex_is_locked(&host_ui->ui_mutex));
>
> diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
> index 03bf924756ca003809d229837a970d5935450f23..9a77d8b64ffa70f9d5b695fb3d87c22cb223704f 100644
> --- a/fs/ubifs/super.c
> +++ b/fs/ubifs/super.c
> @@ -92,7 +92,7 @@ static int validate_inode(struct ubifs_info *c, const struct inode *inode)
> return 5;
>
> if (!ubifs_compr_present(c, ui->compr_type)) {
> - ubifs_warn(c, "inode %lu uses '%s' compression, but it was not compiled in",
> + ubifs_warn(c, "inode %llu uses '%s' compression, but it was not compiled in",
> inode->i_ino, ubifs_compr_name(c, ui->compr_type));
> }
>
> @@ -248,14 +248,14 @@ struct inode *ubifs_iget(struct super_block *sb, unsigned long inum)
> return inode;
>
> out_invalid:
> - ubifs_err(c, "inode %lu validation failed, error %d", inode->i_ino, err);
> + ubifs_err(c, "inode %llu validation failed, error %d", inode->i_ino, err);
> ubifs_dump_node(c, ino, UBIFS_MAX_INO_NODE_SZ);
> ubifs_dump_inode(c, inode);
> err = -EINVAL;
> out_ino:
> kfree(ino);
> out:
> - ubifs_err(c, "failed to read inode %lu, error %d", inode->i_ino, err);
> + ubifs_err(c, "failed to read inode %llu, error %d", inode->i_ino, err);
> iget_failed(inode);
> return ERR_PTR(err);
> }
> @@ -316,12 +316,12 @@ static int ubifs_write_inode(struct inode *inode, struct writeback_control *wbc)
> * As an optimization, do not write orphan inodes to the media just
> * because this is not needed.
> */
> - dbg_gen("inode %lu, mode %#x, nlink %u",
> + dbg_gen("inode %llu, mode %#x, nlink %u",
> inode->i_ino, (int)inode->i_mode, inode->i_nlink);
> if (inode->i_nlink) {
> err = ubifs_jnl_write_inode(c, inode);
> if (err)
> - ubifs_err(c, "can't write inode %lu, error %d",
> + ubifs_err(c, "can't write inode %llu, error %d",
> inode->i_ino, err);
> else
> err = dbg_check_inode_size(c, inode, ui->ui_size);
> @@ -357,7 +357,7 @@ static void ubifs_evict_inode(struct inode *inode)
> */
> goto out;
>
> - dbg_gen("inode %lu, mode %#x", inode->i_ino, (int)inode->i_mode);
> + dbg_gen("inode %llu, mode %#x", inode->i_ino, (int)inode->i_mode);
> ubifs_assert(c, !icount_read(inode));
>
> truncate_inode_pages_final(&inode->i_data);
> @@ -375,7 +375,7 @@ static void ubifs_evict_inode(struct inode *inode)
> * Worst case we have a lost orphan inode wasting space, so a
> * simple error message is OK here.
> */
> - ubifs_err(c, "can't delete inode %lu, error %d",
> + ubifs_err(c, "can't delete inode %llu, error %d",
> inode->i_ino, err);
>
> out:
> @@ -399,7 +399,7 @@ static void ubifs_dirty_inode(struct inode *inode, int flags)
> ubifs_assert(c, mutex_is_locked(&ui->ui_mutex));
> if (!ui->dirty) {
> ui->dirty = 1;
> - dbg_gen("inode %lu", inode->i_ino);
> + dbg_gen("inode %llu", inode->i_ino);
> }
> }
>
> diff --git a/fs/ubifs/tnc.c b/fs/ubifs/tnc.c
> index 694b08d27d7d9c7d9d7d9039f406637c702f8613..52c758c5290d8cc425fdc6d49c608d0cb0ba7ff7 100644
> --- a/fs/ubifs/tnc.c
> +++ b/fs/ubifs/tnc.c
> @@ -3561,8 +3561,8 @@ int dbg_check_inode_size(struct ubifs_info *c, const struct inode *inode,
>
> out_dump:
> block = key_block(c, key);
> - ubifs_err(c, "inode %lu has size %lld, but there are data at offset %lld",
> - (unsigned long)inode->i_ino, size,
> + ubifs_err(c, "inode %llu has size %lld, but there are data at offset %lld",
> + (unsigned long long)inode->i_ino, size,
> ((loff_t)block) << UBIFS_BLOCK_SHIFT);
> mutex_unlock(&c->tnc_mutex);
> ubifs_dump_inode(c, inode);
> diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c
> index c21a0c2b3e907c1572780d4a3e48cc9d2a11b9d6..b5a9ab9d8a10adcf49e6d7228d385cb986e6e75e 100644
> --- a/fs/ubifs/xattr.c
> +++ b/fs/ubifs/xattr.c
> @@ -76,7 +76,7 @@ static int create_xattr(struct ubifs_info *c, struct inode *host,
> .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
>
> if (host_ui->xattr_cnt >= ubifs_xattr_max_cnt(c)) {
> - ubifs_err(c, "inode %lu already has too many xattrs (%d), cannot create more",
> + ubifs_err(c, "inode %llu already has too many xattrs (%d), cannot create more",
> host->i_ino, host_ui->xattr_cnt);
> return -ENOSPC;
> }
> @@ -88,7 +88,7 @@ static int create_xattr(struct ubifs_info *c, struct inode *host,
> */
> names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1;
> if (names_len > XATTR_LIST_MAX) {
> - ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d",
> + ubifs_err(c, "cannot add one more xattr name to inode %llu, total names length would become %d, max. is %d",
> host->i_ino, names_len, XATTR_LIST_MAX);
> return -ENOSPC;
> }
> @@ -390,7 +390,7 @@ ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
> int err, len, written = 0;
> struct fscrypt_name nm = {0};
>
> - dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino,
> + dbg_gen("ino %llu ('%pd'), buffer size %zd", host->i_ino,
> dentry, size);
>
> down_read(&host_ui->xattr_sem);
> @@ -498,7 +498,7 @@ int ubifs_purge_xattrs(struct inode *host)
> if (ubifs_inode(host)->xattr_cnt <= ubifs_xattr_max_cnt(c))
> return 0;
>
> - ubifs_warn(c, "inode %lu has too many xattrs, doing a non-atomic deletion",
> + ubifs_warn(c, "inode %llu has too many xattrs, doing a non-atomic deletion",
> host->i_ino);
>
> down_write(&ubifs_inode(host)->xattr_sem);
> @@ -641,7 +641,7 @@ int ubifs_init_security(struct inode *dentry, struct inode *inode,
> &init_xattrs, NULL);
> if (err) {
> struct ubifs_info *c = dentry->i_sb->s_fs_info;
> - ubifs_err(c, "cannot initialize security for inode %lu, error %d",
> + ubifs_err(c, "cannot initialize security for inode %llu, error %d",
> inode->i_ino, err);
> }
> return err;
> @@ -652,7 +652,7 @@ static int xattr_get(const struct xattr_handler *handler,
> struct dentry *dentry, struct inode *inode,
> const char *name, void *buffer, size_t size)
> {
> - dbg_gen("xattr '%s', ino %lu ('%pd'), buf size %zd", name,
> + dbg_gen("xattr '%s', ino %llu ('%pd'), buf size %zd", name,
> inode->i_ino, dentry, size);
>
> name = xattr_full_name(handler, name);
> @@ -665,7 +665,7 @@ static int xattr_set(const struct xattr_handler *handler,
> const char *name, const void *value,
> size_t size, int flags)
> {
> - dbg_gen("xattr '%s', host ino %lu ('%pd'), size %zd",
> + dbg_gen("xattr '%s', host ino %llu ('%pd'), size %zd",
> name, inode->i_ino, dentry, size);
>
> name = xattr_full_name(handler, name);
>
^ permalink raw reply
* Re: [PATCH v6 0/6] Extend "trusted" keys to support a new trust source named the PowerVM Key Wrapping Module (PKWM)
From: Christophe Leroy (CS GROUP) @ 2026-02-27 7:51 UTC (permalink / raw)
To: Srish Srinivasan, linux-integrity, keyrings, linuxppc-dev
Cc: maddy, mpe, npiggin, James.Bottomley, jarkko, zohar, nayna,
rnsastry, linux-kernel, linux-security-module
In-Reply-To: <20260201135930.898721-1-ssrish@linux.ibm.com>
Le 01/02/2026 à 14:59, Srish Srinivasan a écrit :
> Power11 has introduced a feature called the PowerVM Key Wrapping Module
> (PKWM), where PowerVM in combination with Power LPAR Platform KeyStore
> (PLPKS) [1] supports a new feature called "Key Wrapping" [2] to protect
> user secrets by wrapping them using a hypervisor generated wrapping key.
> This wrapping key is an AES-GCM-256 symmetric key that is stored as an
> object in the PLPKS. It has policy based protections that prevents it from
> being read out or exposed to the user. This wrapping key can then be used
> by the OS to wrap or unwrap secrets via hypervisor calls.
>
> This patchset intends to add the PKWM, which is a combination of IBM
> PowerVM and PLPKS, as a new trust source for trusted keys. The wrapping key
> does not exist by default and its generation is requested by the kernel at
> the time of PKWM initialization. This key is then persisted by the PKWM and
> is used for wrapping any kernel provided key, and is never exposed to the
> user. The kernel is aware of only the label to this wrapping key.
>
> Along with the PKWM implementation, this patchset includes two preparatory
> patches: one fixing the kernel-doc inconsistencies in the PLPKS code and
> another reorganizing PLPKS config variables in the sysfs.
>
> Changelog:
>
> v6:
Seems like v5 was applied, if needed can you send followup patch ?
Christophe
>
> * Patch 1 to Patch 3:
> - Add Nayna's Tested-by tag
> * Patch 4
> - Fix build error reported by kernel test robot <lkp@intel.com>
> - Add Nayna's Tested-by tag
> * Patch 5
> - Add Nayna's Tested-by tag
>
> v5:
>
> * Patch 1 to Patch 3:
> - Add Nayna's Reviewed-by tag
> * Patch 4:
> - Fix build error identified by chleroy@kernel.org
> - Add Nayna's Reviewed-by tag
> * Patch 5:
> - Add Reviewed-by tags from Nayna and Jarkko
>
> v4:
>
> * Patch 5:
> - Add a per-backend private data pointer in trusted_key_options
> to store a pointer to the backend-specific options structure
> - Minor clean-up
>
> v3:
>
> * Patch 2:
> - Add Mimi's Reviewed-by tag
> * Patch 4:
> - Minor tweaks to some print statements
> - Fix typos
> * Patch 5:
> - Fix typos
> - Add Mimi's Reviewed-by tag
> * Patch 6:
> - Add Mimi's Reviewed-by tag
>
> v2:
>
> * Patch 2:
> - Fix build warning detected by the kernel test bot
> * Patch 5:
> - Use pr_debug inside dump_options
> - Replace policyhande with wrap_flags inside dump_options
> - Provide meaningful error messages with error codes
>
> Nayna Jain (1):
> docs: trusted-encryped: add PKWM as a new trust source
>
> Srish Srinivasan (5):
> pseries/plpks: fix kernel-doc comment inconsistencies
> powerpc/pseries: move the PLPKS config inside its own sysfs directory
> pseries/plpks: expose PowerVM wrapping features via the sysfs
> pseries/plpks: add HCALLs for PowerVM Key Wrapping Module
> keys/trusted_keys: establish PKWM as a trusted source
>
> .../ABI/testing/sysfs-firmware-plpks | 58 ++
> Documentation/ABI/testing/sysfs-secvar | 65 --
> .../admin-guide/kernel-parameters.txt | 1 +
> Documentation/arch/powerpc/papr_hcalls.rst | 43 ++
> .../security/keys/trusted-encrypted.rst | 50 ++
> MAINTAINERS | 9 +
> arch/powerpc/include/asm/hvcall.h | 4 +-
> arch/powerpc/include/asm/plpks.h | 95 +--
> arch/powerpc/include/asm/secvar.h | 1 -
> arch/powerpc/kernel/secvar-sysfs.c | 21 +-
> arch/powerpc/platforms/pseries/Makefile | 2 +-
> arch/powerpc/platforms/pseries/plpks-secvar.c | 29 -
> arch/powerpc/platforms/pseries/plpks-sysfs.c | 96 +++
> arch/powerpc/platforms/pseries/plpks.c | 688 +++++++++++++++++-
> include/keys/trusted-type.h | 7 +-
> include/keys/trusted_pkwm.h | 33 +
> security/keys/trusted-keys/Kconfig | 8 +
> security/keys/trusted-keys/Makefile | 2 +
> security/keys/trusted-keys/trusted_core.c | 6 +-
> security/keys/trusted-keys/trusted_pkwm.c | 190 +++++
> 20 files changed, 1207 insertions(+), 201 deletions(-)
> create mode 100644 Documentation/ABI/testing/sysfs-firmware-plpks
> create mode 100644 arch/powerpc/platforms/pseries/plpks-sysfs.c
> create mode 100644 include/keys/trusted_pkwm.h
> create mode 100644 security/keys/trusted-keys/trusted_pkwm.c
>
^ permalink raw reply
* [PATCH] integrity: digsig: Add blank line after declarations
From: Chi Wang @ 2026-02-27 6:23 UTC (permalink / raw)
To: trivial
Cc: Mimi Zohar, Roberto Sassu, Dmitry Kasatkin, linux-integrity,
linux-kernel, Chi Wang
From: Chi Wang <wangchi@kylinos.cn>
Fixes checkpatch warning:
WARNING: Missing a blank line after declarations
+ int err = PTR_ERR(keyring[id]);
+ pr_err("no %s keyring: %d\n", keyring_name[id], err);
Add a blank line after the variable declaration to comply with
the kernel coding style.
Signed-off-by: Chi Wang <wangchi@kylinos.cn>
---
security/integrity/digsig.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
index aec350abad86..5e7ba7d3cf99 100644
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -49,6 +49,7 @@ static struct key *integrity_keyring_from_id(const unsigned int id)
request_key(&key_type_keyring, keyring_name[id], NULL);
if (IS_ERR(keyring[id])) {
int err = PTR_ERR(keyring[id]);
+
pr_err("no %s keyring: %d\n", keyring_name[id], err);
keyring[id] = NULL;
return ERR_PTR(err);
--
2.25.1
^ permalink raw reply related
* Re: [PATCH 01/61] vfs: widen inode hash/lookup functions to u64
From: Damien Le Moal @ 2026-02-26 22:56 UTC (permalink / raw)
To: Jeff Layton, Alexander Viro, Christian Brauner, Jan Kara,
Steven Rostedt, Masami Hiramatsu, Mathieu Desnoyers, Dan Williams,
Matthew Wilcox, Eric Biggers, Theodore Y. Ts'o, Muchun Song,
Oscar Salvador, David Hildenbrand, David Howells, Paulo Alcantara,
Andreas Dilger, Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust,
Anna Schumaker, Chuck Lever, NeilBrown, Olga Kornievskaia,
Dai Ngo, Tom Talpey, Steve French, Ronnie Sahlberg,
Shyam Prasad N, Bharath SM, Alexander Aring, Ryusuke Konishi,
Viacheslav Dubeyko, Eric Van Hensbergen, Latchesar Ionkov,
Dominique Martinet, Christian Schoenebeck, David Sterba,
Marc Dionne, Ian Kent, Luis de Bethencourt, Salah Triki,
Tigran A. Aivazian, Ilya Dryomov, Alex Markuze, Jan Harkes, coda,
Nicolas Pitre, Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Zhihao Cheng, Naohiro Aota, Johannes Thumshirn, John Johansen,
Paul Moore, James Morris, Serge E. Hallyn, Mimi Zohar,
Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, Sumit Semwal,
Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
David S. Miller, Jakub Kicinski, Simon Horman, Oleg Nesterov,
Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, James Clark, Darrick J. Wong,
Martin Schiller
Cc: linux-fsdevel, linux-kernel, linux-trace-kernel, nvdimm, fsverity,
linux-mm, netfs, linux-ext4, linux-f2fs-devel, linux-nfs,
linux-cifs, samba-technical, linux-nilfs, v9fs, linux-afs, autofs,
ceph-devel, codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3,
ocfs2-devel, devel, linux-unionfs, apparmor,
linux-security-module, linux-integrity, selinux, amd-gfx,
dri-devel, linux-media, linaro-mm-sig, netdev, linux-perf-users,
linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-1-ccceff366db9@kernel.org>
On 2/27/26 00:55, Jeff Layton wrote:
> Change the inode hash/lookup VFS API functions to accept u64 parameters
> instead of unsigned long for inode numbers and hash values. This is
> preparation for widening i_ino itself to u64, which will allow
> filesystems to store full 64-bit inode numbers on 32-bit architectures.
>
> Since unsigned long implicitly widens to u64 on all architectures, this
> change is backward-compatible with all existing callers.
>
> Functions updated:
> - hash(), find_inode_fast(), find_inode_by_ino_rcu(), test_inode_iunique()
> - __insert_inode_hash(), iget_locked(), iget5_locked(), iget5_locked_rcu()
> - ilookup(), ilookup5(), ilookup5_nowait()
> - find_inode_nowait(), find_inode_rcu()
> - inode_insert5(), insert_inode_locked4()
> - insert_inode_locked() (local variable)
> - dump_mapping() (local variable and format string)
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
[...]
> -int insert_inode_locked4(struct inode *inode, unsigned long hashval,
> +int insert_inode_locked4(struct inode *inode, u64 hashval,
> int (*test)(struct inode *, void *), void *data)
> {
> struct inode *old;
> @@ -2642,7 +2642,7 @@ void init_special_inode(struct inode *inode, umode_t mode, dev_t rdev)
> break;
> default:
> printk(KERN_DEBUG "init_special_inode: bogus i_mode (%o) for"
> - " inode %s:%lu\n", mode, inode->i_sb->s_id,
> + " inode %s:%llu\n", mode, inode->i_sb->s_id,
Hmmm. the type of ino in struct inode is changed in patch 2, not this patch. So
this feels incorrect. Why not just squash patch 2 in here ?
While at it, maybe you could change this to use pr_debug() too ?
--
Damien Le Moal
Western Digital Research
^ permalink raw reply
* Re: [PATCH 03/61] trace: update VFS-layer trace events for u64 i_ino
From: Damien Le Moal @ 2026-02-26 22:51 UTC (permalink / raw)
To: Jeff Layton, Alexander Viro, Christian Brauner, Jan Kara,
Steven Rostedt, Masami Hiramatsu, Mathieu Desnoyers, Dan Williams,
Matthew Wilcox, Eric Biggers, Theodore Y. Ts'o, Muchun Song,
Oscar Salvador, David Hildenbrand, David Howells, Paulo Alcantara,
Andreas Dilger, Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust,
Anna Schumaker, Chuck Lever, NeilBrown, Olga Kornievskaia,
Dai Ngo, Tom Talpey, Steve French, Ronnie Sahlberg,
Shyam Prasad N, Bharath SM, Alexander Aring, Ryusuke Konishi,
Viacheslav Dubeyko, Eric Van Hensbergen, Latchesar Ionkov,
Dominique Martinet, Christian Schoenebeck, David Sterba,
Marc Dionne, Ian Kent, Luis de Bethencourt, Salah Triki,
Tigran A. Aivazian, Ilya Dryomov, Alex Markuze, Jan Harkes, coda,
Nicolas Pitre, Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Zhihao Cheng, Naohiro Aota, Johannes Thumshirn, John Johansen,
Paul Moore, James Morris, Serge E. Hallyn, Mimi Zohar,
Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, Sumit Semwal,
Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
David S. Miller, Jakub Kicinski, Simon Horman, Oleg Nesterov,
Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, James Clark, Darrick J. Wong,
Martin Schiller
Cc: linux-fsdevel, linux-kernel, linux-trace-kernel, nvdimm, fsverity,
linux-mm, netfs, linux-ext4, linux-f2fs-devel, linux-nfs,
linux-cifs, samba-technical, linux-nilfs, v9fs, linux-afs, autofs,
ceph-devel, codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3,
ocfs2-devel, devel, linux-unionfs, apparmor,
linux-security-module, linux-integrity, selinux, amd-gfx,
dri-devel, linux-media, linaro-mm-sig, netdev, linux-perf-users,
linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-3-ccceff366db9@kernel.org>
On 2/27/26 00:55, Jeff Layton wrote:
> Update trace event definitions in VFS-layer trace headers to use u64
> instead of ino_t/unsigned long for inode number fields, and change
> format strings from %lu/%lx to %llu/%llx to match.
>
> This is needed because i_ino is now u64. Changing trace event field
> types changes the binary trace format, but the self-describing format
> metadata handles this transparently for modern trace-cmd and perf.
>
> Files updated:
> - cachefiles.h, filelock.h, filemap.h, fs_dax.h, fsverity.h,
> hugetlbfs.h, netfs.h, readahead.h, timestamp.h, writeback.h
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
[...]
> @@ -726,7 +726,7 @@ TRACE_EVENT(balance_dirty_pages,
> __entry->pause, /* ms */
> __entry->period, /* ms */
> __entry->think, /* ms */
> - (unsigned long)__entry->cgroup_ino
> + (unsigned long long)__entry->cgroup_ino
Do we really need this cast here ? (same comment for the following events).
Other than this, this looks OK to me.
Reviewed-by: Damien Le Moal <dlemoal@kernel.org>
--
Damien Le Moal
Western Digital Research
^ permalink raw reply
* Re: [PATCH 50/61] zonefs: update format strings for u64 i_ino
From: Damien Le Moal @ 2026-02-26 22:45 UTC (permalink / raw)
To: Jeff Layton, Alexander Viro, Christian Brauner, Jan Kara,
Steven Rostedt, Masami Hiramatsu, Mathieu Desnoyers, Dan Williams,
Matthew Wilcox, Eric Biggers, Theodore Y. Ts'o, Muchun Song,
Oscar Salvador, David Hildenbrand, David Howells, Paulo Alcantara,
Andreas Dilger, Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust,
Anna Schumaker, Chuck Lever, NeilBrown, Olga Kornievskaia,
Dai Ngo, Tom Talpey, Steve French, Ronnie Sahlberg,
Shyam Prasad N, Bharath SM, Alexander Aring, Ryusuke Konishi,
Viacheslav Dubeyko, Eric Van Hensbergen, Latchesar Ionkov,
Dominique Martinet, Christian Schoenebeck, David Sterba,
Marc Dionne, Ian Kent, Luis de Bethencourt, Salah Triki,
Tigran A. Aivazian, Ilya Dryomov, Alex Markuze, Jan Harkes, coda,
Nicolas Pitre, Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Zhihao Cheng, Naohiro Aota, Johannes Thumshirn, John Johansen,
Paul Moore, James Morris, Serge E. Hallyn, Mimi Zohar,
Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, Sumit Semwal,
Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
David S. Miller, Jakub Kicinski, Simon Horman, Oleg Nesterov,
Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, James Clark, Darrick J. Wong,
Martin Schiller
Cc: linux-fsdevel, linux-kernel, linux-trace-kernel, nvdimm, fsverity,
linux-mm, netfs, linux-ext4, linux-f2fs-devel, linux-nfs,
linux-cifs, samba-technical, linux-nilfs, v9fs, linux-afs, autofs,
ceph-devel, codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3,
ocfs2-devel, devel, linux-unionfs, apparmor,
linux-security-module, linux-integrity, selinux, amd-gfx,
dri-devel, linux-media, linaro-mm-sig, netdev, linux-perf-users,
linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-50-ccceff366db9@kernel.org>
On 2/27/26 00:55, Jeff Layton wrote:
> Update format strings and local variable types in zonefs for the
> i_ino type change from unsigned long to u64.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
Acked-by: Damien Le Moal <dlemoal@kernel.org>
--
Damien Le Moal
Western Digital Research
^ permalink raw reply
* Re: [PATCH v15 00/28] x86: Secure Launch support for Intel TXT
From: Ard Biesheuvel @ 2026-02-26 22:33 UTC (permalink / raw)
To: Ross Philipson, Daniel P. Smith, linux-kernel, x86,
linux-integrity, linux-doc, linux-crypto, kexec, linux-efi, iommu,
dave.hansen, H . Peter Anvin
Cc: Thomas Gleixner, Ingo Molnar, Borislav Petkov, Matthew Garrett,
James Bottomley, peterhuewe, Jarkko Sakkinen, jgg,
Andy Lutomirski, nivedita, Herbert Xu, davem, corbet,
Eric W. Biederman, dwmw2, baolu.lu, kanth.ghatraju, Andrew Cooper,
trenchboot-devel
In-Reply-To: <00774604-258c-4e88-80a4-fd8f60fcd0b3@oracle.com>
On Thu, 26 Feb 2026, at 19:31, ross.philipson@oracle.com wrote:
> On 2/18/26 9:30 AM, 'Ard Biesheuvel' via trenchboot-devel wrote:
>> On Thu, 12 Feb 2026, at 21:39, Ard Biesheuvel wrote:
>>> On Thu, 12 Feb 2026, at 20:49, Daniel P. Smith wrote:
>>>> On 2/9/26 09:04, Ard Biesheuvel wrote:
>>> ...
