From patchwork Tue Apr 4 14:52:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200413 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1175DC6FD1D for ; Tue, 4 Apr 2023 14:56:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233017AbjDDOz7 (ORCPT ); Tue, 4 Apr 2023 10:55:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58008 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232512AbjDDOz5 (ORCPT ); Tue, 4 Apr 2023 10:55:57 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3839949D4 for ; Tue, 4 Apr 2023 07:54:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620086; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Mu/TYgURhfr8hK7U6stIfBangv6J3wSWfzsQZ+cJkGQ=; b=Rl1aPwifRp26zCj0nbkFETB/TOWCQ1gjeu5Qq26gtU+cFO0AxKK8KhP12Rhwn3oxYjjXUb +4RtjqaJF3Q1zMCm/OUJpt8Vx9MlV0vMbcWD3a7k2R3h0oIgpyU46KUTdZj5v8PHwfTUv6 4cH5pjJ3xiGTjZMeAjMxuY04UZIpLcg= Received: from mail-qk1-f197.google.com (mail-qk1-f197.google.com [209.85.222.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-465-73ubwq6xM8aI6mopyLZp4Q-1; Tue, 04 Apr 2023 10:54:44 -0400 X-MC-Unique: 73ubwq6xM8aI6mopyLZp4Q-1 Received: by mail-qk1-f197.google.com with SMTP id s190-20020ae9dec7000000b00746b7fae197so3535401qkf.12 for ; Tue, 04 Apr 2023 07:54:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620084; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Mu/TYgURhfr8hK7U6stIfBangv6J3wSWfzsQZ+cJkGQ=; b=h+QJtfwQM1xs2hMRePA7rDmvYClESZJQGdFpHm2AdOJn4eApYyXj2SxQf2W78pyx46 Trf3fTgHOYh2TOOUpnAmtnkzW7D1pdLJ5Ya1IY/elD011/bJpEA35uxHgoZK18+0Adef 11EuTWQajX4ZkRbAgWvZFccS/4UuP3darw0zsSvehQrPq3EGQCt0/IO/XHZ3UM8ZauHM biNAdCnFQXtE8m5ppLljMP2H4DpFb6TVYdZfxh0jE3qj38+Rjt1iCWmngvEmn2Lmq4hD 7CRORZMJ3Wqctj/maNqPmDVOaofOg8ml28vjUOnkYkWr4hjv9SyarLTLT1VYun8Z+0xG yDCw== X-Gm-Message-State: AAQBX9eMWOxAJCVLqRQaO7KOWDk/nUBQoi3GCBNA6K+pv4b5QIfTGUYD cojLwj3FVG+u49KHet3vnYQ8l+N4HLZZ8NlU1ya08qDTn8C4yOcAYR3WyyZHobzeO8eAj64m8Q/ uGO5DKBLwSZpITYE/AgV6qw== X-Received: by 2002:ac8:5a13:0:b0:3e3:937b:2a64 with SMTP id n19-20020ac85a13000000b003e3937b2a64mr3736996qta.18.1680620083959; Tue, 04 Apr 2023 07:54:43 -0700 (PDT) X-Google-Smtp-Source: AKy350YwX4bLGTdahm+NMX4R0qo4ogg8AwvBHQg1l9KHd+r+1n6TF6bmdPhAhTEI8OKPbhpGvFPy7w== X-Received: by 2002:ac8:5a13:0:b0:3e3:937b:2a64 with SMTP id n19-20020ac85a13000000b003e3937b2a64mr3736946qta.18.1680620083477; Tue, 04 Apr 2023 07:54:43 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.54.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:54:43 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Allison Henderson Subject: [PATCH v2 01/23] xfs: Add new name to attri/d Date: Tue, 4 Apr 2023 16:52:57 +0200 Message-Id: <20230404145319.2057051-2-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org From: Allison Henderson This patch adds two new fields to the atti/d. They are nname and nnamelen. This will be used for parent pointer updates since a rename operation may cause the parent pointer to update both the name and value. So we need to carry both the new name as well as the target name in the attri/d. Signed-off-by: Allison Henderson Reviewed-by: Darrick J. Wong --- fs/xfs/libxfs/xfs_attr.c | 12 ++- fs/xfs/libxfs/xfs_attr.h | 4 +- fs/xfs/libxfs/xfs_da_btree.h | 2 + fs/xfs/libxfs/xfs_log_format.h | 6 +- fs/xfs/xfs_attr_item.c | 135 +++++++++++++++++++++++++++------ fs/xfs/xfs_attr_item.h | 1 + 6 files changed, 133 insertions(+), 27 deletions(-) diff --git a/fs/xfs/libxfs/xfs_attr.c b/fs/xfs/libxfs/xfs_attr.c index e28d93d232de..b1dbed7655e8 100644 --- a/fs/xfs/libxfs/xfs_attr.c +++ b/fs/xfs/libxfs/xfs_attr.c @@ -423,6 +423,12 @@ xfs_attr_complete_op( args->op_flags &= ~XFS_DA_OP_REPLACE; if (do_replace) { args->attr_filter &= ~XFS_ATTR_INCOMPLETE; + if (args->new_namelen > 0) { + args->name = args->new_name; + args->namelen = args->new_namelen; + args->hashval = xfs_da_hashname(args->name, + args->namelen); + } return replace_state; } return XFS_DAS_DONE; @@ -922,9 +928,13 @@ xfs_attr_defer_replace( struct xfs_da_args *args) { struct xfs_attr_intent *new; + int op_flag; int error = 0; - error = xfs_attr_intent_init(args, XFS_ATTRI_OP_FLAGS_REPLACE, &new); + op_flag = args->new_namelen == 0 ? XFS_ATTRI_OP_FLAGS_REPLACE : + XFS_ATTRI_OP_FLAGS_NVREPLACE; + + error = xfs_attr_intent_init(args, op_flag, &new); if (error) return error; diff --git a/fs/xfs/libxfs/xfs_attr.h b/fs/xfs/libxfs/xfs_attr.h index 81be9b3e4004..3e81f3f48560 100644 --- a/fs/xfs/libxfs/xfs_attr.h +++ b/fs/xfs/libxfs/xfs_attr.h @@ -510,8 +510,8 @@ struct xfs_attr_intent { struct xfs_da_args *xattri_da_args; /* - * Shared buffer containing the attr name and value so that the logging - * code can share large memory buffers between log items. + * Shared buffer containing the attr name, new name, and value so that + * the logging code can share large memory buffers between log items. */ struct xfs_attri_log_nameval *xattri_nameval; diff --git a/fs/xfs/libxfs/xfs_da_btree.h b/fs/xfs/libxfs/xfs_da_btree.h index ffa3df5b2893..a4b29827603f 100644 --- a/fs/xfs/libxfs/xfs_da_btree.h +++ b/fs/xfs/libxfs/xfs_da_btree.h @@ -55,7 +55,9 @@ enum xfs_dacmp { typedef struct xfs_da_args { struct xfs_da_geometry *geo; /* da block geometry */ const uint8_t *name; /* string (maybe not NULL terminated) */ + const uint8_t *new_name; /* new attr name */ int namelen; /* length of string (maybe no NULL) */ + int new_namelen; /* new attr name len */ uint8_t filetype; /* filetype of inode for directories */ void *value; /* set of bytes (maybe contain NULLs) */ int valuelen; /* length of value */ diff --git a/fs/xfs/libxfs/xfs_log_format.h b/fs/xfs/libxfs/xfs_log_format.h index f13e0809dc63..ae9c99762a24 100644 --- a/fs/xfs/libxfs/xfs_log_format.h +++ b/fs/xfs/libxfs/xfs_log_format.h @@ -117,7 +117,8 @@ struct xfs_unmount_log_format { #define XLOG_REG_TYPE_ATTRD_FORMAT 28 #define XLOG_REG_TYPE_ATTR_NAME 29 #define XLOG_REG_TYPE_ATTR_VALUE 30 -#define XLOG_REG_TYPE_MAX 30 +#define XLOG_REG_TYPE_ATTR_NNAME 31 +#define XLOG_REG_TYPE_MAX 31 /* @@ -957,6 +958,7 @@ struct xfs_icreate_log { #define XFS_ATTRI_OP_FLAGS_SET 1 /* Set the attribute */ #define XFS_ATTRI_OP_FLAGS_REMOVE 2 /* Remove the attribute */ #define XFS_ATTRI_OP_FLAGS_REPLACE 3 /* Replace the attribute */ +#define XFS_ATTRI_OP_FLAGS_NVREPLACE 4 /* Replace attr name and val */ #define XFS_ATTRI_OP_FLAGS_TYPE_MASK 0xFF /* Flags type mask */ /* @@ -974,7 +976,7 @@ struct xfs_icreate_log { struct xfs_attri_log_format { uint16_t alfi_type; /* attri log item type */ uint16_t alfi_size; /* size of this item */ - uint32_t __pad; /* pad to 64 bit aligned */ + uint32_t alfi_nname_len; /* attr new name length */ uint64_t alfi_id; /* attri identifier */ uint64_t alfi_ino; /* the inode for this attr operation */ uint32_t alfi_op_flags; /* marks the op as a set or remove */ diff --git a/fs/xfs/xfs_attr_item.c b/fs/xfs/xfs_attr_item.c index 2788a6f2edcd..95e9ecbb4a67 100644 --- a/fs/xfs/xfs_attr_item.c +++ b/fs/xfs/xfs_attr_item.c @@ -75,6 +75,8 @@ static inline struct xfs_attri_log_nameval * xfs_attri_log_nameval_alloc( const void *name, unsigned int name_len, + const void *nname, + unsigned int nname_len, const void *value, unsigned int value_len) { @@ -85,15 +87,25 @@ xfs_attri_log_nameval_alloc( * this. But kvmalloc() utterly sucks, so we use our own version. */ nv = xlog_kvmalloc(sizeof(struct xfs_attri_log_nameval) + - name_len + value_len); + name_len + nname_len + value_len); nv->name.i_addr = nv + 1; nv->name.i_len = name_len; nv->name.i_type = XLOG_REG_TYPE_ATTR_NAME; memcpy(nv->name.i_addr, name, name_len); + if (nname_len) { + nv->nname.i_addr = nv->name.i_addr + name_len; + nv->nname.i_len = nname_len; + memcpy(nv->nname.i_addr, nname, nname_len); + } else { + nv->nname.i_addr = NULL; + nv->nname.i_len = 0; + } + nv->nname.i_type = XLOG_REG_TYPE_ATTR_NNAME; + if (value_len) { - nv->value.i_addr = nv->name.i_addr + name_len; + nv->value.i_addr = nv->name.i_addr + nname_len + name_len; nv->value.i_len = value_len; memcpy(nv->value.i_addr, value, value_len); } else { @@ -147,11 +159,15 @@ xfs_attri_item_size( *nbytes += sizeof(struct xfs_attri_log_format) + xlog_calc_iovec_len(nv->name.i_len); - if (!nv->value.i_len) - return; + if (nv->nname.i_len) { + *nvecs += 1; + *nbytes += xlog_calc_iovec_len(nv->nname.i_len); + } - *nvecs += 1; - *nbytes += xlog_calc_iovec_len(nv->value.i_len); + if (nv->value.i_len) { + *nvecs += 1; + *nbytes += xlog_calc_iovec_len(nv->value.i_len); + } } /* @@ -181,6 +197,9 @@ xfs_attri_item_format( ASSERT(nv->name.i_len > 0); attrip->attri_format.alfi_size++; + if (nv->nname.i_len > 0) + attrip->attri_format.alfi_size++; + if (nv->value.i_len > 0) attrip->attri_format.alfi_size++; @@ -188,6 +207,10 @@ xfs_attri_item_format( &attrip->attri_format, sizeof(struct xfs_attri_log_format)); xlog_copy_from_iovec(lv, &vecp, &nv->name); + + if (nv->nname.i_len > 0) + xlog_copy_from_iovec(lv, &vecp, &nv->nname); + if (nv->value.i_len > 0) xlog_copy_from_iovec(lv, &vecp, &nv->value); } @@ -374,6 +397,7 @@ xfs_attr_log_item( attrp->alfi_op_flags = attr->xattri_op_flags; attrp->alfi_value_len = attr->xattri_nameval->value.i_len; attrp->alfi_name_len = attr->xattri_nameval->name.i_len; + attrp->alfi_nname_len = attr->xattri_nameval->nname.i_len; ASSERT(!(attr->xattri_da_args->attr_filter & ~XFS_ATTRI_FILTER_MASK)); attrp->alfi_attr_filter = attr->xattri_da_args->attr_filter; } @@ -415,7 +439,8 @@ xfs_attr_create_intent( * deferred work state structure. */ attr->xattri_nameval = xfs_attri_log_nameval_alloc(args->name, - args->namelen, args->value, args->valuelen); + args->namelen, args->new_name, + args->new_namelen, args->value, args->valuelen); } attrip = xfs_attri_init(mp, attr->xattri_nameval); @@ -503,7 +528,8 @@ xfs_attri_validate( unsigned int op = attrp->alfi_op_flags & XFS_ATTRI_OP_FLAGS_TYPE_MASK; - if (attrp->__pad != 0) + if (attrp->alfi_op_flags != XFS_ATTRI_OP_FLAGS_NVREPLACE && + attrp->alfi_nname_len != 0) return false; if (attrp->alfi_op_flags & ~XFS_ATTRI_OP_FLAGS_TYPE_MASK) @@ -517,6 +543,7 @@ xfs_attri_validate( case XFS_ATTRI_OP_FLAGS_SET: case XFS_ATTRI_OP_FLAGS_REPLACE: case XFS_ATTRI_OP_FLAGS_REMOVE: + case XFS_ATTRI_OP_FLAGS_NVREPLACE: break; default: return false; @@ -526,9 +553,14 @@ xfs_attri_validate( return false; if ((attrp->alfi_name_len > XATTR_NAME_MAX) || + (attrp->alfi_nname_len > XATTR_NAME_MAX) || (attrp->alfi_name_len == 0)) return false; + if (op == XFS_ATTRI_OP_FLAGS_REMOVE && + attrp->alfi_value_len != 0) + return false; + return xfs_verify_ino(mp, attrp->alfi_ino); } @@ -589,6 +621,8 @@ xfs_attri_item_recover( args->whichfork = XFS_ATTR_FORK; args->name = nv->name.i_addr; args->namelen = nv->name.i_len; + args->new_name = nv->nname.i_addr; + args->new_namelen = nv->nname.i_len; args->hashval = xfs_da_hashname(args->name, args->namelen); args->attr_filter = attrp->alfi_attr_filter & XFS_ATTRI_FILTER_MASK; args->op_flags = XFS_DA_OP_RECOVERY | XFS_DA_OP_OKNOENT | @@ -599,6 +633,7 @@ xfs_attri_item_recover( switch (attr->xattri_op_flags) { case XFS_ATTRI_OP_FLAGS_SET: case XFS_ATTRI_OP_FLAGS_REPLACE: + case XFS_ATTRI_OP_FLAGS_NVREPLACE: args->value = nv->value.i_addr; args->valuelen = nv->value.i_len; args->total = xfs_attr_calc_size(args, &local); @@ -688,6 +723,7 @@ xfs_attri_item_relog( new_attrp->alfi_op_flags = old_attrp->alfi_op_flags; new_attrp->alfi_value_len = old_attrp->alfi_value_len; new_attrp->alfi_name_len = old_attrp->alfi_name_len; + new_attrp->alfi_nname_len = old_attrp->alfi_nname_len; new_attrp->alfi_attr_filter = old_attrp->alfi_attr_filter; xfs_trans_add_item(tp, &new_attrip->attri_item); @@ -710,48 +746,102 @@ xlog_recover_attri_commit_pass2( const void *attr_value = NULL; const void *attr_name; size_t len; - - attri_formatp = item->ri_buf[0].i_addr; - attr_name = item->ri_buf[1].i_addr; + const void *attr_nname = NULL; + int op, i = 0; /* Validate xfs_attri_log_format before the large memory allocation */ len = sizeof(struct xfs_attri_log_format); - if (item->ri_buf[0].i_len != len) { + if (item->ri_buf[i].i_len != len) { XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, - item->ri_buf[0].i_addr, item->ri_buf[0].i_len); + item->ri_buf[i].i_addr, item->ri_buf[i].i_len); return -EFSCORRUPTED; } + attri_formatp = item->ri_buf[i].i_addr; if (!xfs_attri_validate(mp, attri_formatp)) { XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, - item->ri_buf[0].i_addr, item->ri_buf[0].i_len); + item->ri_buf[i].i_addr, item->ri_buf[i].i_len); return -EFSCORRUPTED; } + op = attri_formatp->alfi_op_flags & XFS_ATTRI_OP_FLAGS_TYPE_MASK; + switch (op) { + case XFS_ATTRI_OP_FLAGS_SET: + case XFS_ATTRI_OP_FLAGS_REPLACE: + if (item->ri_total != 3) { + XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, + attri_formatp, len); + return -EFSCORRUPTED; + } + break; + case XFS_ATTRI_OP_FLAGS_REMOVE: + if (item->ri_total != 2) { + XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, + attri_formatp, len); + return -EFSCORRUPTED; + } + break; + case XFS_ATTRI_OP_FLAGS_NVREPLACE: + if (item->ri_total != 4) { + XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, + attri_formatp, len); + return -EFSCORRUPTED; + } + break; + default: + XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, + attri_formatp, len); + return -EFSCORRUPTED; + } + + i++; /* Validate the attr name */ - if (item->ri_buf[1].i_len != + if (item->ri_buf[i].i_len != xlog_calc_iovec_len(attri_formatp->alfi_name_len)) { XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, - item->ri_buf[0].i_addr, item->ri_buf[0].i_len); + attri_formatp, len); return -EFSCORRUPTED; } + attr_name = item->ri_buf[i].i_addr; if (!xfs_attr_namecheck(attr_name, attri_formatp->alfi_name_len)) { XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, - item->ri_buf[1].i_addr, item->ri_buf[1].i_len); + item->ri_buf[i].i_addr, item->ri_buf[i].i_len); return -EFSCORRUPTED; } + i++; + if (attri_formatp->alfi_nname_len) { + /* Validate the attr nname */ + if (item->ri_buf[i].i_len != + xlog_calc_iovec_len(attri_formatp->alfi_nname_len)) { + XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, + item->ri_buf[i].i_addr, + item->ri_buf[i].i_len); + return -EFSCORRUPTED; + } + + attr_nname = item->ri_buf[i].i_addr; + if (!xfs_attr_namecheck(attr_nname, + attri_formatp->alfi_nname_len)) { + XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, + item->ri_buf[i].i_addr, + item->ri_buf[i].i_len); + return -EFSCORRUPTED; + } + i++; + } + + /* Validate the attr value, if present */ if (attri_formatp->alfi_value_len != 0) { - if (item->ri_buf[2].i_len != xlog_calc_iovec_len(attri_formatp->alfi_value_len)) { + if (item->ri_buf[i].i_len != xlog_calc_iovec_len(attri_formatp->alfi_value_len)) { XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, - item->ri_buf[0].i_addr, - item->ri_buf[0].i_len); + attri_formatp, len); return -EFSCORRUPTED; } - attr_value = item->ri_buf[2].i_addr; + attr_value = item->ri_buf[i].i_addr; } /* @@ -760,7 +850,8 @@ xlog_recover_attri_commit_pass2( * reference. */ nv = xfs_attri_log_nameval_alloc(attr_name, - attri_formatp->alfi_name_len, attr_value, + attri_formatp->alfi_name_len, attr_nname, + attri_formatp->alfi_nname_len, attr_value, attri_formatp->alfi_value_len); attrip = xfs_attri_init(mp, nv); diff --git a/fs/xfs/xfs_attr_item.h b/fs/xfs/xfs_attr_item.h index 3280a7930287..24d4968dd6cc 100644 --- a/fs/xfs/xfs_attr_item.h +++ b/fs/xfs/xfs_attr_item.h @@ -13,6 +13,7 @@ struct kmem_zone; struct xfs_attri_log_nameval { struct xfs_log_iovec name; + struct xfs_log_iovec nname; struct xfs_log_iovec value; refcount_t refcount; From patchwork Tue Apr 4 14:52:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200414 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1A9A6C761A6 for ; Tue, 4 Apr 2023 14:56:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233244AbjDDO4J (ORCPT ); Tue, 4 Apr 2023 10:56:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58102 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232285AbjDDO4B (ORCPT ); Tue, 4 Apr 2023 10:56:01 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A39734ED8 for ; Tue, 4 Apr 2023 07:54:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620089; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EljYz9VZ7nVcMno61oSjo4fgwJueEqLgTdTvZAW6Ojc=; b=JnwgKaSwwyWuucjtkK6Wfn+G2iAvl0im/3ibO4J2+S6oRcvHrC514oEcRbM81xg5/7+NcK kK4m0i/RvMHfKFEjSICFP/e+Ex7x2QIIsq3xgvyYtao7SAjJT37Zvaaetekvec2a/rSONC t9WUMGPJtmLSND9r+Ls5caNcJEk6rzo= Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-668-bVvJzPeuNLGe3PU9FyQPUA-1; Tue, 04 Apr 2023 10:54:48 -0400 X-MC-Unique: bVvJzPeuNLGe3PU9FyQPUA-1 Received: by mail-qk1-f200.google.com with SMTP id 198-20020a370bcf000000b007468cffa4e2so14830780qkl.10 for ; Tue, 04 Apr 2023 07:54:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620088; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EljYz9VZ7nVcMno61oSjo4fgwJueEqLgTdTvZAW6Ojc=; b=vLRl1Wc9QylRWTAjztcdlYdx8WTohIx+ZyGSf/cZDIwLVM35hBc2zfU88ToM+C+ImM Bq0ZlCd5kmlKKxCgiN6kpl7aBS1MAS5VnUpQO6dh61vWB/vSup29+gmeA24jLKguo8TX eK81W+JrdoJzMgE76VUckOmi3/mUZNS6X8szIKzKoKBLJ81LJ7LdY1LRGcuM52Rsa8Kh rksvJKUlVv7p3ekYTKUg9uyaI/MRvoZ87jtE9H5F2dmKyWA7s26wK0l2vPMnM8x4Ey9h Ovl9XO68AmRf66Yv2SXPtqewmct3c//Mt0j3teVTVnkmIk/BDQ9oBgg8cXkmqiDDX5Xi TGvQ== X-Gm-Message-State: AAQBX9fCCMfAyT2g2ob64zU9orBurecmMhUjdiX2yDjwvmQ4sSrt8a/N s/XYB+RnL3yIVSfw16hyNsv+1V2PmPsMM/U4vppXqaa6mjSYAraYiXIjlQVoR3HUbWRO8BrHTjk sKLrzBpD9DEHqfEOt6wI01w== X-Received: by 2002:ad4:5be5:0:b0:5df:4d41:954d with SMTP id k5-20020ad45be5000000b005df4d41954dmr4197900qvc.3.1680620087796; Tue, 04 Apr 2023 07:54:47 -0700 (PDT) X-Google-Smtp-Source: AKy350awxiwQj29WkT4ggcZAS6daFPDjxiKszMVMUv7HrI39sj994HHwSVJ4OpAB2k+VsVfNFDI7fw== X-Received: by 2002:ad4:5be5:0:b0:5df:4d41:954d with SMTP id k5-20020ad45be5000000b005df4d41954dmr4197864qvc.3.1680620087448; Tue, 04 Apr 2023 07:54:47 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.54.