[0/4] statx: expose the fs-verity bit

Message ID	20191029204141.145309-1-ebiggers@kernel.org (mailing list archive)
Headers	show Return-Path: <SRS0=flP6=YW=vger.kernel.org=linux-fsdevel-owner@kernel.org> From: Eric Biggers <ebiggers@kernel.org> To: linux-fscrypt@vger.kernel.org Cc: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-api@vger.kernel.org, David Howells <dhowells@redhat.com>, Theodore Ts'o <tytso@mit.edu>, Jaegeuk Kim <jaegeuk@kernel.org>, Victor Hsieh <victorhsieh@google.com> Subject: [PATCH 0/4] statx: expose the fs-verity bit Date: Tue, 29 Oct 2019 13:41:37 -0700 Message-Id: <20191029204141.145309-1-ebiggers@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk
Series	statx: expose the fs-verity bit \| expand [0/4] statx: expose the fs-verity bit [1/4] statx: define STATX_ATTR_VERITY [2/4] ext4: support STATX_ATTR_VERITY [3/4] f2fs: support STATX_ATTR_VERITY [4/4] docs: fs-verity: mention statx() support

Message ID

20191029204141.145309-1-ebiggers@kernel.org (mailing list archive)

Headers

From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org,
        linux-f2fs-devel@lists.sourceforge.net, linux-api@vger.kernel.org,
        David Howells <dhowells@redhat.com>,
        Theodore Ts'o <tytso@mit.edu>,
        Jaegeuk Kim <jaegeuk@kernel.org>,
        Victor Hsieh <victorhsieh@google.com>
Subject: [PATCH 0/4] statx: expose the fs-verity bit
Date: Tue, 29 Oct 2019 13:41:37 -0700
Message-Id: <20191029204141.145309-1-ebiggers@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk

Series

statx: expose the fs-verity bit | expand

Message

Eric Biggers Oct. 29, 2019, 8:41 p.m. UTC

This patchset exposes the verity bit (a.k.a. FS_VERITY_FL) via statx().

This is useful because it allows applications to check whether a file is
a verity file without opening it.  Opening a verity file can be
expensive because the fsverity_info is set up on open, which involves
parsing metadata and optionally verifying a cryptographic signature.

This is analogous to how various other bits are exposed through both
FS_IOC_GETFLAGS and statx(), e.g. the encrypt bit.

This patchset applies to v5.4-rc5.

Eric Biggers (4):
  statx: define STATX_ATTR_VERITY
  ext4: support STATX_ATTR_VERITY
  f2fs: support STATX_ATTR_VERITY
  docs: fs-verity: mention statx() support

 Documentation/filesystems/fsverity.rst | 8 ++++++++
 fs/ext4/inode.c                        | 5 ++++-
 fs/f2fs/file.c                         | 5 ++++-
 include/linux/stat.h                   | 3 ++-
 include/uapi/linux/stat.h              | 2 +-
 5 files changed, 19 insertions(+), 4 deletions(-)

Comments

Eric Biggers Nov. 6, 2019, 9:57 p.m. UTC | #1

On Tue, Oct 29, 2019 at 01:41:37PM -0700, Eric Biggers wrote:
> This patchset exposes the verity bit (a.k.a. FS_VERITY_FL) via statx().
> 
> This is useful because it allows applications to check whether a file is
> a verity file without opening it.  Opening a verity file can be
> expensive because the fsverity_info is set up on open, which involves
> parsing metadata and optionally verifying a cryptographic signature.
> 
> This is analogous to how various other bits are exposed through both
> FS_IOC_GETFLAGS and statx(), e.g. the encrypt bit.
> 
> This patchset applies to v5.4-rc5.
> 
> Eric Biggers (4):
>   statx: define STATX_ATTR_VERITY
>   ext4: support STATX_ATTR_VERITY
>   f2fs: support STATX_ATTR_VERITY
>   docs: fs-verity: mention statx() support
> 
>  Documentation/filesystems/fsverity.rst | 8 ++++++++
>  fs/ext4/inode.c                        | 5 ++++-
>  fs/f2fs/file.c                         | 5 ++++-
>  include/linux/stat.h                   | 3 ++-
>  include/uapi/linux/stat.h              | 2 +-
>  5 files changed, 19 insertions(+), 4 deletions(-)
> 

Any more comments on this?

- Eric

Eric Biggers Nov. 13, 2019, 8:20 p.m. UTC | #2

On Tue, Oct 29, 2019 at 01:41:37PM -0700, Eric Biggers wrote:
> This patchset exposes the verity bit (a.k.a. FS_VERITY_FL) via statx().
> 
> This is useful because it allows applications to check whether a file is
> a verity file without opening it.  Opening a verity file can be
> expensive because the fsverity_info is set up on open, which involves
> parsing metadata and optionally verifying a cryptographic signature.
> 
> This is analogous to how various other bits are exposed through both
> FS_IOC_GETFLAGS and statx(), e.g. the encrypt bit.
> 
> This patchset applies to v5.4-rc5.
> 
> Eric Biggers (4):
>   statx: define STATX_ATTR_VERITY
>   ext4: support STATX_ATTR_VERITY
>   f2fs: support STATX_ATTR_VERITY
>   docs: fs-verity: mention statx() support
> 
>  Documentation/filesystems/fsverity.rst | 8 ++++++++
>  fs/ext4/inode.c                        | 5 ++++-
>  fs/f2fs/file.c                         | 5 ++++-
>  include/linux/stat.h                   | 3 ++-
>  include/uapi/linux/stat.h              | 2 +-
>  5 files changed, 19 insertions(+), 4 deletions(-)

Applied to fscrypt.git#fsverity for 5.5.

- Eric