>>>>> I've had a stab at implementing all of this in a manner that is more idiomatic for EFI boot:
>>>>>
>>>>> - GRUB does minimal TXT related preparation upfront, and exposes the remaining functionality via a protocol that is attached to the loaded image by GRUB
>>>>> - The SL stub is moved to the core kernel, with some startup code added to pivot to long mode
>>>>> - the EFI stub executes and decompresses the kernel as usual
>>>>> - if the protocol is present, the EFI stub calls it to pass the bootparams pointer, the base and size of the MLE and the header offset back to the GRUB code
>>>>> - after calling ExitBootServices(), it calls another protocol method to trigger the secure launch.
>>>>>
>>> ...
>>>>
>>>> I think this is a great approach for UEFI, though we need to reconcile
>>>> this with non-UEFI situations such as booting under coreboot.
>>>
>>> There are two approaches that I think are feasible for coreboot in this model:
>>>
>>> - just unpack the ELF and boot that - there is already prior art for
>>> that with Xen. We can stick the MLE header offset in an ELF note where
>>> any loader can find it.
>>>
>>> - stick with the current approach as much as possible, i.e., disable
>>> physical KASLR so that the decompressed kernel will end up right where
>>> the decompressor was loaded, which allows much of the secure launch
>>> preparation to be done as before. Only the final bits (including the
>>> call into the ACM itself) need to be deferred, and we can propose a
>>> generic mechanism for that via boot_params.
>>>
>>> I'm working on a prototype of the latter, but GRUB is an odd beast and
>>> my x86 fu is weak.
>>>
>>
>> I've managed to get a working implementation of the legacy entrypoint, by repurposing the dl_handler() entrypoint you added for EFI [which no longer needs it in my version] as a callback for the legacy boot flow. This /should/ work for i386-coreboot too, but I have no way of testing it (I only tried 'slaunch --legacy-linux' using the x86_64-efi build).
>>
>> I've pushed the changes to the branches I mentioned previously in this thread.
>
> Hello Ard,
>
> I am working on incorporating the changes we have been discussing. So
> far everything has been rather smooth. I noticed in the legacy support
> you did here, you introduce a new boot_param. This is something that we
> tried to do early on but changes to the boot_params layout is rather
> frowned upon. We worked with Peter A. on the kernel_info scheme but
> this parameter you introduced is not used that way (kernel_info is
> meant to be RO after the kernel is built).
Indeed. kernel_info describes the kernel to the bootloader, not the other way around.
There is prior art for adding fields to boot_params for passing data from bootloader to kernel (e.g., ext_ramdisk_image/size, efi_info, cc_blob_address), and I think adding a field for the SLRT is reasonable. Alternatively, we might consider setup_data but I don't see why a field in boot_params would be controversial here.
> I guess my first questions
> are whether this will be an acceptable approach (per the x86
> maintainers) to add a boot_param and, if so, whether the spot you chose
> is reasonable. E.g. will it survive the sanitize boot params step.
>
I think that is irrelevant tbh. A bootloader is supposed to clear struct boot_params before it copies struct setup_header into it, otherwise sanitize_boot_params() will trigger on a non-zero sentinel field, and clean it up. Given that there is no backwards compatibility concern for trenchboot, we can just stipulate that the SLRT field is only valid if struct boot_params was wiped correctly, and sanitize_boot_params() will be a no-op.
^ permalink raw reply
* Re: [PATCH 51/61] security: update audit format strings for u64 i_ino
From: Paul Moore @ 2026-02-26 21:11 UTC (permalink / raw)
To: Jeff Layton
Cc: Alexander Viro, Christian Brauner, Jan Kara, Steven Rostedt,
Masami Hiramatsu, Mathieu Desnoyers, Dan Williams, Matthew Wilcox,
Eric Biggers, Theodore Y. Ts'o, Muchun Song, Oscar Salvador,
David Hildenbrand, David Howells, Paulo Alcantara, Andreas Dilger,
Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust, Anna Schumaker,
Chuck Lever, NeilBrown, Olga Kornievskaia, Dai Ngo, Tom Talpey,
Steve French, Ronnie Sahlberg, Shyam Prasad N, Bharath SM,
Alexander Aring, Ryusuke Konishi, Viacheslav Dubeyko,
Eric Van Hensbergen, Latchesar Ionkov, Dominique Martinet,
Christian Schoenebeck, David Sterba, Marc Dionne, Ian Kent,
Luis de Bethencourt, Salah Triki, Tigran A. Aivazian,
Ilya Dryomov, Alex Markuze, Jan Harkes, coda, Nicolas Pitre,
Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Zhihao Cheng, Damien Le Moal, Naohiro Aota, Johannes Thumshirn,
John Johansen, James Morris, Serge E. Hallyn, Mimi Zohar,
Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, Sumit Semwal,
Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
David S. Miller, Jakub Kicinski, Simon Horman, Oleg Nesterov,
Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, James Clark, Darrick J. Wong,
Martin Schiller, linux-fsdevel, linux-kernel, linux-trace-kernel,
nvdimm, fsverity, linux-mm, netfs, linux-ext4, linux-f2fs-devel,
linux-nfs, linux-cifs, samba-technical, linux-nilfs, v9fs,
linux-afs, autofs, ceph-devel, codalist, ecryptfs, linux-mtd,
jfs-discussion, ntfs3, ocfs2-devel, devel, linux-unionfs,
apparmor, linux-security-module, linux-integrity, selinux,
amd-gfx, dri-devel, linux-media, linaro-mm-sig, netdev,
linux-perf-users, linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-51-ccceff366db9@kernel.org>
On Thu, Feb 26, 2026 at 11:06 AM Jeff Layton <jlayton@kernel.org> wrote:
>
> Update %lu/%ld to %llu/%lld in security audit logging functions that
> print inode->i_ino, since i_ino is now u64.
>
> Files updated: apparmor/apparmorfs.c, integrity/integrity_audit.c,
> ipe/audit.c, lsm_audit.c.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> security/apparmor/apparmorfs.c | 4 ++--
> security/integrity/integrity_audit.c | 2 +-
> security/ipe/audit.c | 2 +-
> security/lsm_audit.c | 10 +++++-----
> security/selinux/hooks.c | 4 ++--
> security/smack/smack_lsm.c | 12 ++++++------
> 6 files changed, 17 insertions(+), 17 deletions(-)
...
> diff --git a/security/lsm_audit.c b/security/lsm_audit.c
> index 7d623b00495c14b079e10e963c21a9f949c11f07..737f5a263a8f79416133315edf363ece3d79c722 100644
> --- a/security/lsm_audit.c
> +++ b/security/lsm_audit.c
Everything in security/lsm_audit.c looks okay.
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index d8224ea113d1ac273aac1fb52324f00b3301ae75..150ea86ebc1f7c7f8391af4109a3da82b12d00d2 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -1400,7 +1400,7 @@ static int inode_doinit_use_xattr(struct inode *inode, struct dentry *dentry,
> if (rc < 0) {
> kfree(context);
> if (rc != -ENODATA) {
> - pr_warn("SELinux: %s: getxattr returned %d for dev=%s ino=%ld\n",
> + pr_warn("SELinux: %s: getxattr returned %d for dev=%s ino=%lld\n",
> __func__, -rc, inode->i_sb->s_id, inode->i_ino);
> return rc;
> }
Additionally, later in this function there are pr_notice_ratelimited()
and pr_warn() calls that print inode numbers and need to be updated.
--
paul-moore.com
^ permalink raw reply
* Re: [PATCH 37/61] jffs2: update format strings for u64 i_ino
From: Richard Weinberger @ 2026-02-26 21:06 UTC (permalink / raw)
To: Jeff Layton
Cc: Al Viro, Christian Brauner, Jan Kara, Steven Rostedt, mhiramat,
Mathieu Desnoyers, dan j williams, Matthew Wilcox, Eric Biggers,
tytso, Muchun Song, Oscar Salvador, David Hildenbrand,
David Howells, Paulo Alcantara, Andreas Dilger, Jan Kara,
Jaegeuk Kim, Chao Yu, Trond Myklebust, anna, chuck lever,
NeilBrown, Olga Kornievskaia, Dai Ngo, Tom Talpey, Steve French,
Ronnie Sahlberg, Shyam, Bharath SM, Alexander Aring,
Ryusuke Konishi, Viacheslav Dubeyko, Eric Van Hensbergen,
Latchesar Ionkov, Dominique Martinet, Christian Schoenebeck,
David Sterba, Marc Dionne, raven, Luis de Bethencourt,
Salah Triki, Tigran A. Aivazian, Ilya Dryomov, Alex Markuze,
Jan Harkes, coda, Nicolas Pitre, Tyler Hicks, Amir Goldstein,
Christoph Hellwig, John Paul Adrian Glaubitz, Yangtao Li,
Mikulas Patocka, David Woodhouse, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
chengzhihao1, Damien Le Moal, Naohiro Aota, Johannes Thumshirn,
John Johansen, Paul Moore, James Morris, Serge E. Hallyn,
Mimi Zohar, Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, sumit semwal,
edumazet, Kuniyuki Iwashima, pabeni, Willem de Bruijn, davem,
kuba, Simon Horman, oleg, Peter Zijlstra, mingo,
Arnaldo Carvalho de Melo, Namhyung Kim, Mark Rutland,
Alexander Shishkin, Jiri Olsa, Ian Rogers, Adrian Hunter,
James Clark, Darrick J. Wong, Martin Schiller, linux-fsdevel,
linux-kernel, linux-trace-kernel, nvdimm, fsverity, linux-mm,
netfs, linux-ext4, linux-f2fs-devel, linux-nfs, linux-cifs,
samba-technical, linux-nilfs, v9fs, linux-afs, autofs, ceph-devel,
codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3, ocfs2-devel,
devel, linux-unionfs, apparmor, LSM, linux-integrity, selinux,
amd-gfx, DRI mailing list, linux-media, linaro-mm-sig, netdev,
linux-perf-users, linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-37-ccceff366db9@kernel.org>
----- Ursprüngliche Mail -----
> Von: "Jeff Layton" <jlayton@kernel.org>
> Update format strings and local variable types in jffs2 for the
> i_ino type change from unsigned long to u64.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> fs/jffs2/dir.c | 4 ++--
> fs/jffs2/file.c | 4 ++--
> fs/jffs2/fs.c | 18 +++++++++---------
> 3 files changed, 13 insertions(+), 13 deletions(-)
Acked-by: Richard Weinberger <richard@nod.at>
Thanks,
//richard
^ permalink raw reply
* Re: [PATCH 47/61] ubifs: update format strings for u64 i_ino
From: Richard Weinberger @ 2026-02-26 21:06 UTC (permalink / raw)
To: Jeff Layton
Cc: Al Viro, Christian Brauner, Jan Kara, Steven Rostedt, mhiramat,
Mathieu Desnoyers, dan j williams, Matthew Wilcox, Eric Biggers,
tytso, Muchun Song, Oscar Salvador, David Hildenbrand,
David Howells, Paulo Alcantara, Andreas Dilger, Jan Kara,
Jaegeuk Kim, Chao Yu, Trond Myklebust, anna, chuck lever,
NeilBrown, Olga Kornievskaia, Dai Ngo, Tom Talpey, Steve French,
Ronnie Sahlberg, Shyam, Bharath SM, Alexander Aring,
Ryusuke Konishi, Viacheslav Dubeyko, Eric Van Hensbergen,
Latchesar Ionkov, Dominique Martinet, Christian Schoenebeck,
David Sterba, Marc Dionne, raven, Luis de Bethencourt,
Salah Triki, Tigran A. Aivazian, Ilya Dryomov, Alex Markuze,
Jan Harkes, coda, Nicolas Pitre, Tyler Hicks, Amir Goldstein,
Christoph Hellwig, John Paul Adrian Glaubitz, Yangtao Li,
Mikulas Patocka, David Woodhouse, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
chengzhihao1, Damien Le Moal, Naohiro Aota, Johannes Thumshirn,
John Johansen, Paul Moore, James Morris, Serge E. Hallyn,
Mimi Zohar, Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, sumit semwal,
edumazet, Kuniyuki Iwashima, pabeni, Willem de Bruijn, davem,
kuba, Simon Horman, oleg, Peter Zijlstra, mingo,
Arnaldo Carvalho de Melo, Namhyung Kim, Mark Rutland,
Alexander Shishkin, Jiri Olsa, Ian Rogers, Adrian Hunter,
James Clark, Darrick J. Wong, Martin Schiller, linux-fsdevel,
linux-kernel, linux-trace-kernel, nvdimm, fsverity, linux-mm,
netfs, linux-ext4, linux-f2fs-devel, linux-nfs, linux-cifs,
samba-technical, linux-nilfs, v9fs, linux-afs, autofs, ceph-devel,
codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3, ocfs2-devel,
devel, linux-unionfs, apparmor, LSM, linux-integrity, selinux,
amd-gfx, DRI mailing list, linux-media, linaro-mm-sig, netdev,
linux-perf-users, linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-47-ccceff366db9@kernel.org>
----- Ursprüngliche Mail -----
> Von: "Jeff Layton" <jlayton@kernel.org>
> Update format strings and local variable types in ubifs for the
> i_ino type change from unsigned long to u64.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> fs/ubifs/debug.c | 8 ++++----
> fs/ubifs/dir.c | 28 ++++++++++++++--------------
> fs/ubifs/file.c | 28 ++++++++++++++--------------
> fs/ubifs/journal.c | 6 +++---
> fs/ubifs/super.c | 16 ++++++++--------
> fs/ubifs/tnc.c | 4 ++--
> fs/ubifs/xattr.c | 14 +++++++-------
> 7 files changed, 52 insertions(+), 52 deletions(-)
Acked-by: Richard Weinberger <richard@nod.at>
Thanks,
//richard
^ permalink raw reply
* Re: IMA and PQC
From: Stefan Berger @ 2026-02-26 21:05 UTC (permalink / raw)
To: Eric Biggers
Cc: Simo Sorce, Coiby Xu, Johannes Wiesböck, dhowells,
dmitry.kasatkin, eric.snowberg, keyrings, linux-crypto,
linux-integrity, linux-kernel, linux-modules, roberto.sassu,
zohar, michael.weiss
In-Reply-To: <20260226194406.GG2251@sol>
On 2/26/26 2:44 PM, Eric Biggers wrote:
> On Thu, Feb 26, 2026 at 02:21:41PM -0500, Stefan Berger wrote:
>>
>>
>> On 2/26/26 1:32 PM, Eric Biggers wrote:
>>> On Thu, Feb 26, 2026 at 12:22:32PM -0500, Stefan Berger wrote:
>>>>> I see that IMA indeed never upgraded full file hashes to use
>>>>> 'struct ima_file_id'. Building a new feature that relies on this seems
>>>>> like a bad idea though, given that it's a security bug that makes the> IMA
>>>> protocol cryptographically ambiguous. I.e., it means that in IMA,
>>>>> when the contents of some file are signed, that signature is sometimes
>>>>> also valid for some other file contents which the signer didn't intend.
>>>>
>>>> You mean IMA should not sign the digest in the ima_file_id structure but
>>>> hash the ima_file_id structure in which this file digest is written into
>>>> (that we currently sign) and sign/verify this digest? And we would do this
>>>> to avoid two different files (with presumably different content) from having
>>>> the same hashes leading to the same signature? Which hashes (besides the
>>>> non-recommended ones) are so weak now that you must not merely sign a file's
>>>> hash?
>>>>
>>>> The problem with this is that older kernels (without patching) won't be able
>>>> to handle newer signatures.
>>>
>>> IMA needs to sign the entire ima_file_id structure, which is indeed what
>>> IMA already does when it uses that structure. (Well, actually it signs
>>> a hash of the struct, but that's best thought of an implementation
>>> detail of legacy signature algorithms that can only sign hashes. For a
>>> modern algorithm the whole struct should be passed instead.) Just IMA
>>> uses that structure only for fsverity hashes, which is a bug that makes
>>> the IMA protocol ambiguous. It needs to use ima_file_id consistently,
>>> otherwise a signed message sometimes corresponds to multiple unique file
>>> contents even without a break in the cryptographic hash function.
>>
>> Before we jump into making changes on this old stuff I think it's good to
>> understand the underlying problem and the likelyhood of signatures
>> validating different data, such as a file and fsverity data. How likely is
>> this?
>>
>> Assuming a strong hash I suppose that is not a concern with RSA because here
>> the digest is padded and then directly encrypted with the private key. Upon
>> verification (pub key decrypt) we would unpad and memcmp the digests.
>>
>> Again, assuming a strong hash: With ECDSA NIST P256 for example we have a 32
>> byte signature. With a SHA512 being used for hashing for example we would be
>> doing a projection of a 64byte hash space to a 32byte signature space with.
>> Just by this projection of a much larger space into a smaller space
>> signatures that validate multiple input data could be a problem. One 'easy'
>> case where signatures for different input data is the same (not exactly the
>> same due to nonce involved the signature is verifyable), albeit unlikely, is
>> that there could be different input data for the SHA512 that lead to the
>> same 32bytes prefix, which is then used after truncating the sha512 to the
>> first 32 bytes for the ECDSA signature, and this then leads to a signature
>> that is verifyable for different input data. So that's the 'simple' case at
>> least for this thought experiment for a non-expert.
>>
>> Now what should still be difficult to do is given a file and a hash-to-use
>> that you can create fsverity content that leads to a hash that in turn leads
>> to a NIST-P256 signature that can be used for signature verification(s) of
>> the file and the totally different fsverity data. Is this a problem that is
>> as difficult to solve just as finding different input data for a hash that
>> leads to the same digest?
>
> There's no differentiation between a 'struct ima_file_id' that
> *represents* the contents of some file, and a file whose contents are
> *equal to* that 'struct ima_file_id' and that uses a full-file hash. In
> both cases the same key and message are used for signing and verifying.
I hadn't been thinking of this... It's a side-effect of starting to sign
ima_file_id for v3 that a file *content* could now hold the ima_file_id
structure (as signed with v3) and the signature would validate when used
with the v2 signature verification scheme. So, the content of the file
would presumably be odd/useless (2 bytes + hash) but it would verify
with the signature created for v3. We will have to offer the possibility
to move to v3 signatures for all signing schemes and offer the
possibility to deactivate older versions (<v3).
>
> This means that every time a file is signed using the ima_file_id
> scheme, it also implicitly signs some other file contents, which an
> attacker can freely replace the file with. Similarly, every time a file
> that happens to be a valid ima_file_id is signed using the older scheme,
> it also implicitly signs the contents that the ima_file_id correspond
> to, which the attacker can freely replace the file with. In either
> case, no collision in the cryptographic hash function is required.
>
> It's simply a broken protocol. To fix this, IMA must only support
> signatures that use the ima_file_id scheme.
>
> Of course, that will require making them support full-file hashes and
> not just fsverity hashes. If I recall correctly, this was actually part
> of the original design of the ima_file_id-based signatures. It's
> unclear why the implementation is still incomplete.
