diff mbox series

[07/13] fsverity: pass the new tree size and block size to ->begin_enable_verity

Message ID 171175867981.1987804.2143506550606185399.stgit@frogsfrogsfrogs (mailing list archive)
State New, archived
Headers show
Series [01/13] fs: add FS_XFLAG_VERITY for verity files | expand

Commit Message

Darrick J. Wong March 30, 2024, 12:34 a.m. UTC
From: Darrick J. Wong <djwong@kernel.org>

When starting up the process of enabling fsverity on a file, pass the
new size of the merkle tree and the merkle tree block size to the fs
implementation.  XFS will want this information later to try to clean
out a failed previous enablement attempt.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
---
 fs/btrfs/verity.c        |    3 ++-
 fs/ext4/verity.c         |    3 ++-
 fs/f2fs/verity.c         |    3 ++-
 fs/verity/enable.c       |    3 ++-
 include/linux/fsverity.h |    5 ++++-
 5 files changed, 12 insertions(+), 5 deletions(-)

Comments

Eric Biggers April 5, 2024, 2:46 a.m. UTC | #1
On Fri, Mar 29, 2024 at 05:34:30PM -0700, Darrick J. Wong wrote:
> diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
> index 52de58d6f021f..030d7094d80fc 100644
> --- a/include/linux/fsverity.h
> +++ b/include/linux/fsverity.h
> @@ -82,6 +82,8 @@ struct fsverity_operations {
>  	 * Begin enabling verity on the given file.
>  	 *
>  	 * @filp: a readonly file descriptor for the file
> +	 * @merkle_tree_size: total bytes the new Merkle tree will take up
> +	 * @tree_blocksize: the new Merkle tree block size

"new Merkle tree block size" is confusing because there's no old Merkle tree
block size here.  Maybe delete "new" from the above two lines.

- Eric
Darrick J. Wong April 24, 2024, 9:36 p.m. UTC | #2
On Thu, Apr 04, 2024 at 10:46:09PM -0400, Eric Biggers wrote:
> On Fri, Mar 29, 2024 at 05:34:30PM -0700, Darrick J. Wong wrote:
> > diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
> > index 52de58d6f021f..030d7094d80fc 100644
> > --- a/include/linux/fsverity.h
> > +++ b/include/linux/fsverity.h
> > @@ -82,6 +82,8 @@ struct fsverity_operations {
> >  	 * Begin enabling verity on the given file.
> >  	 *
> >  	 * @filp: a readonly file descriptor for the file
> > +	 * @merkle_tree_size: total bytes the new Merkle tree will take up
> > +	 * @tree_blocksize: the new Merkle tree block size
> 
> "new Merkle tree block size" is confusing because there's no old Merkle tree
> block size here.  Maybe delete "new" from the above two lines.

Done.

--D

> - Eric
>
diff mbox series

Patch

diff --git a/fs/btrfs/verity.c b/fs/btrfs/verity.c
index 647a22e07748e..a3235571bf02d 100644
--- a/fs/btrfs/verity.c
+++ b/fs/btrfs/verity.c
@@ -578,7 +578,8 @@  static int finish_verity(struct btrfs_inode *inode, const void *desc,
  *
  * Returns 0 on success, negative error code on failure.
  */
-static int btrfs_begin_enable_verity(struct file *filp)
+static int btrfs_begin_enable_verity(struct file *filp, u64 merkle_tree_size,
+				     unsigned int tree_blocksize)
 {
 	struct btrfs_inode *inode = BTRFS_I(file_inode(filp));
 	struct btrfs_root *root = inode->root;
diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c
index da2095a813492..a8ae8c912cb5d 100644
--- a/fs/ext4/verity.c
+++ b/fs/ext4/verity.c
@@ -99,7 +99,8 @@  static int pagecache_write(struct inode *inode, const void *buf, size_t count,
 	return 0;
 }
 
-static int ext4_begin_enable_verity(struct file *filp)
+static int ext4_begin_enable_verity(struct file *filp, u64 merkle_tree_size,
+				    unsigned int tree_blocksize)
 {
 	struct inode *inode = file_inode(filp);
 	const int credits = 2; /* superblock and inode for ext4_orphan_add() */
diff --git a/fs/f2fs/verity.c b/fs/f2fs/verity.c
index 8fdac653ff8e8..595d702c2c5c4 100644
--- a/fs/f2fs/verity.c
+++ b/fs/f2fs/verity.c
@@ -115,7 +115,8 @@  struct fsverity_descriptor_location {
 	__le64 pos;
 };
 
-static int f2fs_begin_enable_verity(struct file *filp)
+static int f2fs_begin_enable_verity(struct file *filp, u64 merkle_tree_size,
+				    unsigned int tree_blocksize)
 {
 	struct inode *inode = file_inode(filp);
 	int err;
diff --git a/fs/verity/enable.c b/fs/verity/enable.c
index 9f743f9160100..1d4a6de960149 100644
--- a/fs/verity/enable.c
+++ b/fs/verity/enable.c
@@ -237,7 +237,8 @@  static int enable_verity(struct file *filp,
 	if (IS_VERITY(inode))
 		err = -EEXIST;
 	else
-		err = vops->begin_enable_verity(filp);
+		err = vops->begin_enable_verity(filp, params.tree_size,
+				      params.block_size);
 	inode_unlock(inode);
 	if (err)
 		goto out;
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index 52de58d6f021f..030d7094d80fc 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -82,6 +82,8 @@  struct fsverity_operations {
 	 * Begin enabling verity on the given file.
 	 *
 	 * @filp: a readonly file descriptor for the file
+	 * @merkle_tree_size: total bytes the new Merkle tree will take up
+	 * @tree_blocksize: the new Merkle tree block size
 	 *
 	 * The filesystem must do any needed filesystem-specific preparations
 	 * for enabling verity, e.g. evicting inline data.  It also must return
@@ -91,7 +93,8 @@  struct fsverity_operations {
 	 *
 	 * Return: 0 on success, -errno on failure
 	 */
-	int (*begin_enable_verity)(struct file *filp);
+	int (*begin_enable_verity)(struct file *filp, u64 merkle_tree_size,
+				   unsigned int tree_blocksize);
 
 	/**
 	 * End enabling verity on the given file.