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:54:47 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Allison Henderson , Mark Tinguely Subject: [PATCH v2 02/23] xfs: add parent pointer support to attribute code Date: Tue, 4 Apr 2023 16:52:58 +0200 Message-Id: <20230404145319.2057051-3-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org From: Allison Henderson Add the new parent attribute type. XFS_ATTR_PARENT is used only for parent pointer entries; it uses reserved blocks like XFS_ATTR_ROOT. Signed-off-by: Mark Tinguely Signed-off-by: Dave Chinner Signed-off-by: Allison Henderson Reviewed-by: Darrick J. Wong --- fs/xfs/libxfs/xfs_attr.c | 4 +++- fs/xfs/libxfs/xfs_da_format.h | 5 ++++- fs/xfs/libxfs/xfs_log_format.h | 1 + fs/xfs/scrub/attr.c | 2 +- 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/fs/xfs/libxfs/xfs_attr.c b/fs/xfs/libxfs/xfs_attr.c index b1dbed7655e8..101823772bf9 100644 --- a/fs/xfs/libxfs/xfs_attr.c +++ b/fs/xfs/libxfs/xfs_attr.c @@ -976,11 +976,13 @@ xfs_attr_set( struct xfs_inode *dp = args->dp; struct xfs_mount *mp = dp->i_mount; struct xfs_trans_res tres; - bool rsvd = (args->attr_filter & XFS_ATTR_ROOT); + bool rsvd; int error, local; int rmt_blks = 0; unsigned int total; + rsvd = (args->attr_filter & (XFS_ATTR_ROOT | XFS_ATTR_PARENT)) != 0; + if (xfs_is_shutdown(dp->i_mount)) return -EIO; diff --git a/fs/xfs/libxfs/xfs_da_format.h b/fs/xfs/libxfs/xfs_da_format.h index 25e2841084e1..3dc03968bba6 100644 --- a/fs/xfs/libxfs/xfs_da_format.h +++ b/fs/xfs/libxfs/xfs_da_format.h @@ -688,12 +688,15 @@ struct xfs_attr3_leafblock { #define XFS_ATTR_LOCAL_BIT 0 /* attr is stored locally */ #define XFS_ATTR_ROOT_BIT 1 /* limit access to trusted attrs */ #define XFS_ATTR_SECURE_BIT 2 /* limit access to secure attrs */ +#define XFS_ATTR_PARENT_BIT 3 /* parent pointer attrs */ #define XFS_ATTR_INCOMPLETE_BIT 7 /* attr in middle of create/delete */ #define XFS_ATTR_LOCAL (1u << XFS_ATTR_LOCAL_BIT) #define XFS_ATTR_ROOT (1u << XFS_ATTR_ROOT_BIT) #define XFS_ATTR_SECURE (1u << XFS_ATTR_SECURE_BIT) +#define XFS_ATTR_PARENT (1u << XFS_ATTR_PARENT_BIT) #define XFS_ATTR_INCOMPLETE (1u << XFS_ATTR_INCOMPLETE_BIT) -#define XFS_ATTR_NSP_ONDISK_MASK (XFS_ATTR_ROOT | XFS_ATTR_SECURE) +#define XFS_ATTR_NSP_ONDISK_MASK \ + (XFS_ATTR_ROOT | XFS_ATTR_SECURE | XFS_ATTR_PARENT) /* * Alignment for namelist and valuelist entries (since they are mixed diff --git a/fs/xfs/libxfs/xfs_log_format.h b/fs/xfs/libxfs/xfs_log_format.h index ae9c99762a24..727b5a858028 100644 --- a/fs/xfs/libxfs/xfs_log_format.h +++ b/fs/xfs/libxfs/xfs_log_format.h @@ -967,6 +967,7 @@ struct xfs_icreate_log { */ #define XFS_ATTRI_FILTER_MASK (XFS_ATTR_ROOT | \ XFS_ATTR_SECURE | \ + XFS_ATTR_PARENT | \ XFS_ATTR_INCOMPLETE) /* diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 31529b9bf389..9d2e33743ecd 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -441,7 +441,7 @@ xchk_xattr_rec( /* Retrieve the entry and check it. */ hash = be32_to_cpu(ent->hashval); badflags = ~(XFS_ATTR_LOCAL | XFS_ATTR_ROOT | XFS_ATTR_SECURE | - XFS_ATTR_INCOMPLETE); + XFS_ATTR_INCOMPLETE | XFS_ATTR_PARENT); if ((ent->flags & badflags) != 0) xchk_da_set_corrupt(ds, level); if (ent->flags & XFS_ATTR_LOCAL) { From patchwork Tue Apr 4 14:52:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200415 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 202B5C761A6 for ; Tue, 4 Apr 2023 14:56:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233346AbjDDO4L (ORCPT ); Tue, 4 Apr 2023 10:56:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58100 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233140AbjDDO4D (ORCPT ); Tue, 4 Apr 2023 10:56:03 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D15C54C2D for ; Tue, 4 Apr 2023 07:54:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620094; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=395KBh5jpp5sBhV7lwrvunRnw3iYM/DZo2HMst97yLA=; b=E30sym+wVe+0o6p+EKjVgvkAw22hUAOYxZDHstD5IJ+M+SqvvuYwo7Y8+B/3ll8uN3UNIV mwLRgSxC5T7U+EH6wV/q21HhXUSSQp1lYXrD8tCJRWbyxFNjQWhOKILy9S6v8moQMODMdm pBCYJCy7zY4M2ElGo3JJN2JKzvONuV4= Received: from mail-qt1-f199.google.com (mail-qt1-f199.google.com [209.85.160.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-192-WD36LDTVMXSxnGR93ivazA-1; Tue, 04 Apr 2023 10:54:52 -0400 X-MC-Unique: WD36LDTVMXSxnGR93ivazA-1 Received: by mail-qt1-f199.google.com with SMTP id r22-20020ac85c96000000b003e638022bc9so10333784qta.5 for ; Tue, 04 Apr 2023 07:54:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620092; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=395KBh5jpp5sBhV7lwrvunRnw3iYM/DZo2HMst97yLA=; b=OAzz5nWuaxIyV99USiTl//nyZUqBfk8TWLaulv6x89ZrC+PSSdZ2fGt2pXsdMOcStU Zad4faoZ1uwDVEG1j1PVzN6VK+S0eSYo1N7WFjQrkhq5pkL5AOF23sXmSM4dN8AwaRsW tJ0wWkxuivoNp4/4VPi3HfsFyVSu2SFaXX9aKZ2RyrrvM+hW+28xlG48L2tsCY+qw6P9 WaFogR5gPUZmml32a60PUbPT2d5IM1jAHeMJQwBtP0kFpCWsKCyNOgTdzY2xgjfYYsnQ inAVjcZq5sD1XAkpc/liebd+XuqyTt5mBjaUMOAX5tWbvoHvNTZ+aIXBDPTc53zILnu3 PLpA== X-Gm-Message-State: AAQBX9d5jyT0N/YsUoGT+/9UUopt4DZz1Kl66xR1/NO78HY5CI1kqIQV fw3kdm9amhJaxn9W9AzQebbmuUC373iUBVauJiIVUeYoZWdo5ApOkcU3ewmf1g/8rpxtLQa0bHV nLFK3+YMQZgjtm+hHL4WmdA== X-Received: by 2002:a05:622a:1495:b0:3e3:86d4:5df0 with SMTP id t21-20020a05622a149500b003e386d45df0mr3709059qtx.55.1680620092092; Tue, 04 Apr 2023 07:54:52 -0700 (PDT) X-Google-Smtp-Source: AKy350aPi48zuTVxqlQ2ykuKHu8ozrnZJsbxnbJpjnRK3ke426WVAPqcsUdJYViMl9WXPC5V56cQ2g== X-Received: by 2002:a05:622a:1495:b0:3e3:86d4:5df0 with SMTP id t21-20020a05622a149500b003e386d45df0mr3709024qtx.55.1680620091642; Tue, 04 Apr 2023 07:54:51 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.54.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:54:51 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Allison Henderson Subject: [PATCH v2 03/23] xfs: define parent pointer xattr format Date: Tue, 4 Apr 2023 16:52:59 +0200 Message-Id: <20230404145319.2057051-4-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org From: Allison Henderson We need to define the parent pointer attribute format before we start adding support for it into all the code that needs to use it. The EA format we will use encodes the following information: name={parent inode #, parent inode generation, dirent offset} value={dirent filename} The inode/gen gives all the information we need to reliably identify the parent without requiring child->parent lock ordering, and allows userspace to do pathname component level reconstruction without the kernel ever needing to verify the parent itself as part of ioctl calls. By using the dirent offset in the EA name, we have a method of knowing the exact parent pointer EA we need to modify/remove in rename/unlink without an unbound EA name search. By keeping the dirent name in the value, we have enough information to be able to validate and reconstruct damaged directory trees. While the diroffset of a filename alone is not unique enough to identify the child, the {diroffset,filename,child_inode} tuple is sufficient. That is, if the diroffset gets reused and points to a different filename, we can detect that from the contents of EA. If a link of the same name is created, then we can check whether it points at the same inode as the parent EA we current have. Signed-off-by: Dave Chinner Signed-off-by: Allison Henderson Reviewed-by: Darrick J. Wong --- fs/xfs/libxfs/xfs_da_format.h | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/fs/xfs/libxfs/xfs_da_format.h b/fs/xfs/libxfs/xfs_da_format.h index 3dc03968bba6..b02b67f1999e 100644 --- a/fs/xfs/libxfs/xfs_da_format.h +++ b/fs/xfs/libxfs/xfs_da_format.h @@ -805,4 +805,29 @@ static inline unsigned int xfs_dir2_dirblock_bytes(struct xfs_sb *sbp) xfs_failaddr_t xfs_da3_blkinfo_verify(struct xfs_buf *bp, struct xfs_da3_blkinfo *hdr3); +/* + * Parent pointer attribute format definition + * + * EA name encodes the parent inode number, generation and the offset of + * the dirent that points to the child inode. The EA value contains the + * same name as the dirent in the parent directory. + */ +struct xfs_parent_name_rec { + __be64 p_ino; + __be32 p_gen; + __be32 p_diroffset; +}; + +/* + * incore version of the above, also contains name pointers so callers + * can pass/obtain all the parent pointer information in a single structure + */ +struct xfs_parent_name_irec { + xfs_ino_t p_ino; + uint32_t p_gen; + xfs_dir2_dataptr_t p_diroffset; + const char *p_name; + uint8_t p_namelen; +}; + #endif /* __XFS_DA_FORMAT_H__ */ From patchwork Tue Apr 4 14:53:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200417 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 107E2C77B60 for ; Tue, 4 Apr 2023 14:56:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233678AbjDDO4P (ORCPT ); Tue, 4 Apr 2023 10:56:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58326 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232681AbjDDO4G (ORCPT ); Tue, 4 Apr 2023 10:56:06 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1D6321710 for ; Tue, 4 Apr 2023 07:54:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620098; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=do7mgrJpiSwWS1mlFAfBuj//WIsG4B8mI0gR4ORK1OQ=; b=PV9Bb2sK39g3rx0wkpLAFyntElrQPwETDSVRy3/nVdmbq1i954EJ88AihMkofOWdrKPu3b 7QC2b0ArKmiHnvYe7KutvcRfLGWnbosuofIugQG8N2Qv/N7ORBu5NNL4pmN5vnA3NfmVrb 2pyv1i8kyYyA59HsCOFFBGxxlijp3ks= Received: from mail-qt1-f199.google.com (mail-qt1-f199.google.com [209.85.160.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-85-wkic_rJKO5-UryqoYLncew-1; Tue, 04 Apr 2023 10:54:57 -0400 X-MC-Unique: wkic_rJKO5-UryqoYLncew-1 Received: by mail-qt1-f199.google.com with SMTP id r22-20020ac85c96000000b003e638022bc9so10333918qta.5 for ; Tue, 04 Apr 2023 07:54:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620096; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=do7mgrJpiSwWS1mlFAfBuj//WIsG4B8mI0gR4ORK1OQ=; b=QPJnXGMqsaGqmAxXD4Hc8U17mGI6CZExDn1PnFxLWIcZtBat8tY/VYIzeLV8BtaY5t uPwwSSbr64PUih0szURt0QTFi4V6ihva+5TU/sVAGPqT4ze7e7nQ6Zsj24vmO64tMaRh w2Ai40nOD4rhAuu8c/hWBBePrtakW6YJHrWq8epZQG5YXJjZPAFZ9bcG4ZieCCGxUmzi ax0H84bcm6WahIY201MpA6+Ve8kZ0q8GQKUX1eVzRLwGQKjoLcK8o0cGBmprC3iQeNFO bT1EYUzN3KE+7hSXQpcXM9CH18n8kJ1uStYGlbVXSHaQN7cLV7FB+QlZD6zzH/LZZwVW cGyQ== X-Gm-Message-State: AAQBX9d+tQJba/S9Ace2ahNjkUJrFzjIpO4tKwuZyFugE/423TXiNT3s DBgintjttFs6zZ4oadJNOpCZAtOFTHEoEDfYi6zIvrTvIxcqGu3p1rSeZdanNKmA4vCXLqO5ZdZ du/dcq0okVHVB/nFYEuxYDA== X-Received: by 2002:ac8:5dca:0:b0:3e6:4843:ce39 with SMTP id e10-20020ac85dca000000b003e64843ce39mr3446043qtx.21.1680620095705; Tue, 04 Apr 2023 07:54:55 -0700 (PDT) X-Google-Smtp-Source: AKy350YrWqDzCGkW5Me9zkv+YJzY1mx+oPLzV295riL8PYBIw4GPxqdHHd+/6CyZuOvEvtkOcPBiVQ== X-Received: by 2002:ac8:5dca:0:b0:3e6:4843:ce39 with SMTP id e10-20020ac85dca000000b003e64843ce39mr3445998qtx.21.1680620095304; Tue, 04 Apr 2023 07:54:55 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.54.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:54:55 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Allison Henderson Subject: [PATCH v2 04/23] xfs: Add xfs_verify_pptr Date: Tue, 4 Apr 2023 16:53:00 +0200 Message-Id: <20230404145319.2057051-5-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org From: Allison Henderson Attribute names of parent pointers are not strings. So we need to modify attr_namecheck to verify parent pointer records when the XFS_ATTR_PARENT flag is set. Signed-off-by: Allison Henderson Reviewed-by: Darrick J. Wong --- fs/xfs/libxfs/xfs_attr.c | 47 ++++++++++++++++++++++++++++++++--- fs/xfs/libxfs/xfs_attr.h | 3 ++- fs/xfs/libxfs/xfs_da_format.h | 8 ++++++ fs/xfs/scrub/attr.c | 2 +- fs/xfs/xfs_attr_item.c | 11 +++++--- fs/xfs/xfs_attr_list.c | 17 +++++++++---- 6 files changed, 74 insertions(+), 14 deletions(-) diff --git a/fs/xfs/libxfs/xfs_attr.c b/fs/xfs/libxfs/xfs_attr.c index 101823772bf9..711022742e34 100644 --- a/fs/xfs/libxfs/xfs_attr.c +++ b/fs/xfs/libxfs/xfs_attr.c @@ -1577,9 +1577,33 @@ xfs_attr_node_get( return error; } -/* Returns true if the attribute entry name is valid. */ -bool -xfs_attr_namecheck( +/* + * Verify parent pointer attribute is valid. + * Return true on success or false on failure + */ +STATIC bool +xfs_verify_pptr( + struct xfs_mount *mp, + const struct xfs_parent_name_rec *rec) +{ + xfs_ino_t p_ino; + xfs_dir2_dataptr_t p_diroffset; + + p_ino = be64_to_cpu(rec->p_ino); + p_diroffset = be32_to_cpu(rec->p_diroffset); + + if (!xfs_verify_ino(mp, p_ino)) + return false; + + if (p_diroffset > XFS_DIR2_MAX_DATAPTR) + return false; + + return true; +} + +/* Returns true if the string attribute entry name is valid. */ +static bool +xfs_str_attr_namecheck( const void *name, size_t length) { @@ -1594,6 +1618,23 @@ xfs_attr_namecheck( return !memchr(name, 0, length); } +/* Returns true if the attribute entry name is valid. */ +bool +xfs_attr_namecheck( + struct xfs_mount *mp, + const void *name, + size_t length, + int flags) +{ + if (flags & XFS_ATTR_PARENT) { + if (length != sizeof(struct xfs_parent_name_rec)) + return false; + return xfs_verify_pptr(mp, (struct xfs_parent_name_rec *)name); + } + + return xfs_str_attr_namecheck(name, length); +} + int __init xfs_attr_intent_init_cache(void) { diff --git a/fs/xfs/libxfs/xfs_attr.h b/fs/xfs/libxfs/xfs_attr.h index 3e81f3f48560..b79dae788cfb 100644 --- a/fs/xfs/libxfs/xfs_attr.h +++ b/fs/xfs/libxfs/xfs_attr.h @@ -547,7 +547,8 @@ int xfs_attr_get(struct xfs_da_args *args); int xfs_attr_set(struct xfs_da_args *args); int xfs_attr_set_iter(struct xfs_attr_intent *attr); int xfs_attr_remove_iter(struct xfs_attr_intent *attr); -bool xfs_attr_namecheck(const void *name, size_t length); +bool xfs_attr_namecheck(struct xfs_mount *mp, const void *name, size_t length, + int flags); int xfs_attr_calc_size(struct xfs_da_args *args, int *local); void xfs_init_attr_trans(struct xfs_da_args *args, struct xfs_trans_res *tres, unsigned int *total); diff --git a/fs/xfs/libxfs/xfs_da_format.h b/fs/xfs/libxfs/xfs_da_format.h index b02b67f1999e..75b13807145d 100644 --- a/fs/xfs/libxfs/xfs_da_format.h +++ b/fs/xfs/libxfs/xfs_da_format.h @@ -731,6 +731,14 @@ xfs_attr3_leaf_name(xfs_attr_leafblock_t *leafp, int idx) return &((char *)leafp)[be16_to_cpu(entries[idx].nameidx)]; } +static inline int +xfs_attr3_leaf_flags(xfs_attr_leafblock_t *leafp, int idx) +{ + struct xfs_attr_leaf_entry *entries = xfs_attr3_leaf_entryp(leafp); + + return entries[idx].flags; +} + static inline xfs_attr_leaf_name_remote_t * xfs_attr3_leaf_name_remote(xfs_attr_leafblock_t *leafp, int idx) { diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 9d2e33743ecd..2a79a13cb600 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -129,7 +129,7 @@ xchk_xattr_listent( } /* Does this name make sense? */ - if (!xfs_attr_namecheck(name, namelen)) { + if (!xfs_attr_namecheck(sx->sc->mp, name, namelen, flags)) { xchk_fblock_set_corrupt(sx->sc, XFS_ATTR_FORK, args.blkno); return; } diff --git a/fs/xfs/xfs_attr_item.c b/fs/xfs/xfs_attr_item.c index 95e9ecbb4a67..da807f286a09 100644 --- a/fs/xfs/xfs_attr_item.c +++ b/fs/xfs/xfs_attr_item.c @@ -593,7 +593,8 @@ xfs_attri_item_recover( */ attrp = &attrip->attri_format; if (!xfs_attri_validate(mp, attrp) || - !xfs_attr_namecheck(nv->name.i_addr, nv->name.i_len)) + !xfs_attr_namecheck(mp, nv->name.i_addr, nv->name.i_len, + attrp->alfi_attr_filter)) return -EFSCORRUPTED; error = xlog_recover_iget(mp, attrp->alfi_ino, &ip); @@ -804,7 +805,8 @@ xlog_recover_attri_commit_pass2( } attr_name = item->ri_buf[i].i_addr; - if (!xfs_attr_namecheck(attr_name, attri_formatp->alfi_name_len)) { + if (!xfs_attr_namecheck(mp, attr_name, attri_formatp->alfi_name_len, + attri_formatp->alfi_attr_filter)) { XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, item->ri_buf[i].i_addr, item->ri_buf[i].i_len); return -EFSCORRUPTED; @@ -822,8 +824,9 @@ xlog_recover_attri_commit_pass2( } attr_nname = item->ri_buf[i].i_addr; - if (!xfs_attr_namecheck(attr_nname, - attri_formatp->alfi_nname_len)) { + if (!xfs_attr_namecheck(mp, attr_nname, + attri_formatp->alfi_nname_len, + attri_formatp->alfi_attr_filter)) { XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, item->ri_buf[i].i_addr, item->ri_buf[i].i_len); diff --git a/fs/xfs/xfs_attr_list.c b/fs/xfs/xfs_attr_list.c index 99bbbe1a0e44..a51f7f13a352 100644 --- a/fs/xfs/xfs_attr_list.c +++ b/fs/xfs/xfs_attr_list.c @@ -58,9 +58,13 @@ xfs_attr_shortform_list( struct xfs_attr_sf_sort *sbuf, *sbp; struct xfs_attr_shortform *sf; struct xfs_attr_sf_entry *sfe; + struct xfs_mount *mp; int sbsize, nsbuf, count, i; int error = 0; + ASSERT(context != NULL); + ASSERT(dp != NULL); + mp = dp->i_mount; sf = (struct xfs_attr_shortform *)dp->i_af.if_u1.if_data; ASSERT(sf != NULL); if (!sf->hdr.count) @@ -82,8 +86,9 @@ xfs_attr_shortform_list( (dp->i_af.if_bytes + sf->hdr.count * 16) < context->bufsize)) { for (i = 0, sfe = &sf->list[0]; i < sf->hdr.count; i++) { if (XFS_IS_CORRUPT(context->dp->i_mount, - !xfs_attr_namecheck(sfe->nameval, - sfe->namelen))) + !xfs_attr_namecheck(mp, sfe->nameval, + sfe->namelen, + sfe->flags))) return -EFSCORRUPTED; context->put_listent(context, sfe->flags, @@ -174,8 +179,9 @@ xfs_attr_shortform_list( cursor->offset = 0; } if (XFS_IS_CORRUPT(context->dp->i_mount, - !xfs_attr_namecheck(sbp->name, - sbp->namelen))) { + !xfs_attr_namecheck(mp, sbp->name, + sbp->namelen, + sbp->flags))) { error = -EFSCORRUPTED; goto out; } @@ -465,7 +471,8 @@ xfs_attr3_leaf_list_int( } if (XFS_IS_CORRUPT(context->dp->i_mount, - !xfs_attr_namecheck(name, namelen))) + !xfs_attr_namecheck(mp, name, namelen, + entry->flags))) return -EFSCORRUPTED; context->put_listent(context, entry->flags, name, namelen, valuelen); From patchwork Tue Apr 4 14:53:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200416 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 07DB1C77B60 for ; Tue, 4 Apr 2023 14:56:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233427AbjDDO4N (ORCPT ); Tue, 4 Apr 2023 10:56:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58412 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233143AbjDDO4E (ORCPT ); Tue, 4 Apr 2023 10:56:04 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 019384C1F for ; Tue, 4 Apr 2023 07:55:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620101; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=I6je06aEmhF92s7sMY7DVi3uR44iZ0FPA/bMk0qTbjY=; b=FrKZnfqqRTW645fATVeGqe1U9/lb+xUN+GAHkIQ4nFQsH4nvReeGC3kgAnKn6AewxF3ONx ZjDS85UbKAhOlccQqwHFPKWLBLG75v8v4hiVL+S0fTmyRAJEz0FEkc5wx+6rusoPxe1UGC dOBObfkQhGhnXo7/CFhbfEBc9zmWie4= Received: from mail-qt1-f197.google.com (mail-qt1-f197.google.com [209.85.160.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-600-sU4JO6X3Mg68xs2Qwfv4xA-1; Tue, 04 Apr 2023 10:54:59 -0400 X-MC-Unique: sU4JO6X3Mg68xs2Qwfv4xA-1 Received: by mail-qt1-f197.google.com with SMTP id b11-20020ac87fcb000000b003e37d72d532so22239027qtk.18 for ; Tue, 04 Apr 2023 07:54:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620099; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=I6je06aEmhF92s7sMY7DVi3uR44iZ0FPA/bMk0qTbjY=; b=rH3VjOTnhhn9pmAn+p+ykjsmUIbzQeb+XcoNwmBunCoPkX1lBZbIzrZHfzOLPwuBsU 0QmvtVg/0CiRgM1sMLd2I4Ej6KK4HMEho+DwF7JydwAkxuIpUlXlmIKw4UvA7Db6VCCW tsi2m+E7vrEjoBrbSRVCKxQdp5/4xSx3xohvhpBSyUmo/x4oa3/q9Ci7N8TleCJkDhmI bjCB3iOC7hpH04IOzEwmDtz/GhKzGXhdcpAJov584M7qR72jcnhoMgJpVdYtoDp2CUVQ uTXfZ/CN65CC1t5M5DXiplNiJsxUIS7z+J5mGG1/9L7zuaICYl3R01EVHhcZMwoi1xMs blcA== X-Gm-Message-State: AAQBX9eXQvUNQtnZu81u/mqWpZuS9YpB5SOqH9ul4zBxEWWJ0vMCo35q 59PdEn86NSunkBo7g+/NqIsVClt1nhfZ/4l5wPdPHHOwLTd10U+oFZxpoRBi9q4b7LX5L5tOFB/ xRoJFNi9J0svDO8sGCU5TkA== X-Received: by 2002:a05:622a:189e:b0:3bc:dd21:4a0 with SMTP id v30-20020a05622a189e00b003bcdd2104a0mr3575659qtc.30.1680620099214; Tue, 04 Apr 2023 07:54:59 -0700 (PDT) X-Google-Smtp-Source: AKy350ba/Mx2sYrhvQuuxEbUABini+6j6yzJy9T6p4OPPcKlZcS6dLVBbS/lM0x+VENbSuVT7xiskA== X-Received: by 2002:a05:622a:189e:b0:3bc:dd21:4a0 with SMTP id v30-20020a05622a189e00b003bcdd2104a0mr3575618qtc.30.1680620098846; Tue, 04 Apr 2023 07:54:58 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.54.