>
> - Eric
^ permalink raw reply
* RE: [PATCH 17/61] nilfs2: update for u64 i_ino
From: Viacheslav Dubeyko @ 2026-02-26 20:09 UTC (permalink / raw)
To: david@kernel.org, davem@davemloft.net, hch@infradead.org,
Paolo Abeni, anna@kernel.org, ms@dev.tdt.de,
alexander.shishkin@linux.intel.com, casey@schaufler-ca.com,
ebiggers@kernel.org, jack@suse.cz, Ondrej Mosnacek,
mark.rutland@arm.com, glaubitz@physik.fu-berlin.de,
miklos@szeredi.hu, sumit.semwal@linaro.org,
john.johansen@canonical.com, amir73il@gmail.com,
slava@dubeyko.com, willy@infradead.org, tytso@mit.edu,
serge@hallyn.com, jth@kernel.org, jolsa@kernel.org,
shaggy@kernel.org, jaharkes@cs.cmu.edu, willemb@google.com,
jlayton@kernel.org, ericvh@kernel.org, simona@ffwll.ch,
trondmy@kernel.org, aivazian.tigran@gmail.com,
asmadeus@codewreck.org, hubcap@omnibond.com,
muchun.song@linux.dev, neil@brown.name, sfrench@samba.org,
jmorris@namei.org, lucho@ionkov.net, jlbec@evilplan.org,
chuck.lever@oracle.com, mathieu.desnoyers@efficios.com,
dan.j.williams@intel.com, raven@themaw.net, Alex Markuze,
peterz@infradead.org, christian.koenig@amd.com, horms@kernel.org,
mhiramat@kernel.org, alexander.deucher@amd.com, tom@talpey.com,
mark@fasheh.com, mikulas@artax.karlin.mff.cuni.cz,
djwong@kernel.org, edumazet@google.com, Olga Kornievskaia,
bharathsm@microsoft.com, adrian.hunter@intel.com,
osalvador@suse.de, ronniesahlberg@gmail.com, pc@manguebit.org,
martin@omnibond.com, naohiro.aota@wdc.com, frank.li@vivo.com,
dsterba@suse.com, zohar@linux.ibm.com, code@tyhicks.com,
dwmw2@infradead.org, kuba@kernel.org, kuniyu@google.com,
nico@fluxnic.net, jack@suse.com, dlemoal@kernel.org,
viro@zeniv.linux.org.uk, stephen.smalley.work@gmail.com,
salah.triki@gmail.com, David Howells, paul@paul-moore.com,
luisbg@kernel.org, acme@kernel.org, richard@nod.at,
rostedt@goodmis.org, idryomov@gmail.com,
joseph.qi@linux.alibaba.com, al@alarsen.net,
james.clark@linaro.org, dmitry.kasatkin@gmail.com,
roberto.sassu@huawei.com, konishi.ryusuke@gmail.com,
sprasad@microsoft.com, jaegeuk@kernel.org,
linux_oss@crudebyte.com, brauner@kernel.org, Dai.Ngo@oracle.com,
eric.snowberg@oracle.com, adilger.kernel@dilger.ca,
chao@kernel.org, wufan@kernel.org, irogers@google.com,
Ingo Molnar, alex.aring@gmail.com, namhyung@kernel.org,
oleg@redhat.com, chengzhihao1@huawei.com,
marc.dionne@auristor.com, airlied@gmail.com,
almaz.alexandrovich@paragon-software.com, coda@cs.cmu.edu
Cc: ecryptfs@vger.kernel.org, ntfs3@lists.linux.dev,
linux-unionfs@vger.kernel.org, linux-x25@vger.kernel.org,
autofs@vger.kernel.org, amd-gfx@lists.freedesktop.org,
linux-fsdevel@vger.kernel.org, linux-media@vger.kernel.org,
ocfs2-devel@lists.linux.dev, fsverity@lists.linux.dev,
linux-kernel@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-integrity@vger.kernel.org, samba-technical@lists.samba.org,
linux-nilfs@vger.kernel.org, apparmor@lists.ubuntu.com,
selinux@vger.kernel.org, linaro-mm-sig@lists.linaro.org,
v9fs@lists.linux.dev, linux-xfs@vger.kernel.org,
netdev@vger.kernel.org, linux-trace-kernel@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net, nvdimm@lists.linux.dev,
ceph-devel@vger.kernel.org, jfs-discussion@lists.sourceforge.net,
linux-mtd@lists.infradead.org, devel@lists.orangefs.org,
linux-fscrypt@vger.kernel.org, linux-afs@lists.infradead.org,
linux-security-module@vger.kernel.org, linux-cifs@vger.kernel.org,
linux-hams@vger.kernel.org, linux-nfs@vger.kernel.org,
codalist@coda.cs.cmu.edu, linux-mm@kvack.org,
netfs@lists.linux.dev, linux-perf-users@vger.kernel.org,
dri-devel@lists.freedesktop.org
In-Reply-To: <d8d47ebf099b21bf20f7284837f8164a19590010.camel@kernel.org>
On Thu, 2026-02-26 at 15:06 -0500, Jeff Layton wrote:
> On Thu, 2026-02-26 at 19:46 +0000, Viacheslav Dubeyko wrote:
> > On Thu, 2026-02-26 at 10:55 -0500, Jeff Layton wrote:
> > > Update nilfs2 trace events and filesystem code for u64 i_ino:
> > >
> > > - Change __field(ino_t, ...) to __field(u64, ...) in trace events
> > > - Update format strings from %lu to %llu
> > > - Cast to (unsigned long long) in TP_printk
> > >
> > > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > > ---
> > > fs/nilfs2/alloc.c | 10 +++++-----
> > > fs/nilfs2/bmap.c | 2 +-
> > > fs/nilfs2/btnode.c | 2 +-
> > > fs/nilfs2/btree.c | 12 ++++++------
> > > fs/nilfs2/dir.c | 12 ++++++------
> > > fs/nilfs2/direct.c | 4 ++--
> > > fs/nilfs2/gcinode.c | 2 +-
> > > fs/nilfs2/inode.c | 8 ++++----
> > > fs/nilfs2/mdt.c | 2 +-
> > > fs/nilfs2/namei.c | 2 +-
> > > fs/nilfs2/segment.c | 2 +-
> > > include/trace/events/nilfs2.h | 12 ++++++------
> > > 12 files changed, 35 insertions(+), 35 deletions(-)
> > >
> > > diff --git a/fs/nilfs2/alloc.c b/fs/nilfs2/alloc.c
> > > index e7eebb04f9a4080a39f17d4123e58ed7df6b2f4b..7b1cd2baefcf21e54f9260845b02c7c95c148c64 100644
> > > --- a/fs/nilfs2/alloc.c
> > > +++ b/fs/nilfs2/alloc.c
> > > @@ -707,7 +707,7 @@ void nilfs_palloc_commit_free_entry(struct inode *inode,
> > >
> > > if (!nilfs_clear_bit_atomic(lock, group_offset, bitmap))
> > > nilfs_warn(inode->i_sb,
> > > - "%s (ino=%lu): entry number %llu already freed",
> > > + "%s (ino=%llu): entry number %llu already freed",
> > > __func__, inode->i_ino,
> > > (unsigned long long)req->pr_entry_nr);
> > > else
> > > @@ -748,7 +748,7 @@ void nilfs_palloc_abort_alloc_entry(struct inode *inode,
> > >
> > > if (!nilfs_clear_bit_atomic(lock, group_offset, bitmap))
> > > nilfs_warn(inode->i_sb,
> > > - "%s (ino=%lu): entry number %llu already freed",
> > > + "%s (ino=%llu): entry number %llu already freed",
> > > __func__, inode->i_ino,
> > > (unsigned long long)req->pr_entry_nr);
> > > else
> > > @@ -861,7 +861,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> > > if (!nilfs_clear_bit_atomic(lock, group_offset,
> > > bitmap)) {
> > > nilfs_warn(inode->i_sb,
> > > - "%s (ino=%lu): entry number %llu already freed",
> > > + "%s (ino=%llu): entry number %llu already freed",
> > > __func__, inode->i_ino,
> > > (unsigned long long)entry_nrs[j]);
> > > } else {
> > > @@ -906,7 +906,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> > > last_nrs[k]);
> > > if (ret && ret != -ENOENT)
> > > nilfs_warn(inode->i_sb,
> > > - "error %d deleting block that object (entry=%llu, ino=%lu) belongs to",
> > > + "error %d deleting block that object (entry=%llu, ino=%llu) belongs to",
> > > ret, (unsigned long long)last_nrs[k],
> > > inode->i_ino);
> > > }
> > > @@ -923,7 +923,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> > > ret = nilfs_palloc_delete_bitmap_block(inode, group);
> > > if (ret && ret != -ENOENT)
> > > nilfs_warn(inode->i_sb,
> > > - "error %d deleting bitmap block of group=%lu, ino=%lu",
> > > + "error %d deleting bitmap block of group=%lu, ino=%llu",
> > > ret, group, inode->i_ino);
> > > }
> > > }
> > > diff --git a/fs/nilfs2/bmap.c b/fs/nilfs2/bmap.c
> > > index ccc1a7aa52d2064d56b826058554264c498d592f..824f2bd91c167965ec3a660202b6e6c5f1fe007e 100644
> > > --- a/fs/nilfs2/bmap.c
> > > +++ b/fs/nilfs2/bmap.c
> > > @@ -33,7 +33,7 @@ static int nilfs_bmap_convert_error(struct nilfs_bmap *bmap,
> > >
> > > if (err == -EINVAL) {
> > > __nilfs_error(inode->i_sb, fname,
> > > - "broken bmap (inode number=%lu)", inode->i_ino);
> > > + "broken bmap (inode number=%llu)", inode->i_ino);
> > > err = -EIO;
> > > }
> > > return err;
> > > diff --git a/fs/nilfs2/btnode.c b/fs/nilfs2/btnode.c
> > > index 56836712909201775907483887e8a0022851bbec..2e553d698d0f3980de98fced415dfd819ddbca0a 100644
> > > --- a/fs/nilfs2/btnode.c
> > > +++ b/fs/nilfs2/btnode.c
> > > @@ -64,7 +64,7 @@ nilfs_btnode_create_block(struct address_space *btnc, __u64 blocknr)
> > > * clearing of an abandoned b-tree node is missing somewhere).
> > > */
> > > nilfs_error(inode->i_sb,
> > > - "state inconsistency probably due to duplicate use of b-tree node block address %llu (ino=%lu)",
> > > + "state inconsistency probably due to duplicate use of b-tree node block address %llu (ino=%llu)",
> > > (unsigned long long)blocknr, inode->i_ino);
> > > goto failed;
> > > }
> > > diff --git a/fs/nilfs2/btree.c b/fs/nilfs2/btree.c
> > > index dd0c8e560ef6a2c96515025321914e0d73f41144..3c03f5a741d144d22d1ffb5acf43a035e88c00dc 100644
> > > --- a/fs/nilfs2/btree.c
> > > +++ b/fs/nilfs2/btree.c
> > > @@ -353,7 +353,7 @@ static int nilfs_btree_node_broken(const struct nilfs_btree_node *node,
> > > nchildren <= 0 ||
> > > nchildren > NILFS_BTREE_NODE_NCHILDREN_MAX(size))) {
> > > nilfs_crit(inode->i_sb,
> > > - "bad btree node (ino=%lu, blocknr=%llu): level = %d, flags = 0x%x, nchildren = %d",
> > > + "bad btree node (ino=%llu, blocknr=%llu): level = %d, flags = 0x%x, nchildren = %d",
> > > inode->i_ino, (unsigned long long)blocknr, level,
> > > flags, nchildren);
> > > ret = 1;
> > > @@ -384,7 +384,7 @@ static int nilfs_btree_root_broken(const struct nilfs_btree_node *node,
> > > nchildren > NILFS_BTREE_ROOT_NCHILDREN_MAX ||
> > > (nchildren == 0 && level > NILFS_BTREE_LEVEL_NODE_MIN))) {
> > > nilfs_crit(inode->i_sb,
> > > - "bad btree root (ino=%lu): level = %d, flags = 0x%x, nchildren = %d",
> > > + "bad btree root (ino=%llu): level = %d, flags = 0x%x, nchildren = %d",
> > > inode->i_ino, level, flags, nchildren);
> > > ret = 1;
> > > }
> > > @@ -453,7 +453,7 @@ static int nilfs_btree_bad_node(const struct nilfs_bmap *btree,
> > > if (unlikely(nilfs_btree_node_get_level(node) != level)) {
> > > dump_stack();
> > > nilfs_crit(btree->b_inode->i_sb,
> > > - "btree level mismatch (ino=%lu): %d != %d",
> > > + "btree level mismatch (ino=%llu): %d != %d",
> > > btree->b_inode->i_ino,
> > > nilfs_btree_node_get_level(node), level);
> > > return 1;
> > > @@ -521,7 +521,7 @@ static int __nilfs_btree_get_block(const struct nilfs_bmap *btree, __u64 ptr,
> > > out_no_wait:
> > > if (!buffer_uptodate(bh)) {
> > > nilfs_err(btree->b_inode->i_sb,
> > > - "I/O error reading b-tree node block (ino=%lu, blocknr=%llu)",
> > > + "I/O error reading b-tree node block (ino=%llu, blocknr=%llu)",
> > > btree->b_inode->i_ino, (unsigned long long)ptr);
> > > brelse(bh);
> > > return -EIO;
> > > @@ -2104,7 +2104,7 @@ static int nilfs_btree_propagate(struct nilfs_bmap *btree,
> > > if (ret < 0) {
> > > if (unlikely(ret == -ENOENT)) {
> > > nilfs_crit(btree->b_inode->i_sb,
> > > - "writing node/leaf block does not appear in b-tree (ino=%lu) at key=%llu, level=%d",
> > > + "writing node/leaf block does not appear in b-tree (ino=%llu) at key=%llu, level=%d",
> > > btree->b_inode->i_ino,
> > > (unsigned long long)key, level);
> > > ret = -EINVAL;
> > > @@ -2146,7 +2146,7 @@ static void nilfs_btree_add_dirty_buffer(struct nilfs_bmap *btree,
> > > level >= NILFS_BTREE_LEVEL_MAX) {
> > > dump_stack();
> > > nilfs_warn(btree->b_inode->i_sb,
> > > - "invalid btree level: %d (key=%llu, ino=%lu, blocknr=%llu)",
> > > + "invalid btree level: %d (key=%llu, ino=%llu, blocknr=%llu)",
> > > level, (unsigned long long)key,
> > > btree->b_inode->i_ino,
> > > (unsigned long long)bh->b_blocknr);
> > > diff --git a/fs/nilfs2/dir.c b/fs/nilfs2/dir.c
> > > index b243199036dfa1ab2299efaaa5bdf5da2d159ff2..3653db5cdb65137d1e660bb509c14ec4cbc8840b 100644
> > > --- a/fs/nilfs2/dir.c
> > > +++ b/fs/nilfs2/dir.c
> > > @@ -150,7 +150,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
> > >
> > > Ebadsize:
> > > nilfs_error(sb,
> > > - "size of directory #%lu is not a multiple of chunk size",
> > > + "size of directory #%llu is not a multiple of chunk size",
> > > dir->i_ino);
> > > goto fail;
> > > Eshort:
> > > @@ -169,7 +169,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
> > > error = "disallowed inode number";
> > > bad_entry:
> > > nilfs_error(sb,
> > > - "bad entry in directory #%lu: %s - offset=%lu, inode=%lu, rec_len=%zd, name_len=%d",
> > > + "bad entry in directory #%llu: %s - offset=%lu, inode=%lu, rec_len=%zd, name_len=%d",
> >
> > I think you missed 'inode=%lu' here.
>
> That is actually the placeholder for this:
>
> (unsigned long)le64_to_cpu(p->inode)
>
> ...which is not inode->i_ino. I do agree that the cast probably no
> longer makes sense with this change, but I'd probably leave that to a
> later cleanup so we can keep this set focused on the i_ino change.
I see your point. Makes sense. The rest looks good.
Reviewed-by: Viacheslav Dubeyko <slava@dubeyko.com>
Thanks,
Slava.
>
>
> > > dir->i_ino, error, (folio->index << PAGE_SHIFT) + offs,
> > > (unsigned long)le64_to_cpu(p->inode),
> > > rec_len, p->name_len);
> > > @@ -177,7 +177,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
> > > Eend:
> > > p = (struct nilfs_dir_entry *)(kaddr + offs);
> > > nilfs_error(sb,
> > > - "entry in directory #%lu spans the page boundary offset=%lu, inode=%lu",
> > > + "entry in directory #%llu spans the page boundary offset=%lu, inode=%lu",
> >
> > Ditto. You missed 'inode=%lu' here.
> >
> >
>
> Same here.
>
> > > dir->i_ino, (folio->index << PAGE_SHIFT) + offs,
> > > (unsigned long)le64_to_cpu(p->inode));
> > > fail:
> > > @@ -251,7 +251,7 @@ static int nilfs_readdir(struct file *file, struct dir_context *ctx)
> > >
> > > kaddr = nilfs_get_folio(inode, n, &folio);
> > > if (IS_ERR(kaddr)) {
> > > - nilfs_error(sb, "bad page in #%lu", inode->i_ino);
> > > + nilfs_error(sb, "bad page in #%llu", inode->i_ino);
> > > ctx->pos += PAGE_SIZE - offset;
> > > return -EIO;
> > > }
> > > @@ -336,7 +336,7 @@ struct nilfs_dir_entry *nilfs_find_entry(struct inode *dir,
> > > /* next folio is past the blocks we've got */
> > > if (unlikely(n > (dir->i_blocks >> (PAGE_SHIFT - 9)))) {
> > > nilfs_error(dir->i_sb,
> > > - "dir %lu size %lld exceeds block count %llu",
> > > + "dir %llu size %lld exceeds block count %llu",
> > > dir->i_ino, dir->i_size,
> > > (unsigned long long)dir->i_blocks);
> > > goto out;
> > > @@ -382,7 +382,7 @@ struct nilfs_dir_entry *nilfs_dotdot(struct inode *dir, struct folio **foliop)
> > > return next_de;
> > >
> > > fail:
> > > - nilfs_error(dir->i_sb, "directory #%lu %s", dir->i_ino, msg);
> > > + nilfs_error(dir->i_sb, "directory #%llu %s", dir->i_ino, msg);
> > > folio_release_kmap(folio, de);
> > > return NULL;
> > > }
> > > diff --git a/fs/nilfs2/direct.c b/fs/nilfs2/direct.c
> > > index 2d8dc6b35b5477947ca12a70288d3a3cce858aab..8bd0b1374e25f8ff510f3b36dbde2acc01aafc1e 100644
> > > --- a/fs/nilfs2/direct.c
> > > +++ b/fs/nilfs2/direct.c
> > > @@ -338,7 +338,7 @@ static int nilfs_direct_assign(struct nilfs_bmap *bmap,
> > > key = nilfs_bmap_data_get_key(bmap, *bh);
> > > if (unlikely(key > NILFS_DIRECT_KEY_MAX)) {
> > > nilfs_crit(bmap->b_inode->i_sb,
> > > - "%s (ino=%lu): invalid key: %llu",
> > > + "%s (ino=%llu): invalid key: %llu",
> > > __func__,
> > > bmap->b_inode->i_ino, (unsigned long long)key);
> > > return -EINVAL;
> > > @@ -346,7 +346,7 @@ static int nilfs_direct_assign(struct nilfs_bmap *bmap,
> > > ptr = nilfs_direct_get_ptr(bmap, key);
> > > if (unlikely(ptr == NILFS_BMAP_INVALID_PTR)) {
> > > nilfs_crit(bmap->b_inode->i_sb,
> > > - "%s (ino=%lu): invalid pointer: %llu",
> > > + "%s (ino=%llu): invalid pointer: %llu",
> > > __func__,
> > > bmap->b_inode->i_ino, (unsigned long long)ptr);
> > > return -EINVAL;
> > > diff --git a/fs/nilfs2/gcinode.c b/fs/nilfs2/gcinode.c
> > > index 561c220799c7aee879ad866865e377799c8ee6bb..62d4c1b787e95c961a360a4214d621d564ad8b4c 100644
> > > --- a/fs/nilfs2/gcinode.c
> > > +++ b/fs/nilfs2/gcinode.c
> > > @@ -137,7 +137,7 @@ int nilfs_gccache_wait_and_mark_dirty(struct buffer_head *bh)
> > > struct inode *inode = bh->b_folio->mapping->host;
> > >
> > > nilfs_err(inode->i_sb,
> > > - "I/O error reading %s block for GC (ino=%lu, vblocknr=%llu)",
> > > + "I/O error reading %s block for GC (ino=%llu, vblocknr=%llu)",
> > > buffer_nilfs_node(bh) ? "node" : "data",
> > > inode->i_ino, (unsigned long long)bh->b_blocknr);
> > > return -EIO;
> > > diff --git a/fs/nilfs2/inode.c b/fs/nilfs2/inode.c
> > > index 51bde45d586509dda3ef0cb7c46facb7fb2c61dd..51f7e125a311b868860e3e111700d49d4cb98fa6 100644
> > > --- a/fs/nilfs2/inode.c
> > > +++ b/fs/nilfs2/inode.c
> > > @@ -108,7 +108,7 @@ int nilfs_get_block(struct inode *inode, sector_t blkoff,
> > > * be locked in this case.
> > > */
> > > nilfs_warn(inode->i_sb,
> > > - "%s (ino=%lu): a race condition while inserting a data block at offset=%llu",
> > > + "%s (ino=%llu): a race condition while inserting a data block at offset=%llu",
> > > __func__, inode->i_ino,
> > > (unsigned long long)blkoff);
> > > err = -EAGAIN;
> > > @@ -789,7 +789,7 @@ static void nilfs_truncate_bmap(struct nilfs_inode_info *ii,
> > > goto repeat;
> > >
> > > failed:
> > > - nilfs_warn(ii->vfs_inode.i_sb, "error %d truncating bmap (ino=%lu)",
> > > + nilfs_warn(ii->vfs_inode.i_sb, "error %d truncating bmap (ino=%llu)",
> > > ret, ii->vfs_inode.i_ino);
> > > }
> > >
> > > @@ -1026,7 +1026,7 @@ int nilfs_set_file_dirty(struct inode *inode, unsigned int nr_dirty)
> > > * this inode.
