@@ -621,6 +621,7 @@ static int btrfs_begin_enable_verity(struct file *filp)
* @desc: verity descriptor to write out (NULL in error conditions)
* @desc_size: size of the verity descriptor (variable with signatures)
* @merkle_tree_size: size of the merkle tree in bytes
+ * @tree_blocksize: size of the Merkle tree block
*
* If desc is null, then VFS is signaling an error occurred during verity
* enable, and we should try to rollback. Otherwise, attempt to finish verity.
@@ -628,7 +629,8 @@ static int btrfs_begin_enable_verity(struct file *filp)
* Returns 0 on success, negative error code on error.
*/
static int btrfs_end_enable_verity(struct file *filp, const void *desc,
- size_t desc_size, u64 merkle_tree_size)
+ size_t desc_size, u64 merkle_tree_size,
+ unsigned int tree_blocksize)
{
struct btrfs_inode *inode = BTRFS_I(file_inode(filp));
int ret = 0;
@@ -189,7 +189,8 @@ static int ext4_write_verity_descriptor(struct inode *inode, const void *desc,
}
static int ext4_end_enable_verity(struct file *filp, const void *desc,
- size_t desc_size, u64 merkle_tree_size)
+ size_t desc_size, u64 merkle_tree_size,
+ unsigned int tree_blocksize)
{
struct inode *inode = file_inode(filp);
const int credits = 2; /* superblock and inode for ext4_orphan_del() */
@@ -144,7 +144,8 @@ static int f2fs_begin_enable_verity(struct file *filp)
}
static int f2fs_end_enable_verity(struct file *filp, const void *desc,
- size_t desc_size, u64 merkle_tree_size)
+ size_t desc_size, u64 merkle_tree_size,
+ unsigned int tree_blocksize)
{
struct inode *inode = file_inode(filp);
struct f2fs_sb_info *sbi = F2FS_I_SB(inode);
@@ -274,7 +274,8 @@ static int enable_verity(struct file *filp,
* Serialized with ->begin_enable_verity() by the inode lock.
*/
inode_lock(inode);
- err = vops->end_enable_verity(filp, desc, desc_size, params.tree_size);
+ err = vops->end_enable_verity(filp, desc, desc_size, params.tree_size,
+ params.block_size);
inode_unlock(inode);
if (err) {
fsverity_err(inode, "%ps() failed with err %d",
@@ -300,7 +301,8 @@ static int enable_verity(struct file *filp,
rollback:
inode_lock(inode);
- (void)vops->end_enable_verity(filp, NULL, 0, params.tree_size);
+ (void)vops->end_enable_verity(filp, NULL, 0, params.tree_size,
+ params.block_size);
inode_unlock(inode);
goto out;
}
@@ -51,6 +51,7 @@ struct fsverity_operations {
* @desc: the verity descriptor to write, or NULL on failure
* @desc_size: size of verity descriptor, or 0 on failure
* @merkle_tree_size: total bytes the Merkle tree took up
+ * @tree_blocksize: size of the Merkle tree block
*
* If desc == NULL, then enabling verity failed and the filesystem only
* must do any necessary cleanups. Else, it must also store the given
@@ -65,7 +66,8 @@ struct fsverity_operations {
* Return: 0 on success, -errno on failure
*/
int (*end_enable_verity)(struct file *filp, const void *desc,
- size_t desc_size, u64 merkle_tree_size);
+ size_t desc_size, u64 merkle_tree_size,
+ unsigned int tree_blocksize);
/**
* Get the verity descriptor of the given inode.
XFS will need to know log_blocksize to remove the tree in case of an error. The size is needed to calculate offsets of particular Merkle tree blocks. Signed-off-by: Andrey Albershteyn <aalbersh@redhat.com> --- fs/btrfs/verity.c | 4 +++- fs/ext4/verity.c | 3 ++- fs/f2fs/verity.c | 3 ++- fs/verity/enable.c | 6 ++++-- include/linux/fsverity.h | 4 +++- 5 files changed, 14 insertions(+), 6 deletions(-)