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:54:58 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 05/23] fsverity: make fsverity_verify_folio() accept folio's offset and size Date: Tue, 4 Apr 2023 16:53:01 +0200 Message-Id: <20230404145319.2057051-6-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Not the whole folio always need to be verified by fs-verity (e.g. with 1k blocks). Use passed folio's offset and size. Signed-off-by: Andrey Albershteyn --- include/linux/fsverity.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h index 119a3266791f..6d7a4b3ea626 100644 --- a/include/linux/fsverity.h +++ b/include/linux/fsverity.h @@ -249,9 +249,10 @@ static inline void fsverity_enqueue_verify_work(struct work_struct *work) #endif /* !CONFIG_FS_VERITY */ -static inline bool fsverity_verify_folio(struct folio *folio) +static inline bool fsverity_verify_folio(struct folio *folio, size_t len, + size_t offset) { - return fsverity_verify_blocks(folio, folio_size(folio), 0); + return fsverity_verify_blocks(folio, len, offset); } static inline bool fsverity_verify_page(struct page *page) From patchwork Tue Apr 4 14:53:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200418 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 41B70C77B60 for ; Tue, 4 Apr 2023 14:56:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233182AbjDDO41 (ORCPT ); Tue, 4 Apr 2023 10:56:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58596 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233249AbjDDO4K (ORCPT ); Tue, 4 Apr 2023 10:56:10 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AB15F3C3E for ; Tue, 4 Apr 2023 07:55:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620104; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=z32N0rKUyphSVMSofzw3CVH4IfYQ7TTzuKWmER1MJ68=; b=Rw1vzl5/evwdKwq/fqTjlQxkjQ0jIUXJGzA6TDibzuLWIIm2FM4o7vxoS6KkyAIdccUa9S zrt2ID5zqH8fL5n27XfcPX/TzspksyP0swUH8IWovKWKH+DTH2CiHUkX09obL9qBnP6T7F LxIDcEV0vySqkdOkOFSnzPHldxNs+Vo= Received: from mail-qv1-f69.google.com (mail-qv1-f69.google.com [209.85.219.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-275-Ln0HlxuzO5KlcD1RYG-zTA-1; Tue, 04 Apr 2023 10:55:03 -0400 X-MC-Unique: Ln0HlxuzO5KlcD1RYG-zTA-1 Received: by mail-qv1-f69.google.com with SMTP id p14-20020a0cc3ce000000b005e14204a86bso6643437qvi.10 for ; Tue, 04 Apr 2023 07:55:03 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620103; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=z32N0rKUyphSVMSofzw3CVH4IfYQ7TTzuKWmER1MJ68=; b=pLMvh0gKeCgZ/X5v/kIIJpG1mPmK2h/asPDqW/2PkQUVmOL0c6PnqwuF6/nIdVaUgE AoADkaNAbBhjvgStD8/i5psmdSWqhP6BHIZmwIo8moZOtPF7+qYjZvMHR0rMCqIbKvj5 thI2+VF5qY9xnL34fbREJLQdkon/3K0fgew38ryTGZhDCSv51b6ADEHmAQkisLd2F4Xx XiLWrYnbnPRBWBnkYUFMBHc4a1eQ6XmliFLdFOhNpVwJJRtsNW+wWnQVm9lbuj1Me2Kb mXW1nOEI4XeQjg4LeNYvPYv43X8eJCDy5lshpv5rprxJvMNM74RkK1dPy5H9lYh7p8Zl WPjg== X-Gm-Message-State: AAQBX9d58Yz6Qjtl3QuzKskwUWQzLwGsVRhi2vzl+rNqYCHkUV006qNH B0bVgAo5y+gdGBpnacyxzN9LQglvj3pCNMg1ZDLQJB38EIDgS49Kh9NsMA1rS2gIbo6CRy1bvBT 0bYXiu4owsVka2o/3bxJXBA== X-Received: by 2002:a05:622a:106:b0:3e4:ed0d:6a87 with SMTP id u6-20020a05622a010600b003e4ed0d6a87mr3825574qtw.32.1680620102989; Tue, 04 Apr 2023 07:55:02 -0700 (PDT) X-Google-Smtp-Source: AKy350Zp0JOhVAHhC6Iyf8k/1+phPOce9sQ42GmA8VSWN8AvlHBpCO2hspsjGFg8IADdMrX46OgtcA== X-Received: by 2002:a05:622a:106:b0:3e4:ed0d:6a87 with SMTP id u6-20020a05622a010600b003e4ed0d6a87mr3825521qtw.32.1680620102599; Tue, 04 Apr 2023 07:55:02 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.54.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:02 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 06/23] fsverity: add drop_page() callout Date: Tue, 4 Apr 2023 16:53:02 +0200 Message-Id: <20230404145319.2057051-7-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Allow filesystem to make additional processing on verified pages instead of just dropping a reference. This will be used by XFS for internal buffer cache manipulation in further patches. The btrfs, ext4, and f2fs just drop the reference. Signed-off-by: Andrey Albershteyn --- fs/btrfs/verity.c | 12 ++++++++++++ fs/ext4/verity.c | 6 ++++++ fs/f2fs/verity.c | 6 ++++++ fs/verity/read_metadata.c | 4 ++-- fs/verity/verify.c | 6 +++--- include/linux/fsverity.h | 10 ++++++++++ 6 files changed, 39 insertions(+), 5 deletions(-) diff --git a/fs/btrfs/verity.c b/fs/btrfs/verity.c index c5ff16f9e9fa..4c2c09204bb4 100644 --- a/fs/btrfs/verity.c +++ b/fs/btrfs/verity.c @@ -804,10 +804,22 @@ static int btrfs_write_merkle_tree_block(struct inode *inode, const void *buf, pos, buf, size); } +/* + * fsverity op that releases the reference obtained by ->read_merkle_tree_page() + * + * @page: reference to the page which can be released + * + */ +static void btrfs_drop_page(struct page *page) +{ + put_page(page); +} + const struct fsverity_operations btrfs_verityops = { .begin_enable_verity = btrfs_begin_enable_verity, .end_enable_verity = btrfs_end_enable_verity, .get_verity_descriptor = btrfs_get_verity_descriptor, .read_merkle_tree_page = btrfs_read_merkle_tree_page, .write_merkle_tree_block = btrfs_write_merkle_tree_block, + .drop_page = &btrfs_drop_page, }; diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c index e4da1704438e..35a2feb6fd68 100644 --- a/fs/ext4/verity.c +++ b/fs/ext4/verity.c @@ -388,10 +388,16 @@ static int ext4_write_merkle_tree_block(struct inode *inode, const void *buf, return pagecache_write(inode, buf, size, pos); } +static void ext4_drop_page(struct page *page) +{ + put_page(page); +} + const struct fsverity_operations ext4_verityops = { .begin_enable_verity = ext4_begin_enable_verity, .end_enable_verity = ext4_end_enable_verity, .get_verity_descriptor = ext4_get_verity_descriptor, .read_merkle_tree_page = ext4_read_merkle_tree_page, .write_merkle_tree_block = ext4_write_merkle_tree_block, + .drop_page = &ext4_drop_page, }; diff --git a/fs/f2fs/verity.c b/fs/f2fs/verity.c index 4fc95f353a7a..019c7a6c6bcf 100644 --- a/fs/f2fs/verity.c +++ b/fs/f2fs/verity.c @@ -283,10 +283,16 @@ static int f2fs_write_merkle_tree_block(struct inode *inode, const void *buf, return pagecache_write(inode, buf, size, pos); } +static void f2fs_drop_page(struct page *page) +{ + put_page(page); +} + const struct fsverity_operations f2fs_verityops = { .begin_enable_verity = f2fs_begin_enable_verity, .end_enable_verity = f2fs_end_enable_verity, .get_verity_descriptor = f2fs_get_verity_descriptor, .read_merkle_tree_page = f2fs_read_merkle_tree_page, .write_merkle_tree_block = f2fs_write_merkle_tree_block, + .drop_page = &f2fs_drop_page, }; diff --git a/fs/verity/read_metadata.c b/fs/verity/read_metadata.c index 2aefc5565152..cab1612bf4a3 100644 --- a/fs/verity/read_metadata.c +++ b/fs/verity/read_metadata.c @@ -56,12 +56,12 @@ static int fsverity_read_merkle_tree(struct inode *inode, virt = kmap_local_page(page); if (copy_to_user(buf, virt + offs_in_page, bytes_to_copy)) { kunmap_local(virt); - put_page(page); + inode->i_sb->s_vop->drop_page(page); err = -EFAULT; break; } kunmap_local(virt); - put_page(page); + inode->i_sb->s_vop->drop_page(page); retval += bytes_to_copy; buf += bytes_to_copy; diff --git a/fs/verity/verify.c b/fs/verity/verify.c index f50e3b5b52c9..c2fc4c86af34 100644 --- a/fs/verity/verify.c +++ b/fs/verity/verify.c @@ -210,7 +210,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi, if (is_hash_block_verified(vi, hpage, hblock_idx)) { memcpy_from_page(_want_hash, hpage, hoffset, hsize); want_hash = _want_hash; - put_page(hpage); + inode->i_sb->s_vop->drop_page(hpage); goto descend; } hblocks[level].page = hpage; @@ -248,7 +248,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi, SetPageChecked(hpage); memcpy_from_page(_want_hash, hpage, hoffset, hsize); want_hash = _want_hash; - put_page(hpage); + inode->i_sb->s_vop->drop_page(hpage); } /* Finally, verify the data block. */ @@ -259,7 +259,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi, err = cmp_hashes(vi, want_hash, real_hash, data_pos, -1); out: for (; level > 0; level--) - put_page(hblocks[level - 1].page); + inode->i_sb->s_vop->drop_page(hblocks[level - 1].page); return err == 0; } diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h index 6d7a4b3ea626..3e923a8e0d6f 100644 --- a/include/linux/fsverity.h +++ b/include/linux/fsverity.h @@ -120,6 +120,16 @@ struct fsverity_operations { */ int (*write_merkle_tree_block)(struct inode *inode, const void *buf, u64 pos, unsigned int size); + + /** + * Release the reference to a Merkle tree page + * + * @page: the page to release + * + * This is called when fs-verity is done with a page obtained with + * ->read_merkle_tree_page(). + */ + void (*drop_page)(struct page *page); }; #ifdef CONFIG_FS_VERITY From patchwork Tue Apr 4 14:53:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200419 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D39CC77B6C for ; Tue, 4 Apr 2023 14:56:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234413AbjDDO4a (ORCPT ); Tue, 4 Apr 2023 10:56:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233384AbjDDO4M (ORCPT ); Tue, 4 Apr 2023 10:56:12 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3FD0946A8 for ; Tue, 4 Apr 2023 07:55:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620108; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WlIQw7/j0g439cxIh8Bf75rzXhQHTIStlmhsPCq2zc8=; b=bwpSL+OAQoQu7yPtghJynu5brlmYRbmJSLMRNxXgwWukii/D6c2li+d++F3YfPL9tPf4XD Ub2UIwrRRszgh1DOZGxM7JArWjaqu8cqduWPrK8TK0Tf3aROL8nz99t6Oyag3aeudBHLwC So0NCFM+MLtbdY7WVWsZPz5EpZSDsAg= Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-425-w3O4ebsSNOya2u8jiD5yjQ-1; Tue, 04 Apr 2023 10:55:07 -0400 X-MC-Unique: w3O4ebsSNOya2u8jiD5yjQ-1 Received: by mail-qk1-f200.google.com with SMTP id b142-20020ae9eb94000000b007486a8b9ae9so12184170qkg.11 for ; Tue, 04 Apr 2023 07:55:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620106; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WlIQw7/j0g439cxIh8Bf75rzXhQHTIStlmhsPCq2zc8=; b=tCKxrPOFPIoZJa+n+y02VtA2jJyF7y4sRX/Xb89w/qdQa3cRfNyhXFTwirlikhME4R xNcKYtISNFUjY322O1gA1QMW0/88X9BUf0ZlQkTglzH/EFIZauTrF0r2jzchAFt9IwQz 57/BzzrsyLHgbe9UlYUfWV8nAwTLX1H6uWT8t5c6YdqcdaCEf8D3pFT9eOGwKzITDVF7 +0y0D0EvKYEUaWKijhJnEY3tGq8Dr9/ikEuwlnssCv20qibYawWJAcskgoQsBS4nBiEP 2O2Ickd1tljS7HNvBuf27LqV9AquTskrE3LjcESSLloLzVUC8zWwRBxHnqRKGEWgoW6Q 8lZw== X-Gm-Message-State: AAQBX9cKy4mu6EvwaTZfAPumFX6u8YBCiMwUKL4IYxj6sMqg8nxuHCvJ VZBL3z+HXHn0zlRj3adZF3/Shs88v81K9Bt97Y+FnY9wN5PRqnBOP6V+9IXKXp/gxJ77mmh3qfV PuNviuu+HEe0W1WSTqLMPew== X-Received: by 2002:ac8:7c49:0:b0:3e4:db72:2fe9 with SMTP id o9-20020ac87c49000000b003e4db722fe9mr3470316qtv.36.1680620106385; Tue, 04 Apr 2023 07:55:06 -0700 (PDT) X-Google-Smtp-Source: AKy350ZkIqkTYw/ppN5CuEt6hgDbTeahRxMEc8GNEiOIjYIzOXDUEk9J53kAIKMBFKs3QN5nxJK1Ew== X-Received: by 2002:ac8:7c49:0:b0:3e4:db72:2fe9 with SMTP id o9-20020ac87c49000000b003e4db722fe9mr3470285qtv.36.1680620106020; Tue, 04 Apr 2023 07:55:06 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:05 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 07/23] fsverity: pass Merkle tree block size to ->read_merkle_tree_page() Date: Tue, 4 Apr 2023 16:53:03 +0200 Message-Id: <20230404145319.2057051-8-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org XFS will need to know size of Merkle tree block as these blocks will not be stored consecutively in fs blocks but under indexes in extended attributes. Signed-off-by: Andrey Albershteyn --- fs/btrfs/verity.c | 3 ++- fs/ext4/verity.c | 3 ++- fs/f2fs/verity.c | 3 ++- fs/verity/read_metadata.c | 3 ++- fs/verity/verify.c | 3 ++- include/linux/fsverity.h | 3 ++- 6 files changed, 12 insertions(+), 6 deletions(-) diff --git a/fs/btrfs/verity.c b/fs/btrfs/verity.c index 4c2c09204bb4..737ad277b15a 100644 --- a/fs/btrfs/verity.c +++ b/fs/btrfs/verity.c @@ -713,7 +713,8 @@ int btrfs_get_verity_descriptor(struct inode *inode, void *buf, size_t buf_size) */ static struct page *btrfs_read_merkle_tree_page(struct inode *inode, pgoff_t index, - unsigned long num_ra_pages) + unsigned long num_ra_pages, + u8 log_blocksize) { struct page *page; u64 off = (u64)index << PAGE_SHIFT; diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c index 35a2feb6fd68..cbf1253dd14a 100644 --- a/fs/ext4/verity.c +++ b/fs/ext4/verity.c @@ -361,7 +361,8 @@ static int ext4_get_verity_descriptor(struct inode *inode, void *buf, static struct page *ext4_read_merkle_tree_page(struct inode *inode, pgoff_t index, - unsigned long num_ra_pages) + unsigned long num_ra_pages, + u8 log_blocksize) { struct page *page; diff --git a/fs/f2fs/verity.c b/fs/f2fs/verity.c index 019c7a6c6bcf..63c6a1b1bdef 100644 --- a/fs/f2fs/verity.c +++ b/fs/f2fs/verity.c @@ -256,7 +256,8 @@ static int f2fs_get_verity_descriptor(struct inode *inode, void *buf, static struct page *f2fs_read_merkle_tree_page(struct inode *inode, pgoff_t index, - unsigned long num_ra_pages) + unsigned long num_ra_pages, + u8 log_blocksize) { struct page *page; diff --git a/fs/verity/read_metadata.c b/fs/verity/read_metadata.c index cab1612bf4a3..d6cc58c24a2e 100644 --- a/fs/verity/read_metadata.c +++ b/fs/verity/read_metadata.c @@ -44,7 +44,8 @@ static int fsverity_read_merkle_tree(struct inode *inode, struct page *page; const void *virt; - page = vops->read_merkle_tree_page(inode, index, num_ra_pages); + page = vops->read_merkle_tree_page(inode, index, num_ra_pages, + vi->tree_params.log_blocksize); if (IS_ERR(page)) { err = PTR_ERR(page); fsverity_err(inode, diff --git a/fs/verity/verify.c b/fs/verity/verify.c index c2fc4c86af34..9213b1e5ed2c 100644 --- a/fs/verity/verify.c +++ b/fs/verity/verify.c @@ -199,7 +199,8 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi, hpage = inode->i_sb->s_vop->read_merkle_tree_page(inode, hpage_idx, level == 0 ? min(max_ra_pages, - params->tree_pages - hpage_idx) : 0); + params->tree_pages - hpage_idx) : 0, + params->log_blocksize); if (IS_ERR(hpage)) { err = PTR_ERR(hpage); fsverity_err(inode, diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h index 3e923a8e0d6f..ad07a1d10fdf 100644 --- a/include/linux/fsverity.h +++ b/include/linux/fsverity.h @@ -103,7 +103,8 @@ struct fsverity_operations { */ struct page *(*read_merkle_tree_page)(struct inode *inode, pgoff_t index, - unsigned long num_ra_pages); + unsigned long num_ra_pages, + u8 log_blocksize); /** * Write a Merkle tree block to the given inode. From patchwork Tue Apr 4 14:53:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200420 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EB910C6FD1D for ; Tue, 4 Apr 2023 14:56:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234699AbjDDO4d (ORCPT ); Tue, 4 Apr 2023 10:56:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58940 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233121AbjDDO4O (ORCPT ); Tue, 4 Apr 2023 10:56:14 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A4E29449C for ; Tue, 4 Apr 2023 07:55:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620113; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Jde43B7wLiY0X8TkodUDvektg6VGP7LMYmpHpXCm3PE=; b=QgSX0JKSjvLTws//leOaKjjwdhE38j3yuzTdGInS6KaknEYCgQW0tYVVEUr1XWNiEB3hOo /lAdBs2RnsAcmDvuUB2Pc3Tfey0qvUFLPf6KAKb2EsUD9CcKsWdreWUZXDmh9WsGE0R8bo UlYip4tzO21VTi4KFNKT69iVF+hOA0o= Received: from mail-qt1-f200.google.com (mail-qt1-f200.google.com [209.85.160.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-145-0BK-8CyBM8eyrSHNUwNyjQ-1; Tue, 04 Apr 2023 10:55:11 -0400 X-MC-Unique: 0BK-8CyBM8eyrSHNUwNyjQ-1 Received: by mail-qt1-f200.google.com with SMTP id v10-20020a05622a130a00b003e4ee70e001so16129426qtk.6 for ; Tue, 04 Apr 2023 07:55:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620109; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Jde43B7wLiY0X8TkodUDvektg6VGP7LMYmpHpXCm3PE=; b=7u4ciZFsGoYlX7xqihSz5ZrPCMWFPzwzJjQz0ByzKA//2iKGE9h2OBOi4yL9Cea3jJ s6xpr7wCfMM+MEk7Ysq4cw3GMMZ4Pk4oSnBtbg3mnbtLamrIT3x7rhUP3Wq8RFZ0ANO6 JPSz1RcK9vp4eRLlWQ+aw885yzf1GS2jzJe3swB50bzEqFsAyj8MrIHetWrOK+h+tJTu +McGwzsFB4AFmjg5T5t0r4bHjYCuNyIhVDIMz41t8twrPpwboBSxCZe4AjwefGdT/p9x o8H9F+cp9yxuoWgQ4qmW1qh5wf+lG2cQ8bolF1hqSDDbk4+PdKBTzXWOsXoLgqhzAbfZ CQhA== X-Gm-Message-State: AAQBX9deojmGv8CFZxLLKt+P2G+uSFf1ruJx6jYG5tMyrwcFa8CkXvvw C4aY3uEhg86UR1QUbQeifi10+BAWhny6Qv2oYyAyriajajhDf9EZL00task8pzMlfgaFdI9ZX+X jtrO9cKn3aKMKOcz7kLpI4g== X-Received: by 2002:ac8:58ca:0:b0:3e6:61a6:c020 with SMTP id u10-20020ac858ca000000b003e661a6c020mr4116059qta.18.1680620109204; Tue, 04 Apr 2023 07:55:09 -0700 (PDT) X-Google-Smtp-Source: AKy350bRukieGp/vBCe07UBrAYPMxqeAHfI+NHR3fac66ESM5ACOxN0AeboeMCKRIpd7badFWWI16A== X-Received: by 2002:ac8:58ca:0:b0:3e6:61a6:c020 with SMTP id u10-20020ac858ca000000b003e661a6c020mr4116026qta.18.1680620108814; Tue, 04 Apr 2023 07:55:08 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:08 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 08/23] iomap: hoist iomap_readpage_ctx from the iomap_readahead/_folio Date: Tue, 4 Apr 2023 16:53:04 +0200 Message-Id: <20230404145319.2057051-9-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Make filesystems create readpage context, similar as iomap_writepage_ctx in write path. This will allow filesystem to pass _ops to iomap for ioend configuration (->prepare_ioend) which in turn would be used to set BIO end callout (bio->bi_end_io). This will be utilized in further patches by fs-verity to verify pages on BIO completion by XFS. Signed-off-by: Andrey Albershteyn --- fs/erofs/data.c | 12 +++++++-- fs/gfs2/aops.c | 10 ++++++-- fs/iomap/buffered-io.c | 57 ++++++++++++++++-------------------------- fs/xfs/xfs_aops.c | 16 +++++++++--- fs/zonefs/file.c | 12 +++++++-- include/linux/iomap.h | 13 ++++++++-- 6 files changed, 73 insertions(+), 47 deletions(-) diff --git a/fs/erofs/data.c b/fs/erofs/data.c index e16545849ea7..189591249f61 100644 --- a/fs/erofs/data.c +++ b/fs/erofs/data.c @@ -344,12 +344,20 @@ int erofs_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo, */ static int erofs_read_folio(struct file *file, struct folio *folio) { - return iomap_read_folio(folio, &erofs_iomap_ops); + struct iomap_readpage_ctx ctx = { + .cur_folio = folio, + }; + + return iomap_read_folio(&ctx, &erofs_iomap_ops); } static void erofs_readahead(struct readahead_control *rac) { - return iomap_readahead(rac, &erofs_iomap_ops); + struct