> > > */
> > > nilfs_warn(inode->i_sb,
> > > - "cannot set file dirty (ino=%lu): the file is being freed",
> > > + "cannot set file dirty (ino=%llu): the file is being freed",
> > > inode->i_ino);
> > > spin_unlock(&nilfs->ns_inode_lock);
> > > return -EINVAL; /*
> > > @@ -1057,7 +1057,7 @@ int __nilfs_mark_inode_dirty(struct inode *inode, int flags)
> > > err = nilfs_load_inode_block(inode, &ibh);
> > > if (unlikely(err)) {
> > > nilfs_warn(inode->i_sb,
> > > - "cannot mark inode dirty (ino=%lu): error %d loading inode block",
> > > + "cannot mark inode dirty (ino=%llu): error %d loading inode block",
> > > inode->i_ino, err);
> > > return err;
> > > }
> > > diff --git a/fs/nilfs2/mdt.c b/fs/nilfs2/mdt.c
> > > index 946b0d3534a5f22f34ac44a91fb121541881c548..09adb40c65e505d92012a3d2f5fe8a5696e10056 100644
> > > --- a/fs/nilfs2/mdt.c
> > > +++ b/fs/nilfs2/mdt.c
> > > @@ -203,7 +203,7 @@ static int nilfs_mdt_read_block(struct inode *inode, unsigned long block,
> > > err = -EIO;
> > > if (!buffer_uptodate(first_bh)) {
> > > nilfs_err(inode->i_sb,
> > > - "I/O error reading meta-data file (ino=%lu, block-offset=%lu)",
> > > + "I/O error reading meta-data file (ino=%llu, block-offset=%lu)",
> > > inode->i_ino, block);
> > > goto failed_bh;
> > > }
> > > diff --git a/fs/nilfs2/namei.c b/fs/nilfs2/namei.c
> > > index 40f4b1a28705b6e0eb8f0978cf3ac18b43aa1331..40ac679ec56e400b1df98e9be6fe9ca338a9ba51 100644
> > > --- a/fs/nilfs2/namei.c
> > > +++ b/fs/nilfs2/namei.c
> > > @@ -292,7 +292,7 @@ static int nilfs_do_unlink(struct inode *dir, struct dentry *dentry)
> > >
> > > if (!inode->i_nlink) {
> > > nilfs_warn(inode->i_sb,
> > > - "deleting nonexistent file (ino=%lu), %d",
> > > + "deleting nonexistent file (ino=%llu), %d",
> > > inode->i_ino, inode->i_nlink);
> > > set_nlink(inode, 1);
> > > }
> > > diff --git a/fs/nilfs2/segment.c b/fs/nilfs2/segment.c
> > > index 098a3bd103e04cd09b0689fe2017380d74664496..4b1bf559f3524b1cc3965dae9fd3e5745718569d 100644
> > > --- a/fs/nilfs2/segment.c
> > > +++ b/fs/nilfs2/segment.c
> > > @@ -2024,7 +2024,7 @@ static int nilfs_segctor_collect_dirty_files(struct nilfs_sc_info *sci,
> > > ifile, ii->vfs_inode.i_ino, &ibh);
> > > if (unlikely(err)) {
> > > nilfs_warn(sci->sc_super,
> > > - "log writer: error %d getting inode block (ino=%lu)",
> > > + "log writer: error %d getting inode block (ino=%llu)",
> > > err, ii->vfs_inode.i_ino);
> > > return err;
> > > }
> > > diff --git a/include/trace/events/nilfs2.h b/include/trace/events/nilfs2.h
> > > index 8880c11733dd307c223cc62ee34ebeff650ecb12..86a0011c9eeaf031cfa0b79875b2b106ef8b7cfd 100644
> > > --- a/include/trace/events/nilfs2.h
> > > +++ b/include/trace/events/nilfs2.h
> > > @@ -165,14 +165,14 @@ TRACE_EVENT(nilfs2_segment_usage_freed,
> > >
> > > TRACE_EVENT(nilfs2_mdt_insert_new_block,
> > > TP_PROTO(struct inode *inode,
> > > - unsigned long ino,
> > > + u64 ino,
> > > unsigned long block),
> > >
> > > TP_ARGS(inode, ino, block),
> > >
> > > TP_STRUCT__entry(
> > > __field(struct inode *, inode)
> > > - __field(unsigned long, ino)
> > > + __field(u64, ino)
> > > __field(unsigned long, block)
> > > ),
> > >
> > > @@ -182,7 +182,7 @@ TRACE_EVENT(nilfs2_mdt_insert_new_block,
> > > __entry->block = block;
> > > ),
> > >
> > > - TP_printk("inode = %p ino = %lu block = %lu",
> > > + TP_printk("inode = %p ino = %llu block = %lu",
> > > __entry->inode,
> > > __entry->ino,
> > > __entry->block)
> > > @@ -190,7 +190,7 @@ TRACE_EVENT(nilfs2_mdt_insert_new_block,
> > >
> > > TRACE_EVENT(nilfs2_mdt_submit_block,
> > > TP_PROTO(struct inode *inode,
> > > - unsigned long ino,
> > > + u64 ino,
> > > unsigned long blkoff,
> > > enum req_op mode),
> > >
> > > @@ -198,7 +198,7 @@ TRACE_EVENT(nilfs2_mdt_submit_block,
> > >
> > > TP_STRUCT__entry(
> > > __field(struct inode *, inode)
> > > - __field(unsigned long, ino)
> > > + __field(u64, ino)
> > > __field(unsigned long, blkoff)
> > > /*
> > > * Use field_struct() to avoid is_signed_type() on the
> > > @@ -214,7 +214,7 @@ TRACE_EVENT(nilfs2_mdt_submit_block,
> > > __entry->mode = mode;
> > > ),
> > >
> > > - TP_printk("inode = %p ino = %lu blkoff = %lu mode = %x",
> > > + TP_printk("inode = %p ino = %llu blkoff = %lu mode = %x",
> > > __entry->inode,
> > > __entry->ino,
> > > __entry->blkoff,
^ permalink raw reply
* Re: [PATCH 12/61] nfsd: update format strings for u64 i_ino
From: Jeff Layton @ 2026-02-26 20:06 UTC (permalink / raw)
To: Chuck Lever, Alexander Viro, Christian Brauner, Jan Kara,
Steven Rostedt, Masami Hiramatsu, Mathieu Desnoyers, Dan Williams,
Matthew Wilcox, Eric Biggers, Theodore Y. Ts'o, Muchun Song,
Oscar Salvador, David Hildenbrand, David Howells, Paulo Alcantara,
Andreas Dilger, Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust,
Anna Schumaker, NeilBrown, Olga Kornievskaia, Dai Ngo, Tom Talpey,
Steve French, Ronnie Sahlberg, Shyam Prasad N, Bharath SM,
Alexander Aring, Ryusuke Konishi, Viacheslav Dubeyko,
Eric Van Hensbergen, Latchesar Ionkov, Dominique Martinet,
Christian Schoenebeck, David Sterba, Marc Dionne, Ian Kent,
Luis de Bethencourt, Salah Triki, Tigran A. Aivazian,
Ilya Dryomov, Alex Markuze, Jan Harkes, coda, Nicolas Pitre,
Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Zhihao Cheng, Damien Le Moal, Naohiro Aota, Johannes Thumshirn,
John Johansen, Paul Moore, James Morris, Serge E. Hallyn,
Mimi Zohar, Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, Sumit Semwal,
Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
David S. Miller, Jakub Kicinski, Simon Horman, Oleg Nesterov,
Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, James Clark, Darrick J. Wong,
Martin Schiller
Cc: linux-fsdevel, linux-kernel, linux-trace-kernel, nvdimm, fsverity,
linux-mm, netfs, linux-ext4, linux-f2fs-devel, linux-nfs,
linux-cifs, samba-technical, linux-nilfs, v9fs, linux-afs, autofs,
ceph-devel, codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3,
ocfs2-devel, devel, linux-unionfs, apparmor,
linux-security-module, linux-integrity, selinux, amd-gfx,
dri-devel, linux-media, linaro-mm-sig, netdev, linux-perf-users,
linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <8b0bb056-9504-4835-8063-7ddeba328721@oracle.com>
On Thu, 2026-02-26 at 14:48 -0500, Chuck Lever wrote:
> On 2/26/26 10:55 AM, Jeff Layton wrote:
> > Update format strings from %ld/%lu to %lld/%llu for i_ino, which is
> > now a u64.
> >
> > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > ---
> > fs/nfsd/export.c | 2 +-
> > fs/nfsd/nfs4state.c | 4 ++--
> > fs/nfsd/nfsfh.c | 4 ++--
> > fs/nfsd/vfs.c | 2 +-
> > 4 files changed, 6 insertions(+), 6 deletions(-)
> >
> > diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c
> > index 8fdbba7cad96443d92cc7fdeea6158c4cc681be1..334b63eb966e71e6af6adde61aa1123f01b4390b 100644
> > --- a/fs/nfsd/export.c
> > +++ b/fs/nfsd/export.c
> > @@ -1039,7 +1039,7 @@ exp_rootfh(struct net *net, struct auth_domain *clp, char *name,
> > }
> > inode = d_inode(path.dentry);
> >
> > - dprintk("nfsd: exp_rootfh(%s [%p] %s:%s/%ld)\n",
> > + dprintk("nfsd: exp_rootfh(%s [%p] %s:%s/%lld)\n",
> > name, path.dentry, clp->name,
> > inode->i_sb->s_id, inode->i_ino);
> > exp = exp_parent(cd, clp, &path);
> > diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
> > index 6b9c399b89dfb71a52b9c97f0efe9a1dea0558a6..a569d89ac9123d66bb47e7d74c7c98610de21da2 100644
> > --- a/fs/nfsd/nfs4state.c
> > +++ b/fs/nfsd/nfs4state.c
> > @@ -1253,7 +1253,7 @@ static void nfsd4_finalize_deleg_timestamps(struct nfs4_delegation *dp, struct f
> > if (ret) {
> > struct inode *inode = file_inode(f);
> >
> > - pr_notice_ratelimited("nfsd: Unable to update timestamps on inode %02x:%02x:%lu: %d\n",
> > + pr_notice_ratelimited("nfsd: Unable to update timestamps on inode %02x:%02x:%llu: %d\n",
> > MAJOR(inode->i_sb->s_dev),
> > MINOR(inode->i_sb->s_dev),
> > inode->i_ino, ret);
> > @@ -2888,7 +2888,7 @@ static void nfs4_show_superblock(struct seq_file *s, struct nfsd_file *f)
> > {
> > struct inode *inode = file_inode(f->nf_file);
> >
> > - seq_printf(s, "superblock: \"%02x:%02x:%ld\"",
> > + seq_printf(s, "superblock: \"%02x:%02x:%llu\"",
> > MAJOR(inode->i_sb->s_dev),
> > MINOR(inode->i_sb->s_dev),
> > inode->i_ino);
> > diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
> > index ed85dd43da18e6d4c4667ff14dc035f2eacff1d6..cfd143b41eb1fb53868f378d668905c1c7d5f868 100644
> > --- a/fs/nfsd/nfsfh.c
> > +++ b/fs/nfsd/nfsfh.c
> > @@ -601,9 +601,9 @@ fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry,
> > struct inode * inode = d_inode(dentry);
> > dev_t ex_dev = exp_sb(exp)->s_dev;
> >
> > - dprintk("nfsd: fh_compose(exp %02x:%02x/%ld %pd2, ino=%ld)\n",
> > + dprintk("nfsd: fh_compose(exp %02x:%02x/%lld %pd2, ino=%lld)\n",
> > MAJOR(ex_dev), MINOR(ex_dev),
> > - (long) d_inode(exp->ex_path.dentry)->i_ino,
> > + (long long) d_inode(exp->ex_path.dentry)->i_ino,
> > dentry,
> > (inode ? inode->i_ino : 0));
> >
> > diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
> > index c884c3f34afb044ee5cacc962a04a97de2f7fd88..dde09f3734c2844a3fe0b6d18d596276a19aa2d1 100644
> > --- a/fs/nfsd/vfs.c
> > +++ b/fs/nfsd/vfs.c
> > @@ -1163,7 +1163,7 @@ nfsd_direct_read(struct svc_rqst *rqstp, struct svc_fh *fhp,
> > } else if (unlikely(host_err == -EINVAL)) {
> > struct inode *inode = d_inode(fhp->fh_dentry);
> >
> > - pr_info_ratelimited("nfsd: Direct I/O alignment failure on %s/%ld\n",
> > + pr_info_ratelimited("nfsd: Direct I/O alignment failure on %s/%lld\n",
> > inode->i_sb->s_id, inode->i_ino);
> > host_err = -ESERVERFAULT;
> > }
> >
>
> Suggestion: Let's use the %llu format specifier consistently for
> inode->i_ino, which is unsigned.
>
> Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
>
Good plan. I'll have claude do a pass for that in the next set.
--
Jeff Layton <jlayton@kernel.org>
^ permalink raw reply
* Re: [PATCH 17/61] nilfs2: update for u64 i_ino
From: Jeff Layton @ 2026-02-26 20:06 UTC (permalink / raw)
To: Viacheslav Dubeyko, david@kernel.org, namhyung@kernel.org,
oleg@redhat.com, anna@kernel.org, ms@dev.tdt.de,
alexander.shishkin@linux.intel.com, jack@suse.cz,
ebiggers@kernel.org, Ondrej Mosnacek, mark.rutland@arm.com,
casey@schaufler-ca.com, glaubitz@physik.fu-berlin.de,
miklos@szeredi.hu, sumit.semwal@linaro.org,
john.johansen@canonical.com, amir73il@gmail.com,
slava@dubeyko.com, willy@infradead.org, tytso@mit.edu,
asmadeus@codewreck.org, jth@kernel.org, shaggy@kernel.org,
serge@hallyn.com, jaharkes@cs.cmu.edu, trondmy@kernel.org,
jolsa@kernel.org, ericvh@kernel.org, simona@ffwll.ch,
willemb@google.com, aivazian.tigran@gmail.com,
hubcap@omnibond.com, muchun.song@linux.dev, sfrench@samba.org,
neil@brown.name, jmorris@namei.org, jlbec@evilplan.org,
chuck.lever@oracle.com, ronniesahlberg@gmail.com,
lucho@ionkov.net, dan.j.williams@intel.com, raven@themaw.net,
Alex Markuze, mhiramat@kernel.org, alexander.deucher@amd.com,
mathieu.desnoyers@efficios.com, horms@kernel.org, tom@talpey.com,
mark@fasheh.com, mikulas@artax.karlin.mff.cuni.cz,
djwong@kernel.org, edumazet@google.com, Olga Kornievskaia,
bharathsm@microsoft.com, adrian.hunter@intel.com,
osalvador@suse.de, peterz@infradead.org, christian.koenig@amd.com,
pc@manguebit.org, martin@omnibond.com, naohiro.aota@wdc.com,
frank.li@vivo.com, dsterba@suse.com, zohar@linux.ibm.com,
code@tyhicks.com, dwmw2@infradead.org, kuba@kernel.org,
kuniyu@google.com, nico@fluxnic.net, jack@suse.com,
dlemoal@kernel.org, viro@zeniv.linux.org.uk,
stephen.smalley.work@gmail.com, salah.triki@gmail.com,
David Howells, paul@paul-moore.com, luisbg@kernel.org,
irogers@google.com, acme@kernel.org, richard@nod.at,
rostedt@goodmis.org, idryomov@gmail.com,
joseph.qi@linux.alibaba.com, al@alarsen.net,
james.clark@linaro.org, dmitry.kasatkin@gmail.com,
roberto.sassu@huawei.com, konishi.ryusuke@gmail.com,
sprasad@microsoft.com, jaegeuk@kernel.org,
linux_oss@crudebyte.com, brauner@kernel.org, Dai.Ngo@oracle.com,
eric.snowberg@oracle.com, adilger.kernel@dilger.ca,
chao@kernel.org, wufan@kernel.org, coda@cs.cmu.edu, Ingo Molnar,
alex.aring@gmail.com, airlied@gmail.com, chengzhihao1@huawei.com,
Paolo Abeni, marc.dionne@auristor.com,
almaz.alexandrovich@paragon-software.com, davem@davemloft.net,
hch@infradead.org
Cc: ecryptfs@vger.kernel.org, linux-unionfs@vger.kernel.org,
apparmor@lists.ubuntu.com, linux-ext4@vger.kernel.org,
autofs@vger.kernel.org, amd-gfx@lists.freedesktop.org,
fsverity@lists.linux.dev, ntfs3@lists.linux.dev,
ocfs2-devel@lists.linux.dev, linux-fsdevel@vger.kernel.org,
linux-media@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, linux-integrity@vger.kernel.org,
samba-technical@lists.samba.org, linux-nilfs@vger.kernel.org,
selinux@vger.kernel.org, linaro-mm-sig@lists.linaro.org,
linux-trace-kernel@vger.kernel.org, v9fs@lists.linux.dev,
linux-xfs@vger.kernel.org, linux-x25@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net, nvdimm@lists.linux.dev,
ceph-devel@vger.kernel.org, jfs-discussion@lists.sourceforge.net,
linux-mtd@lists.infradead.org, devel@lists.orangefs.org,
linux-afs@lists.infradead.org, linux-fscrypt@vger.kernel.org,
linux-security-module@vger.kernel.org, linux-cifs@vger.kernel.org,
linux-hams@vger.kernel.org, linux-nfs@vger.kernel.org,
codalist@coda.cs.cmu.edu, linux-mm@kvack.org,
netfs@lists.linux.dev, linux-perf-users@vger.kernel.org,
dri-devel@lists.freedesktop.org
In-Reply-To: <34b1d1f43043ca1b71a3ca9ea5ebce597a4c02aa.camel@ibm.com>
On Thu, 2026-02-26 at 19:46 +0000, Viacheslav Dubeyko wrote:
> On Thu, 2026-02-26 at 10:55 -0500, Jeff Layton wrote:
> > Update nilfs2 trace events and filesystem code for u64 i_ino:
> >
> > - Change __field(ino_t, ...) to __field(u64, ...) in trace events
> > - Update format strings from %lu to %llu
> > - Cast to (unsigned long long) in TP_printk
> >
> > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > ---
> > fs/nilfs2/alloc.c | 10 +++++-----
> > fs/nilfs2/bmap.c | 2 +-
> > fs/nilfs2/btnode.c | 2 +-
> > fs/nilfs2/btree.c | 12 ++++++------
> > fs/nilfs2/dir.c | 12 ++++++------
> > fs/nilfs2/direct.c | 4 ++--
> > fs/nilfs2/gcinode.c | 2 +-
> > fs/nilfs2/inode.c | 8 ++++----
> > fs/nilfs2/mdt.c | 2 +-
> > fs/nilfs2/namei.c | 2 +-
> > fs/nilfs2/segment.c | 2 +-
> > include/trace/events/nilfs2.h | 12 ++++++------
> > 12 files changed, 35 insertions(+), 35 deletions(-)
> >
> > diff --git a/fs/nilfs2/alloc.c b/fs/nilfs2/alloc.c
> > index e7eebb04f9a4080a39f17d4123e58ed7df6b2f4b..7b1cd2baefcf21e54f9260845b02c7c95c148c64 100644
> > --- a/fs/nilfs2/alloc.c
> > +++ b/fs/nilfs2/alloc.c
> > @@ -707,7 +707,7 @@ void nilfs_palloc_commit_free_entry(struct inode *inode,
> >
> > if (!nilfs_clear_bit_atomic(lock, group_offset, bitmap))
> > nilfs_warn(inode->i_sb,
> > - "%s (ino=%lu): entry number %llu already freed",
> > + "%s (ino=%llu): entry number %llu already freed",
> > __func__, inode->i_ino,
> > (unsigned long long)req->pr_entry_nr);
> > else
> > @@ -748,7 +748,7 @@ void nilfs_palloc_abort_alloc_entry(struct inode *inode,
> >
> > if (!nilfs_clear_bit_atomic(lock, group_offset, bitmap))
> > nilfs_warn(inode->i_sb,
> > - "%s (ino=%lu): entry number %llu already freed",
> > + "%s (ino=%llu): entry number %llu already freed",
> > __func__, inode->i_ino,
> > (unsigned long long)req->pr_entry_nr);
> > else
> > @@ -861,7 +861,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> > if (!nilfs_clear_bit_atomic(lock, group_offset,
> > bitmap)) {
> > nilfs_warn(inode->i_sb,
> > - "%s (ino=%lu): entry number %llu already freed",
> > + "%s (ino=%llu): entry number %llu already freed",
> > __func__, inode->i_ino,
> > (unsigned long long)entry_nrs[j]);
> > } else {
> > @@ -906,7 +906,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> > last_nrs[k]);
> > if (ret && ret != -ENOENT)
> > nilfs_warn(inode->i_sb,
> > - "error %d deleting block that object (entry=%llu, ino=%lu) belongs to",
> > + "error %d deleting block that object (entry=%llu, ino=%llu) belongs to",
> > ret, (unsigned long long)last_nrs[k],
> > inode->i_ino);
> > }
> > @@ -923,7 +923,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> > ret = nilfs_palloc_delete_bitmap_block(inode, group);
> > if (ret && ret != -ENOENT)
> > nilfs_warn(inode->i_sb,
> > - "error %d deleting bitmap block of group=%lu, ino=%lu",
> > + "error %d deleting bitmap block of group=%lu, ino=%llu",
> > ret, group, inode->i_ino);
> > }
> > }
> > diff --git a/fs/nilfs2/bmap.c b/fs/nilfs2/bmap.c
> > index ccc1a7aa52d2064d56b826058554264c498d592f..824f2bd91c167965ec3a660202b6e6c5f1fe007e 100644
> > --- a/fs/nilfs2/bmap.c
> > +++ b/fs/nilfs2/bmap.c
> > @@ -33,7 +33,7 @@ static int nilfs_bmap_convert_error(struct nilfs_bmap *bmap,
> >
> > if (err == -EINVAL) {
> > __nilfs_error(inode->i_sb, fname,
> > - "broken bmap (inode number=%lu)", inode->i_ino);
> > + "broken bmap (inode number=%llu)", inode->i_ino);
> > err = -EIO;
> > }
> > return err;
> > diff --git a/fs/nilfs2/btnode.c b/fs/nilfs2/btnode.c
> > index 56836712909201775907483887e8a0022851bbec..2e553d698d0f3980de98fced415dfd819ddbca0a 100644
> > --- a/fs/nilfs2/btnode.c
> > +++ b/fs/nilfs2/btnode.c
> > @@ -64,7 +64,7 @@ nilfs_btnode_create_block(struct address_space *btnc, __u64 blocknr)
> > * clearing of an abandoned b-tree node is missing somewhere).
> > */
> > nilfs_error(inode->i_sb,
> > - "state inconsistency probably due to duplicate use of b-tree node block address %llu (ino=%lu)",
> > + "state inconsistency probably due to duplicate use of b-tree node block address %llu (ino=%llu)",
> > (unsigned long long)blocknr, inode->i_ino);
> > goto failed;
> > }
> > diff --git a/fs/nilfs2/btree.c b/fs/nilfs2/btree.c
> > index dd0c8e560ef6a2c96515025321914e0d73f41144..3c03f5a741d144d22d1ffb5acf43a035e88c00dc 100644
> > --- a/fs/nilfs2/btree.c
> > +++ b/fs/nilfs2/btree.c
> > @@ -353,7 +353,7 @@ static int nilfs_btree_node_broken(const struct nilfs_btree_node *node,
> > nchildren <= 0 ||
> > nchildren > NILFS_BTREE_NODE_NCHILDREN_MAX(size))) {
> > nilfs_crit(inode->i_sb,
> > - "bad btree node (ino=%lu, blocknr=%llu): level = %d, flags = 0x%x, nchildren = %d",
> > + "bad btree node (ino=%llu, blocknr=%llu): level = %d, flags = 0x%x, nchildren = %d",
> > inode->i_ino, (unsigned long long)blocknr, level,
> > flags, nchildren);
> > ret = 1;
> > @@ -384,7 +384,7 @@ static int nilfs_btree_root_broken(const struct nilfs_btree_node *node,
> > nchildren > NILFS_BTREE_ROOT_NCHILDREN_MAX ||
> > (nchildren == 0 && level > NILFS_BTREE_LEVEL_NODE_MIN))) {
> > nilfs_crit(inode->i_sb,
> > - "bad btree root (ino=%lu): level = %d, flags = 0x%x, nchildren = %d",
> > + "bad btree root (ino=%llu): level = %d, flags = 0x%x, nchildren = %d",
> > inode->i_ino, level, flags, nchildren);
> > ret = 1;
> > }
> > @@ -453,7 +453,7 @@ static int nilfs_btree_bad_node(const struct nilfs_bmap *btree,
> > if (unlikely(nilfs_btree_node_get_level(node) != level)) {
> > dump_stack();
> > nilfs_crit(btree->b_inode->i_sb,
> > - "btree level mismatch (ino=%lu): %d != %d",
> > + "btree level mismatch (ino=%llu): %d != %d",
> > btree->b_inode->i_ino,
> > nilfs_btree_node_get_level(node), level);
> > return 1;
> > @@ -521,7 +521,7 @@ static int __nilfs_btree_get_block(const struct nilfs_bmap *btree, __u64 ptr,
> > out_no_wait:
> > if (!buffer_uptodate(bh)) {
> > nilfs_err(btree->b_inode->i_sb,
> > - "I/O error reading b-tree node block (ino=%lu, blocknr=%llu)",
> > + "I/O error reading b-tree node block (ino=%llu, blocknr=%llu)",
> > btree->b_inode->i_ino, (unsigned long long)ptr);
> > brelse(bh);
> > return -EIO;
> > @@ -2104,7 +2104,7 @@ static int nilfs_btree_propagate(struct nilfs_bmap *btree,
> > if (ret < 0) {
> > if (unlikely(ret == -ENOENT)) {
> > nilfs_crit(btree->b_inode->i_sb,
> > - "writing node/leaf block does not appear in b-tree (ino=%lu) at key=%llu, level=%d",
> > + "writing node/leaf block does not appear in b-tree (ino=%llu) at key=%llu, level=%d",
> > btree->b_inode->i_ino,
> > (unsigned long long)key, level);
> > ret = -EINVAL;
> > @@ -2146,7 +2146,7 @@ static void nilfs_btree_add_dirty_buffer(struct nilfs_bmap *btree,
> > level >= NILFS_BTREE_LEVEL_MAX) {
> > dump_stack();
> > nilfs_warn(btree->b_inode->i_sb,
> > - "invalid btree level: %d (key=%llu, ino=%lu, blocknr=%llu)",
> > + "invalid btree level: %d (key=%llu, ino=%llu, blocknr=%llu)",
> > level, (unsigned long long)key,
> > btree->b_inode->i_ino,
> > (unsigned long long)bh->b_blocknr);
> > diff --git a/fs/nilfs2/dir.c b/fs/nilfs2/dir.c
> > index b243199036dfa1ab2299efaaa5bdf5da2d159ff2..3653db5cdb65137d1e660bb509c14ec4cbc8840b 100644
> > --- a/fs/nilfs2/dir.c
> > +++ b/fs/nilfs2/dir.c
> > @@ -150,7 +150,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
> >
> > Ebadsize:
> > nilfs_error(sb,
> > - "size of directory #%lu is not a multiple of chunk size",
> > + "size of directory #%llu is not a multiple of chunk size",
> > dir->i_ino);
> > goto fail;
> > Eshort:
> > @@ -169,7 +169,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
> > error = "disallowed inode number";
> > bad_entry:
> > nilfs_error(sb,
> > - "bad entry in directory #%lu: %s - offset=%lu, inode=%lu, rec_len=%zd, name_len=%d",
> > + "bad entry in directory #%llu: %s - offset=%lu, inode=%lu, rec_len=%zd, name_len=%d",
>
> I think you missed 'inode=%lu' here.
That is actually the placeholder for this:
(unsigned long)le64_to_cpu(p->inode)
...which is not inode->i_ino. I do agree that the cast probably no
longer makes sense with this change, but I'd probably leave that to a
later cleanup so we can keep this set focused on the i_ino change.
> > dir->i_ino, error, (folio->index << PAGE_SHIFT) + offs,
> > (unsigned long)le64_to_cpu(p->inode),
> > rec_len, p->name_len);
> > @@ -177,7 +177,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
> > Eend:
> > p = (struct nilfs_dir_entry *)(kaddr + offs);
> > nilfs_error(sb,
> > - "entry in directory #%lu spans the page boundary offset=%lu, inode=%lu",
> > + "entry in directory #%llu spans the page boundary offset=%lu, inode=%lu",
>
> Ditto. You missed 'inode=%lu' here.
>
>
Same here.
> > dir->i_ino, (folio->index << PAGE_SHIFT) + offs,
> > (unsigned long)le64_to_cpu(p->inode));
> > fail:
> > @@ -251,7 +251,7 @@ static int nilfs_readdir(struct file *file, struct dir_context *ctx)
> >
> > kaddr = nilfs_get_folio(inode, n, &folio);
> > if (IS_ERR(kaddr)) {
> > - nilfs_error(sb, "bad page in #%lu", inode->i_ino);
> > + nilfs_error(sb, "bad page in #%llu", inode->i_ino);
> > ctx->pos += PAGE_SIZE - offset;
> > return -EIO;
> > }
> > @@ -336,7 +336,7 @@ struct nilfs_dir_entry *nilfs_find_entry(struct inode *dir,
> > /* next folio is past the blocks we've got */
> > if (unlikely(n > (dir->i_blocks >> (PAGE_SHIFT - 9)))) {
> > nilfs_error(dir->i_sb,
> > - "dir %lu size %lld exceeds block count %llu",
> > + "dir %llu size %lld exceeds block count %llu",
> > dir->i_ino, dir->i_size,
> > (unsigned long long)dir->i_blocks);
> > goto out;
> > @@ -382,7 +382,7 @@ struct nilfs_dir_entry *nilfs_dotdot(struct inode *dir, struct folio **foliop)
> > return next_de;
> >
> > fail:
> > - nilfs_error(dir->i_sb, "directory #%lu %s", dir->i_ino, msg);
> > + nilfs_error(dir->i_sb, "directory #%llu %s", dir->i_ino, msg);
> > folio_release_kmap(folio, de);
> > return NULL;
> > }
> > diff --git a/fs/nilfs2/direct.c b/fs/nilfs2/direct.c
> > index 2d8dc6b35b5477947ca12a70288d3a3cce858aab..8bd0b1374e25f8ff510f3b36dbde2acc01aafc1e 100644
> > --- a/fs/nilfs2/direct.c
> > +++ b/fs/nilfs2/direct.c
> > @@ -338,7 +338,7 @@ static int nilfs_direct_assign(struct nilfs_bmap *bmap,
> > key = nilfs_bmap_data_get_key(bmap, *bh);
> > if (unlikely(key > NILFS_DIRECT_KEY_MAX)) {
> > nilfs_crit(bmap->b_inode->i_sb,
> > - "%s (ino=%lu): invalid key: %llu",
> > + "%s (ino=%llu): invalid key: %llu",
> > __func__,
> > bmap->b_inode->i_ino, (unsigned long long)key);
> > return -EINVAL;
> > @@ -346,7 +346,7 @@ static int nilfs_direct_assign(struct nilfs_bmap *bmap,
> > ptr = nilfs_direct_get_ptr(bmap, key);
> > if (unlikely(ptr == NILFS_BMAP_INVALID_PTR)) {
> > nilfs_crit(bmap->b_inode->i_sb,
> > - "%s (ino=%lu): invalid pointer: %llu",
> > + "%s (ino=%llu): invalid pointer: %llu",
> > __func__,
> > bmap->b_inode->i_ino, (unsigned long long)ptr);
> > return -EINVAL;
> > diff --git a/fs/nilfs2/gcinode.c b/fs/nilfs2/gcinode.c
> > index 561c220799c7aee879ad866865e377799c8ee6bb..62d4c1b787e95c961a360a4214d621d564ad8b4c 100644
> > --- a/fs/nilfs2/gcinode.c
> > +++ b/fs/nilfs2/gcinode.c
> > @@ -137,7 +137,7 @@ int nilfs_gccache_wait_and_mark_dirty(struct buffer_head *bh)
> > struct inode *inode = bh->b_folio->mapping->host;
> >
> > nilfs_err(inode->i_sb,
> > - "I/O error reading %s block for GC (ino=%lu, vblocknr=%llu)",
> > + "I/O error reading %s block for GC (ino=%llu, vblocknr=%llu)",
> > buffer_nilfs_node(bh) ? "node" : "data",
> > inode->i_ino, (unsigned long long)bh->b_blocknr);
> > return -EIO;
> > diff --git a/fs/nilfs2/inode.c b/fs/nilfs2/inode.c
> > index 51bde45d586509dda3ef0cb7c46facb7fb2c61dd..51f7e125a311b868860e3e111700d49d4cb98fa6 100644
> > --- a/fs/nilfs2/inode.c
> > +++ b/fs/nilfs2/inode.c
> > @@ -108,7 +108,7 @@ int nilfs_get_block(struct inode *inode, sector_t blkoff,
> > * be locked in this case.
> > */
> > nilfs_warn(inode->i_sb,
> > - "%s (ino=%lu): a race condition while inserting a data block at offset=%llu",
> > + "%s (ino=%llu): a race condition while inserting a data block at offset=%llu",
> > __func__, inode->i_ino,
> > (unsigned long long)blkoff);
> > err = -EAGAIN;
> > @@ -789,7 +789,7 @@ static void nilfs_truncate_bmap(struct nilfs_inode_info *ii,
> > goto repeat;
> >
> > failed:
> > - nilfs_warn(ii->vfs_inode.i_sb, "error %d truncating bmap (ino=%lu)",
> > + nilfs_warn(ii->vfs_inode.i_sb, "error %d truncating bmap (ino=%llu)",
> > ret, ii->vfs_inode.i_ino);
> > }
> >
> > @@ -1026,7 +1026,7 @@ int nilfs_set_file_dirty(struct inode *inode, unsigned int nr_dirty)
> > * this inode.
> > */
> > nilfs_warn(inode->i_sb,
> > - "cannot set file dirty (ino=%lu): the file is being freed",
> > + "cannot set file dirty (ino=%llu): the file is being freed",
> > inode->i_ino);
> > spin_unlock(&nilfs->ns_inode_lock);
> > return -EINVAL; /*
> > @@ -1057,7 +1057,7 @@ int __nilfs_mark_inode_dirty(struct inode *inode, int flags)
> > err = nilfs_load_inode_block(inode, &ibh);
> > if (unlikely(err)) {
> > nilfs_warn(inode->i_sb,
> > - "cannot mark inode dirty (ino=%lu): error %d loading inode block",
> > + "cannot mark inode dirty (ino=%llu): error %d loading inode block",
> > inode->i_ino, err);
> > return err;
> > }
> > diff --git a/fs/nilfs2/mdt.c b/fs/nilfs2/mdt.c
> > index 946b0d3534a5f22f34ac44a91fb121541881c548..09adb40c65e505d92012a3d2f5fe8a5696e10056 100644
> > --- a/fs/nilfs2/mdt.c
> > +++ b/fs/nilfs2/mdt.c
> > @@ -203,7 +203,7 @@ static int nilfs_mdt_read_block(struct inode *inode, unsigned long block,
> > err = -EIO;
> > if (!buffer_uptodate(first_bh)) {
> > nilfs_err(inode->i_sb,
> > - "I/O error reading meta-data file (ino=%lu, block-offset=%lu)",
> > + "I/O error reading meta-data file (ino=%llu, block-offset=%lu)",
> > inode->i_ino, block);
> > goto failed_bh;
> > }
> > diff --git a/fs/nilfs2/namei.c b/fs/nilfs2/namei.c
> > index 40f4b1a28705b6e0eb8f0978cf3ac18b43aa1331..40ac679ec56e400b1df98e9be6fe9ca338a9ba51 100644
> > --- a/fs/nilfs2/namei.c
> > +++ b/fs/nilfs2/namei.c
> > @@ -292,7 +292,7 @@ static int nilfs_do_unlink(struct inode *dir, struct dentry *dentry)
> >
> > if (!inode->i_nlink) {
> > nilfs_warn(inode->i_sb,
> > - "deleting nonexistent file (ino=%lu), %d",
> > + "deleting nonexistent file (ino=%llu), %d",
> > inode->i_ino, inode->i_nlink);
> > set_nlink(inode, 1);
> > }
> > diff --git a/fs/nilfs2/segment.c b/fs/nilfs2/segment.c
> > index 098a3bd103e04cd09b0689fe2017380d74664496..4b1bf559f3524b1cc3965dae9fd3e5745718569d 100644
> > --- a/fs/nilfs2/segment.c
> > +++ b/fs/nilfs2/segment.c
> > @@ -2024,7 +2024,7 @@ static int nilfs_segctor_collect_dirty_files(struct nilfs_sc_info *sci,
> > ifile, ii->vfs_inode.i_ino, &ibh);
> > if (unlikely(err)) {
> > nilfs_warn(sci->sc_super,
> > - "log writer: error %d getting inode block (ino=%lu)",
> > + "log writer: error %d getting inode block (ino=%llu)",
> > err, ii->vfs_inode.i_ino);
> > return err;
> > }
> > diff --git a/include/trace/events/nilfs2.h b/include/trace/events/nilfs2.h
> > index 8880c11733dd307c223cc62ee34ebeff650ecb12..86a0011c9eeaf031cfa0b79875b2b106ef8b7cfd 100644
> > --- a/include/trace/events/nilfs2.h
> > +++ b/include/trace/events/nilfs2.h
> > @@ -165,14 +165,14 @@ TRACE_EVENT(nilfs2_segment_usage_freed,
> >
> > TRACE_EVENT(nilfs2_mdt_insert_new_block,
> > TP_PROTO(struct inode *inode,
> > - unsigned long ino,
> > + u64 ino,
> > unsigned long block),
> >
> > TP_ARGS(inode, ino, block),
> >
> > TP_STRUCT__entry(
> > __field(struct inode *, inode)
> > - __field(unsigned long, ino)
> > + __field(u64, ino)
> > __field(unsigned long, block)
> > ),
> >
> > @@ -182,7 +182,7 @@ TRACE_EVENT(nilfs2_mdt_insert_new_block,
> > __entry->block = block;
> > ),
> >
> > - TP_printk("inode = %p ino = %lu block = %lu",
> > + TP_printk("inode = %p ino = %llu block = %lu",
> > __entry->inode,
> > __entry->ino,
> > __entry->block)
> > @@ -190,7 +190,7 @@ TRACE_EVENT(nilfs2_mdt_insert_new_block,
> >
> > TRACE_EVENT(nilfs2_mdt_submit_block,
> > TP_PROTO(struct inode *inode,
> > - unsigned long ino,
> > + u64 ino,
> > unsigned long blkoff,
> > enum req_op mode),
> >
> > @@ -198,7 +198,7 @@ TRACE_EVENT(nilfs2_mdt_submit_block,
> >
> > TP_STRUCT__entry(
> > __field(struct inode *, inode)
> > - __field(unsigned long, ino)
> > + __field(u64, ino)
> > __field(unsigned long, blkoff)
> > /*
> > * Use field_struct() to avoid is_signed_type() on the
> > @@ -214,7 +214,7 @@ TRACE_EVENT(nilfs2_mdt_submit_block,
> > __entry->mode = mode;
> > ),
> >
> > - TP_printk("inode = %p ino = %lu blkoff = %lu mode = %x",
> > + TP_printk("inode = %p ino = %llu blkoff = %lu mode = %x",
> > __entry->inode,
> > __entry->ino,
> > __entry->blkoff,
--
Jeff Layton <jlayton@kernel.org>
^ permalink raw reply
* Re: [PATCH 12/61] nfsd: update format strings for u64 i_ino
From: Chuck Lever @ 2026-02-26 19:48 UTC (permalink / raw)
To: Jeff Layton, Alexander Viro, Christian Brauner, Jan Kara,
Steven Rostedt, Masami Hiramatsu, Mathieu Desnoyers, Dan Williams,
Matthew Wilcox, Eric Biggers, Theodore Y. Ts'o, Muchun Song,
Oscar Salvador, David Hildenbrand, David Howells, Paulo Alcantara,
Andreas Dilger, Jan Kara, Jaegeuk Kim, Chao Yu, Trond Myklebust,
Anna Schumaker, NeilBrown, Olga Kornievskaia, Dai Ngo, Tom Talpey,
Steve French, Ronnie Sahlberg, Shyam Prasad N, Bharath SM,
Alexander Aring, Ryusuke Konishi, Viacheslav Dubeyko,
Eric Van Hensbergen, Latchesar Ionkov, Dominique Martinet,
Christian Schoenebeck, David Sterba, Marc Dionne, Ian Kent,
Luis de Bethencourt, Salah Triki, Tigran A. Aivazian,
Ilya Dryomov, Alex Markuze, Jan Harkes, coda, Nicolas Pitre,
Tyler Hicks, Amir Goldstein, Christoph Hellwig,
John Paul Adrian Glaubitz, Yangtao Li, Mikulas Patocka,
David Woodhouse, Richard Weinberger, Dave Kleikamp,
Konstantin Komarov, Mark Fasheh, Joel Becker, Joseph Qi,
Mike Marshall, Martin Brandenburg, Miklos Szeredi, Anders Larsen,
Zhihao Cheng, Damien Le Moal, Naohiro Aota, Johannes Thumshirn,
John Johansen, Paul Moore, James Morris, Serge E. Hallyn,
Mimi Zohar, Roberto Sassu, Dmitry Kasatkin, Eric Snowberg, Fan Wu,
Stephen Smalley, Ondrej Mosnacek, Casey Schaufler, Alex Deucher,
Christian König, David Airlie, Simona Vetter, Sumit Semwal,
Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
David S. Miller, Jakub Kicinski, Simon Horman, Oleg Nesterov,
Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, James Clark, Darrick J. Wong,
Martin Schiller
Cc: linux-fsdevel, linux-kernel, linux-trace-kernel, nvdimm, fsverity,
linux-mm, netfs, linux-ext4, linux-f2fs-devel, linux-nfs,
linux-cifs, samba-technical, linux-nilfs, v9fs, linux-afs, autofs,
ceph-devel, codalist, ecryptfs, linux-mtd, jfs-discussion, ntfs3,
ocfs2-devel, devel, linux-unionfs, apparmor,
linux-security-module, linux-integrity, selinux, amd-gfx,
dri-devel, linux-media, linaro-mm-sig, netdev, linux-perf-users,
linux-fscrypt, linux-xfs, linux-hams, linux-x25
In-Reply-To: <20260226-iino-u64-v1-12-ccceff366db9@kernel.org>
On 2/26/26 10:55 AM, Jeff Layton wrote:
> Update format strings from %ld/%lu to %lld/%llu for i_ino, which is
> now a u64.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> fs/nfsd/export.c | 2 +-
> fs/nfsd/nfs4state.c | 4 ++--
> fs/nfsd/nfsfh.c | 4 ++--
> fs/nfsd/vfs.c | 2 +-
> 4 files changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c
> index 8fdbba7cad96443d92cc7fdeea6158c4cc681be1..334b63eb966e71e6af6adde61aa1123f01b4390b 100644
> --- a/fs/nfsd/export.c
> +++ b/fs/nfsd/export.c
> @@ -1039,7 +1039,7 @@ exp_rootfh(struct net *net, struct auth_domain *clp, char *name,
> }
> inode = d_inode(path.dentry);
>
> - dprintk("nfsd: exp_rootfh(%s [%p] %s:%s/%ld)\n",
> + dprintk("nfsd: exp_rootfh(%s [%p] %s:%s/%lld)\n",
> name, path.dentry, clp->name,
> inode->i_sb->s_id, inode->i_ino);
> exp = exp_parent(cd, clp, &path);
> diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
> index 6b9c399b89dfb71a52b9c97f0efe9a1dea0558a6..a569d89ac9123d66bb47e7d74c7c98610de21da2 100644
> --- a/fs/nfsd/nfs4state.c
> +++ b/fs/nfsd/nfs4state.c
> @@ -1253,7 +1253,7 @@ static void nfsd4_finalize_deleg_timestamps(struct nfs4_delegation *dp, struct f
> if (ret) {
> struct inode *inode = file_inode(f);
>
> - pr_notice_ratelimited("nfsd: Unable to update timestamps on inode %02x:%02x:%lu: %d\n",
> + pr_notice_ratelimited("nfsd: Unable to update timestamps on inode %02x:%02x:%llu: %d\n",
> MAJOR(inode->i_sb->s_dev),
> MINOR(inode->i_sb->s_dev),
> inode->i_ino, ret);
> @@ -2888,7 +2888,7 @@ static void nfs4_show_superblock(struct seq_file *s, struct nfsd_file *f)
> {
> struct inode *inode = file_inode(f->nf_file);
>
> - seq_printf(s, "superblock: \"%02x:%02x:%ld\"",
> + seq_printf(s, "superblock: \"%02x:%02x:%llu\"",
> MAJOR(inode->i_sb->s_dev),
> MINOR(inode->i_sb->s_dev),
> inode->i_ino);
> diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
> index ed85dd43da18e6d4c4667ff14dc035f2eacff1d6..cfd143b41eb1fb53868f378d668905c1c7d5f868 100644
> --- a/fs/nfsd/nfsfh.c
> +++ b/fs/nfsd/nfsfh.c
> @@ -601,9 +601,9 @@ fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry,
> struct inode * inode = d_inode(dentry);
> dev_t ex_dev = exp_sb(exp)->s_dev;
>
> - dprintk("nfsd: fh_compose(exp %02x:%02x/%ld %pd2, ino=%ld)\n",
> + dprintk("nfsd: fh_compose(exp %02x:%02x/%lld %pd2, ino=%lld)\n",
> MAJOR(ex_dev), MINOR(ex_dev),
> - (long) d_inode(exp->ex_path.dentry)->i_ino,
> + (long long) d_inode(exp->ex_path.dentry)->i_ino,
> dentry,
> (inode ? inode->i_ino : 0));
>
> diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
> index c884c3f34afb044ee5cacc962a04a97de2f7fd88..dde09f3734c2844a3fe0b6d18d596276a19aa2d1 100644
> --- a/fs/nfsd/vfs.c
> +++ b/fs/nfsd/vfs.c
> @@ -1163,7 +1163,7 @@ nfsd_direct_read(struct svc_rqst *rqstp, struct svc_fh *fhp,
> } else if (unlikely(host_err == -EINVAL)) {
> struct inode *inode = d_inode(fhp->fh_dentry);
>
> - pr_info_ratelimited("nfsd: Direct I/O alignment failure on %s/%ld\n",
> + pr_info_ratelimited("nfsd: Direct I/O alignment failure on %s/%lld\n",
> inode->i_sb->s_id, inode->i_ino);
> host_err = -ESERVERFAULT;
> }
>
Suggestion: Let's use the %llu format specifier consistently for
inode->i_ino, which is unsigned.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
--
Chuck Lever
^ permalink raw reply
* Re: [PATCH 17/61] nilfs2: update for u64 i_ino
From: Viacheslav Dubeyko @ 2026-02-26 19:46 UTC (permalink / raw)
To: david@kernel.org, namhyung@kernel.org, oleg@redhat.com,
anna@kernel.org, ms@dev.tdt.de,
alexander.shishkin@linux.intel.com, jack@suse.cz,
ebiggers@kernel.org, Ondrej Mosnacek, mark.rutland@arm.com,
casey@schaufler-ca.com, glaubitz@physik.fu-berlin.de,
miklos@szeredi.hu, sumit.semwal@linaro.org,
john.johansen@canonical.com, amir73il@gmail.com,
slava@dubeyko.com, willy@infradead.org, tytso@mit.edu,
asmadeus@codewreck.org, jth@kernel.org, shaggy@kernel.org,
serge@hallyn.com, jaharkes@cs.cmu.edu, jlayton@kernel.org,
trondmy@kernel.org, jolsa@kernel.org, ericvh@kernel.org,
simona@ffwll.ch, willemb@google.com, aivazian.tigran@gmail.com,
hubcap@omnibond.com, muchun.song@linux.dev, sfrench@samba.org,
neil@brown.name, jmorris@namei.org, jlbec@evilplan.org,
chuck.lever@oracle.com, ronniesahlberg@gmail.com,
lucho@ionkov.net, dan.j.williams@intel.com, raven@themaw.net,
Alex Markuze, mhiramat@kernel.org, alexander.deucher@amd.com,
mathieu.desnoyers@efficios.com, horms@kernel.org, tom@talpey.com,
mark@fasheh.com, mikulas@artax.karlin.mff.cuni.cz,
djwong@kernel.org, edumazet@google.com, Olga Kornievskaia,
bharathsm@microsoft.com, adrian.hunter@intel.com,
osalvador@suse.de, peterz@infradead.org, christian.koenig@amd.com,
pc@manguebit.org, martin@omnibond.com, naohiro.aota@wdc.com,
frank.li@vivo.com, dsterba@suse.com, zohar@linux.ibm.com,
code@tyhicks.com, dwmw2@infradead.org, kuba@kernel.org,
kuniyu@google.com, nico@fluxnic.net, jack@suse.com,
dlemoal@kernel.org, viro@zeniv.linux.org.uk,
stephen.smalley.work@gmail.com, salah.triki@gmail.com,
David Howells, paul@paul-moore.com, luisbg@kernel.org,
irogers@google.com, acme@kernel.org, richard@nod.at,
rostedt@goodmis.org, idryomov@gmail.com,
joseph.qi@linux.alibaba.com, al@alarsen.net,
james.clark@linaro.org, dmitry.kasatkin@gmail.com,
roberto.sassu@huawei.com, konishi.ryusuke@gmail.com,
sprasad@microsoft.com, jaegeuk@kernel.org,
linux_oss@crudebyte.com, brauner@kernel.org, Dai.Ngo@oracle.com,
eric.snowberg@oracle.com, adilger.kernel@dilger.ca,
chao@kernel.org, wufan@kernel.org, coda@cs.cmu.edu, Ingo Molnar,
alex.aring@gmail.com, airlied@gmail.com, chengzhihao1@huawei.com,
Paolo Abeni, marc.dionne@auristor.com,
almaz.alexandrovich@paragon-software.com, davem@davemloft.net,
hch@infradead.org
Cc: ecryptfs@vger.kernel.org, linux-unionfs@vger.kernel.org,
apparmor@lists.ubuntu.com, linux-ext4@vger.kernel.org,
autofs@vger.kernel.org, amd-gfx@lists.freedesktop.org,
fsverity@lists.linux.dev, ntfs3@lists.linux.dev,
ocfs2-devel@lists.linux.dev, linux-fsdevel@vger.kernel.org,
linux-media@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, linux-integrity@vger.kernel.org,
samba-technical@lists.samba.org, linux-nilfs@vger.kernel.org,
selinux@vger.kernel.org, linaro-mm-sig@lists.linaro.org,
linux-trace-kernel@vger.kernel.org, v9fs@lists.linux.dev,
linux-xfs@vger.kernel.org, linux-x25@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net, nvdimm@lists.linux.dev,
ceph-devel@vger.kernel.org, jfs-discussion@lists.sourceforge.net,
linux-mtd@lists.infradead.org, devel@lists.orangefs.org,
linux-afs@lists.infradead.org, linux-fscrypt@vger.kernel.org,
linux-security-module@vger.kernel.org, linux-cifs@vger.kernel.org,
linux-hams@vger.kernel.org, linux-nfs@vger.kernel.org,
codalist@coda.cs.cmu.edu, linux-mm@kvack.org,
netfs@lists.linux.dev, linux-perf-users@vger.kernel.org,
dri-devel@lists.freedesktop.org
In-Reply-To: <20260226-iino-u64-v1-17-ccceff366db9@kernel.org>
On Thu, 2026-02-26 at 10:55 -0500, Jeff Layton wrote:
> Update nilfs2 trace events and filesystem code for u64 i_ino:
>
> - Change __field(ino_t, ...) to __field(u64, ...) in trace events
> - Update format strings from %lu to %llu
> - Cast to (unsigned long long) in TP_printk
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> fs/nilfs2/alloc.c | 10 +++++-----
> fs/nilfs2/bmap.c | 2 +-
> fs/nilfs2/btnode.c | 2 +-
> fs/nilfs2/btree.c | 12 ++++++------
> fs/nilfs2/dir.c | 12 ++++++------
> fs/nilfs2/direct.c | 4 ++--
> fs/nilfs2/gcinode.c | 2 +-
> fs/nilfs2/inode.c | 8 ++++----
> fs/nilfs2/mdt.c | 2 +-
> fs/nilfs2/namei.c | 2 +-
> fs/nilfs2/segment.c | 2 +-
> include/trace/events/nilfs2.h | 12 ++++++------
> 12 files changed, 35 insertions(+), 35 deletions(-)
>
> diff --git a/fs/nilfs2/alloc.c b/fs/nilfs2/alloc.c
> index e7eebb04f9a4080a39f17d4123e58ed7df6b2f4b..7b1cd2baefcf21e54f9260845b02c7c95c148c64 100644
> --- a/fs/nilfs2/alloc.c
> +++ b/fs/nilfs2/alloc.c
> @@ -707,7 +707,7 @@ void nilfs_palloc_commit_free_entry(struct inode *inode,
>
> if (!nilfs_clear_bit_atomic(lock, group_offset, bitmap))
> nilfs_warn(inode->i_sb,
> - "%s (ino=%lu): entry number %llu already freed",
> + "%s (ino=%llu): entry number %llu already freed",
> __func__, inode->i_ino,
> (unsigned long long)req->pr_entry_nr);
> else
> @@ -748,7 +748,7 @@ void nilfs_palloc_abort_alloc_entry(struct inode *inode,
>
> if (!nilfs_clear_bit_atomic(lock, group_offset, bitmap))
> nilfs_warn(inode->i_sb,
> - "%s (ino=%lu): entry number %llu already freed",
> + "%s (ino=%llu): entry number %llu already freed",
> __func__, inode->i_ino,
> (unsigned long long)req->pr_entry_nr);
> else
> @@ -861,7 +861,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> if (!nilfs_clear_bit_atomic(lock, group_offset,
> bitmap)) {
> nilfs_warn(inode->i_sb,
> - "%s (ino=%lu): entry number %llu already freed",
> + "%s (ino=%llu): entry number %llu already freed",
> __func__, inode->i_ino,
> (unsigned long long)entry_nrs[j]);
> } else {
> @@ -906,7 +906,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> last_nrs[k]);
> if (ret && ret != -ENOENT)
> nilfs_warn(inode->i_sb,
> - "error %d deleting block that object (entry=%llu, ino=%lu) belongs to",
> + "error %d deleting block that object (entry=%llu, ino=%llu) belongs to",
> ret, (unsigned long long)last_nrs[k],
> inode->i_ino);
> }
> @@ -923,7 +923,7 @@ int nilfs_palloc_freev(struct inode *inode, __u64 *entry_nrs, size_t nitems)
> ret = nilfs_palloc_delete_bitmap_block(inode, group);
> if (ret && ret != -ENOENT)
> nilfs_warn(inode->i_sb,
> - "error %d deleting bitmap block of group=%lu, ino=%lu",
> + "error %d deleting bitmap block of group=%lu, ino=%llu",
> ret, group, inode->i_ino);
> }
> }
> diff --git a/fs/nilfs2/bmap.c b/fs/nilfs2/bmap.c
> index ccc1a7aa52d2064d56b826058554264c498d592f..824f2bd91c167965ec3a660202b6e6c5f1fe007e 100644
> --- a/fs/nilfs2/bmap.c
> +++ b/fs/nilfs2/bmap.c
> @@ -33,7 +33,7 @@ static int nilfs_bmap_convert_error(struct nilfs_bmap *bmap,
>
> if (err == -EINVAL) {
> __nilfs_error(inode->i_sb, fname,
> - "broken bmap (inode number=%lu)", inode->i_ino);
> + "broken bmap (inode number=%llu)", inode->i_ino);
> err = -EIO;
> }
> return err;
> diff --git a/fs/nilfs2/btnode.c b/fs/nilfs2/btnode.c
> index 56836712909201775907483887e8a0022851bbec..2e553d698d0f3980de98fced415dfd819ddbca0a 100644
> --- a/fs/nilfs2/btnode.c
> +++ b/fs/nilfs2/btnode.c
> @@ -64,7 +64,7 @@ nilfs_btnode_create_block(struct address_space *btnc, __u64 blocknr)
> * clearing of an abandoned b-tree node is missing somewhere).