iomap_readpage_ctx ctx = { + .rac = rac, + }; + + return iomap_readahead(&ctx, &erofs_iomap_ops); } static sector_t erofs_bmap(struct address_space *mapping, sector_t block) diff --git a/fs/gfs2/aops.c b/fs/gfs2/aops.c index a5f4be6b9213..2764e1e99e8b 100644 --- a/fs/gfs2/aops.c +++ b/fs/gfs2/aops.c @@ -453,10 +453,13 @@ static int gfs2_read_folio(struct file *file, struct folio *folio) struct gfs2_inode *ip = GFS2_I(inode); struct gfs2_sbd *sdp = GFS2_SB(inode); int error; + struct iomap_readpage_ctx ctx = { + .cur_folio = folio, + }; if (!gfs2_is_jdata(ip) || (i_blocksize(inode) == PAGE_SIZE && !folio_buffers(folio))) { - error = iomap_read_folio(folio, &gfs2_iomap_ops); + error = iomap_read_folio(&ctx, &gfs2_iomap_ops); } else if (gfs2_is_stuffed(ip)) { error = stuffed_readpage(ip, &folio->page); folio_unlock(folio); @@ -528,13 +531,16 @@ static void gfs2_readahead(struct readahead_control *rac) { struct inode *inode = rac->mapping->host; struct gfs2_inode *ip = GFS2_I(inode); + struct iomap_readpage_ctx ctx = { + .rac = rac, + }; if (gfs2_is_stuffed(ip)) ; else if (gfs2_is_jdata(ip)) mpage_readahead(rac, gfs2_block_map); else - iomap_readahead(rac, &gfs2_iomap_ops); + iomap_readahead(&ctx, &gfs2_iomap_ops); } /** diff --git a/fs/iomap/buffered-io.c b/fs/iomap/buffered-io.c index 6f4c97a6d7e9..d39be64b1da9 100644 --- a/fs/iomap/buffered-io.c +++ b/fs/iomap/buffered-io.c @@ -194,13 +194,6 @@ static void iomap_read_end_io(struct bio *bio) bio_put(bio); } -struct iomap_readpage_ctx { - struct folio *cur_folio; - bool cur_folio_in_bio; - struct bio *bio; - struct readahead_control *rac; -}; - /** * iomap_read_inline_data - copy inline data into the page cache * @iter: iteration structure @@ -325,32 +318,29 @@ static loff_t iomap_readpage_iter(const struct iomap_iter *iter, return pos - orig_pos + plen; } -int iomap_read_folio(struct folio *folio, const struct iomap_ops *ops) +int iomap_read_folio(struct iomap_readpage_ctx *ctx, const struct iomap_ops *ops) { struct iomap_iter iter = { - .inode = folio->mapping->host, - .pos = folio_pos(folio), - .len = folio_size(folio), - }; - struct iomap_readpage_ctx ctx = { - .cur_folio = folio, + .inode = ctx->cur_folio->mapping->host, + .pos = folio_pos(ctx->cur_folio), + .len = folio_size(ctx->cur_folio), }; int ret; trace_iomap_readpage(iter.inode, 1); while ((ret = iomap_iter(&iter, ops)) > 0) - iter.processed = iomap_readpage_iter(&iter, &ctx, 0); + iter.processed = iomap_readpage_iter(&iter, ctx, 0); if (ret < 0) - folio_set_error(folio); + folio_set_error(ctx->cur_folio); - if (ctx.bio) { - submit_bio(ctx.bio); - WARN_ON_ONCE(!ctx.cur_folio_in_bio); + if (ctx->bio) { + submit_bio(ctx->bio); + WARN_ON_ONCE(!ctx->cur_folio_in_bio); } else { - WARN_ON_ONCE(ctx.cur_folio_in_bio); - folio_unlock(folio); + WARN_ON_ONCE(ctx->cur_folio_in_bio); + folio_unlock(ctx->cur_folio); } /* @@ -402,27 +392,24 @@ static loff_t iomap_readahead_iter(const struct iomap_iter *iter, * function is called with memalloc_nofs set, so allocations will not cause * the filesystem to be reentered. */ -void iomap_readahead(struct readahead_control *rac, const struct iomap_ops *ops) +void iomap_readahead(struct iomap_readpage_ctx *ctx, const struct iomap_ops *ops) { struct iomap_iter iter = { - .inode = rac->mapping->host, - .pos = readahead_pos(rac), - .len = readahead_length(rac), - }; - struct iomap_readpage_ctx ctx = { - .rac = rac, + .inode = ctx->rac->mapping->host, + .pos = readahead_pos(ctx->rac), + .len = readahead_length(ctx->rac), }; - trace_iomap_readahead(rac->mapping->host, readahead_count(rac)); + trace_iomap_readahead(ctx->rac->mapping->host, readahead_count(ctx->rac)); while (iomap_iter(&iter, ops) > 0) - iter.processed = iomap_readahead_iter(&iter, &ctx); + iter.processed = iomap_readahead_iter(&iter, ctx); - if (ctx.bio) - submit_bio(ctx.bio); - if (ctx.cur_folio) { - if (!ctx.cur_folio_in_bio) - folio_unlock(ctx.cur_folio); + if (ctx->bio) + submit_bio(ctx->bio); + if (ctx->cur_folio) { + if (!ctx->cur_folio_in_bio) + folio_unlock(ctx->cur_folio); } } EXPORT_SYMBOL_GPL(iomap_readahead); diff --git a/fs/xfs/xfs_aops.c b/fs/xfs/xfs_aops.c index 2ef78aa1d3f6..daa0dd4768fb 100644 --- a/fs/xfs/xfs_aops.c +++ b/fs/xfs/xfs_aops.c @@ -550,17 +550,25 @@ xfs_vm_bmap( STATIC int xfs_vm_read_folio( - struct file *unused, - struct folio *folio) + struct file *unused, + struct folio *folio) { - return iomap_read_folio(folio, &xfs_read_iomap_ops); + struct iomap_readpage_ctx ctx = { + .cur_folio = folio, + }; + + return iomap_read_folio(&ctx, &xfs_read_iomap_ops); } STATIC void xfs_vm_readahead( struct readahead_control *rac) { - iomap_readahead(rac, &xfs_read_iomap_ops); + struct iomap_readpage_ctx ctx = { + .rac = rac, + }; + + iomap_readahead(&ctx, &xfs_read_iomap_ops); } static int diff --git a/fs/zonefs/file.c b/fs/zonefs/file.c index 738b0e28d74b..5d01496a5ada 100644 --- a/fs/zonefs/file.c +++ b/fs/zonefs/file.c @@ -112,12 +112,20 @@ static const struct iomap_ops zonefs_write_iomap_ops = { static int zonefs_read_folio(struct file *unused, struct folio *folio) { - return iomap_read_folio(folio, &zonefs_read_iomap_ops); + struct iomap_readpage_ctx ctx = { + .cur_folio = folio, + }; + + return iomap_read_folio(&ctx, &zonefs_read_iomap_ops); } static void zonefs_readahead(struct readahead_control *rac) { - iomap_readahead(rac, &zonefs_read_iomap_ops); + struct iomap_readpage_ctx ctx = { + .rac = rac, + }; + + iomap_readahead(&ctx, &zonefs_read_iomap_ops); } /* diff --git a/include/linux/iomap.h b/include/linux/iomap.h index 0f8123504e5e..0fbce375265d 100644 --- a/include/linux/iomap.h +++ b/include/linux/iomap.h @@ -258,8 +258,17 @@ int iomap_file_buffered_write_punch_delalloc(struct inode *inode, struct iomap *iomap, loff_t pos, loff_t length, ssize_t written, int (*punch)(struct inode *inode, loff_t pos, loff_t length)); -int iomap_read_folio(struct folio *folio, const struct iomap_ops *ops); -void iomap_readahead(struct readahead_control *, const struct iomap_ops *ops); +struct iomap_readpage_ctx { + struct folio *cur_folio; + bool cur_folio_in_bio; + struct bio *bio; + struct readahead_control *rac; +}; + +int iomap_read_folio(struct iomap_readpage_ctx *ctx, + const struct iomap_ops *ops); +void iomap_readahead(struct iomap_readpage_ctx *ctx, + const struct iomap_ops *ops); bool iomap_is_partially_uptodate(struct folio *, size_t from, size_t count); struct folio *iomap_get_folio(struct iomap_iter *iter, loff_t pos); bool iomap_release_folio(struct folio *folio, gfp_t gfp_flags); From patchwork Tue Apr 4 14:53:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200421 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8431C77B6C for ; Tue, 4 Apr 2023 14:56:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234947AbjDDO4m (ORCPT ); Tue, 4 Apr 2023 10:56:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58938 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232681AbjDDO4R (ORCPT ); Tue, 4 Apr 2023 10:56:17 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DBCAD46BF for ; Tue, 4 Apr 2023 07:55:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620114; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HOa0kR4UZ9J5lXSH1eVSD9D5g9oUFaieHHnsOCRS/TM=; b=aS/7WMtcHSIaw7vvAP8eO8X6Bgu7EDifSq6d2866gdGlvYE/k9dLrYxrCwp+pG9cpDOh6b q9G+inaCzgq321FHPnIEJ3zuzi9oUoxEwHeLrJa0BaYrd+pMNzYqmFXraE4aeUQ8v0MrX+ 50aY7AuEq4PuKcgvgb68H/S3U7cEAP0= Received: from mail-qt1-f197.google.com (mail-qt1-f197.google.com [209.85.160.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-88-us_pUs9POaicGXZCvwHzVg-1; Tue, 04 Apr 2023 10:55:12 -0400 X-MC-Unique: us_pUs9POaicGXZCvwHzVg-1 Received: by mail-qt1-f197.google.com with SMTP id h6-20020a05622a170600b003e22c6de617so22381080qtk.13 for ; Tue, 04 Apr 2023 07:55:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HOa0kR4UZ9J5lXSH1eVSD9D5g9oUFaieHHnsOCRS/TM=; b=Rn9n0d4Tz4sS+zwBOf+yupu3tQINXKWulpYemgqVMgi7s2YQn1yUsTLFiHfaYk7IKM asqdNBg7RpuQhDToUcyjcalf0g7Gj7an/NVnz3QoQmD/6fFHStBpBWtxgy24VXK7I9fl OY29kjta+XBDquHl06tRzgTU0W64Q7QN2flHfXrKBSCmB3FMX9hBv8+iddmOtonhgSC8 6cSSiYvmtK4F/2FDqiOf7/Pk3PSJ+a+a0KKqdhNyasMYyxRcwHAgAhldEDm0UtxCUP28 8LfK+RBSzADGpIM2kI4J0RwLwGA5grBIDQxnZcUFO7EZhyH5GhFAZ108fnYk82YYARiz tnXA== X-Gm-Message-State: AAQBX9e9OOQn0OUNTJ3RrqbvmYxrrMEoga4KWsuZshGQiMCkBcgZq9Wo T1vlkiSTEGAOaj6sXxinzzJ6btO+KEAkct5aDrEQNju7MQgT7e4M6EAM/bQpc38+FbyX8dC/rU8 KBHRCM8NnqE2MWKt8jUp7bA== X-Received: by 2002:a05:622a:1206:b0:3e6:386b:2314 with SMTP id y6-20020a05622a120600b003e6386b2314mr4234341qtx.62.1680620112377; Tue, 04 Apr 2023 07:55:12 -0700 (PDT) X-Google-Smtp-Source: AKy350Zi2LAt4qDrudwl48rNwlY8u7pFZFW3zeybFHV9/WikI3mElMyLLcUr2mx2LZUuubcbPpyUsw== X-Received: by 2002:a05:622a:1206:b0:3e6:386b:2314 with SMTP id y6-20020a05622a120600b003e6386b2314mr4234307qtx.62.1680620112123; Tue, 04 Apr 2023 07:55:12 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:11 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 09/23] iomap: allow filesystem to implement read path verification Date: Tue, 4 Apr 2023 16:53:05 +0200 Message-Id: <20230404145319.2057051-10-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Add IOMAP_F_READ_VERITY which indicates that iomap need to verify BIO (e.g. fs-verity) after I/O is completed. Add iomap_readpage_ops with only optional ->prepare_ioend() to allow filesystem to add callout used for configuring read path ioend. Mainly for setting ->bi_end_io() callout. Add iomap_folio_ops->verify_folio() for direct folio verification. The verification itself is suppose to happen on filesystem side. The verification is done when the BIO is processed by calling out ->bi_end_io(). Make iomap_read_end_io() exportable, so, it can be called back from filesystem callout after verification is done. The read path ioend are stored side by side with BIOs allocated from iomap_read_ioend_bioset. Signed-off-by: Andrey Albershteyn --- fs/iomap/buffered-io.c | 32 +++++++++++++++++++++++++++++--- include/linux/iomap.h | 26 ++++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 3 deletions(-) diff --git a/fs/iomap/buffered-io.c b/fs/iomap/buffered-io.c index d39be64b1da9..7e59c299c496 100644 --- a/fs/iomap/buffered-io.c +++ b/fs/iomap/buffered-io.c @@ -42,6 +42,7 @@ static inline struct iomap_page *to_iomap_page(struct folio *folio) } static struct bio_set iomap_ioend_bioset; +static struct bio_set iomap_read_ioend_bioset; static struct iomap_page * iomap_page_create(struct inode *inode, struct folio *folio, unsigned int flags) @@ -184,7 +185,7 @@ static void iomap_finish_folio_read(struct folio *folio, size_t offset, folio_unlock(folio); } -static void iomap_read_end_io(struct bio *bio) +void iomap_read_end_io(struct bio *bio) { int error = blk_status_to_errno(bio->bi_status); struct folio_iter fi; @@ -193,6 +194,7 @@ static void iomap_read_end_io(struct bio *bio) iomap_finish_folio_read(fi.folio, fi.offset, fi.length, error); bio_put(bio); } +EXPORT_SYMBOL_GPL(iomap_read_end_io); /** * iomap_read_inline_data - copy inline data into the page cache @@ -257,6 +259,7 @@ static loff_t iomap_readpage_iter(const struct iomap_iter *iter, loff_t orig_pos = pos; size_t poff, plen; sector_t sector; + struct iomap_read_ioend *ioend; if (iomap->type == IOMAP_INLINE) return iomap_read_inline_data(iter, folio); @@ -269,6 +272,13 @@ static loff_t iomap_readpage_iter(const struct iomap_iter *iter, if (iomap_block_needs_zeroing(iter, pos)) { folio_zero_range(folio, poff, plen); + if (iomap->flags & IOMAP_F_READ_VERITY) { + if (!iomap->folio_ops->verify_folio(folio, poff, plen)) { + folio_set_error(folio); + goto done; + } + } + iomap_set_range_uptodate(folio, iop, poff, plen); goto done; } @@ -290,8 +300,8 @@ static loff_t iomap_readpage_iter(const struct iomap_iter *iter, if (ctx->rac) /* same as readahead_gfp_mask */ gfp |= __GFP_NORETRY | __GFP_NOWARN; - ctx->bio = bio_alloc(iomap->bdev, bio_max_segs(nr_vecs), - REQ_OP_READ, gfp); + ctx->bio = bio_alloc_bioset(iomap->bdev, bio_max_segs(nr_vecs), + REQ_OP_READ, GFP_NOFS, &iomap_read_ioend_bioset); /* * If the bio_alloc fails, try it again for a single page to * avoid having to deal with partial page reads. This emulates @@ -305,6 +315,13 @@ static loff_t iomap_readpage_iter(const struct iomap_iter *iter, ctx->bio->bi_opf |= REQ_RAHEAD; ctx->bio->bi_iter.bi_sector = sector; ctx->bio->bi_end_io = iomap_read_end_io; + + ioend = container_of(ctx->bio, struct iomap_read_ioend, + read_inline_bio); + ioend->io_inode = iter->inode; + if (ctx->ops && ctx->ops->prepare_ioend) + ctx->ops->prepare_ioend(ioend); + bio_add_folio(ctx->bio, folio, plen, poff); } @@ -1813,6 +1830,15 @@ EXPORT_SYMBOL_GPL(iomap_writepages); static int __init iomap_init(void) { + int error = 0; + + error = bioset_init(&iomap_read_ioend_bioset, + 4 * (PAGE_SIZE / SECTOR_SIZE), + offsetof(struct iomap_read_ioend, read_inline_bio), + BIOSET_NEED_BVECS); + if (error) + return error; + return bioset_init(&iomap_ioend_bioset, 4 * (PAGE_SIZE / SECTOR_SIZE), offsetof(struct iomap_ioend, io_inline_bio), BIOSET_NEED_BVECS); diff --git a/include/linux/iomap.h b/include/linux/iomap.h index 0fbce375265d..9a17b53309c9 100644 --- a/include/linux/iomap.h +++ b/include/linux/iomap.h @@ -53,6 +53,9 @@ struct vm_fault; * * IOMAP_F_XATTR indicates that the iomap is for an extended attribute extent * rather than a file data extent. + * + * IOMAP_F_READ_VERITY indicates that the iomap needs verification of read + * folios */ #define IOMAP_F_NEW (1U << 0) #define IOMAP_F_DIRTY (1U << 1) @@ -60,6 +63,7 @@ struct vm_fault; #define IOMAP_F_MERGED (1U << 3) #define IOMAP_F_BUFFER_HEAD (1U << 4) #define IOMAP_F_XATTR (1U << 5) +#define IOMAP_F_READ_VERITY (1U << 6) /* * Flags set by the core iomap code during operations: @@ -156,6 +160,11 @@ struct iomap_folio_ops { * locked by the iomap code. */ bool (*iomap_valid)(struct inode *inode, const struct iomap *iomap); + + /* + * Verify folio when successfully read + */ + bool (*verify_folio)(struct folio *folio, loff_t pos, unsigned int len); }; /* @@ -258,13 +267,30 @@ int iomap_file_buffered_write_punch_delalloc(struct inode *inode, struct iomap *iomap, loff_t pos, loff_t length, ssize_t written, int (*punch)(struct inode *inode, loff_t pos, loff_t length)); +struct iomap_read_ioend { + struct inode *io_inode; /* file being read from */ + struct work_struct work; /* post read work (e.g. fs-verity) */ + struct bio read_inline_bio;/* MUST BE LAST! */ +}; + +struct iomap_readpage_ops { + /* + * Optional, allows the file systems to perform actions just before + * submitting the bio and/or override the bio bi_end_io handler for + * additional verification after bio is processed + */ + void (*prepare_ioend)(struct iomap_read_ioend *ioend); +}; + struct iomap_readpage_ctx { struct folio *cur_folio; bool cur_folio_in_bio; struct bio *bio; struct readahead_control *rac; + const struct iomap_readpage_ops *ops; }; +void iomap_read_end_io(struct bio *bio); int iomap_read_folio(struct iomap_readpage_ctx *ctx, const struct iomap_ops *ops); void iomap_readahead(struct iomap_readpage_ctx *ctx, From patchwork Tue Apr 4 14:53:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200422 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 51057C6FD1D for ; Tue, 4 Apr 2023 14:56:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234955AbjDDO4n (ORCPT ); Tue, 4 Apr 2023 10:56:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58944 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233721AbjDDO4R (ORCPT ); Tue, 4 Apr 2023 10:56:17 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 680654EFD for ; Tue, 4 Apr 2023 07:55:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620117; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1DCV/M5yyrM1g1B6cxt9ZQ7HQFDQ1socxlG7tzRHhCM=; b=WSqqlR7m4ARlzc/v8xJJdbRYsqmKX5Oieiw2IzyLlOsHaKVA2i4teAXk3tau1D3lUDV+b0 Rs+7DV0W7xedkDX/4A3JIR7oIh2nPvwFu4A39oH+SE+Z/yWCc7/Zfse7mJummXdUnhxTRS KYpXCidZdVAAgxjtVXBn1Jyi3MuQeck= Received: from mail-qt1-f200.google.com (mail-qt1-f200.google.com [209.85.160.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-263-OT0AOmjcO02VzWTz6vgPZg-1; Tue, 04 Apr 2023 10:55:16 -0400 X-MC-Unique: OT0AOmjcO02VzWTz6vgPZg-1 Received: by mail-qt1-f200.google.com with SMTP id l13-20020a05622a174d00b003e4df699997so20087913qtk.20 for ; Tue, 04 Apr 2023 07:55:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620115; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1DCV/M5yyrM1g1B6cxt9ZQ7HQFDQ1socxlG7tzRHhCM=; b=311HMVubguuLu7CfbzMneqoSuc6L5mFo7hH6pjB4lG1EdalK5FaRu81VMpC9XyFW/R mO1o2mOUMhqqtjZ9ZHqxxo6iMEe29/OKQfyTx7jSGNFAu73DMReB/zEIBMZZfNTEiA5C cc9meCm5bW5PoU/WjenFnTu5J8uru7rAR4/IsuBnuq0cBcmjtBNViOlDmcXvfVPHDnm+ 1LL3+RRHyTWIJW57Bh1xlXRcKaCIwp+8trgN4e4iiglbpJNQXyBQWNV5A+dYJp+DNZAC mEqQSSzO2it54lFbkBO/ivFMIB3MgdO+a5/tYTQhcsSRudauKyZJ8B1vnY+dR51qmDFo XXVw== X-Gm-Message-State: AAQBX9eUc0cq+VNK9JrgTuladljBN5sRkxoUtkLSubSeOfIAdCm+pYLg ZwoDMGXyZL9+Dl6UWrzPzScquCSGaoNknohszjMKcz5ez3dtxtGAxvTUTQUtKjaHUXK62OLJvtF +uQ7ANI5WN1gz4MT12Bjufw== X-Received: by 2002:a05:622a:1002:b0:3e3:8ebe:ce17 with SMTP id d2-20020a05622a100200b003e38ebece17mr3401486qte.43.1680620115387; Tue, 04 Apr 2023 07:55:15 -0700 (PDT) X-Google-Smtp-Source: AKy350ZeTsqSdwXkQooxtkxa5UspUTLXqFsUhIKZ9BZk1HmO99VPevTQAHz0NwCmfjyQvtO6XB3OTQ== X-Received: by 2002:a05:622a:1002:b0:3e3:8ebe:ce17 with SMTP id d2-20020a05622a100200b003e38ebece17mr3401445qte.43.1680620115062; Tue, 04 Apr 2023 07:55:15 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:14 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 10/23] xfs: add XBF_VERITY_CHECKED xfs_buf flag Date: Tue, 4 Apr 2023 16:53:06 +0200 Message-Id: <20230404145319.2057051-11-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org The meaning of the flag is that value of the extended attribute in the buffer was verified. The underlying pages have PageChecked() == false (the way fs-verity identifies verified pages), as page content will be copied out to newly allocated pages in further patches. The flag is being used later to SetPageChecked() on pages handed to the fs-verity. Signed-off-by: Andrey Albershteyn --- fs/xfs/xfs_buf.h | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/fs/xfs/xfs_buf.h b/fs/xfs/xfs_buf.h index 549c60942208..8cc86fed962b 100644 --- a/fs/xfs/xfs_buf.h +++ b/fs/xfs/xfs_buf.h @@ -24,14 +24,15 @@ struct xfs_buf; #define XFS_BUF_DADDR_NULL ((xfs_daddr_t) (-1LL)) -#define XBF_READ (1u << 0) /* buffer intended for reading from device */ -#define XBF_WRITE (1u << 1) /* buffer intended for writing to device */ -#define XBF_READ_AHEAD (1u << 2) /* asynchronous read-ahead */ -#define XBF_NO_IOACCT (1u << 3) /* bypass I/O accounting (non-LRU bufs) */ -#define XBF_ASYNC (1u << 4) /* initiator will not wait for completion */ -#define XBF_DONE (1u << 5) /* all pages in the buffer uptodate */ -#define XBF_STALE (1u << 6) /* buffer has been staled, do not find it */ -#define XBF_WRITE_FAIL (1u << 7) /* async writes have failed on this buffer */ +#define XBF_READ (1u << 0) /* buffer intended for reading from device */ +#define XBF_WRITE (1u << 1) /* buffer intended for writing to device */ +#define XBF_READ_AHEAD (1u << 2) /* asynchronous read-ahead */ +#define XBF_NO_IOACCT (1u << 3) /* bypass I/O accounting (non-LRU bufs) */ +#define XBF_ASYNC (1u << 4) /* initiator will not wait for completion */ +#define XBF_DONE (1u << 5) /* all pages in the buffer uptodate */ +#define XBF_STALE (1u << 6) /* buffer has been staled, do not find it */ +#define XBF_WRITE_FAIL (1u << 7) /* async writes have failed on this buffer */ +#define XBF_VERITY_CHECKED (1u << 8) /* buffer was verified by fs-verity*/ /* buffer type flags for write callbacks */ #define _XBF_INODES (1u << 16)/* inode buffer */ From patchwork Tue Apr 4 14:53:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200423 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E1FE9C77B6C for ; Tue, 4 Apr 2023 14:56:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235003AbjDDO4s (ORCPT ); Tue, 4 Apr 2023 10:56:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58976 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233770AbjDDO4V (ORCPT ); Tue, 4 Apr 2023 10:56:21 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C7D7527F for ; Tue, 4 Apr 2023 07:55:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620121; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=k8y9WhZdDNtrUXoW/FedDtUjjZj566BJYHrOtFmmOqc=; b=gh7wNOpTLv5MXxElv19OTcoODCzQJLSkJuT8cj8zy/dpj3F+nTrfQs60EuPYdZswFDVUvq R01pfK1C230TTuhZx86xk3W1q/v6glQoJJcGhRE2/yAwt9sA6GS8sfkRoYAmMJTv1BRdtv RtrVP3PYAl51J5K6hBy2h7UY01Pgg2Q= Received: from mail-qv1-f71.google.com (mail-qv1-f71.google.com [209.85.219.