> */
> nilfs_error(inode->i_sb,
> - "state inconsistency probably due to duplicate use of b-tree node block address %llu (ino=%lu)",
> + "state inconsistency probably due to duplicate use of b-tree node block address %llu (ino=%llu)",
> (unsigned long long)blocknr, inode->i_ino);
> goto failed;
> }
> diff --git a/fs/nilfs2/btree.c b/fs/nilfs2/btree.c
> index dd0c8e560ef6a2c96515025321914e0d73f41144..3c03f5a741d144d22d1ffb5acf43a035e88c00dc 100644
> --- a/fs/nilfs2/btree.c
> +++ b/fs/nilfs2/btree.c
> @@ -353,7 +353,7 @@ static int nilfs_btree_node_broken(const struct nilfs_btree_node *node,
> nchildren <= 0 ||
> nchildren > NILFS_BTREE_NODE_NCHILDREN_MAX(size))) {
> nilfs_crit(inode->i_sb,
> - "bad btree node (ino=%lu, blocknr=%llu): level = %d, flags = 0x%x, nchildren = %d",
> + "bad btree node (ino=%llu, blocknr=%llu): level = %d, flags = 0x%x, nchildren = %d",
> inode->i_ino, (unsigned long long)blocknr, level,
> flags, nchildren);
> ret = 1;
> @@ -384,7 +384,7 @@ static int nilfs_btree_root_broken(const struct nilfs_btree_node *node,
> nchildren > NILFS_BTREE_ROOT_NCHILDREN_MAX ||
> (nchildren == 0 && level > NILFS_BTREE_LEVEL_NODE_MIN))) {
> nilfs_crit(inode->i_sb,
> - "bad btree root (ino=%lu): level = %d, flags = 0x%x, nchildren = %d",
> + "bad btree root (ino=%llu): level = %d, flags = 0x%x, nchildren = %d",
> inode->i_ino, level, flags, nchildren);
> ret = 1;
> }
> @@ -453,7 +453,7 @@ static int nilfs_btree_bad_node(const struct nilfs_bmap *btree,
> if (unlikely(nilfs_btree_node_get_level(node) != level)) {
> dump_stack();
> nilfs_crit(btree->b_inode->i_sb,
> - "btree level mismatch (ino=%lu): %d != %d",
> + "btree level mismatch (ino=%llu): %d != %d",
> btree->b_inode->i_ino,
> nilfs_btree_node_get_level(node), level);
> return 1;
> @@ -521,7 +521,7 @@ static int __nilfs_btree_get_block(const struct nilfs_bmap *btree, __u64 ptr,
> out_no_wait:
> if (!buffer_uptodate(bh)) {
> nilfs_err(btree->b_inode->i_sb,
> - "I/O error reading b-tree node block (ino=%lu, blocknr=%llu)",
> + "I/O error reading b-tree node block (ino=%llu, blocknr=%llu)",
> btree->b_inode->i_ino, (unsigned long long)ptr);
> brelse(bh);
> return -EIO;
> @@ -2104,7 +2104,7 @@ static int nilfs_btree_propagate(struct nilfs_bmap *btree,
> if (ret < 0) {
> if (unlikely(ret == -ENOENT)) {
> nilfs_crit(btree->b_inode->i_sb,
> - "writing node/leaf block does not appear in b-tree (ino=%lu) at key=%llu, level=%d",
> + "writing node/leaf block does not appear in b-tree (ino=%llu) at key=%llu, level=%d",
> btree->b_inode->i_ino,
> (unsigned long long)key, level);
> ret = -EINVAL;
> @@ -2146,7 +2146,7 @@ static void nilfs_btree_add_dirty_buffer(struct nilfs_bmap *btree,
> level >= NILFS_BTREE_LEVEL_MAX) {
> dump_stack();
> nilfs_warn(btree->b_inode->i_sb,
> - "invalid btree level: %d (key=%llu, ino=%lu, blocknr=%llu)",
> + "invalid btree level: %d (key=%llu, ino=%llu, blocknr=%llu)",
> level, (unsigned long long)key,
> btree->b_inode->i_ino,
> (unsigned long long)bh->b_blocknr);
> diff --git a/fs/nilfs2/dir.c b/fs/nilfs2/dir.c
> index b243199036dfa1ab2299efaaa5bdf5da2d159ff2..3653db5cdb65137d1e660bb509c14ec4cbc8840b 100644
> --- a/fs/nilfs2/dir.c
> +++ b/fs/nilfs2/dir.c
> @@ -150,7 +150,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
>
> Ebadsize:
> nilfs_error(sb,
> - "size of directory #%lu is not a multiple of chunk size",
> + "size of directory #%llu is not a multiple of chunk size",
> dir->i_ino);
> goto fail;
> Eshort:
> @@ -169,7 +169,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
> error = "disallowed inode number";
> bad_entry:
> nilfs_error(sb,
> - "bad entry in directory #%lu: %s - offset=%lu, inode=%lu, rec_len=%zd, name_len=%d",
> + "bad entry in directory #%llu: %s - offset=%lu, inode=%lu, rec_len=%zd, name_len=%d",
I think you missed 'inode=%lu' here.
> dir->i_ino, error, (folio->index << PAGE_SHIFT) + offs,
> (unsigned long)le64_to_cpu(p->inode),
> rec_len, p->name_len);
> @@ -177,7 +177,7 @@ static bool nilfs_check_folio(struct folio *folio, char *kaddr)
> Eend:
> p = (struct nilfs_dir_entry *)(kaddr + offs);
> nilfs_error(sb,
> - "entry in directory #%lu spans the page boundary offset=%lu, inode=%lu",
> + "entry in directory #%llu spans the page boundary offset=%lu, inode=%lu",
Ditto. You missed 'inode=%lu' here.
Thanks,
Slava.
> dir->i_ino, (folio->index << PAGE_SHIFT) + offs,
> (unsigned long)le64_to_cpu(p->inode));
> fail:
> @@ -251,7 +251,7 @@ static int nilfs_readdir(struct file *file, struct dir_context *ctx)
>
> kaddr = nilfs_get_folio(inode, n, &folio);
> if (IS_ERR(kaddr)) {
> - nilfs_error(sb, "bad page in #%lu", inode->i_ino);
> + nilfs_error(sb, "bad page in #%llu", inode->i_ino);
> ctx->pos += PAGE_SIZE - offset;
> return -EIO;
> }
> @@ -336,7 +336,7 @@ struct nilfs_dir_entry *nilfs_find_entry(struct inode *dir,
> /* next folio is past the blocks we've got */
> if (unlikely(n > (dir->i_blocks >> (PAGE_SHIFT - 9)))) {
> nilfs_error(dir->i_sb,
> - "dir %lu size %lld exceeds block count %llu",
> + "dir %llu size %lld exceeds block count %llu",
> dir->i_ino, dir->i_size,
> (unsigned long long)dir->i_blocks);
> goto out;
> @@ -382,7 +382,7 @@ struct nilfs_dir_entry *nilfs_dotdot(struct inode *dir, struct folio **foliop)
> return next_de;
>
> fail:
> - nilfs_error(dir->i_sb, "directory #%lu %s", dir->i_ino, msg);
> + nilfs_error(dir->i_sb, "directory #%llu %s", dir->i_ino, msg);
> folio_release_kmap(folio, de);
> return NULL;
> }
> diff --git a/fs/nilfs2/direct.c b/fs/nilfs2/direct.c
> index 2d8dc6b35b5477947ca12a70288d3a3cce858aab..8bd0b1374e25f8ff510f3b36dbde2acc01aafc1e 100644
> --- a/fs/nilfs2/direct.c
> +++ b/fs/nilfs2/direct.c
> @@ -338,7 +338,7 @@ static int nilfs_direct_assign(struct nilfs_bmap *bmap,
> key = nilfs_bmap_data_get_key(bmap, *bh);
> if (unlikely(key > NILFS_DIRECT_KEY_MAX)) {
> nilfs_crit(bmap->b_inode->i_sb,
> - "%s (ino=%lu): invalid key: %llu",
> + "%s (ino=%llu): invalid key: %llu",
> __func__,
> bmap->b_inode->i_ino, (unsigned long long)key);
> return -EINVAL;
> @@ -346,7 +346,7 @@ static int nilfs_direct_assign(struct nilfs_bmap *bmap,
> ptr = nilfs_direct_get_ptr(bmap, key);
> if (unlikely(ptr == NILFS_BMAP_INVALID_PTR)) {
> nilfs_crit(bmap->b_inode->i_sb,
> - "%s (ino=%lu): invalid pointer: %llu",
> + "%s (ino=%llu): invalid pointer: %llu",
> __func__,
> bmap->b_inode->i_ino, (unsigned long long)ptr);
> return -EINVAL;
> diff --git a/fs/nilfs2/gcinode.c b/fs/nilfs2/gcinode.c
> index 561c220799c7aee879ad866865e377799c8ee6bb..62d4c1b787e95c961a360a4214d621d564ad8b4c 100644
> --- a/fs/nilfs2/gcinode.c
> +++ b/fs/nilfs2/gcinode.c
> @@ -137,7 +137,7 @@ int nilfs_gccache_wait_and_mark_dirty(struct buffer_head *bh)
> struct inode *inode = bh->b_folio->mapping->host;
>
> nilfs_err(inode->i_sb,
> - "I/O error reading %s block for GC (ino=%lu, vblocknr=%llu)",
> + "I/O error reading %s block for GC (ino=%llu, vblocknr=%llu)",
> buffer_nilfs_node(bh) ? "node" : "data",
> inode->i_ino, (unsigned long long)bh->b_blocknr);
> return -EIO;
> diff --git a/fs/nilfs2/inode.c b/fs/nilfs2/inode.c
> index 51bde45d586509dda3ef0cb7c46facb7fb2c61dd..51f7e125a311b868860e3e111700d49d4cb98fa6 100644
> --- a/fs/nilfs2/inode.c
> +++ b/fs/nilfs2/inode.c
> @@ -108,7 +108,7 @@ int nilfs_get_block(struct inode *inode, sector_t blkoff,
> * be locked in this case.
> */
> nilfs_warn(inode->i_sb,
> - "%s (ino=%lu): a race condition while inserting a data block at offset=%llu",
> + "%s (ino=%llu): a race condition while inserting a data block at offset=%llu",
> __func__, inode->i_ino,
> (unsigned long long)blkoff);
> err = -EAGAIN;
> @@ -789,7 +789,7 @@ static void nilfs_truncate_bmap(struct nilfs_inode_info *ii,
> goto repeat;
>
> failed:
> - nilfs_warn(ii->vfs_inode.i_sb, "error %d truncating bmap (ino=%lu)",
> + nilfs_warn(ii->vfs_inode.i_sb, "error %d truncating bmap (ino=%llu)",
> ret, ii->vfs_inode.i_ino);
> }
>
> @@ -1026,7 +1026,7 @@ int nilfs_set_file_dirty(struct inode *inode, unsigned int nr_dirty)
> * this inode.
> */
> nilfs_warn(inode->i_sb,
> - "cannot set file dirty (ino=%lu): the file is being freed",
> + "cannot set file dirty (ino=%llu): the file is being freed",
> inode->i_ino);
> spin_unlock(&nilfs->ns_inode_lock);
> return -EINVAL; /*
> @@ -1057,7 +1057,7 @@ int __nilfs_mark_inode_dirty(struct inode *inode, int flags)
> err = nilfs_load_inode_block(inode, &ibh);
> if (unlikely(err)) {
> nilfs_warn(inode->i_sb,
> - "cannot mark inode dirty (ino=%lu): error %d loading inode block",
> + "cannot mark inode dirty (ino=%llu): error %d loading inode block",
> inode->i_ino, err);
> return err;
> }
> diff --git a/fs/nilfs2/mdt.c b/fs/nilfs2/mdt.c
> index 946b0d3534a5f22f34ac44a91fb121541881c548..09adb40c65e505d92012a3d2f5fe8a5696e10056 100644
> --- a/fs/nilfs2/mdt.c
> +++ b/fs/nilfs2/mdt.c
> @@ -203,7 +203,7 @@ static int nilfs_mdt_read_block(struct inode *inode, unsigned long block,
> err = -EIO;
> if (!buffer_uptodate(first_bh)) {
> nilfs_err(inode->i_sb,
> - "I/O error reading meta-data file (ino=%lu, block-offset=%lu)",
> + "I/O error reading meta-data file (ino=%llu, block-offset=%lu)",
> inode->i_ino, block);
> goto failed_bh;
> }
> diff --git a/fs/nilfs2/namei.c b/fs/nilfs2/namei.c
> index 40f4b1a28705b6e0eb8f0978cf3ac18b43aa1331..40ac679ec56e400b1df98e9be6fe9ca338a9ba51 100644
> --- a/fs/nilfs2/namei.c
> +++ b/fs/nilfs2/namei.c
> @@ -292,7 +292,7 @@ static int nilfs_do_unlink(struct inode *dir, struct dentry *dentry)
>
> if (!inode->i_nlink) {
> nilfs_warn(inode->i_sb,
> - "deleting nonexistent file (ino=%lu), %d",
> + "deleting nonexistent file (ino=%llu), %d",
> inode->i_ino, inode->i_nlink);
> set_nlink(inode, 1);
> }
> diff --git a/fs/nilfs2/segment.c b/fs/nilfs2/segment.c
> index 098a3bd103e04cd09b0689fe2017380d74664496..4b1bf559f3524b1cc3965dae9fd3e5745718569d 100644
> --- a/fs/nilfs2/segment.c
> +++ b/fs/nilfs2/segment.c
> @@ -2024,7 +2024,7 @@ static int nilfs_segctor_collect_dirty_files(struct nilfs_sc_info *sci,
> ifile, ii->vfs_inode.i_ino, &ibh);
> if (unlikely(err)) {
> nilfs_warn(sci->sc_super,
> - "log writer: error %d getting inode block (ino=%lu)",
> + "log writer: error %d getting inode block (ino=%llu)",
> err, ii->vfs_inode.i_ino);
> return err;
> }
> diff --git a/include/trace/events/nilfs2.h b/include/trace/events/nilfs2.h
> index 8880c11733dd307c223cc62ee34ebeff650ecb12..86a0011c9eeaf031cfa0b79875b2b106ef8b7cfd 100644
> --- a/include/trace/events/nilfs2.h
> +++ b/include/trace/events/nilfs2.h
> @@ -165,14 +165,14 @@ TRACE_EVENT(nilfs2_segment_usage_freed,
>
> TRACE_EVENT(nilfs2_mdt_insert_new_block,
> TP_PROTO(struct inode *inode,
> - unsigned long ino,
> + u64 ino,
> unsigned long block),
>
> TP_ARGS(inode, ino, block),
>
> TP_STRUCT__entry(
> __field(struct inode *, inode)
> - __field(unsigned long, ino)
> + __field(u64, ino)
> __field(unsigned long, block)
> ),
>
> @@ -182,7 +182,7 @@ TRACE_EVENT(nilfs2_mdt_insert_new_block,
> __entry->block = block;
> ),
>
> - TP_printk("inode = %p ino = %lu block = %lu",
> + TP_printk("inode = %p ino = %llu block = %lu",
> __entry->inode,
> __entry->ino,
> __entry->block)
> @@ -190,7 +190,7 @@ TRACE_EVENT(nilfs2_mdt_insert_new_block,
>
> TRACE_EVENT(nilfs2_mdt_submit_block,
> TP_PROTO(struct inode *inode,
> - unsigned long ino,
> + u64 ino,
> unsigned long blkoff,
> enum req_op mode),
>
> @@ -198,7 +198,7 @@ TRACE_EVENT(nilfs2_mdt_submit_block,
>
> TP_STRUCT__entry(
> __field(struct inode *, inode)
> - __field(unsigned long, ino)
> + __field(u64, ino)
> __field(unsigned long, blkoff)
> /*
> * Use field_struct() to avoid is_signed_type() on the
> @@ -214,7 +214,7 @@ TRACE_EVENT(nilfs2_mdt_submit_block,
> __entry->mode = mode;
> ),
>
> - TP_printk("inode = %p ino = %lu blkoff = %lu mode = %x",
> + TP_printk("inode = %p ino = %llu blkoff = %lu mode = %x",
> __entry->inode,
> __entry->ino,
> __entry->blkoff,
^ permalink raw reply
* Re: IMA and PQC
From: Eric Biggers @ 2026-02-26 19:44 UTC (permalink / raw)
To: Stefan Berger
Cc: Simo Sorce, Coiby Xu, Johannes Wiesböck, dhowells,
dmitry.kasatkin, eric.snowberg, keyrings, linux-crypto,
linux-integrity, linux-kernel, linux-modules, roberto.sassu,
zohar, michael.weiss
In-Reply-To: <13ebe763-dcaf-4379-b9a7-82d06fd0fdb3@linux.ibm.com>
On Thu, Feb 26, 2026 at 02:21:41PM -0500, Stefan Berger wrote:
>
>
> On 2/26/26 1:32 PM, Eric Biggers wrote:
> > On Thu, Feb 26, 2026 at 12:22:32PM -0500, Stefan Berger wrote:
> > > > I see that IMA indeed never upgraded full file hashes to use
> > > > 'struct ima_file_id'. Building a new feature that relies on this seems
> > > > like a bad idea though, given that it's a security bug that makes the> IMA
> > > protocol cryptographically ambiguous. I.e., it means that in IMA,
> > > > when the contents of some file are signed, that signature is sometimes
> > > > also valid for some other file contents which the signer didn't intend.
> > >
> > > You mean IMA should not sign the digest in the ima_file_id structure but
> > > hash the ima_file_id structure in which this file digest is written into
> > > (that we currently sign) and sign/verify this digest? And we would do this
> > > to avoid two different files (with presumably different content) from having
> > > the same hashes leading to the same signature? Which hashes (besides the
> > > non-recommended ones) are so weak now that you must not merely sign a file's
> > > hash?
> > >
> > > The problem with this is that older kernels (without patching) won't be able
> > > to handle newer signatures.
> >
> > IMA needs to sign the entire ima_file_id structure, which is indeed what
> > IMA already does when it uses that structure. (Well, actually it signs
> > a hash of the struct, but that's best thought of an implementation
> > detail of legacy signature algorithms that can only sign hashes. For a
> > modern algorithm the whole struct should be passed instead.) Just IMA
> > uses that structure only for fsverity hashes, which is a bug that makes
> > the IMA protocol ambiguous. It needs to use ima_file_id consistently,
> > otherwise a signed message sometimes corresponds to multiple unique file
> > contents even without a break in the cryptographic hash function.
>
> Before we jump into making changes on this old stuff I think it's good to
> understand the underlying problem and the likelyhood of signatures
> validating different data, such as a file and fsverity data. How likely is
> this?
>
> Assuming a strong hash I suppose that is not a concern with RSA because here
> the digest is padded and then directly encrypted with the private key. Upon
> verification (pub key decrypt) we would unpad and memcmp the digests.
>
> Again, assuming a strong hash: With ECDSA NIST P256 for example we have a 32
> byte signature. With a SHA512 being used for hashing for example we would be
> doing a projection of a 64byte hash space to a 32byte signature space with.
> Just by this projection of a much larger space into a smaller space
> signatures that validate multiple input data could be a problem. One 'easy'
> case where signatures for different input data is the same (not exactly the
> same due to nonce involved the signature is verifyable), albeit unlikely, is
> that there could be different input data for the SHA512 that lead to the
> same 32bytes prefix, which is then used after truncating the sha512 to the
> first 32 bytes for the ECDSA signature, and this then leads to a signature
> that is verifyable for different input data. So that's the 'simple' case at
> least for this thought experiment for a non-expert.
>
> Now what should still be difficult to do is given a file and a hash-to-use
> that you can create fsverity content that leads to a hash that in turn leads
> to a NIST-P256 signature that can be used for signature verification(s) of
> the file and the totally different fsverity data. Is this a problem that is
> as difficult to solve just as finding different input data for a hash that
> leads to the same digest?
There's no differentiation between a 'struct ima_file_id' that
*represents* the contents of some file, and a file whose contents are
*equal to* that 'struct ima_file_id' and that uses a full-file hash. In
both cases the same key and message are used for signing and verifying.
This means that every time a file is signed using the ima_file_id
scheme, it also implicitly signs some other file contents, which an
attacker can freely replace the file with. Similarly, every time a file
that happens to be a valid ima_file_id is signed using the older scheme,
it also implicitly signs the contents that the ima_file_id correspond
to, which the attacker can freely replace the file with. In either
case, no collision in the cryptographic hash function is required.
It's simply a broken protocol. To fix this, IMA must only support
signatures that use the ima_file_id scheme.
Of course, that will require making them support full-file hashes and
not just fsverity hashes. If I recall correctly, this was actually part
of the original design of the ima_file_id-based signatures. It's
unclear why the implementation is still incomplete.
- Eric
^ permalink raw reply
* Re: [PATCH 25/61] ceph: update format strings for u64 i_ino
From: Viacheslav Dubeyko @ 2026-02-26 19:37 UTC (permalink / raw)
To: david@kernel.org, namhyung@kernel.org, oleg@redhat.com,
anna@kernel.org, ms@dev.tdt.de,
alexander.shishkin@linux.intel.com, jack@suse.cz,
ebiggers@kernel.org, Ondrej Mosnacek, mark.rutland@arm.com,
casey@schaufler-ca.com, glaubitz@physik.fu-berlin.de,
miklos@szeredi.hu, sumit.semwal@linaro.org,
john.johansen@canonical.com, amir73il@gmail.com,
slava@dubeyko.com, willy@infradead.org, tytso@mit.edu,
asmadeus@codewreck.org, jth@kernel.org, shaggy@kernel.org,
serge@hallyn.com, jaharkes@cs.cmu.edu, jlayton@kernel.org,
trondmy@kernel.org, jolsa@kernel.org, ericvh@kernel.org,
simona@ffwll.ch, willemb@google.com, aivazian.tigran@gmail.com,
hubcap@omnibond.com, muchun.song@linux.dev, sfrench@samba.org,
neil@brown.name, jmorris@namei.org, jlbec@evilplan.org,
chuck.lever@oracle.com, ronniesahlberg@gmail.com,
lucho@ionkov.net, dan.j.williams@intel.com, raven@themaw.net,
Alex Markuze, mhiramat@kernel.org, alexander.deucher@amd.com,
mathieu.desnoyers@efficios.com, horms@kernel.org, tom@talpey.com,
mark@fasheh.com, mikulas@artax.karlin.mff.cuni.cz,
djwong@kernel.org, edumazet@google.com, Olga Kornievskaia,
bharathsm@microsoft.com, adrian.hunter@intel.com,
osalvador@suse.de, peterz@infradead.org, christian.koenig@amd.com,
pc@manguebit.org, martin@omnibond.com, naohiro.aota@wdc.com,
frank.li@vivo.com, dsterba@suse.com, zohar@linux.ibm.com,
code@tyhicks.com, dwmw2@infradead.org, kuba@kernel.org,
kuniyu@google.com, nico@fluxnic.net, jack@suse.com,
dlemoal@kernel.org, viro@zeniv.linux.org.uk,
stephen.smalley.work@gmail.com, salah.triki@gmail.com,
David Howells, paul@paul-moore.com, luisbg@kernel.org,
irogers@google.com, acme@kernel.org, richard@nod.at,
rostedt@goodmis.org, idryomov@gmail.com,
joseph.qi@linux.alibaba.com, al@alarsen.net,
james.clark@linaro.org, dmitry.kasatkin@gmail.com,
roberto.sassu@huawei.com, konishi.ryusuke@gmail.com,
sprasad@microsoft.com, jaegeuk@kernel.org,
linux_oss@crudebyte.com, brauner@kernel.org, Dai.Ngo@oracle.com,
eric.snowberg@oracle.com, adilger.kernel@dilger.ca,
chao@kernel.org, wufan@kernel.org, coda@cs.cmu.edu, Ingo Molnar,
alex.aring@gmail.com, airlied@gmail.com, chengzhihao1@huawei.com,
Paolo Abeni, marc.dionne@auristor.com,
almaz.alexandrovich@paragon-software.com, davem@davemloft.net,
hch@infradead.org
Cc: ecryptfs@vger.kernel.org, linux-unionfs@vger.kernel.org,
apparmor@lists.ubuntu.com, linux-ext4@vger.kernel.org,
autofs@vger.kernel.org, amd-gfx@lists.freedesktop.org,
fsverity@lists.linux.dev, ntfs3@lists.linux.dev,
ocfs2-devel@lists.linux.dev, linux-fsdevel@vger.kernel.org,
linux-media@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, linux-integrity@vger.kernel.org,
samba-technical@lists.samba.org, linux-nilfs@vger.kernel.org,
selinux@vger.kernel.org, linaro-mm-sig@lists.linaro.org,
linux-trace-kernel@vger.kernel.org, v9fs@lists.linux.dev,
linux-xfs@vger.kernel.org, linux-x25@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net, nvdimm@lists.linux.dev,
ceph-devel@vger.kernel.org, jfs-discussion@lists.sourceforge.net,
linux-mtd@lists.infradead.org, devel@lists.orangefs.org,
linux-afs@lists.infradead.org, linux-fscrypt@vger.kernel.org,
linux-security-module@vger.kernel.org, linux-cifs@vger.kernel.org,
linux-hams@vger.kernel.org, linux-nfs@vger.kernel.org,
codalist@coda.cs.cmu.edu, linux-mm@kvack.org,
netfs@lists.linux.dev, linux-perf-users@vger.kernel.org,
dri-devel@lists.freedesktop.org
In-Reply-To: <20260226-iino-u64-v1-25-ccceff366db9@kernel.org>
On Thu, 2026-02-26 at 10:55 -0500, Jeff Layton wrote:
> Update format strings and local variable types in ceph for the
> i_ino type change from unsigned long to u64.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> fs/ceph/crypto.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c
> index f3de43ccb470ddbd7945426d79f9024ae615c127..3c8a21a572d8230b558f20bb02721184cae35ee6 100644
> --- a/fs/ceph/crypto.c
> +++ b/fs/ceph/crypto.c
> @@ -272,7 +272,7 @@ int ceph_encode_encrypted_dname(struct inode *parent, char *buf, int elen)
> /* To understand the 240 limit, see CEPH_NOHASH_NAME_MAX comments */
> WARN_ON(elen > 240);
> if (dir != parent) // leading _ is already there; append _<inum>
> - elen += 1 + sprintf(p + elen, "_%ld", dir->i_ino);
> + elen += 1 + sprintf(p + elen, "_%lld", dir->i_ino);
>
> out:
> kfree(cryptbuf);
> @@ -377,7 +377,7 @@ int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname,
> if (!ret && (dir != fname->dir)) {
> char tmp_buf[BASE64_CHARS(NAME_MAX)];
>
> - name_len = snprintf(tmp_buf, sizeof(tmp_buf), "_%.*s_%ld",
> + name_len = snprintf(tmp_buf, sizeof(tmp_buf), "_%.*s_%lld",
> oname->len, oname->name, dir->i_ino);
> memcpy(oname->name, tmp_buf, name_len);
> oname->len = name_len;
Looks good.
Reviewed-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Thanks,
Slava.
^ permalink raw reply
* Re: [PATCH 34/61] hfsplus: update format strings for u64 i_ino
From: Viacheslav Dubeyko @ 2026-02-26 19:35 UTC (permalink / raw)
To: david@kernel.org, namhyung@kernel.org, oleg@redhat.com,
anna@kernel.org, ms@dev.tdt.de,
alexander.shishkin@linux.intel.com, jack@suse.cz,
ebiggers@kernel.org, Ondrej Mosnacek, mark.rutland@arm.com,
casey@schaufler-ca.com, glaubitz@physik.fu-berlin.de,
miklos@szeredi.hu, sumit.semwal@linaro.org,
john.johansen@canonical.com, amir73il@gmail.com,
slava@dubeyko.com, willy@infradead.org, tytso@mit.edu,
asmadeus@codewreck.org, jth@kernel.org, shaggy@kernel.org,
serge@hallyn.com, jaharkes@cs.cmu.edu, jlayton@kernel.org,
trondmy@kernel.org, jolsa@kernel.org, ericvh@kernel.org,
simona@ffwll.ch, willemb@google.com, aivazian.tigran@gmail.com,
hubcap@omnibond.com, muchun.song@linux.dev, sfrench@samba.org,
neil@brown.name, jmorris@namei.org, jlbec@evilplan.org,
chuck.lever@oracle.com, ronniesahlberg@gmail.com,
lucho@ionkov.net, dan.j.williams@intel.com, raven@themaw.net,
Alex Markuze, mhiramat@kernel.org, alexander.deucher@amd.com,
mathieu.desnoyers@efficios.com, horms@kernel.org, tom@talpey.com,
mark@fasheh.com, mikulas@artax.karlin.mff.cuni.cz,
djwong@kernel.org, edumazet@google.com, Olga Kornievskaia,
bharathsm@microsoft.com, adrian.hunter@intel.com,
osalvador@suse.de, peterz@infradead.org, christian.koenig@amd.com,
pc@manguebit.org, martin@omnibond.com, naohiro.aota@wdc.com,
frank.li@vivo.com, dsterba@suse.com, zohar@linux.ibm.com,
code@tyhicks.com, dwmw2@infradead.org, kuba@kernel.org,
kuniyu@google.com, nico@fluxnic.net, jack@suse.com,
dlemoal@kernel.org, viro@zeniv.linux.org.uk,
stephen.smalley.work@gmail.com, salah.triki@gmail.com,
David Howells, paul@paul-moore.com, luisbg@kernel.org,
irogers@google.com, acme@kernel.org, richard@nod.at,
rostedt@goodmis.org, idryomov@gmail.com,
joseph.qi@linux.alibaba.com, al@alarsen.net,
james.clark@linaro.org, dmitry.kasatkin@gmail.com,
roberto.sassu@huawei.com, konishi.ryusuke@gmail.com,
sprasad@microsoft.com, jaegeuk@kernel.org,
linux_oss@crudebyte.com, brauner@kernel.org, Dai.Ngo@oracle.com,
eric.snowberg@oracle.com, adilger.kernel@dilger.ca,
chao@kernel.org, wufan@kernel.org, coda@cs.cmu.edu, Ingo Molnar,
alex.aring@gmail.com, airlied@gmail.com, chengzhihao1@huawei.com,
Paolo Abeni, marc.dionne@auristor.com,
almaz.alexandrovich@paragon-software.com, davem@davemloft.net,
hch@infradead.org
Cc: ecryptfs@vger.kernel.org, linux-unionfs@vger.kernel.org,
apparmor@lists.ubuntu.com, linux-ext4@vger.kernel.org,
autofs@vger.kernel.org, amd-gfx@lists.freedesktop.org,
fsverity@lists.linux.dev, ntfs3@lists.linux.dev,
ocfs2-devel@lists.linux.dev, linux-fsdevel@vger.kernel.org,
linux-media@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, linux-integrity@vger.kernel.org,
samba-technical@lists.samba.org, linux-nilfs@vger.kernel.org,
selinux@vger.kernel.org, linaro-mm-sig@lists.linaro.org,
linux-trace-kernel@vger.kernel.org, v9fs@lists.linux.dev,
linux-xfs@vger.kernel.org, linux-x25@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net, nvdimm@lists.linux.dev,
ceph-devel@vger.kernel.org, jfs-discussion@lists.sourceforge.net,
linux-mtd@lists.infradead.org, devel@lists.orangefs.org,
linux-afs@lists.infradead.org, linux-fscrypt@vger.kernel.org,
linux-security-module@vger.kernel.org, linux-cifs@vger.kernel.org,
linux-hams@vger.kernel.org, linux-nfs@vger.kernel.org,
codalist@coda.cs.cmu.edu, linux-mm@kvack.org,
netfs@lists.linux.dev, linux-perf-users@vger.kernel.org,
dri-devel@lists.freedesktop.org
In-Reply-To: <20260226-iino-u64-v1-34-ccceff366db9@kernel.org>
On Thu, 2026-02-26 at 10:55 -0500, Jeff Layton wrote:
> Update format strings and local variable types in hfsplus for the
> i_ino type change from unsigned long to u64.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> fs/hfsplus/attributes.c | 10 +++++-----
> fs/hfsplus/catalog.c | 2 +-
> fs/hfsplus/dir.c | 6 +++---
> fs/hfsplus/extents.c | 6 +++---
> fs/hfsplus/inode.c | 8 ++++----
> fs/hfsplus/super.c | 6 +++---
> fs/hfsplus/xattr.c | 10 +++++-----
> 7 files changed, 24 insertions(+), 24 deletions(-)
>
> diff --git a/fs/hfsplus/attributes.c b/fs/hfsplus/attributes.c
> index 4b79cd606276e31c20fa18ef3a099596f50e8a0f..e3d8fe1e7e75d9895c4ae30810a334412b4c105a 100644
> --- a/fs/hfsplus/attributes.c
> +++ b/fs/hfsplus/attributes.c
> @@ -203,7 +203,7 @@ int hfsplus_create_attr_nolock(struct inode *inode, const char *name,
> int entry_size;
> int err;
>
> - hfs_dbg("name %s, ino %ld\n",
> + hfs_dbg("name %s, ino %lld\n",
> name ? name : NULL, inode->i_ino);
>
> if (name) {
> @@ -255,7 +255,7 @@ int hfsplus_create_attr(struct inode *inode,
> hfsplus_attr_entry *entry_ptr;
> int err;
>
> - hfs_dbg("name %s, ino %ld\n",
> + hfs_dbg("name %s, ino %lld\n",
> name ? name : NULL, inode->i_ino);
>
> if (!HFSPLUS_SB(sb)->attr_tree) {
> @@ -337,7 +337,7 @@ int hfsplus_delete_attr_nolock(struct inode *inode, const char *name,
> struct super_block *sb = inode->i_sb;
> int err;
>
> - hfs_dbg("name %s, ino %ld\n",
> + hfs_dbg("name %s, ino %lld\n",
> name ? name : NULL, inode->i_ino);
>
> if (name) {
> @@ -367,7 +367,7 @@ int hfsplus_delete_attr(struct inode *inode, const char *name)
> struct super_block *sb = inode->i_sb;
> struct hfs_find_data fd;
>
> - hfs_dbg("name %s, ino %ld\n",
> + hfs_dbg("name %s, ino %lld\n",
> name ? name : NULL, inode->i_ino);
>
> if (!HFSPLUS_SB(sb)->attr_tree) {
> @@ -436,7 +436,7 @@ int hfsplus_replace_attr(struct inode *inode,
> hfsplus_attr_entry *entry_ptr;
> int err = 0;
>
> - hfs_dbg("name %s, ino %ld\n",
> + hfs_dbg("name %s, ino %lld\n",
> name ? name : NULL, inode->i_ino);
>
> if (!HFSPLUS_SB(sb)->attr_tree) {
> diff --git a/fs/hfsplus/catalog.c b/fs/hfsplus/catalog.c
> index 02c1eee4a4b86059ceaab7a7c68ab65adba6fa26..0e961e99b9856ab7d95da5d070b4fbce1e67ebde 100644
> --- a/fs/hfsplus/catalog.c
> +++ b/fs/hfsplus/catalog.c
> @@ -441,7 +441,7 @@ int hfsplus_rename_cat(u32 cnid,
> int entry_size, type;
> int err;
>
> - hfs_dbg("cnid %u - ino %lu, name %s - ino %lu, name %s\n",
> + hfs_dbg("cnid %u - ino %llu, name %s - ino %llu, name %s\n",
> cnid, src_dir->i_ino, src_name->name,
> dst_dir->i_ino, dst_name->name);
> err = hfs_find_init(HFSPLUS_SB(sb)->cat_tree, &src_fd);
> diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c
> index d559bf8625f853d50fd316d157cf8afe22069565..054f6da46033404bbbcf299beb5d8765495c0de3 100644
> --- a/fs/hfsplus/dir.c
> +++ b/fs/hfsplus/dir.c
> @@ -313,7 +313,7 @@ static int hfsplus_link(struct dentry *src_dentry, struct inode *dst_dir,
> if (!S_ISREG(inode->i_mode))
> return -EPERM;
>
> - hfs_dbg("src_dir->i_ino %lu, dst_dir->i_ino %lu, inode->i_ino %lu\n",
> + hfs_dbg("src_dir->i_ino %llu, dst_dir->i_ino %llu, inode->i_ino %llu\n",
> src_dir->i_ino, dst_dir->i_ino, inode->i_ino);
>
> mutex_lock(&sbi->vh_mutex);
> @@ -385,7 +385,7 @@ static int hfsplus_unlink(struct inode *dir, struct dentry *dentry)
> if (HFSPLUS_IS_RSRC(inode))
> return -EPERM;
>
> - hfs_dbg("dir->i_ino %lu, inode->i_ino %lu\n",
> + hfs_dbg("dir->i_ino %llu, inode->i_ino %llu\n",
> dir->i_ino, inode->i_ino);
>
> mutex_lock(&sbi->vh_mutex);
> @@ -393,7 +393,7 @@ static int hfsplus_unlink(struct inode *dir, struct dentry *dentry)
> if (inode->i_ino == cnid &&
> atomic_read(&HFSPLUS_I(inode)->opencnt)) {
> str.name = name;
> - str.len = sprintf(name, "temp%lu", inode->i_ino);
> + str.len = sprintf(name, "temp%llu", inode->i_ino);
> res = hfsplus_rename_cat(inode->i_ino,
> dir, &dentry->d_name,
> sbi->hidden_dir, &str);
> diff --git a/fs/hfsplus/extents.c b/fs/hfsplus/extents.c
> index 8e886514d27f1e5d4d94be75142f197669e62234..474fde1a1653be6cf74b26e757c6d8a6f8d2906a 100644
> --- a/fs/hfsplus/extents.c
> +++ b/fs/hfsplus/extents.c
> @@ -275,7 +275,7 @@ int hfsplus_get_block(struct inode *inode, sector_t iblock,
> mutex_unlock(&hip->extents_lock);
>
> done:
> - hfs_dbg("ino %lu, iblock %llu - dblock %u\n",
> + hfs_dbg("ino %llu, iblock %llu - dblock %u\n",
> inode->i_ino, (long long)iblock, dblock);
>
> mask = (1 << sbi->fs_shift) - 1;
> @@ -476,7 +476,7 @@ int hfsplus_file_extend(struct inode *inode, bool zeroout)
> goto out;
> }
>
> - hfs_dbg("ino %lu, start %u, len %u\n", inode->i_ino, start, len);
> + hfs_dbg("ino %llu, start %u, len %u\n", inode->i_ino, start, len);
>
> if (hip->alloc_blocks <= hip->first_blocks) {
> if (!hip->first_blocks) {
> @@ -545,7 +545,7 @@ void hfsplus_file_truncate(struct inode *inode)
> u32 alloc_cnt, blk_cnt, start;
> int res;
>
> - hfs_dbg("ino %lu, phys_size %llu -> i_size %llu\n",
> + hfs_dbg("ino %llu, phys_size %llu -> i_size %llu\n",
> inode->i_ino, (long long)hip->phys_size, inode->i_size);
>
> if (inode->i_size > hip->phys_size) {
> diff --git a/fs/hfsplus/inode.c b/fs/hfsplus/inode.c
> index 922ff41df042a83d47364f2d941c45dabda29afb..02be32dc6833dfdd767c407ec0263485d1a2c3c6 100644
> --- a/fs/hfsplus/inode.c
> +++ b/fs/hfsplus/inode.c
> @@ -230,7 +230,7 @@ static int hfsplus_get_perms(struct inode *inode,
> inode->i_flags &= ~S_APPEND;
> return 0;
> bad_type:
> - pr_err("invalid file type 0%04o for inode %lu\n", mode, inode->i_ino);
> + pr_err("invalid file type 0%04o for inode %llu\n", mode, inode->i_ino);
> return -EIO;
> }
>
> @@ -328,7 +328,7 @@ int hfsplus_file_fsync(struct file *file, loff_t start, loff_t end,
> struct hfsplus_vh *vhdr = sbi->s_vhdr;
> int error = 0, error2;
>
> - hfs_dbg("inode->i_ino %lu, start %llu, end %llu\n",
> + hfs_dbg("inode->i_ino %llu, start %llu, end %llu\n",
> inode->i_ino, start, end);
>
> error = file_write_and_wait_range(file, start, end);
> @@ -639,7 +639,7 @@ int hfsplus_cat_write_inode(struct inode *inode)
> hfsplus_cat_entry entry;
> int res = 0;
>
> - hfs_dbg("inode->i_ino %lu\n", inode->i_ino);
> + hfs_dbg("inode->i_ino %llu\n", inode->i_ino);
>
> if (HFSPLUS_IS_RSRC(inode))
> main_inode = HFSPLUS_I(inode)->rsrc_inode;
> @@ -716,7 +716,7 @@ int hfsplus_cat_write_inode(struct inode *inode)
> if (!res) {
> res = hfs_btree_write(tree);
> if (res) {
> - pr_err("b-tree write err: %d, ino %lu\n",
> + pr_err("b-tree write err: %d, ino %llu\n",
> res, inode->i_ino);
> }
> }
> diff --git a/fs/hfsplus/super.c b/fs/hfsplus/super.c
> index 7229a8ae89f9469109b1c3a317ee9b7705a83f8b..b3917249c206c3a25fe98b39a5eb2168b7404dc2 100644
> --- a/fs/hfsplus/super.c
> +++ b/fs/hfsplus/super.c
> @@ -156,7 +156,7 @@ static int hfsplus_system_write_inode(struct inode *inode)
> int err = hfs_btree_write(tree);
>
> if (err) {
> - pr_err("b-tree write err: %d, ino %lu\n",
> + pr_err("b-tree write err: %d, ino %llu\n",
> err, inode->i_ino);
> return err;
> }
> @@ -169,7 +169,7 @@ static int hfsplus_write_inode(struct inode *inode,
> {
> int err;
>
> - hfs_dbg("ino %lu\n", inode->i_ino);
> + hfs_dbg("ino %llu\n", inode->i_ino);
>
> err = hfsplus_ext_write_extent(inode);
> if (err)
> @@ -184,7 +184,7 @@ static int hfsplus_write_inode(struct inode *inode,
>
> static void hfsplus_evict_inode(struct inode *inode)
> {
> - hfs_dbg("ino %lu\n", inode->i_ino);
> + hfs_dbg("ino %llu\n", inode->i_ino);
> truncate_inode_pages_final(&inode->i_data);
> clear_inode(inode);
> if (HFSPLUS_IS_RSRC(inode)) {
> diff --git a/fs/hfsplus/xattr.c b/fs/hfsplus/xattr.c
> index 9904944cbd54e3d326591fa65a5ed678f38ca583..c70bb6f494b22b1e3f74e18a9ef378e0c87f8194 100644
> --- a/fs/hfsplus/xattr.c
> +++ b/fs/hfsplus/xattr.c
> @@ -277,7 +277,7 @@ int __hfsplus_setxattr(struct inode *inode, const char *name,
> u16 folder_finderinfo_len = sizeof(DInfo) + sizeof(DXInfo);
> u16 file_finderinfo_len = sizeof(FInfo) + sizeof(FXInfo);
>
> - hfs_dbg("ino %lu, name %s, value %p, size %zu\n",
> + hfs_dbg("ino %llu, name %s, value %p, size %zu\n",
> inode->i_ino, name ? name : NULL,
> value, size);
>
> @@ -447,7 +447,7 @@ int hfsplus_setxattr(struct inode *inode, const char *name,
> NLS_MAX_CHARSET_SIZE * HFSPLUS_ATTR_MAX_STRLEN + 1;
> int res;
>
> - hfs_dbg("ino %lu, name %s, prefix %s, prefixlen %zu, "
> + hfs_dbg("ino %llu, name %s, prefix %s, prefixlen %zu, "
> "value %p, size %zu\n",
> inode->i_ino, name ? name : NULL,
> prefix ? prefix : NULL, prefixlen,
> @@ -607,7 +607,7 @@ ssize_t hfsplus_getxattr(struct inode *inode, const char *name,
> int res;
> char *xattr_name;
>
> - hfs_dbg("ino %lu, name %s, prefix %s\n",
> + hfs_dbg("ino %llu, name %s, prefix %s\n",
> inode->i_ino, name ? name : NULL,
> prefix ? prefix : NULL);
>
> @@ -717,7 +717,7 @@ ssize_t hfsplus_listxattr(struct dentry *dentry, char *buffer, size_t size)
> size_t strbuf_size;
> int xattr_name_len;
>
> - hfs_dbg("ino %lu\n", inode->i_ino);
> + hfs_dbg("ino %llu\n", inode->i_ino);
>
> if (!is_xattr_operation_supported(inode))
> return -EOPNOTSUPP;
> @@ -819,7 +819,7 @@ static int hfsplus_removexattr(struct inode *inode, const char *name)
> int is_xattr_acl_deleted;
> int is_all_xattrs_deleted;
>
> - hfs_dbg("ino %lu, name %s\n",
> + hfs_dbg("ino %llu, name %s\n",
> inode->i_ino, name ? name : NULL);
>
> if (!HFSPLUS_SB(inode->i_sb)->attr_tree)
Looks good.