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-384-YbT-yIl3MWKE4AycBRh22A-1; Tue, 04 Apr 2023 10:55:20 -0400 X-MC-Unique: YbT-yIl3MWKE4AycBRh22A-1 Received: by mail-qv1-f71.google.com with SMTP id dg8-20020a056214084800b005acc280bf19so14725280qvb.22 for ; Tue, 04 Apr 2023 07:55:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620119; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=k8y9WhZdDNtrUXoW/FedDtUjjZj566BJYHrOtFmmOqc=; b=n9EF+KtU4wq0dokVw7nz6Qm3peBbo8ronWac9Wm1GxCmXGr++0rpt79sb2wkgdTRAp W/OxQLvTvAGuksAA/j6LJw4IxzBhH5B3T+fFPoyUFWwldjaIClwE5PFMgQd+jEEFmOLk omeYOKPoQfWE+UEYekjNjDqkQmlmNmXwgQCqqotouh2XWFrVU9NLuJAL02+53CUvb9+6 L2i9oS1W2E48M9xN1IYqOLY/8frONidw0/n9qbB55aNLL1fwkrMv2KIOEoiFRo5h1Joz 9Hg/l1VktBDtNh8IIu0zXDcNHqb0Fp/PMB1VMZgDdXbVwYh44n35ddXDX+4L8URi31mF Yb3w== X-Gm-Message-State: AAQBX9cCBIAS6oZyIcwPG2MQm9B9BW0EIegyIMAWsrSTLBMo5Xcm9zAC xSpdn/2iFuuKCX5tTx6vhK9unGDwP3HnUpMke2t9WQueujWVrzTD77E7ea79VPoYg4a4FQvwu1u 3I32ampDEj1W7QYJvf1rd+A== X-Received: by 2002:ac8:5b06:0:b0:3d4:3d6c:a62b with SMTP id m6-20020ac85b06000000b003d43d6ca62bmr3793784qtw.27.1680620118585; Tue, 04 Apr 2023 07:55:18 -0700 (PDT) X-Google-Smtp-Source: AKy350Zq76N3HAqDggjHqbDMyBg5khfORiFnim8gNTT1pLECc9GdD6VxBnlyiVZupUjB3vAUZcGqDA== X-Received: by 2002:ac8:5b06:0:b0:3d4:3d6c:a62b with SMTP id m6-20020ac85b06000000b003d43d6ca62bmr3793740qtw.27.1680620118202; Tue, 04 Apr 2023 07:55:18 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:17 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 11/23] xfs: add XFS_DA_OP_BUFFER to make xfs_attr_get() return buffer Date: Tue, 4 Apr 2023 16:53:07 +0200 Message-Id: <20230404145319.2057051-12-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org One of essential ideas of fs-verity is that pages which are already verified won't need to be re-verified if they still in page cache. The XFS stores Merkle tree blocks in extended attributes. Each attribute has one Merkle tree block. We can not directly mark underlying xfs_buf's pages as checked. The are not aligned with xattr value and we don't have a reference to that buffer which is immediately release when value is copied out. One way to track that this block was verified is to mark xattr's buffer as verified. If buffer is evicted the incore XBF_VERITY_CHECKED flag is lost. When the xattr is read again xfs_attr_get() returns new buffer without the flag. The flag is then used to tell fs-verity if it's new page or cached one. This patch adds XFS_DA_OP_BUFFER to tell xfs_attr_get() to xfs_buf_hold() underlying buffer and return it as xfs_da_args->bp. The caller must then xfs_buf_rele() the buffer. Signed-off-by: Andrey Albershteyn --- fs/xfs/libxfs/xfs_attr.c | 5 ++++- fs/xfs/libxfs/xfs_attr_leaf.c | 7 +++++++ fs/xfs/libxfs/xfs_attr_remote.c | 13 +++++++++++-- fs/xfs/libxfs/xfs_da_btree.h | 5 ++++- 4 files changed, 26 insertions(+), 4 deletions(-) diff --git a/fs/xfs/libxfs/xfs_attr.c b/fs/xfs/libxfs/xfs_attr.c index 711022742e34..298b74245267 100644 --- a/fs/xfs/libxfs/xfs_attr.c +++ b/fs/xfs/libxfs/xfs_attr.c @@ -251,6 +251,8 @@ xfs_attr_get_ilocked( * If the attribute is found, but exceeds the size limit set by the caller in * args->valuelen, return -ERANGE with the size of the attribute that was found * in args->valuelen. + * + * Using XFS_DA_OP_BUFFER the caller have to release the buffer args->bp. */ int xfs_attr_get( @@ -269,7 +271,8 @@ xfs_attr_get( args->hashval = xfs_da_hashname(args->name, args->namelen); /* Entirely possible to look up a name which doesn't exist */ - args->op_flags = XFS_DA_OP_OKNOENT; + args->op_flags = XFS_DA_OP_OKNOENT | + (args->op_flags & XFS_DA_OP_BUFFER); lock_mode = xfs_ilock_attr_map_shared(args->dp); error = xfs_attr_get_ilocked(args); diff --git a/fs/xfs/libxfs/xfs_attr_leaf.c b/fs/xfs/libxfs/xfs_attr_leaf.c index beee51ad75ce..112bb2604c89 100644 --- a/fs/xfs/libxfs/xfs_attr_leaf.c +++ b/fs/xfs/libxfs/xfs_attr_leaf.c @@ -2533,6 +2533,13 @@ xfs_attr3_leaf_getvalue( name_loc = xfs_attr3_leaf_name_local(leaf, args->index); ASSERT(name_loc->namelen == args->namelen); ASSERT(memcmp(args->name, name_loc->nameval, args->namelen) == 0); + + /* must be released by the caller */ + if (args->op_flags & XFS_DA_OP_BUFFER) { + xfs_buf_hold(bp); + args->bp = bp; + } + return xfs_attr_copy_value(args, &name_loc->nameval[args->namelen], be16_to_cpu(name_loc->valuelen)); diff --git a/fs/xfs/libxfs/xfs_attr_remote.c b/fs/xfs/libxfs/xfs_attr_remote.c index d440393b40eb..72908e0e1c86 100644 --- a/fs/xfs/libxfs/xfs_attr_remote.c +++ b/fs/xfs/libxfs/xfs_attr_remote.c @@ -424,9 +424,18 @@ xfs_attr_rmtval_get( error = xfs_attr_rmtval_copyout(mp, bp, args->dp->i_ino, &offset, &valuelen, &dst); - xfs_buf_relse(bp); - if (error) + xfs_buf_unlock(bp); + /* must be released by the caller */ + if (args->op_flags & XFS_DA_OP_BUFFER) + args->bp = bp; + else + xfs_buf_rele(bp); + + if (error) { + if (args->op_flags & XFS_DA_OP_BUFFER) + xfs_buf_rele(args->bp); return error; + } /* roll attribute extent map forwards */ lblkno += map[i].br_blockcount; diff --git a/fs/xfs/libxfs/xfs_da_btree.h b/fs/xfs/libxfs/xfs_da_btree.h index a4b29827603f..269d26730bca 100644 --- a/fs/xfs/libxfs/xfs_da_btree.h +++ b/fs/xfs/libxfs/xfs_da_btree.h @@ -61,6 +61,7 @@ typedef struct xfs_da_args { uint8_t filetype; /* filetype of inode for directories */ void *value; /* set of bytes (maybe contain NULLs) */ int valuelen; /* length of value */ + struct xfs_buf *bp; /* OUT: xfs_buf which contains the attr */ unsigned int attr_filter; /* XFS_ATTR_{ROOT,SECURE,INCOMPLETE} */ unsigned int attr_flags; /* XATTR_{CREATE,REPLACE} */ xfs_dahash_t hashval; /* hash value of name */ @@ -95,6 +96,7 @@ typedef struct xfs_da_args { #define XFS_DA_OP_REMOVE (1u << 6) /* this is a remove operation */ #define XFS_DA_OP_RECOVERY (1u << 7) /* Log recovery operation */ #define XFS_DA_OP_LOGGED (1u << 8) /* Use intent items to track op */ +#define XFS_DA_OP_BUFFER (1u << 9) /* Return underlying buffer */ #define XFS_DA_OP_FLAGS \ { XFS_DA_OP_JUSTCHECK, "JUSTCHECK" }, \ @@ -105,7 +107,8 @@ typedef struct xfs_da_args { { XFS_DA_OP_NOTIME, "NOTIME" }, \ { XFS_DA_OP_REMOVE, "REMOVE" }, \ { XFS_DA_OP_RECOVERY, "RECOVERY" }, \ - { XFS_DA_OP_LOGGED, "LOGGED" } + { XFS_DA_OP_LOGGED, "LOGGED" }, \ + { XFS_DA_OP_BUFFER, "BUFFER" } /* * Storage for holding state during Btree searches and split/join ops. From patchwork Tue Apr 4 14:53:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200425 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4DACBC77B62 for ; Tue, 4 Apr 2023 14:56:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235155AbjDDO44 (ORCPT ); Tue, 4 Apr 2023 10:56:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59058 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234218AbjDDO41 (ORCPT ); Tue, 4 Apr 2023 10:56:27 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 919802D44 for ; Tue, 4 Apr 2023 07:55:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620124; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=g1NG2DlOPhECSBoFyURsYJB7f5VQnxxV8rEkg1d1tQc=; b=AoZnqUV8oWGJKd9DmCDU5hivHnTmWuEMp1dr1uPNYhFFivr58TLwBiRDdBXUpYEiEv0lLC 5A5mp5meikuxdCceugZdeVIpcO3mXzwRMn3FdIzA+ojpnPhWgb3qHCQ3U/FVEWvVgmu9Yw ifYJEYz+VvbgSRRO0auWnb32pTGN0ls= Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-265-pWWM2UZRPJi6uWv_Czxsmg-1; Tue, 04 Apr 2023 10:55:21 -0400 X-MC-Unique: pWWM2UZRPJi6uWv_Czxsmg-1 Received: by mail-qk1-f200.google.com with SMTP id p63-20020a374242000000b007468eaf866aso5346853qka.17 for ; Tue, 04 Apr 2023 07:55:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620121; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=g1NG2DlOPhECSBoFyURsYJB7f5VQnxxV8rEkg1d1tQc=; b=ILzu8N6JzAY2lH+EAytJ7wJOW1kCTK3sLivnf0lsTWORBFmThud0bOUTG9+XdyInF8 4V2YPRT6aiG8XIbUJTyEyu4RlwYFIZ5JgJM436g9CwRgenBLNOdQ1B4tGB01VqUNbOhc gVFnN61cJ0paoY1lsgLDoR0E/0I9t/rUW+IQZFcFEdK5KZSKNmzgCkpBynIMF1zls9X7 GNvnxSlZDiQji3E2boSlKxIEnVnguvOl48NcTLXTMMAce5MyQWwiV2oHcfhkbiwsZ/pd 6Uqi+IWDP+acX/PPKm5OquGVlDvzjR7ZTOdjTCWdZMAPxtoaA8nrT4dJA5qMPlTjlQFg zUZw== X-Gm-Message-State: AAQBX9cNi10Ej6KeJekTLf+lecyyOeTeVubEsSA3CwmhU/L/dTzMqkma 5iyUd6NDvzCMG5Wynf4SRnrDxi7Ko9VXEgprEsjlgr8bgrhtl74/5wqnBCs1P43O2VLLcEF1jbN inivo7bRrtnAGryeycCIM2w== X-Received: by 2002:ac8:5754:0:b0:3d7:960e:5387 with SMTP id 20-20020ac85754000000b003d7960e5387mr3872041qtx.35.1680620121256; Tue, 04 Apr 2023 07:55:21 -0700 (PDT) X-Google-Smtp-Source: AKy350bjyktKoJdi6D9KFFirgwb83MTSe30Fparym5df9UxsVGpZNZWXy1G6A3UC/2iyEvUKlSZpbw== X-Received: by 2002:ac8:5754:0:b0:3d7:960e:5387 with SMTP id 20-20020ac85754000000b003d7960e5387mr3871997qtx.35.1680620120899; Tue, 04 Apr 2023 07:55:20 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:20 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 12/23] xfs: introduce workqueue for post read IO work Date: Tue, 4 Apr 2023 16:53:08 +0200 Message-Id: <20230404145319.2057051-13-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org As noted by Dave there are two problems with using fs-verity's workqueue in XFS: 1. High priority workqueues are used within XFS to ensure that data IO completion cannot stall processing of journal IO completions. Hence using a WQ_HIGHPRI workqueue directly in the user data IO path is a potential filesystem livelock/deadlock vector. 2. The fsverity workqueue is global - it creates a cross-filesystem contention point. This patch adds per-filesystem, per-cpu workqueue for fsverity work. Signed-off-by: Andrey Albershteyn --- fs/xfs/xfs_mount.h | 1 + fs/xfs/xfs_super.c | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/fs/xfs/xfs_mount.h b/fs/xfs/xfs_mount.h index f3269c0626f0..53a4a9304937 100644 --- a/fs/xfs/xfs_mount.h +++ b/fs/xfs/xfs_mount.h @@ -107,6 +107,7 @@ typedef struct xfs_mount { struct xfs_mru_cache *m_filestream; /* per-mount filestream data */ struct workqueue_struct *m_buf_workqueue; struct workqueue_struct *m_unwritten_workqueue; + struct workqueue_struct *m_postread_workqueue; struct workqueue_struct *m_reclaim_workqueue; struct workqueue_struct *m_sync_workqueue; struct workqueue_struct *m_blockgc_wq; diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c index 4f814f9e12ab..d6f22cb94ee2 100644 --- a/fs/xfs/xfs_super.c +++ b/fs/xfs/xfs_super.c @@ -548,6 +548,12 @@ xfs_init_mount_workqueues( if (!mp->m_unwritten_workqueue) goto out_destroy_buf; + mp->m_postread_workqueue = alloc_workqueue("xfs-pread/%s", + XFS_WQFLAGS(WQ_FREEZABLE | WQ_MEM_RECLAIM), + 0, mp->m_super->s_id); + if (!mp->m_postread_workqueue) + goto out_destroy_postread; + mp->m_reclaim_workqueue = alloc_workqueue("xfs-reclaim/%s", XFS_WQFLAGS(WQ_FREEZABLE | WQ_MEM_RECLAIM), 0, mp->m_super->s_id); @@ -581,6 +587,8 @@ xfs_init_mount_workqueues( destroy_workqueue(mp->m_reclaim_workqueue); out_destroy_unwritten: destroy_workqueue(mp->m_unwritten_workqueue); +out_destroy_postread: + destroy_workqueue(mp->m_postread_workqueue); out_destroy_buf: destroy_workqueue(mp->m_buf_workqueue); out: @@ -596,6 +604,7 @@ xfs_destroy_mount_workqueues( destroy_workqueue(mp->m_inodegc_wq); destroy_workqueue(mp->m_reclaim_workqueue); destroy_workqueue(mp->m_unwritten_workqueue); + destroy_workqueue(mp->m_postread_workqueue); destroy_workqueue(mp->m_buf_workqueue); } From patchwork Tue Apr 4 14:53:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200424 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 086E0C77B60 for ; Tue, 4 Apr 2023 14:56:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234204AbjDDO4u (ORCPT ); Tue, 4 Apr 2023 10:56:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59244 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233015AbjDDO4Y (ORCPT ); Tue, 4 Apr 2023 10:56:24 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DCB623C11 for ; Tue, 4 Apr 2023 07:55:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620126; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mf1FPmX34sPBqBJ1RqvZnmanS11JhvTJ+HM36CjFqII=; b=hXUwnpVOoZRgvuq01tAF1D/CKBAMdI+vFnftbN9IBw4zTGaCeqKNjVM+IB0Y/zFgKEefUp I+WqKbu4tomEmBW2Y2lJoBnK8Yv/IvqB1zMb3rOAEi9Nx7VSmKa1Tn6X73hMERP7NgMhA/ tyU+GCzk9XH7QWjThFIYxOHNOPIyY7E= Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-501-kxyp6N-HPvWGiSRmjzR-_w-1; Tue, 04 Apr 2023 10:55:24 -0400 X-MC-Unique: kxyp6N-HPvWGiSRmjzR-_w-1 Received: by mail-qt1-f198.google.com with SMTP id v10-20020a05622a130a00b003e4ee70e001so16129935qtk.6 for ; Tue, 04 Apr 2023 07:55:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620124; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mf1FPmX34sPBqBJ1RqvZnmanS11JhvTJ+HM36CjFqII=; b=08Oypfhjih33FsAJBiUFeCsTZWxMZVHvkZ7uYHSo60Z28GLX6zHJk9I7T6+1797mSI O0TPuGLwvXnBaWf6l0cdg8SzQ/L3Em3/k/24chFngI1bNimT3xf+bMa6AGW4LG7eod2R I0lvQQIfNUzPlFecKKj0Pr78nRrLa2UflRquMyOuOS6pTXLHYXJCBJm+1xDndJn90KHs zVr0IDkRGkH76r0p/kKiBeqfSfoMGdCMm126MkXokHLCPnAujemu/jV3ReRZwUJJAQGr i481eWnIeQ+saXQxFS/R6qvoSYRqEPWK/ZuLRB1XAdKgyYJ2AeZglQ+sBFY7jZkakpQI TZCw== X-Gm-Message-State: AAQBX9c1qwFU0HnOVb0IRJVE3knU0TTTISfulekhmFid9pXAvfPLudbT /NYk1Qb163OC4B9XvvjwmOO0Pb7pmD7WwrnMCo5xbBYbjHq+GvAWvPIqNdzyjoMJDmGi41HtcX+ Pk2K0B76yolbtPc7QuUK7EQ== X-Received: by 2002:a05:622a:586:b0:3e4:df94:34fa with SMTP id c6-20020a05622a058600b003e4df9434famr4035260qtb.37.1680620124163; Tue, 04 Apr 2023 07:55:24 -0700 (PDT) X-Google-Smtp-Source: AKy350bRYRoH4ADtP4T/X8Xk7AmNG3QGNTCPUhw/3V50RQPtNVC1H25ltfcQUL3M/obCpWJOFk1Kng== X-Received: by 2002:a05:622a:586:b0:3e4:df94:34fa with SMTP id c6-20020a05622a058600b003e4df9434famr4035211qtb.37.1680620123789; Tue, 04 Apr 2023 07:55:23 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:23 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 13/23] xfs: add iomap's readpage operations Date: Tue, 4 Apr 2023 16:53:09 +0200 Message-Id: <20230404145319.2057051-14-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org The read IO path provides callout for configuring ioend. This allows filesystem to add verification of completed BIOs. The xfs_prepare_read_ioend() configures bio->bi_end_io which places verification task in the workqueue. The task does fs-verity verification and then call back to the iomap to finish IO. This patch add callouts implementation to verify pages with fs-verity. Also implements folio operation .verify_folio for direct folio verification by fs-verity. Signed-off-by: Andrey Albershteyn --- fs/xfs/xfs_aops.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ fs/xfs/xfs_iomap.c | 11 +++++++++++ fs/xfs/xfs_linux.h | 1 + 3 files changed, 57 insertions(+) diff --git a/fs/xfs/xfs_aops.c b/fs/xfs/xfs_aops.c index daa0dd4768fb..2a3ab5afd665 100644 --- a/fs/xfs/xfs_aops.c +++ b/fs/xfs/xfs_aops.c @@ -548,6 +548,49 @@ xfs_vm_bmap( return iomap_bmap(mapping, block, &xfs_read_iomap_ops); } +static void +xfs_read_work_end_io( + struct work_struct *work) +{ + struct iomap_read_ioend *ioend = + container_of(work, struct iomap_read_ioend, work); + struct bio *bio = &ioend->read_inline_bio; + + fsverity_verify_bio(bio); + iomap_read_end_io(bio); + /* + * The iomap_read_ioend has been freed by bio_put() in + * iomap_read_end_io() + */ +} + +static void +xfs_read_end_io( + struct bio *bio) +{ + struct iomap_read_ioend *ioend = + container_of(bio, struct iomap_read_ioend, read_inline_bio); + struct xfs_inode *ip = XFS_I(ioend->io_inode); + + WARN_ON_ONCE(!queue_work(ip->i_mount->m_postread_workqueue, + &ioend->work)); +} + +static void +xfs_prepare_read_ioend( + struct iomap_read_ioend *ioend) +{ + if (!fsverity_active(ioend->io_inode)) + return; + + INIT_WORK(&ioend->work, &xfs_read_work_end_io); + ioend->read_inline_bio.bi_end_io = &xfs_read_end_io; +} + +static const struct iomap_readpage_ops xfs_readpage_ops = { + .prepare_ioend = &xfs_prepare_read_ioend, +}; + STATIC int xfs_vm_read_folio( struct file *unused, @@ -555,6 +598,7 @@ xfs_vm_read_folio( { struct iomap_readpage_ctx ctx = { .cur_folio = folio, + .ops = &xfs_readpage_ops, }; return iomap_read_folio(&ctx, &xfs_read_iomap_ops); @@ -566,6 +610,7 @@ xfs_vm_readahead( { struct iomap_readpage_ctx ctx = { .rac = rac, + .ops = &xfs_readpage_ops, }; iomap_readahead(&ctx, &xfs_read_iomap_ops); diff --git a/fs/xfs/xfs_iomap.c b/fs/xfs/xfs_iomap.c index 285885c308bd..e0f3c5d709f6 100644 --- a/fs/xfs/xfs_iomap.c +++ b/fs/xfs/xfs_iomap.c @@ -27,6 +27,7 @@ #include "xfs_dquot_item.h" #include "xfs_dquot.h" #include "xfs_reflink.h" +#include "xfs_verity.h" #define XFS_ALLOC_ALIGN(mp, off) \ (((off) >> mp->m_allocsize_log) << mp->m_allocsize_log) @@ -83,8 +84,18 @@ xfs_iomap_valid( return true; } +static bool +xfs_verify_folio( + struct folio *folio, + loff_t pos, + unsigned int len) +{ + return fsverity_verify_folio(folio, len, pos); +} + static const struct iomap_folio_ops xfs_iomap_folio_ops = { .iomap_valid = xfs_iomap_valid, + .verify_folio = xfs_verify_folio, }; int diff --git a/fs/xfs/xfs_linux.h b/fs/xfs/xfs_linux.h index e88f18f85e4b..c574fbf4b67d 100644 --- a/fs/xfs/xfs_linux.h +++ b/fs/xfs/xfs_linux.h @@ -63,6 +63,7 @@ typedef __u32 xfs_nlink_t; #include #include #include +#include #include #include From patchwork Tue Apr 4 14:53:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200427 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B8389C6FD1D for ; Tue, 4 Apr 2023 14:57:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235260AbjDDO5B (ORCPT ); Tue, 4 Apr 2023 10:57:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59212 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234663AbjDDO4d (ORCPT ); Tue, 4 Apr 2023 10:56:33 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D82454EF7 for ; Tue, 4 Apr 2023 07:55:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qBYfR9y7mc4emCV9kD7O8/LELcLcH0cCLkcuznWVRNE=; b=DNUo9tSNTan58T6LHxEDqKaztHmu8LQWTmtbAJskIBigdIT0l34qK9eWIgl+FMZfP+gIkS iSKtGnsWZwKEOfYykrzg4dDDi4uVG4+u48zp+Y0jJvJr5xpl7e/lckzv5wWevXEzBNafGh QiBEriG8YjsqjATwle2zgtgu5N/x26k= Received: from mail-qv1-f69.google.com (mail-qv1-f69.google.com [209.85.219.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-654-l0nky2KEP6OxNq_j21C97w-1; Tue, 04 Apr 2023 10:55:28 -0400 X-MC-Unique: l0nky2KEP6OxNq_j21C97w-1 Received: by mail-qv1-f69.google.com with SMTP id f3-20020a0cc303000000b005c9966620daso14611206qvi.4 for ; Tue, 04 Apr 2023 07:55:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620127; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qBYfR9y7mc4emCV9kD7O8/LELcLcH0cCLkcuznWVRNE=; b=ME1Xtwhacbu7hrXMAAgkEn40NElqVFKpn5tgjiiGdlrjcsgjzxZ505nvJNp3PvC9Ey hdJJY5oKmbEGN8Y9sN77bKVNDxvSkymhKtPz9HPxXtPrCiEBUiPxjCpDyBfDF2OknNhF NEtV2xQPZeZEm2vX81TRGAFGAVDvB2lcLUpyYU3tujPEto1u38SGnTv/tgfbB0KpiNJI GiaRwBGvWC/IgHRR6naI4GYYjEKgIfHxgk8f669BUlmfX2gRIbwTSON7kp5DcsiY0G/U nOhDz3J0NUGqab5JpG0uu6My7Y28vTjN0KIeVPp36qbmu5YwRpcRZtp+aMm2O6KAkMEQ BvIw== X-Gm-Message-State: AAQBX9eeMhOE+X8UF99D2jU0i7LACOICQvXiY14paA8iD3iP/xclEXHT 39zee5BqJogrrT7/Ew+RrPXtXAX73nvCw8eM70kyTwragxxV1dRSFbV1+87s5ya2jmo3KmqTeIi NaLZSAA8RuZiJ+b/1n3GG5w== X-Received: by 2002:a05:622a:199c:b0:3e4:3f79:9d7b with SMTP id u28-20020a05622a199c00b003e43f799d7bmr3716050qtc.55.1680620127339; Tue, 04 Apr 2023 07:55:27 -0700 (PDT) X-Google-Smtp-Source: AKy350aPhI2S3MEB+MRHM6CVfbFypXk0qGatbwEPU5syhmYxnWr2Q3wqyiCRz9ctEKISxtGe9l4JDA== X-Received: by 2002:a05:622a:199c:b0:3e4:3f79:9d7b with SMTP id u28-20020a05622a199c00b003e43f799d7bmr3716007qtc.55.1680620126943; Tue, 04 Apr 2023 07:55:26 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:26 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 14/23] xfs: add attribute type for fs-verity Date: Tue, 4 Apr 2023 16:53:10 +0200 Message-Id: <20230404145319.2057051-15-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org The Merkle tree blocks and descriptor are stored in the extended attributes of the inode. Add new attribute type for fs-verity metadata. Add XFS_ATTR_INTERNAL_MASK to skip parent pointer and fs-verity attributes as those are only for internal use. While we're at it add a few comments in relevant places that internally visible attributes are not suppose to be handled via interface defined in xfs_xattr.c. Signed-off-by: Andrey Albershteyn --- fs/xfs/libxfs/xfs_da_format.h | 10 +++++++++- fs/xfs/libxfs/xfs_log_format.h | 1 + fs/xfs/xfs_ioctl.c | 5 +++++ fs/xfs/xfs_trace.h | 1 + fs/xfs/xfs_xattr.c | 9 +++++++++ 5 files changed, 25 insertions(+), 1 deletion(-) diff --git a/fs/xfs/libxfs/xfs_da_format.h b/fs/xfs/libxfs/xfs_da_format.h index 75b13807145d..2b5967befc2e 100644 --- a/fs/xfs/libxfs/xfs_da_format.h +++ b/fs/xfs/libxfs/xfs_da_format.h @@ -689,14 +689,22 @@ struct xfs_attr3_leafblock { #define XFS_ATTR_ROOT_BIT 1 /* limit access to trusted attrs */ #define XFS_ATTR_SECURE_BIT 2 /* limit access to secure attrs */ #define XFS_ATTR_PARENT_BIT 3 /* parent pointer attrs */ +#define XFS_ATTR_VERITY_BIT 4 /* verity merkle tree and descriptor */ #define XFS_ATTR_INCOMPLETE_BIT 7 /* attr in middle of create/delete */ #define XFS_ATTR_LOCAL (1u << XFS_ATTR_LOCAL_BIT) #define XFS_ATTR_ROOT (1u << XFS_ATTR_ROOT_BIT) #define XFS_ATTR_SECURE (1u << XFS_ATTR_SECURE_BIT) #define XFS_ATTR_PARENT (1u << XFS_ATTR_PARENT_BIT) +#define XFS_ATTR_VERITY (1u << XFS_ATTR_VERITY_BIT) #define XFS_ATTR_INCOMPLETE (1u << XFS_ATTR_INCOMPLETE_BIT) #define XFS_ATTR_NSP_ONDISK_MASK \ - (XFS_ATTR_ROOT | XFS_ATTR_SECURE | XFS_ATTR_PARENT) + (XFS_ATTR_ROOT | XFS_ATTR_SECURE | XFS_ATTR_PARENT | \ + XFS_ATTR_VERITY) + +/* + * Internal attributes not exposed to the user + */ +#define XFS_ATTR_INTERNAL_MASK (XFS_ATTR_PARENT | XFS_ATTR_VERITY) /* * Alignment for namelist and valuelist entries (since they are mixed diff --git a/fs/xfs/libxfs/xfs_log_format.h b/fs/xfs/libxfs/xfs_log_format.h index 727b5a858028..678eacb7925c 100644 --- a/fs/xfs/libxfs/xfs_log_format.h +++ b/fs/xfs/libxfs/xfs_log_format.h @@ -968,6 +968,7 @@ struct xfs_icreate_log { #define XFS_ATTRI_FILTER_MASK (XFS_ATTR_ROOT | \ XFS_ATTR_SECURE | \ XFS_ATTR_PARENT | \ + XFS_ATTR_VERITY | \ XFS_ATTR_INCOMPLETE) /* diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index 55bb01173cde..3d6d680b6cf3 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -351,6 +351,11 @@ static unsigned int xfs_attr_filter( u32 ioc_flags) { + /* + * Only externally visible attributes should be specified here. + * Internally used attributes (such as parent pointers or fs-verity) + * should not be exposed to userspace. + */ if (ioc_flags & XFS_IOC_ATTR_ROOT) return XFS_ATTR_ROOT; if (ioc_flags & XFS_IOC_ATTR_SECURE) diff --git a/fs/xfs/xfs_trace.h b/fs/xfs/xfs_trace.h index 9c0006c55fec..e842b9d145cb 100644 --- a/fs/xfs/xfs_trace.h +++ b/fs/xfs/xfs_trace.h @@ -79,6 +79,7 @@ struct xfs_perag; #define XFS_ATTR_FILTER_FLAGS \ { XFS_ATTR_ROOT, "ROOT" }, \ { XFS_ATTR_SECURE, "SECURE" }, \ + { XFS_ATTR_VERITY, "VERITY" }, \ { XFS_ATTR_INCOMPLETE, "INCOMPLETE" } DECLARE_EVENT_CLASS(xfs_attr_list_class, diff --git a/fs/xfs/xfs_xattr.c b/fs/xfs/xfs_xattr.c index 7b9a0ed1b11f..5a71797fbd44 100644 --- a/fs/xfs/xfs_xattr.c +++ b/fs/xfs/xfs_xattr.c @@ -20,6 +20,12 @@ #include +/* + * This file defines interface to work with externally visible extended + * attributes, such as those in system or security namespaces. This interface + * should not be used for internally used attributes (consider xfs_attr.c). + */ + /* * Get permission to use log-assisted atomic exchange of file extents. * @@ -234,6 +240,9 @@ xfs_xattr_put_listent( ASSERT(context->count >= 0); + if (flags & XFS_ATTR_INTERNAL_MASK) + return; + if (flags & XFS_ATTR_ROOT) { #ifdef CONFIG_XFS_POSIX_ACL if (namelen == SGI_ACL_FILE_SIZE && From patchwork Tue Apr 4 14:53:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200426 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 58997C77B62 for ; Tue, 4 Apr 2023 14:57:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234462AbjDDO47 (ORCPT ); Tue, 4 Apr 2023 10:56:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59494 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233384AbjDDO4b (ORCPT ); Tue, 4 Apr 2023 10:56:31 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 375CB4206 for ; Tue, 4 Apr 2023 07:55:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620132; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=VcQmWR+9Y5ByK+ATZGapbO5pnH99zCU6qprkC/Vu/Vo=; b=eU6N0VXJNRAr7DZ0RE//JSnLYXqVLX8cRcM0jYMwecmRey+qUYGtPe+7hJ9JWdTDTtkYPq VyEgxYIuPAvJmWs2xNZK6uEDoeBMn7Dj/H3zjTEQXZeK2DPh1ojMl2X+UHnFsFeIpacdMv SUVwiTSvgKZTCMYEB4LfXGX6Ygptm+w= Received: from mail-qv1-f69.google.com (mail-qv1-f69.google.com [209.85.219.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-316-hHApAQlLM1S-xUoDJDJvoA-1; Tue, 04 Apr 2023 10:55:31 -0400 X-MC-Unique: hHApAQlLM1S-xUoDJDJvoA-1 Received: by mail-qv1-f69.google.com with SMTP id dg8-20020a056214084800b005acc280bf19so14725627qvb.22 for ; Tue, 04 Apr 2023 07:55:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620130; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VcQmWR+9Y5ByK+ATZGapbO5pnH99zCU6qprkC/Vu/Vo=; b=6Q8bdfQWtTQttwsaja7PBBaZhBwhpnM9fG+31H5H65FFxLkCm0QL0IK8+fgdF2x+1K TOHca7N5l6cQZPUEazEJr0aGuhZxmozXAKO1pOO2hDQY6iYF+7P8Bi+rGhZKF4cv0GHj EPWUuubMM1/TzyR0yujizef0gD9cn0/YvgBW5L8ps/ubLo77ZWuFZn6Bkx5s5zHdKoQA mQyOYgB/amhjGKd8lZFoo2z2qG1x5yQpOjqmaRZBCJxcyxDr9jOCDALS19rIh0iVLdfH tnlu4cW/5+4XlotZYjMcutWzqieGOMMBHc4QStV0hqlabHRb8J0S0aBz03Km24TvzFUx D4Dw== X-Gm-Message-State: AAQBX9evxCAIm69VZVyATIgbKFMR9hZJLV1QvCFfFhkw+1iVEEgfOgPP TsuEpbqfd8pzVsHdwHPO4c6KKfH9UONxQ4EoocKa81PlgUkRTobO3W1+/E+BuW+o9XT/6YsgouL sfmjq+q/BbSlfVWI/+aTgZ04rmlf+qtJ4 X-Received: by 2002:ac8:7e96:0:b0:3e6:3c76:84c4 with SMTP id w22-20020ac87e96000000b003e63c7684c4mr4113050qtj.42.1680620130423; Tue, 04 Apr 2023 07:55:30 -0700 (PDT) X-Google-Smtp-Source: AKy350Zr2rxw/Z5UAEkY/x+zomx2LR8SpENS3uogBfhkrXJlt+UiOQV8XzWD8t3/6Y5inpxjlQNwhw== X-Received: by 2002:ac8:7e96:0:b0:3e6:3c76:84c4 with SMTP id w22-20020ac87e96000000b003e63c7684c4mr4113018qtj.42.1680620130035; Tue, 04 Apr 2023 07:55:30 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:29 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 15/23] xfs: add fs-verity ro-compat flag Date: Tue, 4 Apr 2023 16:53:11 +0200 Message-Id: <20230404145319.2057051-16-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org To mark inodes sealed with fs-verity the new XFS_DIFLAG2_VERITY flag will be added in further patch. This requires ro-compat flag to let older kernels know that fs with fs-verity can not be modified. Signed-off-by: Andrey Albershteyn --- fs/xfs/libxfs/xfs_format.h | 1 + fs/xfs/libxfs/xfs_sb.c | 2 ++ fs/xfs/xfs_mount.h | 2 ++ 3 files changed, 5 insertions(+) diff --git a/fs/xfs/libxfs/xfs_format.h b/fs/xfs/libxfs/xfs_format.h index 371dc07233e0..ef617be2839c 100644 --- a/fs/xfs/libxfs/xfs_format.h +++ b/fs/xfs/libxfs/xfs_format.h @@ -353,6 +353,7 @@ xfs_sb_has_compat_feature( #define XFS_SB_FEAT_RO_COMPAT_RMAPBT (1 << 1) /* reverse map btree */ #define XFS_SB_FEAT_RO_COMPAT_REFLINK (1 << 2) /* reflinked files */ #define XFS_SB_FEAT_RO_COMPAT_INOBTCNT (1 << 3) /* inobt block counts */ +#define XFS_SB_FEAT_RO_COMPAT_VERITY (1 << 4) /* fs-verity */ #define XFS_SB_FEAT_RO_COMPAT_ALL \ (XFS_SB_FEAT_RO_COMPAT_FINOBT | \ XFS_SB_FEAT_RO_COMPAT_RMAPBT | \ diff --git a/fs/xfs/libxfs/xfs_sb.c b/fs/xfs/libxfs/xfs_sb.c index 99cc03a298e2..b1f1b21e8953 100644 --- a/fs/xfs/libxfs/xfs_sb.c +++ b/fs/xfs/libxfs/xfs_sb.c @@ -161,6 +161,8 @@ xfs_sb_version_to_features( features |= XFS_FEAT_REFLINK; if (sbp->sb_features_ro_compat & XFS_SB_FEAT_RO_COMPAT_INOBTCNT) features |= XFS_FEAT_INOBTCNT; + if (sbp->sb_features_ro_compat & XFS_SB_FEAT_RO_COMPAT_VERITY) + features |= XFS_FEAT_VERITY; if (sbp->sb_features_incompat & XFS_SB_FEAT_INCOMPAT_FTYPE) features |= XFS_FEAT_FTYPE; if (sbp->sb_features_incompat & XFS_SB_FEAT_INCOMPAT_SPINODES) diff --git a/fs/xfs/xfs_mount.h b/fs/xfs/xfs_mount.h index 53a4a9304937..9254c3cd9077 100644 --- a/fs/xfs/xfs_mount.h +++ b/fs/xfs/xfs_mount.h @@ -279,6 +279,7 @@ typedef struct xfs_mount { #define XFS_FEAT_BIGTIME (1ULL << 24) /* large timestamps */ #define XFS_FEAT_NEEDSREPAIR (1ULL << 25) /* needs xfs_repair */ #define XFS_FEAT_NREXT64 (1ULL << 26) /* large extent counters */ +#define XFS_FEAT_VERITY (1ULL << 27) /* fs-verity */ /* Mount features */ #define XFS_FEAT_NOATTR2 (1ULL << 48) /* disable attr2 creation */ @@ -342,6 +343,7 @@ __XFS_HAS_FEAT(inobtcounts, INOBTCNT) __XFS_HAS_FEAT(bigtime, BIGTIME) __XFS_HAS_FEAT(needsrepair, NEEDSREPAIR) __XFS_HAS_FEAT(large_extent_counts, NREXT64) +__XFS_HAS_FEAT(verity, VERITY) /* * Mount features From patchwork Tue Apr 4 14:53:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200428 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5EBFEC77B70 for ; Tue, 4 Apr 2023 14:57:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234777AbjDDO5C (ORCPT ); Tue, 4 Apr 2023 10:57:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59518 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234770AbjDDO4g (ORCPT ); Tue, 4 Apr 2023 10:56:36 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1977F44A1 for ; Tue, 4 Apr 2023 07:55:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620136; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=s5CBlu3rB6FB4/gHV+J994sqM8eAaiIHabLpvipzBAI=; b=bXvru7qXzM7i6i24erYMRiMFuuVJYhPq4UxodUjPeJMkMBpkYYic2fXMY52pH+J/PR8/lq cRf78Qwscohvvw6FrX2JP/OnqeK0h2EeqeM7CA6g018CIKx10LMZfhobC7d8jiNJNlTHii VL7jgBRP2vCJhUWgFQPo70dVKdlVCBg= Received: from mail-qk1-f197.google.com (mail-qk1-f197.google.com [209.85.222.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-423-5rRT82kYMUuj__tFlIBMSw-1; Tue, 04 Apr 2023 10:55:34 -0400 X-MC-Unique: 5rRT82kYMUuj__tFlIBMSw-1 Received: by mail-qk1-f197.google.com with SMTP id d187-20020a3768c4000000b00746864b272cso14836236qkc.15 for ; Tue, 04 Apr 2023 07:55:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620133; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=s5CBlu3rB6FB4/gHV+J994sqM8eAaiIHabLpvipzBAI=; b=4Csv2rRXervM11Nf4bV6hJS/LhEjWQubaz5lu+z43/iLyOxCi8vSUUGdKDoOsuSvPN +rg8IXlVphkU2C6XyG1nC40rUXCSTNRKTfH6+zjgavKj3fMKxIiD1qTqydOfTAPy/Z3i ccZtB7vOWnqLyjb1M6zziSoeAgqTqaMNRyb/tay/cn6yxWO4xmzW8IcA0VPXXiYmCsvq Fjv1Dqm0esm6SXIHkO+jzu2cB/5cslvQNny9h9aWiFKYKk7AsQ/iMv1gQnGUEmblNp+8 X/sbtAEZpmmW5oRtfcHuT4e5V4gasM+KRZ/TQryIRKyFpVueE6ZZlhbuh7tIUB6/r46q IHhg== X-Gm-Message-State: AAQBX9e85aZvlzmkRwao/G/eel63Lq/Hr3b5B3KLaDdUpZ8vgbgIffWk xg3QCXNf6iniLHeHGT7RKqvh0iYfxOE5yrGcPDzzX1y/Zcul4EjtGj//Yj6/Lp1+gOBM1k1F6IF CRu3HZgttKEonzI2JZyfYjQ== X-Received: by 2002:a05:622a:1116:b0:3d7:7d98:d202 with SMTP id e22-20020a05622a111600b003d77d98d202mr4199924qty.32.1680620133278; Tue, 04 Apr 2023 07:55:33 -0700 (PDT) X-Google-Smtp-Source: AKy350agz24OCLzc85AGxUuPb8W7opye3ABchefrsnh9VPCEo+l0sKKLvduzLpg+Bm8Xk2N7Z0je6A== X-Received: by 2002:a05:622a:1116:b0:3d7:7d98:d202 with SMTP id e22-20020a05622a111600b003d77d98d202mr4199873qty.32.1680620132920; Tue, 04 Apr 2023 07:55:32 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:32 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 16/23] xfs: add inode on-disk VERITY flag Date: Tue, 4 Apr 2023 16:53:12 +0200 Message-Id: <20230404145319.2057051-17-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Add flag to mark inodes which have fs-verity enabled on them (i.e. descriptor exist and tree is built). Signed-off-by: Andrey Albershteyn --- fs/ioctl.c | 4 ++++ fs/xfs/libxfs/xfs_format.h | 4 +++- fs/xfs/xfs_inode.c | 2 ++ fs/xfs/xfs_iops.c | 2 ++ include/uapi/linux/fs.h | 1 + 5 files changed, 12 insertions(+), 1 deletion(-) diff --git a/fs/ioctl.c b/fs/ioctl.c index 5b2481cd4750..a274b33b2fd0 100644 --- a/fs/ioctl.c +++ b/fs/ioctl.c @@ -480,6 +480,8 @@ void fileattr_fill_xflags(struct fileattr *fa, u32 xflags) fa->flags |= FS_DAX_FL; if (fa->fsx_xflags & FS_XFLAG_PROJINHERIT) fa->flags |= FS_PROJINHERIT_FL; + if (fa->fsx_xflags & FS_XFLAG_VERITY) + fa->flags |= FS_VERITY_FL; } EXPORT_SYMBOL(fileattr_fill_xflags); @@ -510,6 +512,8 @@ void fileattr_fill_flags(struct fileattr *fa, u32 flags) fa->fsx_xflags |= FS_XFLAG_DAX; if (fa->flags & FS_PROJINHERIT_FL) fa->fsx_xflags |= FS_XFLAG_PROJINHERIT; + if (fa->flags & FS_VERITY_FL) + fa->fsx_xflags |= FS_XFLAG_VERITY; } EXPORT_SYMBOL(fileattr_fill_flags); diff --git a/fs/xfs/libxfs/xfs_format.h b/fs/xfs/libxfs/xfs_format.h index ef617be2839c..ccb2ae5c2c93 100644 --- a/fs/xfs/libxfs/xfs_format.h +++ b/fs/xfs/libxfs/xfs_format.h @@ -1070,16 +1070,18 @@ static inline void xfs_dinode_put_rdev(struct xfs_dinode *dip, xfs_dev_t rdev) #define XFS_DIFLAG2_COWEXTSIZE_BIT 2 /* copy on write extent size hint */ #define XFS_DIFLAG2_BIGTIME_BIT 3 /* big timestamps */ #define XFS_DIFLAG2_NREXT64_BIT 4 /* large extent counters */ +#define XFS_DIFLAG2_VERITY_BIT 5 /* inode sealed by fsverity */ #define XFS_DIFLAG2_DAX (1 << XFS_DIFLAG2_DAX_BIT) #define XFS_DIFLAG2_REFLINK (1 << XFS_DIFLAG2_REFLINK_BIT) #define XFS_DIFLAG2_COWEXTSIZE (1 << XFS_DIFLAG2_COWEXTSIZE_BIT) #define XFS_DIFLAG2_BIGTIME (1 << XFS_DIFLAG2_BIGTIME_BIT) #define XFS_DIFLAG2_NREXT64 (1 << XFS_DIFLAG2_NREXT64_BIT) +#define XFS_DIFLAG2_VERITY (1 << XFS_DIFLAG2_VERITY_BIT) #define XFS_DIFLAG2_ANY \ (XFS_DIFLAG2_DAX | XFS_DIFLAG2_REFLINK | XFS_DIFLAG2_COWEXTSIZE | \ - XFS_DIFLAG2_BIGTIME | XFS_DIFLAG2_NREXT64) + XFS_DIFLAG2_BIGTIME | XFS_DIFLAG2_NREXT64 | XFS_DIFLAG2_VERITY) static inline bool xfs_dinode_has_bigtime(const struct xfs_dinode *dip) { diff --git a/fs/xfs/xfs_inode.c b/fs/xfs/xfs_inode.c index 5808abab786c..3b2bf9e7580b 100644 --- a/fs/xfs/xfs_inode.c +++ b/fs/xfs/xfs_inode.c @@ -634,6 +634,8 @@ xfs_ip2xflags( flags |= FS_XFLAG_DAX; if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) flags |= FS_XFLAG_COWEXTSIZE; + if (ip->i_diflags2 & XFS_DIFLAG2_VERITY) + flags |= FS_XFLAG_VERITY; } if (xfs_inode_has_attr_fork(ip)) diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c index 24718adb3c16..5398be75a76a 100644 --- a/fs/xfs/xfs_iops.c +++ b/fs/xfs/xfs_iops.c @@ -1232,6 +1232,8 @@ xfs_diflags_to_iflags( flags |= S_NOATIME; if (init && xfs_inode_should_enable_dax(ip)) flags |= S_DAX; + if (xflags & FS_XFLAG_VERITY) + flags |= S_VERITY; /* * S_DAX can only be set during inode initialization and is never set by diff --git a/include/uapi/linux/fs.h b/include/uapi/linux/fs.h index b7b56871029c..5172a2eb902c 100644 --- a/include/uapi/linux/fs.h +++ b/include/uapi/linux/fs.h @@ -140,6 +140,7 @@ struct fsxattr { #define FS_XFLAG_FILESTREAM 0x00004000 /* use filestream allocator */ #define FS_XFLAG_DAX 0x00008000 /* use DAX for IO */ #define FS_XFLAG_COWEXTSIZE 0x00010000 /* CoW extent size allocator hint */ +#define FS_XFLAG_VERITY 0x00020000 /* fs-verity sealed inode */ #define FS_XFLAG_HASATTR 0x80000000 /* no DIFLAG for this */ /* the read-only stuff doesn't really belong here, but any other place is From patchwork Tue Apr 4 14:53:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200429 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1BEBBC761A6 for ; Tue, 4 Apr 2023 14:57:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235277AbjDDO5D (ORCPT ); Tue, 4 Apr 2023 10:57:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59486 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234789AbjDDO4g (ORCPT ); Tue, 4 Apr 2023 10:56:36 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 429103C02 for ; Tue, 4 Apr 2023 07:55:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620139; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yhiCGxChrVJlRUkYdDGuEzFvZQCsRtVvsPA45L+6JnY=; b=Q96FW3iDlDESgJ1LA39l2jez1SvxCWPxq9iXNRvStAZqwGyriL+tH3tCfNcOUSoZQu2jM+ /VAPMw89W5EqfwwNwjDTgdElRUjxkWnQBUlC9C/MF443N5ajAxRrS3GSRZQTeVeOpCEm0k L1B86jT8/nOxkTEKHw/n8AUQmoDHOMU= Received: from mail-qv1-f71.google.com (mail-qv1-f71.google.com [209.85.219.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-217-eOv7S3YIN8-rNTeLxhjrjA-1; Tue, 04 Apr 2023 10:55:38 -0400 X-MC-Unique: eOv7S3YIN8-rNTeLxhjrjA-1 Received: by mail-qv1-f71.google.com with SMTP id f3-20020a0cc303000000b005c9966620daso14611473qvi.4 for ; Tue, 04 Apr 2023 07:55:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620137; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yhiCGxChrVJlRUkYdDGuEzFvZQCsRtVvsPA45L+6JnY=; b=MDzmHQn+74+b1+w0kvOZApj456RmthnNB+P68GImVns2NA6YUx6ElYHkWcbd6LY9jv 3FAhEiy7OnUD2EDaKNdE6F8N+X9ChHn/DX6kGwf3p6vQ5pMFr62twFNIGuWa3G5Owqn6 ZNzcTgEoitezm2pa9qrLG4SEUgIWCPlHCIxMJPPmMniGcmM0Kg4TDGZKGa7nhCNTDz58 WF+hFFkWkzfUOwcnhRuPRY6GFx5RRUVpp770109GCk74jKkj+LH79Hb1sutGMm9rmgaV TgwRfyreu5eqs+y+EZqmqKVT+YDFs5oIVao0IALxTWIBHbzfAjIaPvyw8418rbNcqFgg ktLA== X-Gm-Message-State: AAQBX9fWXWat8rFJahcbB6xSHDeXweGPVlAl+VeO2gKW/nKMEMk88GHv ZMx6C8jgtYG1B+/RyerR6k4YMEJjVYxWCosiNhYqHiQouMzQhCI+hpjP9063FZygtqQuMXgFjy2 sW6EOiQ+HjwYZ9vaX8dKCRw== X-Received: by 2002:a05:6214:f05:b0:571:13c:6806 with SMTP id gw5-20020a0562140f0500b00571013c6806mr3972704qvb.33.1680620137276; Tue, 04 Apr 2023 07:55:37 -0700 (PDT) X-Google-Smtp-Source: AKy350Z8MfugNU6YKVlXuq75L3kQ3utmgGFoqTKtMHqOCvYgrWH2c48gYF9y20EeEoB2IWzu0Fdckw== X-Received: by 2002:a05:6214:f05:b0:571:13c:6806 with SMTP id gw5-20020a0562140f0500b00571013c6806mr3972665qvb.33.1680620136915; Tue, 04 Apr 2023 07:55:36 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:36 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 17/23] xfs: initialize fs-verity on file open and cleanup on inode destruction Date: Tue, 4 Apr 2023 16:53:13 +0200 Message-Id: <20230404145319.2057051-18-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org fs-verity will read and attach metadata (not the tree itself) from a disk for those inodes which already have fs-verity enabled. Signed-off-by: Andrey Albershteyn --- fs/xfs/xfs_file.c | 8 ++++++++ fs/xfs/xfs_super.c | 2 ++ 2 files changed, 10 insertions(+) diff --git a/fs/xfs/xfs_file.c b/fs/xfs/xfs_file.c index 705250f9f90a..947b5c436172 100644 --- a/fs/xfs/xfs_file.c +++ b/fs/xfs/xfs_file.c @@ -31,6 +31,7 @@ #include #include #include +#include static const struct vm_operations_struct xfs_file_vm_ops; @@ -1169,9 +1170,16 @@ xfs_file_open( struct inode *inode, struct file *file) { + int error = 0; + if (xfs_is_shutdown(XFS_M(inode->i_sb))) return -EIO; file->f_mode |= FMODE_NOWAIT | FMODE_BUF_RASYNC | FMODE_BUF_WASYNC; + + error = fsverity_file_open(inode, file); + if (error) + return error; + return generic_file_open(inode, file); } diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c index d6f22cb94ee2..d40de32362b1 100644 --- a/fs/xfs/xfs_super.c +++ b/fs/xfs/xfs_super.c @@ -46,6 +46,7 @@ #include #include #include +#include static const struct super_operations xfs_super_operations; @@ -667,6 +668,7 @@ xfs_fs_destroy_inode( ASSERT(!rwsem_is_locked(&inode->i_rwsem)); XFS_STATS_INC(ip->i_mount, vn_rele); XFS_STATS_INC(ip->i_mount, vn_remove); + fsverity_cleanup_inode(inode); xfs_inode_mark_reclaimable(ip); } From patchwork Tue Apr 4 14:53:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200430 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 13DBEC6FD1D for ; Tue, 4 Apr 2023 14:57:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235334AbjDDO5F (ORCPT ); Tue, 4 Apr 2023 10:57:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234808AbjDDO4h (ORCPT ); Tue, 4 Apr 2023 10:56:37 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 145224C00 for ; Tue, 4 Apr 2023 07:55:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620144; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FFUi+70wiITyeuozy7B4Yd/jMxRAxWPn5c55TeHG694=; b=RwOIctQSCaPzB1+f5us5d5L8ttDbAuhtgXdxree2G21bo286m2mpzij37jfihoJXMgCp7s a89ZkwytlyQiwkvbE7XZkypPtvcA4gArylj61MBAALkr6tV4WW7pMgQWc9Cqjkd7na8rUT Ddif/fLDj2r0c9Ig3QFGSyXBAB1rlNc= Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-491-gg8iaHoUMuuteba3tynbUQ-1; Tue, 04 Apr 2023 10:55:42 -0400 X-MC-Unique: gg8iaHoUMuuteba3tynbUQ-1 Received: by mail-qt1-f198.google.com with SMTP id f2-20020ac87f02000000b003e6372b917dso10374531qtk.3 for ; Tue, 04 Apr 2023 07:55:41 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620140; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FFUi+70wiITyeuozy7B4Yd/jMxRAxWPn5c55TeHG694=; b=02Z4rlh2FhV9k6Na1s0GAWGh/uEJuWUiBr/s+xIlkdvWD1DgthlxWmSKJC77xZhNRa 4+7LbWEPxZqvZV3HZcsJjwcZdrsYKyWXp7URUzlTTd5ugk0hEMEz2AeTnKlMphgtrguA qfiX9nWW6OuyYb9hixWz0C6pLlX1MK5N3dp3mTmh/tlPQt4EtIeP6RNfFxTo+U6zu7CY s6K0v8llTfHJ2H1uVEj83UtgYyr9VoJtQyD1Ccci13jJjk22UPuTB/IINmzji5XTb0zn Ozl8FDc9LW2B6pSOUItpIXBVWcVzSLAZ3bU4q7UHXPDA/wdDhEakXx3FXMg0z5dX8dkH Qelw== X-Gm-Message-State: AAQBX9dKpmh2nm1gFzL2LotvBQosLBsErbKVnlWJhVaSZ8C4325QJ9yf J5ya9xxoHZklEcDetBAyPCRy2ihg7lmlMn7frGtAjNPHYGHMs7hh2r6P69sIcbhskPHpwkogWAv mAM+722Ux75zNWTs0CZbHQg== X-Received: by 2002:a05:622a:199f:b0:3e3:913c:1ca8 with SMTP id u31-20020a05622a199f00b003e3913c1ca8mr4130752qtc.22.1680620140355; Tue, 04 Apr 2023 07:55:40 -0700 (PDT) X-Google-Smtp-Source: AKy350Zzc10/1v2LcCE0zfPnbg3x+8dh54gKx1zJb5SpW17zpBOCvtCa2VKQbBuo0E40V5nvMeZ6aQ== X-Received: by 2002:a05:622a:199f:b0:3e3:913c:1ca8 with SMTP id u31-20020a05622a199f00b003e3913c1ca8mr4130703qtc.22.1680620139945; Tue, 04 Apr 2023 07:55:39 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:39 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 18/23] xfs: don't allow to enable DAX on fs-verity sealsed inode Date: Tue, 4 Apr 2023 16:53:14 +0200 Message-Id: <20230404145319.2057051-19-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org fs-verity doesn't support DAX. Forbid filesystem to enable DAX on inodes which already have fs-verity enabled. The opposite is checked when fs-verity is enabled, it won't be enabled if DAX is. Signed-off-by: Andrey Albershteyn --- fs/xfs/xfs_iops.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c index 5398be75a76a..e0d7107a9ba1 100644 --- a/fs/xfs/xfs_iops.c +++ b/fs/xfs/xfs_iops.c @@ -1204,6 +1204,8 @@ xfs_inode_should_enable_dax( return false; if (!xfs_inode_supports_dax(ip)) return false; + if (ip->i_diflags2 & XFS_DIFLAG2_VERITY) + return false; if (xfs_has_dax_always(ip->i_mount)) return true; if (ip->i_diflags2 & XFS_DIFLAG2_DAX) From patchwork Tue Apr 4 14:53:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200431 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C9072C77B60 for ; Tue, 4 Apr 2023 14:57:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234892AbjDDO5O (ORCPT ); Tue, 4 Apr 2023 10:57:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59832 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234844AbjDDO4k (ORCPT ); Tue, 4 Apr 2023 10:56:40 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 448685259 for ; Tue, 4 Apr 2023 07:55:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620146; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WW1Er4PupDb0BosAfd03U+k3CW0R0JjVRop2pX5rde0=; b=bs5A23V9oINVqTDyeoVr/OlCaBp0vLe/bmsA5ihgo79MtQdMeohrne85ZgA1SALr0a09bP UgDupIoVYrK1qqpNpQknI1vBYuIopw/eXLmHV3Cr0Lq5za9ew0PYF5RS48gm+IfZ1r3O6S 42lyEhUikqsNRC3WkHp/PYqxJWUsmgA= Received: from mail-qt1-f200.google.com (mail-qt1-f200.google.com [209.85.160.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-262-BMaK_XUBNF2geXxoegxJsw-1; Tue, 04 Apr 2023 10:55:45 -0400 X-MC-Unique: BMaK_XUBNF2geXxoegxJsw-1 Received: by mail-qt1-f200.google.com with SMTP id u22-20020a05622a011600b003dfd61e8594so22278727qtw.15 for ; Tue, 04 Apr 2023 07:55:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620144; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WW1Er4PupDb0BosAfd03U+k3CW0R0JjVRop2pX5rde0=; b=NSeBaCAK5MAlNBS3AHK6Yju1uAZO5rayy9qclMJ2SgeHMLoZ2Tbbvb5Gi4rXXzuaV9 84mhUo82HziLFKGdhp70sqAdagveCyXCiZ+hahymkBJUAKJzIdBbvqFH9hEQ7FJ+dAPa ZLVg6SoOdZZE1oEtlzl9TDULeXd0f1sa8O1LSsUv5B6RVILmLgWEMoP22XsG8JqTyhU1 GA+VCzJa1RY7I2qX60Xl2y3jJdQIglTF0x/AVHEXlljVesZtanvj9+iZiERLCod+E73k 2kwPpf21TslCHCSjfFCiZ+2rZn8w+xRJnLF82+zfuNC43hQZ2LvQYTjhpxmNRjXaPYP6 EYeQ== X-Gm-Message-State: AAQBX9fGqR7kcM5pahXBLq6OJYmnAs2T0lsrTqkPWZy9XEWZl+q/cNKe Tmt+XOJqgvRy7V3lko0BdxIYZVfVOcIyYc8NyBxXWEBTW7ko5TLcvXA2ESTP8uMLvr5Sltp1aqj y9tXgOCgmo7KSkPZaAyP7xg== X-Received: by 2002:ac8:5c84:0:b0:3bf:da69:8f74 with SMTP id r4-20020ac85c84000000b003bfda698f74mr3767024qta.39.1680620144603; Tue, 04 Apr 2023 07:55:44 -0700 (PDT) X-Google-Smtp-Source: AKy350aLDs2V7JY0pZuUB09/Ptq0L7v7I2lb1rRcVAQ1NVCDKigQ1vtszHxXzaOscw9+3+n++r92jw== X-Received: by 2002:ac8:5c84:0:b0:3bf:da69:8f74 with SMTP id r4-20020ac85c84000000b003bfda698f74mr3766987qta.39.1680620144232; Tue, 04 Apr 2023 07:55:44 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:43 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 19/23] xfs: disable direct read path for fs-verity sealed files Date: Tue, 4 Apr 2023 16:53:15 +0200 Message-Id: <20230404145319.2057051-20-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org The direct path is not supported on verity files. Attempts to use direct I/O path on such files should fall back to buffered I/O path. Signed-off-by: Andrey Albershteyn --- fs/xfs/xfs_file.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/fs/xfs/xfs_file.c b/fs/xfs/xfs_file.c index 947b5c436172..9e072e82f6c1 100644 --- a/fs/xfs/xfs_file.c +++ b/fs/xfs/xfs_file.c @@ -244,7 +244,8 @@ xfs_file_dax_read( struct kiocb *iocb, struct iov_iter *to) { - struct xfs_inode *ip = XFS_I(iocb->ki_filp->f_mapping->host); + struct inode *inode = iocb->ki_filp->f_mapping->host; + struct xfs_inode *ip = XFS_I(inode); ssize_t ret = 0; trace_xfs_file_dax_read(iocb, to); @@ -297,10 +298,17 @@ xfs_file_read_iter( if (IS_DAX(inode)) ret = xfs_file_dax_read(iocb, to); - else if (iocb->ki_flags & IOCB_DIRECT) + else if (iocb->ki_flags & IOCB_DIRECT && !fsverity_active(inode)) ret = xfs_file_dio_read(iocb, to); - else + else { + /* + * In case fs-verity is enabled, we also fallback to the + * buffered read from the direct read path. Therefore, + * IOCB_DIRECT is set and need to be cleared + */ + iocb->ki_flags &= ~IOCB_DIRECT; ret = xfs_file_buffered_read(iocb, to); + } if (ret > 0) XFS_STATS_ADD(mp, xs_read_bytes, ret); From patchwork Tue Apr 4 14:53:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200432 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0885FC6FD1D for ; Tue, 4 Apr 2023 14:57:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235385AbjDDO5b (ORCPT ); Tue, 4 Apr 2023 10:57:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233701AbjDDO4n (ORCPT ); Tue, 4 Apr 2023 10:56:43 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 478D0468F for ; Tue, 4 Apr 2023 07:55:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620151; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aZ44esIMT3kAt7OLJeI5Rmr0v42z8alztiMuL7yx4Dc=; b=QyepaQBYBrQNStKUOrUiVVodQHh+oAQg+TJ4f6MJJcqfvt1pPh2q3MYJQdWHMB0kYFU/JB zo6DM1y2tSj9P1skMa5FstgjIR90nLLxapaAJkaSLrpMu2BuQnMxWSSy+bsOK8XG7l+Rjq YDfO1qXPlpS+vm4j0TkJ3DhYxI7uJao= Received: from mail-qk1-f198.google.com (mail-qk1-f198.google.com [209.85.222.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-531-lVpzYKVwNQGPtd6AMiUhpA-1; Tue, 04 Apr 2023 10:55:49 -0400 X-MC-Unique: lVpzYKVwNQGPtd6AMiUhpA-1 Received: by mail-qk1-f198.google.com with SMTP id s21-20020a05620a0bd500b0074234f33f24so14662440qki.3 for ; Tue, 04 Apr 2023 07:55:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620149; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aZ44esIMT3kAt7OLJeI5Rmr0v42z8alztiMuL7yx4Dc=; b=44RzzvfqGGCJDVUTXE8taZHokAacoCNYFFklL6PnIbCUmsIA188OYZMspRJd2f9g+8 s+Yy8tMkskHB+N6G/pMq57Pmlchjl4dSCqPDRkD+CC8Q6xFs1p28toze9X9OWeF/BcVy iQ0MzBcBZr7ZBsEbZU4litpLkWuy7DJKY078svVVwuhkblkrvY4y8naWI2OtTITYan6q fr9jUrDAn6Ypdzx925AFOBh2GN/q8J0MtCPTsD/jw+cv/+/HASTiv4AuZuYjmbyHsms0 MyUXo2AweIaqOVWW0mrk9G0phFagg34qFrFTP2Nf5+W2gXaUG6GZGncJxHiTy8Lc38Im r5Fg== X-Gm-Message-State: AAQBX9f/urL1vWDL6geyeXgm738P2GoaEZqpTFppoHb1xL/Gwlt0pV0H we/EqW3HqCRK+t6JKvYjWZ+yXtVkLBY2U4MzLTq+atOEK1eKodY0kiHxsyJfP1qR/xyKeaFbAZ7 /XN/kCN6RMJglnIjrdIhTaQ== X-Received: by 2002:ac8:5ac8:0:b0:3e4:e2ee:7e5a with SMTP id d8-20020ac85ac8000000b003e4e2ee7e5amr4171019qtd.42.1680620148645; Tue, 04 Apr 2023 07:55:48 -0700 (PDT) X-Google-Smtp-Source: AKy350bwc9iuzi42k6PG1Z2EHFjbux3ZcqY5pGuG2LoS+W27lrxGYKXLZLRw4bc6uW+B90GS0ZtH1g== X-Received: by 2002:ac8:5ac8:0:b0:3e4:e2ee:7e5a with SMTP id d8-20020ac85ac8000000b003e4e2ee7e5amr4170973qtd.42.1680620148239; Tue, 04 Apr 2023 07:55:48 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:48 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 20/23] xfs: add fs-verity support Date: Tue, 4 Apr 2023 16:53:16 +0200 Message-Id: <20230404145319.2057051-21-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Add integration with fs-verity. The XFS store fs-verity metadata in the extended attributes. The metadata consist of verity descriptor and Merkle tree blocks. The descriptor is stored under "verity_descriptor" extended attribute. The Merkle tree blocks are stored under binary indexes. When fs-verity is enabled on an inode, the XFS_IVERITY_CONSTRUCTION flag is set meaning that the Merkle tree is being build. The initialization ends with storing of verity descriptor and setting inode on-disk flag (XFS_DIFLAG2_VERITY). The verification on read is done in iomap. Based on the inode verity flag the IOMAP_F_READ_VERITY is set in xfs_read_iomap_begin() to let iomap know that verification is needed. Signed-off-by: Andrey Albershteyn --- fs/xfs/Makefile | 1 + fs/xfs/libxfs/xfs_attr.c | 13 +++ fs/xfs/xfs_inode.h | 3 +- fs/xfs/xfs_iomap.c | 3 + fs/xfs/xfs_ondisk.h | 4 + fs/xfs/xfs_super.c | 8 ++ fs/xfs/xfs_verity.c | 214 +++++++++++++++++++++++++++++++++++++++ fs/xfs/xfs_verity.h | 19 ++++ 8 files changed, 264 insertions(+), 1 deletion(-) create mode 100644 fs/xfs/xfs_verity.c create mode 100644 fs/xfs/xfs_verity.h diff --git a/fs/xfs/Makefile b/fs/xfs/Makefile index 92d88dc3c9f7..76174770d91a 100644 --- a/fs/xfs/Makefile +++ b/fs/xfs/Makefile @@ -130,6 +130,7 @@ xfs-$(CONFIG_XFS_POSIX_ACL) += xfs_acl.o xfs-$(CONFIG_SYSCTL) += xfs_sysctl.o xfs-$(CONFIG_COMPAT) += xfs_ioctl32.o xfs-$(CONFIG_EXPORTFS_BLOCK_OPS) += xfs_pnfs.o +xfs-$(CONFIG_FS_VERITY) += xfs_verity.o # notify failure ifeq ($(CONFIG_MEMORY_FAILURE),y) diff --git a/fs/xfs/libxfs/xfs_attr.c b/fs/xfs/libxfs/xfs_attr.c index 298b74245267..39d9038fbeee 100644 --- a/fs/xfs/libxfs/xfs_attr.c +++ b/fs/xfs/libxfs/xfs_attr.c @@ -26,6 +26,7 @@ #include "xfs_trace.h" #include "xfs_attr_item.h" #include "xfs_xattr.h" +#include "xfs_verity.h" struct kmem_cache *xfs_attr_intent_cache; @@ -1635,6 +1636,18 @@ xfs_attr_namecheck( return xfs_verify_pptr(mp, (struct xfs_parent_name_rec *)name); } + if (flags & XFS_ATTR_VERITY) { + /* Merkle tree pages are stored under u64 indexes */ + if (length == sizeof(__be64)) + return true; + + /* Verity descriptor blocks are held in a named attribute. */ + if (length == XFS_VERITY_DESCRIPTOR_NAME_LEN) + return true; + + return false; + } + return xfs_str_attr_namecheck(name, length); } diff --git a/fs/xfs/xfs_inode.h b/fs/xfs/xfs_inode.h index 69d21e42c10a..a95f28cb049f 100644 --- a/fs/xfs/xfs_inode.h +++ b/fs/xfs/xfs_inode.h @@ -324,7 +324,8 @@ static inline bool xfs_inode_has_large_extent_counts(struct xfs_inode *ip) * inactivation completes, both flags will be cleared and the inode is a * plain old IRECLAIMABLE inode. */ -#define XFS_INACTIVATING (1 << 13) +#define XFS_INACTIVATING (1 << 13) +#define XFS_IVERITY_CONSTRUCTION (1 << 14) /* merkle tree construction */ /* All inode state flags related to inode reclaim. */ #define XFS_ALL_IRECLAIM_FLAGS (XFS_IRECLAIMABLE | \ diff --git a/fs/xfs/xfs_iomap.c b/fs/xfs/xfs_iomap.c index e0f3c5d709f6..0adde39f02a5 100644 --- a/fs/xfs/xfs_iomap.c +++ b/fs/xfs/xfs_iomap.c @@ -143,6 +143,9 @@ xfs_bmbt_to_iomap( (ip->i_itemp->ili_fsync_fields & ~XFS_ILOG_TIMESTAMP)) iomap->flags |= IOMAP_F_DIRTY; + if (fsverity_active(VFS_I(ip))) + iomap->flags |= IOMAP_F_READ_VERITY; + iomap->validity_cookie = sequence_cookie; iomap->folio_ops = &xfs_iomap_folio_ops; return 0; diff --git a/fs/xfs/xfs_ondisk.h b/fs/xfs/xfs_ondisk.h index 9737b5a9f405..7fe88ccda519 100644 --- a/fs/xfs/xfs_ondisk.h +++ b/fs/xfs/xfs_ondisk.h @@ -189,6 +189,10 @@ xfs_check_ondisk_structs(void) XFS_CHECK_VALUE(XFS_DQ_BIGTIME_EXPIRY_MIN << XFS_DQ_BIGTIME_SHIFT, 4); XFS_CHECK_VALUE(XFS_DQ_BIGTIME_EXPIRY_MAX << XFS_DQ_BIGTIME_SHIFT, 16299260424LL); + + /* fs-verity descriptor xattr name */ + XFS_CHECK_VALUE(strlen(XFS_VERITY_DESCRIPTOR_NAME), + XFS_VERITY_DESCRIPTOR_NAME_LEN); } #endif /* __XFS_ONDISK_H */ diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c index d40de32362b1..b6e99ed3b187 100644 --- a/fs/xfs/xfs_super.c +++ b/fs/xfs/xfs_super.c @@ -30,6 +30,7 @@ #include "xfs_filestream.h" #include "xfs_quota.h" #include "xfs_sysfs.h" +#include "xfs_verity.h" #include "xfs_ondisk.h" #include "xfs_rmap_item.h" #include "xfs_refcount_item.h" @@ -1489,6 +1490,9 @@ xfs_fs_fill_super( sb->s_quota_types = QTYPE_MASK_USR | QTYPE_MASK_GRP | QTYPE_MASK_PRJ; #endif sb->s_op = &xfs_super_operations; +#ifdef CONFIG_FS_VERITY + sb->s_vop = &xfs_verity_ops; +#endif /* * Delay mount work if the debug hook is set. This is debug @@ -1685,6 +1689,10 @@ xfs_fs_fill_super( xfs_warn(mp, "EXPERIMENTAL Large extent counts feature in use. Use at your own risk!"); + if (xfs_has_verity(mp)) + xfs_alert(mp, + "EXPERIMENTAL fs-verity feature in use. Use at your own risk!"); + error = xfs_mountfs(mp); if (error) goto out_filestream_unmount; diff --git a/fs/xfs/xfs_verity.c b/fs/xfs/xfs_verity.c new file mode 100644 index 000000000000..a9874ff4efcd --- /dev/null +++ b/fs/xfs/xfs_verity.c @@ -0,0 +1,214 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (C) 2022 Red Hat, Inc. + */ +#include "xfs.h" +#include "xfs_shared.h" +#include "xfs_format.h" +#include "xfs_da_format.h" +#include "xfs_da_btree.h" +#include "xfs_trans_resv.h" +#include "xfs_mount.h" +#include "xfs_inode.h" +#include "xfs_attr.h" +#include "xfs_verity.h" +#include "xfs_bmap_util.h" +#include "xfs_log_format.h" +#include "xfs_trans.h" + +static int +xfs_get_verity_descriptor( + struct inode *inode, + void *buf, + size_t buf_size) +{ + struct xfs_inode *ip = XFS_I(inode); + int error = 0; + struct xfs_da_args args = { + .dp = ip, + .attr_filter = XFS_ATTR_VERITY, + .name = (const uint8_t *)XFS_VERITY_DESCRIPTOR_NAME, + .namelen = XFS_VERITY_DESCRIPTOR_NAME_LEN, + .value = buf, + .valuelen = buf_size, + }; + + /* + * The fact that (returned attribute size) == (provided buf_size) is + * checked by xfs_attr_copy_value() (returns -ERANGE) + */ + error = xfs_attr_get(&args); + if (error) + return error; + + return args.valuelen; +} + +static int +xfs_begin_enable_verity( + struct file *filp) +{ + struct inode *inode = file_inode(filp); + struct xfs_inode *ip = XFS_I(inode); + int error = 0; + + ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL)); + + if (IS_DAX(inode)) + return -EINVAL; + + if (xfs_iflags_test(ip, XFS_IVERITY_CONSTRUCTION)) + return -EBUSY; + xfs_iflags_set(ip, XFS_IVERITY_CONSTRUCTION); + + return error; +} + +static int +xfs_end_enable_verity( + struct file *filp, + const void *desc, + size_t desc_size, + u64 merkle_tree_size) +{ + struct inode *inode = file_inode(filp); + struct xfs_inode *ip = XFS_I(inode); + struct xfs_mount *mp = ip->i_mount; + struct xfs_trans *tp; + struct xfs_da_args args = { + .dp = ip, + .whichfork = XFS_ATTR_FORK, + .attr_filter = XFS_ATTR_VERITY, + .attr_flags = XATTR_CREATE, + .name = (const uint8_t *)XFS_VERITY_DESCRIPTOR_NAME, + .namelen = XFS_VERITY_DESCRIPTOR_NAME_LEN, + .value = (void *)desc, + .valuelen = desc_size, + }; + int error = 0; + + ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL)); + + /* fs-verity failed, just cleanup */ + if (desc == NULL) + goto out; + + error = xfs_attr_set(&args); + if (error) + goto out; + + /* Set fsverity inode flag */ + error = xfs_trans_alloc_inode(ip, &M_RES(mp)->tr_ichange, + 0, 0, false, &tp); + if (error) + goto out; + + /* + * Ensure that we've persisted the verity information before we enable + * it on the inode and tell the caller we have sealed the inode. + */ + ip->i_diflags2 |= XFS_DIFLAG2_VERITY; + + xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); + xfs_trans_set_sync(tp); + + error = xfs_trans_commit(tp); + xfs_iunlock(ip, XFS_ILOCK_EXCL); + + if (!error) + inode->i_flags |= S_VERITY; + +out: + xfs_iflags_clear(ip, XFS_IVERITY_CONSTRUCTION); + return error; +} + +static struct page * +xfs_read_merkle_tree_page( + struct inode *inode, + pgoff_t index, + unsigned long num_ra_pages, + u8 log_blocksize) +{ + struct xfs_inode *ip = XFS_I(inode); + struct page *page = NULL; + __be64 name = cpu_to_be64(index << PAGE_SHIFT); + uint32_t bs = 1 << log_blocksize; + struct xfs_da_args args = { + .dp = ip, + .attr_filter = XFS_ATTR_VERITY, + .op_flags = XFS_DA_OP_BUFFER, + .name = (const uint8_t *)&name, + .namelen = sizeof(__be64), + .valuelen = bs, + }; + int error = 0; + + page = alloc_page(GFP_KERNEL); + if (!page) + return ERR_PTR(-ENOMEM); + + error = xfs_attr_get(&args); + if (error) { + kmem_free(args.value); + xfs_buf_rele(args.bp); + put_page(page); + return ERR_PTR(-EFAULT); + } + + if (args.bp->b_flags & XBF_VERITY_CHECKED) + SetPageChecked(page); + + page->private = (unsigned long)args.bp; + memcpy(page_address(page), args.value, args.valuelen); + + kmem_free(args.value); + return page; +} + +static int +xfs_write_merkle_tree_block( + struct inode *inode, + const void *buf, + u64 pos, + unsigned int size) +{ + struct xfs_inode *ip = XFS_I(inode); + __be64 name = cpu_to_be64(pos); + struct xfs_da_args args = { + .dp = ip, + .whichfork = XFS_ATTR_FORK, + .attr_filter = XFS_ATTR_VERITY, + .attr_flags = XATTR_CREATE, + .name = (const uint8_t *)&name, + .namelen = sizeof(__be64), + .value = (void *)buf, + .valuelen = size, + }; + + return xfs_attr_set(&args); +} + +static void +xfs_drop_page( + struct page *page) +{ + struct xfs_buf *buf = (struct xfs_buf *)page->private; + + ASSERT(buf != NULL); + + if (PageChecked(page)) + buf->b_flags |= XBF_VERITY_CHECKED; + + xfs_buf_rele(buf); + put_page(page); +} + +const struct fsverity_operations xfs_verity_ops = { + .begin_enable_verity = &xfs_begin_enable_verity, + .end_enable_verity = &xfs_end_enable_verity, + .get_verity_descriptor = &xfs_get_verity_descriptor, + .read_merkle_tree_page = &xfs_read_merkle_tree_page, + .write_merkle_tree_block = &xfs_write_merkle_tree_block, + .drop_page = &xfs_drop_page, +}; diff --git a/fs/xfs/xfs_verity.h b/fs/xfs/xfs_verity.h new file mode 100644 index 000000000000..ae5d87ca32a8 --- /dev/null +++ b/fs/xfs/xfs_verity.h @@ -0,0 +1,19 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (C) 2022 Red Hat, Inc. + */ +#ifndef __XFS_VERITY_H__ +#define __XFS_VERITY_H__ + +#include + +#define XFS_VERITY_DESCRIPTOR_NAME "verity_descriptor" +#define XFS_VERITY_DESCRIPTOR_NAME_LEN 17 + +#ifdef CONFIG_FS_VERITY +extern const struct fsverity_operations xfs_verity_ops; +#else +#define xfs_verity_ops NULL +#endif /* CONFIG_FS_VERITY */ + +#endif /* __XFS_VERITY_H__ */ From patchwork Tue Apr 4 14:53:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200434 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA2B4C6FD1D for ; Tue, 4 Apr 2023 14:57:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234355AbjDDO5j (ORCPT ); Tue, 4 Apr 2023 10:57:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60108 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234083AbjDDO4t (ORCPT ); Tue, 4 Apr 2023 10:56:49 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0EC7149D1 for ; Tue, 4 Apr 2023 07:55:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620158; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vAR4IqzKft1FulbfGVumK2HKMhiXaE7ZaLXEvaQK8Qc=; b=QR6ESbHwlARK4SYu81E2wSZoC064+cXn7S8M0jI/H7cZjBM4yEX4bbW3y7jNX5vtBbk7c+ Q7iLTc2CDZhf2iTDD9Glsvp1r9xUjrhjHWUtOoYjSQ0fbkDw5DX1WIBRUzgmA9/HyWPdkZ pVLdmB3KyS4zch3//S1KyCBjEFEBaRE= Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-470-7Y05v9EXPsW2M4E4K9HJTg-1; Tue, 04 Apr 2023 10:55:56 -0400 X-MC-Unique: 7Y05v9EXPsW2M4E4K9HJTg-1 Received: by mail-qt1-f198.google.com with SMTP id r22-20020ac85c96000000b003e638022bc9so10335969qta.5 for ; Tue, 04 Apr 2023 07:55:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620153; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vAR4IqzKft1FulbfGVumK2HKMhiXaE7ZaLXEvaQK8Qc=; b=1U4iF0tIIhEP0hJQABdS0tOv0mwnBLtqqNrG7y3Dzn6SLbF3LVN6A3vfZOQN6PqNJx fwa6z1fiAAnYdRZ9UwnidnLo4t6RYn8oV7f3GRJlQn/D28TWPzo4YLeFzn8wTec5me7V Mbo+pltwU2vdhRmVftuWfHlYHjZyuFTrONC8cODPD9ZBQ64Wpl2d0RWjEaGlmOWPSoVY CmErs1uoKTPt005UN9k80ZhTtFAzICEjbZkamhiMMAnlGPtSJ3epLom3FtQBBiNZhi/Y 3PtVgLwHrFbIh2/pxPQqNrc5e9IhCUUWa6dbJ67EU9unfjzG7JTQh+eki24azaeAi8FL H8Ww== X-Gm-Message-State: AAQBX9clPggLMMs3CkPuy3pHm+KRYlKzTDdpf1Z/JVqEVYGxD0NUMD3p XGqEQlTLgT5UFDk3AU9bsiLGFfyOar6NxwEx62k28vRHnvPOsarGhBHHQikRggNJAR/MVd+2QRB x5PxuE3AztfNC04sk/KA10A== X-Received: by 2002:a05:6214:da8:b0:5c5:471a:1e2f with SMTP id h8-20020a0562140da800b005c5471a1e2fmr3781903qvh.51.1680620152500; Tue, 04 Apr 2023 07:55:52 -0700 (PDT) X-Google-Smtp-Source: AKy350Y+CJdy2zuw3OclTHQicHY+1y6liC+cgVxTA4alT47Sc9E4dbJpC4DNw4j3Dv/W+hf5PybB+w== X-Received: by 2002:a05:6214:da8:b0:5c5:471a:1e2f with SMTP id h8-20020a0562140da800b005c5471a1e2fmr3781877qvh.51.1680620152126; Tue, 04 Apr 2023 07:55:52 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:51 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 21/23] xfs: handle merkle tree block size != fs blocksize != PAGE_SIZE Date: Tue, 4 Apr 2023 16:53:17 +0200 Message-Id: <20230404145319.2057051-22-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org In case of different Merkle tree block size fs-verity expects ->read_merkle_tree_page() to return Merkle tree page filled with Merkle tree blocks. The XFS stores each merkle tree block under extended attribute. Those attributes are addressed by block offset into Merkle tree. This patch make ->read_merkle_tree_page() to fetch multiple merkle tree blocks based on size ratio. Also the reference to each xfs_buf is passed with page->private to ->drop_page(). Signed-off-by: Andrey Albershteyn --- fs/xfs/xfs_verity.c | 74 +++++++++++++++++++++++++++++++++++---------- fs/xfs/xfs_verity.h | 8 +++++ 2 files changed, 66 insertions(+), 16 deletions(-) diff --git a/fs/xfs/xfs_verity.c b/fs/xfs/xfs_verity.c index a9874ff4efcd..ef0aff216f06 100644 --- a/fs/xfs/xfs_verity.c +++ b/fs/xfs/xfs_verity.c @@ -134,6 +134,10 @@ xfs_read_merkle_tree_page( struct page *page = NULL; __be64 name = cpu_to_be64(index << PAGE_SHIFT); uint32_t bs = 1 << log_blocksize; + int blocks_per_page = + (1 << (PAGE_SHIFT - log_blocksize)); + int n = 0; + int offset = 0; struct xfs_da_args args = { .dp = ip, .attr_filter = XFS_ATTR_VERITY, @@ -143,26 +147,59 @@ xfs_read_merkle_tree_page( .valuelen = bs, }; int error = 0; + bool is_checked = true; + struct xfs_verity_buf_list *buf_list; page = alloc_page(GFP_KERNEL); if (!page) return ERR_PTR(-ENOMEM); - error = xfs_attr_get(&args); - if (error) { - kmem_free(args.value); - xfs_buf_rele(args.bp); + buf_list = kzalloc(sizeof(struct xfs_verity_buf_list), GFP_KERNEL); + if (!buf_list) { put_page(page); - return ERR_PTR(-EFAULT); + return ERR_PTR(-ENOMEM); } - if (args.bp->b_flags & XBF_VERITY_CHECKED) + /* + * Fill the page with Merkle tree blocks. The blcoks_per_page is higher + * than 1 when fs block size != PAGE_SIZE or Merkle tree block size != + * PAGE SIZE + */ + for (n = 0; n < blocks_per_page; n++) { + offset = bs * n; + name = cpu_to_be64(((index << PAGE_SHIFT) + offset)); + args.name = (const uint8_t *)&name; + + error = xfs_attr_get(&args); + if (error) { + kmem_free(args.value); + /* + * No more Merkle tree blocks (e.g. this was the last + * block of the tree) + */ + if (error == -ENOATTR) + break; + xfs_buf_rele(args.bp); + put_page(page); + kmem_free(buf_list); + return ERR_PTR(-EFAULT); + } + + buf_list->bufs[buf_list->buf_count++] = args.bp; + + /* One of the buffers was dropped */ + if (!(args.bp->b_flags & XBF_VERITY_CHECKED)) + is_checked = false; + + memcpy(page_address(page) + offset, args.value, args.valuelen); + kmem_free(args.value); + args.value = NULL; + } + + if (is_checked) SetPageChecked(page); + page->private = (unsigned long)buf_list; - page->private = (unsigned long)args.bp; - memcpy(page_address(page), args.value, args.valuelen); - - kmem_free(args.value); return page; } @@ -191,16 +228,21 @@ xfs_write_merkle_tree_block( static void xfs_drop_page( - struct page *page) + struct page *page) { - struct xfs_buf *buf = (struct xfs_buf *)page->private; + int i = 0; + struct xfs_verity_buf_list *buf_list = + (struct xfs_verity_buf_list *)page->private; - ASSERT(buf != NULL); + ASSERT(buf_list != NULL); - if (PageChecked(page)) - buf->b_flags |= XBF_VERITY_CHECKED; + for (i = 0; i < buf_list->buf_count; i++) { + if (PageChecked(page)) + buf_list->bufs[i]->b_flags |= XBF_VERITY_CHECKED; + xfs_buf_rele(buf_list->bufs[i]); + } - xfs_buf_rele(buf); + kmem_free(buf_list); put_page(page); } diff --git a/fs/xfs/xfs_verity.h b/fs/xfs/xfs_verity.h index ae5d87ca32a8..433b2f4ae3bc 100644 --- a/fs/xfs/xfs_verity.h +++ b/fs/xfs/xfs_verity.h @@ -16,4 +16,12 @@ extern const struct fsverity_operations xfs_verity_ops; #define xfs_verity_ops NULL #endif /* CONFIG_FS_VERITY */ +/* Minimal Merkle tree block size is 1024 */ +#define XFS_VERITY_MAX_MBLOCKS_PER_PAGE (1 << (PAGE_SHIFT - 10)) + +struct xfs_verity_buf_list { + unsigned int buf_count; + struct xfs_buf *bufs[XFS_VERITY_MAX_MBLOCKS_PER_PAGE]; +}; + #endif /* __XFS_VERITY_H__ */ From patchwork Tue Apr 4 14:53:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200433 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D517C77B6C for ; Tue, 4 Apr 2023 14:57:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233171AbjDDO5f (ORCPT ); Tue, 4 Apr 2023 10:57:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60080 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235068AbjDDO4t (ORCPT ); Tue, 4 Apr 2023 10:56:49 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DC82449C5 for ; Tue, 4 Apr 2023 07:55:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620158; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2wyXRFn15U7YuTtccu17S72kQxdrsvbnQJV5citpTBw=; b=f9rMXOWxDNdUIdaQPJxskMpRHn4rHA4effDRVSxw5JqaJsTzZeh8LcunplFQYKjeULRSn6 8Zl3oVGyx7+D+Y9U1bnE+OB0z7n85uKG6W9oSJjfHEJDNjQ4UuNTcZsLY/6RoBwAbqXcHG 1lODMnl891BqZYpkGIjHJ7otVvEmXRQ= Received: from mail-qt1-f200.google.com (mail-qt1-f200.google.com [209.85.160.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-324-EC0dh4kmOSedUEYpWRctlQ-1; Tue, 04 Apr 2023 10:55:57 -0400 X-MC-Unique: EC0dh4kmOSedUEYpWRctlQ-1 Received: by mail-qt1-f200.google.com with SMTP id u1-20020a05622a198100b003e12a0467easo22233310qtc.11 for ; Tue, 04 Apr 2023 07:55:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620156; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2wyXRFn15U7YuTtccu17S72kQxdrsvbnQJV5citpTBw=; b=lIwnzlcDayU0LbIGFVKTwlGcnPLM7qjbGkqSAQe9nbMFKGhGlO3o0KPxEosr5KlX1l ZW3IdcQLjbv6fKB8+y+Izv3CCqQtJSkvqN+LPYpaJzU0GOZAybFP+IypEAWLy1WvJ572 pWX48euwmvj0F40HvHB94eCGVafkA1QFV6AcaiuDYldqSSC0Su4tdWEK7xGS+oJHN9qn 1H4vKzdA5NkY+wZzn7R+cOmXCg4S0rKp+9bZ1EAGgesIBkWVAl/uUaA9IRY+GRE0uBHx XQ/UnNyGcsLlM5zV5ARMsTCL5tQhFXNNcPnZaCz8TrlTvus1pASMQfiMk5EVrZRFkoz3 EuHw== X-Gm-Message-State: AAQBX9fVs7rQpnUYN+czT8FknpP/a7tQcOr9Itv0iZ1zSUMeMYBtIyw5 sdEq6tBQ3I0chtq8/H7W8jvMPKd38UuAKweRIKLp0YFt8Uq/jYf7d8CDD0CahBXHIP/gNCvHEVc T0iPITjm7AwXeZQQU9G0U6A== X-Received: by 2002:a05:6214:202b:b0:57e:67c2:b9cd with SMTP id 11-20020a056214202b00b0057e67c2b9cdmr4447869qvf.27.1680620156124; Tue, 04 Apr 2023 07:55:56 -0700 (PDT) X-Google-Smtp-Source: AKy350bJb0tNOFsr5rCdSnciXn4UvwnouNwwbFSTjZxZAVItCMscXXWD/V0CsYzmlqPKXH2vmnAZgg== X-Received: by 2002:a05:6214:202b:b0:57e:67c2:b9cd with SMTP id 11-20020a056214202b00b0057e67c2b9cdmr4447836qvf.27.1680620155884; Tue, 04 Apr 2023 07:55:55 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:55 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 22/23] xfs: add fs-verity ioctls Date: Tue, 4 Apr 2023 16:53:18 +0200 Message-Id: <20230404145319.2057051-23-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Add fs-verity ioctls to enable, dump metadata (descriptor and Merkle tree pages) and obtain file's digest. Signed-off-by: Andrey Albershteyn --- fs/xfs/xfs_ioctl.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index 3d6d680b6cf3..ffa04f0aed4a 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -42,6 +42,7 @@ #include #include #include +#include /* * xfs_find_handle maps from userspace xfs_fsop_handlereq structure to @@ -2154,6 +2155,22 @@ xfs_file_ioctl( return error; } + case FS_IOC_ENABLE_VERITY: + if (!xfs_has_verity(mp)) + return -EOPNOTSUPP; + return fsverity_ioctl_enable(filp, (const void __user *)arg); + + case FS_IOC_MEASURE_VERITY: + if (!xfs_has_verity(mp)) + return -EOPNOTSUPP; + return fsverity_ioctl_measure(filp, (void __user *)arg); + + case FS_IOC_READ_VERITY_METADATA: + if (!xfs_has_verity(mp)) + return -EOPNOTSUPP; + return fsverity_ioctl_read_metadata(filp, + (const void __user *)arg); + default: return -ENOTTY; } From patchwork Tue Apr 4 14:53:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Albershteyn X-Patchwork-Id: 13200435 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6963EC6FD1D for ; Tue, 4 Apr 2023 14:57:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235173AbjDDO5t (ORCPT ); Tue, 4 Apr 2023 10:57:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60052 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234428AbjDDO46 (ORCPT ); Tue, 4 Apr 2023 10:56:58 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3C1C84EE7 for ; Tue, 4 Apr 2023 07:56:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680620162; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=O6TxF2wDPSZ8VkfH+UnP0K94pMIAUpQJ5kpEzKyPwfU=; b=GS2KGV/+MUjmaJVfe4mBU+tmK84BvK3X+iEVla2oKufoIc9LreJv2avKNjGPyEuKg+dPXz x4p27NZPXC633rljS27T3ciZZ9lZlslOy0thFNJDeHuAz2jKGSOuF/bl+6VMyFD/kGv2WX o/ylgYmt0jQTHvTdIRuZIbN19t993fM= Received: from mail-qv1-f70.google.com (mail-qv1-f70.google.com [209.85.219.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-557-dY1B2dWnO5aCEz1wN8Gnbg-1; Tue, 04 Apr 2023 10:56:00 -0400 X-MC-Unique: dY1B2dWnO5aCEz1wN8Gnbg-1 Received: by mail-qv1-f70.google.com with SMTP id a15-20020a0562140c2f00b005ad28a23cffso14538718qvd.6 for ; Tue, 04 Apr 2023 07:56:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680620160; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O6TxF2wDPSZ8VkfH+UnP0K94pMIAUpQJ5kpEzKyPwfU=; b=LRe8V62XD6P6BfwfRVOBOx7jdM7U6OYzuXZ51ceWeDjgT95gHGtZOTeaCLtQLNzGeu KGhOHucyY7kuYNOV2I94VDhrIdzDBTt0i6RfMQzoIklX0EEyoeWiyed8XXOEBeyKSAt0 MNHaJEFqD9rNvtyhVO47/8Pc8x+LCz3G+iM2FsHxr/UatbNvP7RcBy7xfqgJedyno4sg XlV0TNezRazJ5pfGor+Cf7HuU0y1CQfqVL2X45Kgk2xD/Xj6bCPeKPTkl9KJ36HY55xi 6cCJXyP/pzoA39aOcskWLi7amqmSHyQo0jPmNZ414SDoIFLpoA3oJ3+o7fumkDx+lBte zYRw== X-Gm-Message-State: AAQBX9er7WHXbkZG+FdTJXwl/j8R6i4mdpHgXOZDQSK4TbkF2QlZw9cb V0dthQOSPp9utPD6GYkC5lEam2SQ5+8xdtn00LPcS4Afn/+iV0PLq9vrl11gwdDBY7gV0wTuKda UylZCe+eZehqn0C2F67XMZg== X-Received: by 2002:ac8:5b8f:0:b0:3e3:9502:8dfc with SMTP id a15-20020ac85b8f000000b003e395028dfcmr4467463qta.9.1680620159963; Tue, 04 Apr 2023 07:55:59 -0700 (PDT) X-Google-Smtp-Source: AKy350a7eyzBLFAVwLtkZzZp5jojS6UQc2rD1+xfGSjK6d6WcBELJ7jmQgpE+gezZ7mdNPw1AFtdEg== X-Received: by 2002:ac8:5b8f:0:b0:3e3:9502:8dfc with SMTP id a15-20020ac85b8f000000b003e395028dfcmr4467424qta.9.1680620159602; Tue, 04 Apr 2023 07:55:59 -0700 (PDT) Received: from aalbersh.remote.csb ([109.183.6.197]) by smtp.gmail.com with ESMTPSA id j4-20020ac86644000000b003e6387431dcsm3296539qtp.7.2023.04.04.07.55.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Apr 2023 07:55:59 -0700 (PDT) From: Andrey Albershteyn To: djwong@kernel.org, dchinner@redhat.com, ebiggers@kernel.org, hch@infradead.org, linux-xfs@vger.kernel.org, fsverity@lists.linux.dev Cc: rpeterso@redhat.com, agruenba@redhat.com, xiang@kernel.org, chao@kernel.org, damien.lemoal@opensource.wdc.com, jth@kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, Andrey Albershteyn Subject: [PATCH v2 23/23] xfs: enable ro-compat fs-verity flag Date: Tue, 4 Apr 2023 16:53:19 +0200 Message-Id: <20230404145319.2057051-24-aalbersh@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20230404145319.2057051-1-aalbersh@redhat.com> References: <20230404145319.2057051-1-aalbersh@redhat.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Finalize fs-verity integration in XFS by making kernel fs-verity aware with ro-compat flag. Signed-off-by: Andrey Albershteyn --- fs/xfs/libxfs/xfs_format.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/fs/xfs/libxfs/xfs_format.h b/fs/xfs/libxfs/xfs_format.h index ccb2ae5c2c93..a21612319765 100644 --- a/fs/xfs/libxfs/xfs_format.h +++ b/fs/xfs/libxfs/xfs_format.h @@ -355,10 +355,11 @@ xfs_sb_has_compat_feature( #define XFS_SB_FEAT_RO_COMPAT_INOBTCNT (1 << 3) /* inobt block counts */ #define XFS_SB_FEAT_RO_COMPAT_VERITY (1 << 4) /* fs-verity */ #define XFS_SB_FEAT_RO_COMPAT_ALL \ - (XFS_SB_FEAT_RO_COMPAT_FINOBT | \ - XFS_SB_FEAT_RO_COMPAT_RMAPBT | \ - XFS_SB_FEAT_RO_COMPAT_REFLINK| \ - XFS_SB_FEAT_RO_COMPAT_INOBTCNT) + (XFS_SB_FEAT_RO_COMPAT_FINOBT | \ + XFS_SB_FEAT_RO_COMPAT_RMAPBT | \ + XFS_SB_FEAT_RO_COMPAT_REFLINK | \ + XFS_SB_FEAT_RO_COMPAT_INOBTCNT| \ + XFS_SB_FEAT_RO_COMPAT_VERITY) #define XFS_SB_FEAT_RO_COMPAT_UNKNOWN ~XFS_SB_FEAT_RO_COMPAT_ALL static inline bool xfs_sb_has_ro_compat_feature(