Reviewed-by: Viacheslav Dubeyko <slava@dubeyko.com>
Thanks,
Slava.
^ permalink raw reply
* Re: [PATCH 33/61] hfs: update format strings for u64 i_ino
From: Viacheslav Dubeyko @ 2026-02-26 19:33 UTC (permalink / raw)
To: david@kernel.org, namhyung@kernel.org, oleg@redhat.com,
anna@kernel.org, ms@dev.tdt.de,
alexander.shishkin@linux.intel.com, jack@suse.cz,
ebiggers@kernel.org, Ondrej Mosnacek, mark.rutland@arm.com,
casey@schaufler-ca.com, glaubitz@physik.fu-berlin.de,
miklos@szeredi.hu, sumit.semwal@linaro.org,
john.johansen@canonical.com, amir73il@gmail.com,
slava@dubeyko.com, willy@infradead.org, tytso@mit.edu,
asmadeus@codewreck.org, jth@kernel.org, shaggy@kernel.org,
serge@hallyn.com, jaharkes@cs.cmu.edu, jlayton@kernel.org,
trondmy@kernel.org, jolsa@kernel.org, ericvh@kernel.org,
simona@ffwll.ch, willemb@google.com, aivazian.tigran@gmail.com,
hubcap@omnibond.com, muchun.song@linux.dev, sfrench@samba.org,
neil@brown.name, jmorris@namei.org, jlbec@evilplan.org,
chuck.lever@oracle.com, ronniesahlberg@gmail.com,
lucho@ionkov.net, dan.j.williams@intel.com, raven@themaw.net,
Alex Markuze, mhiramat@kernel.org, alexander.deucher@amd.com,
mathieu.desnoyers@efficios.com, horms@kernel.org, tom@talpey.com,
mark@fasheh.com, mikulas@artax.karlin.mff.cuni.cz,
djwong@kernel.org, edumazet@google.com, Olga Kornievskaia,
bharathsm@microsoft.com, adrian.hunter@intel.com,
osalvador@suse.de, peterz@infradead.org, christian.koenig@amd.com,
pc@manguebit.org, martin@omnibond.com, naohiro.aota@wdc.com,
frank.li@vivo.com, dsterba@suse.com, zohar@linux.ibm.com,
code@tyhicks.com, dwmw2@infradead.org, kuba@kernel.org,
kuniyu@google.com, nico@fluxnic.net, jack@suse.com,
dlemoal@kernel.org, viro@zeniv.linux.org.uk,
stephen.smalley.work@gmail.com, salah.triki@gmail.com,
David Howells, paul@paul-moore.com, luisbg@kernel.org,
irogers@google.com, acme@kernel.org, richard@nod.at,
rostedt@goodmis.org, idryomov@gmail.com,
joseph.qi@linux.alibaba.com, al@alarsen.net,
james.clark@linaro.org, dmitry.kasatkin@gmail.com,
roberto.sassu@huawei.com, konishi.ryusuke@gmail.com,
sprasad@microsoft.com, jaegeuk@kernel.org,
linux_oss@crudebyte.com, brauner@kernel.org, Dai.Ngo@oracle.com,
eric.snowberg@oracle.com, adilger.kernel@dilger.ca,
chao@kernel.org, wufan@kernel.org, coda@cs.cmu.edu, Ingo Molnar,
alex.aring@gmail.com, airlied@gmail.com, chengzhihao1@huawei.com,
Paolo Abeni, marc.dionne@auristor.com,
almaz.alexandrovich@paragon-software.com, davem@davemloft.net,
hch@infradead.org
Cc: ecryptfs@vger.kernel.org, linux-unionfs@vger.kernel.org,
apparmor@lists.ubuntu.com, linux-ext4@vger.kernel.org,
autofs@vger.kernel.org, amd-gfx@lists.freedesktop.org,
fsverity@lists.linux.dev, ntfs3@lists.linux.dev,
ocfs2-devel@lists.linux.dev, linux-fsdevel@vger.kernel.org,
linux-media@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, linux-integrity@vger.kernel.org,
samba-technical@lists.samba.org, linux-nilfs@vger.kernel.org,
selinux@vger.kernel.org, linaro-mm-sig@lists.linaro.org,
linux-trace-kernel@vger.kernel.org, v9fs@lists.linux.dev,
linux-xfs@vger.kernel.org, linux-x25@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net, nvdimm@lists.linux.dev,
ceph-devel@vger.kernel.org, jfs-discussion@lists.sourceforge.net,
linux-mtd@lists.infradead.org, devel@lists.orangefs.org,
linux-afs@lists.infradead.org, linux-fscrypt@vger.kernel.org,
linux-security-module@vger.kernel.org, linux-cifs@vger.kernel.org,
linux-hams@vger.kernel.org, linux-nfs@vger.kernel.org,
codalist@coda.cs.cmu.edu, linux-mm@kvack.org,
netfs@lists.linux.dev, linux-perf-users@vger.kernel.org,
dri-devel@lists.freedesktop.org
In-Reply-To: <20260226-iino-u64-v1-33-ccceff366db9@kernel.org>
On Thu, 2026-02-26 at 10:55 -0500, Jeff Layton wrote:
> Update format strings and local variable types in hfs for the
> i_ino type change from unsigned long to u64.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> fs/hfs/catalog.c | 2 +-
> fs/hfs/extent.c | 4 ++--
> fs/hfs/inode.c | 4 ++--
> 3 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/fs/hfs/catalog.c b/fs/hfs/catalog.c
> index b80ba40e38776123759df4b85c7f65daa19c6436..7f5339ee57c15aae2d5d00474133a985be3af6ca 100644
> --- a/fs/hfs/catalog.c
> +++ b/fs/hfs/catalog.c
> @@ -417,7 +417,7 @@ int hfs_cat_move(u32 cnid, struct inode *src_dir, const struct qstr *src_name,
> int entry_size, type;
> int err;
>
> - hfs_dbg("cnid %u - (ino %lu, name %s) - (ino %lu, name %s)\n",
> + hfs_dbg("cnid %u - (ino %llu, name %s) - (ino %llu, name %s)\n",
> cnid, src_dir->i_ino, src_name->name,
> dst_dir->i_ino, dst_name->name);
> sb = src_dir->i_sb;
> diff --git a/fs/hfs/extent.c b/fs/hfs/extent.c
> index a097908b269d0ad1575847dd01d6d4a4538262bf..f066a99a863bc739948aac921bc906874c6009b2 100644
> --- a/fs/hfs/extent.c
> +++ b/fs/hfs/extent.c
> @@ -411,7 +411,7 @@ int hfs_extend_file(struct inode *inode)
> goto out;
> }
>
> - hfs_dbg("ino %lu, start %u, len %u\n", inode->i_ino, start, len);
> + hfs_dbg("ino %llu, start %u, len %u\n", inode->i_ino, start, len);
> if (HFS_I(inode)->alloc_blocks == HFS_I(inode)->first_blocks) {
> if (!HFS_I(inode)->first_blocks) {
> hfs_dbg("first_extent: start %u, len %u\n",
> @@ -482,7 +482,7 @@ void hfs_file_truncate(struct inode *inode)
> u32 size;
> int res;
>
> - hfs_dbg("ino %lu, phys_size %llu -> i_size %llu\n",
> + hfs_dbg("ino %llu, phys_size %llu -> i_size %llu\n",
> inode->i_ino, (long long)HFS_I(inode)->phys_size,
> inode->i_size);
> if (inode->i_size > HFS_I(inode)->phys_size) {
> diff --git a/fs/hfs/inode.c b/fs/hfs/inode.c
> index 878535db64d679995cd1f5c215f56c5258c3c720..95f0333a608b0fb57239cf5eec7d9489a25efb3a 100644
> --- a/fs/hfs/inode.c
> +++ b/fs/hfs/inode.c
> @@ -270,7 +270,7 @@ void hfs_delete_inode(struct inode *inode)
> {
> struct super_block *sb = inode->i_sb;
>
> - hfs_dbg("ino %lu\n", inode->i_ino);
> + hfs_dbg("ino %llu\n", inode->i_ino);
> if (S_ISDIR(inode->i_mode)) {
> atomic64_dec(&HFS_SB(sb)->folder_count);
> if (HFS_I(inode)->cat_key.ParID == cpu_to_be32(HFS_ROOT_CNID))
> @@ -455,7 +455,7 @@ int hfs_write_inode(struct inode *inode, struct writeback_control *wbc)
> hfs_cat_rec rec;
> int res;
>
> - hfs_dbg("ino %lu\n", inode->i_ino);
> + hfs_dbg("ino %llu\n", inode->i_ino);
> res = hfs_ext_write_extent(inode);
> if (res)
> return res;
Looks good.
Reviewed-by: Viacheslav Dubeyko <slava@dubeyko.com>
Thanks,
Slava.
^ permalink raw reply
* Re: IMA and PQC
From: Stefan Berger @ 2026-02-26 19:21 UTC (permalink / raw)
To: Eric Biggers
Cc: Simo Sorce, Coiby Xu, Johannes Wiesböck, dhowells,
dmitry.kasatkin, eric.snowberg, keyrings, linux-crypto,
linux-integrity, linux-kernel, linux-modules, roberto.sassu,
zohar, michael.weiss
In-Reply-To: <20260226183248.GE2251@sol>
On 2/26/26 1:32 PM, Eric Biggers wrote:
> On Thu, Feb 26, 2026 at 12:22:32PM -0500, Stefan Berger wrote:
>>> I see that IMA indeed never upgraded full file hashes to use
>>> 'struct ima_file_id'. Building a new feature that relies on this seems
>>> like a bad idea though, given that it's a security bug that makes the> IMA
>> protocol cryptographically ambiguous. I.e., it means that in IMA,
>>> when the contents of some file are signed, that signature is sometimes
>>> also valid for some other file contents which the signer didn't intend.
>>
>> You mean IMA should not sign the digest in the ima_file_id structure but
>> hash the ima_file_id structure in which this file digest is written into
>> (that we currently sign) and sign/verify this digest? And we would do this
>> to avoid two different files (with presumably different content) from having
>> the same hashes leading to the same signature? Which hashes (besides the
>> non-recommended ones) are so weak now that you must not merely sign a file's
>> hash?
>>
>> The problem with this is that older kernels (without patching) won't be able
>> to handle newer signatures.
>
> IMA needs to sign the entire ima_file_id structure, which is indeed what
> IMA already does when it uses that structure. (Well, actually it signs
> a hash of the struct, but that's best thought of an implementation
> detail of legacy signature algorithms that can only sign hashes. For a
> modern algorithm the whole struct should be passed instead.) Just IMA
> uses that structure only for fsverity hashes, which is a bug that makes
> the IMA protocol ambiguous. It needs to use ima_file_id consistently,
> otherwise a signed message sometimes corresponds to multiple unique file
> contents even without a break in the cryptographic hash function.
Before we jump into making changes on this old stuff I think it's good
to understand the underlying problem and the likelyhood of signatures
validating different data, such as a file and fsverity data. How likely
is this?
Assuming a strong hash I suppose that is not a concern with RSA because
here the digest is padded and then directly encrypted with the private
key. Upon verification (pub key decrypt) we would unpad and memcmp the
digests.
Again, assuming a strong hash: With ECDSA NIST P256 for example we have
a 32 byte signature. With a SHA512 being used for hashing for example we
would be doing a projection of a 64byte hash space to a 32byte signature
space with. Just by this projection of a much larger space into a
smaller space signatures that validate multiple input data could be a
problem. One 'easy' case where signatures for different input data is
the same (not exactly the same due to nonce involved the signature is
verifyable), albeit unlikely, is that there could be different input
data for the SHA512 that lead to the same 32bytes prefix, which is then
used after truncating the sha512 to the first 32 bytes for the ECDSA
signature, and this then leads to a signature that is verifyable for
different input data. So that's the 'simple' case at least for this
thought experiment for a non-expert.
Now what should still be difficult to do is given a file and a
hash-to-use that you can create fsverity content that leads to a hash
that in turn leads to a NIST-P256 signature that can be used for
signature verification(s) of the file and the totally different fsverity
data. Is this a problem that is as difficult to solve just as finding
different input data for a hash that leads to the same digest?
>
> Sure, when that bug is fixed, old kernels won't support the new
> signatures for files that use a full-file hash. But the same applies to
> starting to use a new signature algorithm, such as ML-DSA.
>
> - Eric
>
^ permalink raw reply
* Re: IMA and PQC
From: Simo Sorce @ 2026-02-26 18:42 UTC (permalink / raw)
To: Stefan Berger, Eric Biggers
Cc: Coiby Xu, Johannes Wiesböck, dhowells, dmitry.kasatkin,
eric.snowberg, keyrings, linux-crypto, linux-integrity,
linux-kernel, linux-modules, roberto.sassu, zohar, michael.weiss
In-Reply-To: <969c74f3-81ed-442c-87dd-381274a642a7@linux.ibm.com>
On Thu, 2026-02-26 at 12:22 -0500, Stefan Berger wrote:
>
> On 2/26/26 11:58 AM, Eric Biggers wrote:
> > On Thu, Feb 26, 2026 at 10:27:43AM -0500, Simo Sorce wrote:
> > > On Thu, 2026-02-26 at 09:16 -0500, Stefan Berger wrote:
> > > > On 2/26/26 7:42 AM, Stefan Berger wrote:
> > > > > On 2/25/26 7:10 PM, Eric Biggers wrote:
> > > > > > On Wed, Feb 25, 2026 at 09:25:43AM -0500, Stefan Berger wrote:
> > > > > > > To avoid duplicate work: Is either one of you planning on writing
> > > > > > > patches
> > > > > > > for IMA to use ML-DSA and convert the current ML-DSA to also support
> > > > > > > HashML?
> > > > > > > I had done the work on this before and could dig out the patches
> > > > > > > again...
> > > > > >
> > > > > > IMA already had to add its own digest prefixing support, since it was
> > > > > > needed to disambiguate between full-file digests and fsverity digests.
> > > > > > See 'struct ima_file_id'. Thus the message signed is at most 66 bytes.
> > > > >
> > > > > The hash there is still only a hash over a file and that hash is signed,
> > > > > isn't it?
> > > > >
> > > > > >
> > > > > > With that being the case, HashML-DSA isn't necessary. It's not even
> > > > > > possible to use here, since there are no OIDs assigned for the fsverity
> > > > > > digests, so it cannot replace the ima_file_id.
> > > > >
> > > > > For non-fsverify IMA signatures it is 'possible' to use HashML-DSA and
> > > > > it's 'working' (recycled old patches yesterday):
> > > > >
> > > > > Linux: https://github.com/stefanberger/linux/commits/
> > > > > dhmlsa%2Bima.202602025/
> > > > >
> > > > > ima-evm-utils: https://github.com/linux-integrity/ima-evm-utils/pull/19/
> > > > > commits
> > > > >
> > > > > >
> > > > > > I'll also note that HashML-DSA is controversial (e.g. see
> > > > > > https://keymaterial.net/2024/11/05/hashml-dsa-considered-harmful/),
> > > > >
> > > > > The problem with this is that NIST would have to react to these
> > > > > controversies as we race to support PQC. If something is wrong with the
> > > > > standard then it would be best for NIST to withdraw/modify HashML-DSA
> > > > > asap. Otherwise it's the best to follow the standard IMO because if you
> > > > > don't you get criticism otherwise.
> > > >
> > > > What I am not clear about from FIPS-204 is whether availability of
> > > > HashML-DSA is a "must-use" or a "may-use". What speaks against it for
> > > > our use case is performance. The lookup of a hash's ID (last digit of
> > > > OID) and the creation of the 11 byte encoding to prepend before every
> > > > digest for every signature takes cycles.
> > >
> > > It is a recommendation, but there are plenty of protocols (TLS,
> > > OpenPGP, etc...) where the decision has been made to use "pure" ML-DSA
> > > only, even if what you are signing is not the full data, but something
> > > containing a hash.
> > >
> > > Ideally you do not sign *just* a hash, but some structured data, like a
> > > context label that identifies the hash and some other related metadata
> > > for example. In order to make forgeries much harder should the hashing
> > > algorithm used to hash the data weaken over time. But it is not
> > > strictly necessary (NIST mentioned in some forum, sorry I do not have
> > > the message handy for quoting, that a structured packet is perfectly
> > > fine for use with pure ML-DSA, because it does enough to address the
> > > same issues that a separate internal context does with HashML-DSA).
> > >
> > > If pure-ML-DSA works better for IMA, just use pure ML-DSA.
> > >
> > > > Maybe it should explicitly state in FIPS-204 something along the lines
> > > > of "with a given hash either ML-DSA or HashML-DSA can be used (for as
> > > > long as you use it in the same way from then on)." At least this way
> > > > nobody can point out that HashML-DSA should have been used when you didn't.
> > >
> > > NIST will not change the standard documents any time soon, but for FIPS
> > > certification there are Implementation Guidelines.
> > >
> > > In any case a FIPS module cannot distinguish between data that happens
> > > to be 32 bytes long and a hash of larger data, so the point is kind of
> > > moot. From the FIPS perspective HashML-DSA is just an available
> > > algorithm that protocol implementations can use, or not.
> > >
> > > There are additional guidelines on what this may be useful for, but so
> > > far NIST has not objected to the use of pure ML-DSA even where
> > > theoretically HashML-DSA could be used.
> >
> > I see that IMA indeed never upgraded full file hashes to use
> > 'struct ima_file_id'. Building a new feature that relies on this seems
> > like a bad idea though, given that it's a security bug that makes
> the> IMA protocol cryptographically ambiguous. I.e., it means that in IMA,
> > when the contents of some file are signed, that signature is sometimes
> > also valid for some other file contents which the signer didn't intend.
>
> You mean IMA should not sign the digest in the ima_file_id structure but
> hash the ima_file_id structure in which this file digest is written into
> (that we currently sign) and sign/verify this digest?
You should not (need to) hash it, just format it and the use ML-DSA to
sign it.
> And we would do
> this to avoid two different files (with presumably different content)
> from having the same hashes leading to the same signature? Which hashes
> (besides the non-recommended ones) are so weak now that you must not
> merely sign a file's hash?
>
> The problem with this is that older kernels (without patching) won't be
> able to handle newer signatures.
Ad a kernel option to use the new format? Old kernels won't be able to
deal with ML-DSA IMA either.
> >
> > Just fix that bug first, which has to be done anyway. Then just use
> > pure ML-DSA to sign and verify the 'struct ima_file_id'.
> > > As Simo mentioned, FIPS 204 doesn't require HashML-DSA when signing a
> > hash. It's there as an *option* to solve a perceived problem, which is
> > actually solvable in better ways.
> >
> > NIST doesn't plan to update FIPS 204 until 2029, and most likely the
> > updates will just be errata in the text (such as the ones I reported to
> > them), not changes or withdrawals in the algorithms themselves. But
> > it's irrelevant: just because HashML-DSA is an option doesn't mean it
> > has to be used. Pure ML-DSA supports arbitrary data, which includes
>
> And I was sure whether it was merely an 'option'. Who would use it then
> if it takes more cycles to hash the prepended 11 byte oid in HashML-DSA?
Nobody is using HashML-DSA at the moment.
--
Simo Sorce
Distinguished Engineer
RHEL Crypto Team
Red Hat, Inc
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox