On Mon, Oct 23, 2023 at 11:52 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > On Oct 4, 2023 Fan Wu <wufan@xxxxxxxxxxxxxxxxxxx> wrote: > > > > This patch adds a target finalize hook. > > > > The hook is triggered just before activating an inactive table of a > > mapped device. If it returns an error the __bind get cancelled. > > > > The dm-verity target will use this hook to attach the dm-verity's > > roothash metadata to the block_device struct of the mapped device. > > > > Signed-off-by: Fan Wu <wufan@xxxxxxxxxxxxxxxxxxx> > > --- > > v1-v10: > > + Not present > > --- > > drivers/md/dm.c | 12 ++++++++++++ > > include/linux/device-mapper.h | 7 +++++++ > > 2 files changed, 19 insertions(+) > > We need an ACK and confirmation from Alasdair and/or Mike that this > is the right approach. A gentle ping with a reminder ... For reference, the full patchset can be found on lore at the link below: https://lore.kernel.org/linux-security-module/1696457386-3010-1-git-send-email-wufan@xxxxxxxxxxxxxxxxxxx/ > > diff --git a/drivers/md/dm.c b/drivers/md/dm.c > > index 64a1f306c96c..3be9cc35306d 100644 > > --- a/drivers/md/dm.c > > +++ b/drivers/md/dm.c > > @@ -2239,6 +2239,18 @@ static struct dm_table *__bind(struct mapped_device *md, struct dm_table *t, > > goto out; > > } > > > > + for (unsigned int i = 0; i < t->num_targets; i++) { > > + struct dm_target *ti = dm_table_get_target(t, i); > > + > > + if (ti->type->finalize) { > > + ret = ti->type->finalize(ti); > > + if (ret) { > > + old_map = ERR_PTR(ret); > > + goto out; > > + } > > + } > > + } > > + > > old_map = rcu_dereference_protected(md->map, lockdep_is_held(&md->suspend_lock)); > > rcu_assign_pointer(md->map, (void *)t); > > md->immutable_target_type = dm_table_get_immutable_target_type(t); > > diff --git a/include/linux/device-mapper.h b/include/linux/device-mapper.h > > index 69d0435c7ebb..4040e84a8ec7 100644 > > --- a/include/linux/device-mapper.h > > +++ b/include/linux/device-mapper.h > > @@ -160,6 +160,12 @@ typedef int (*dm_dax_zero_page_range_fn)(struct dm_target *ti, pgoff_t pgoff, > > */ > > typedef size_t (*dm_dax_recovery_write_fn)(struct dm_target *ti, pgoff_t pgoff, > > void *addr, size_t bytes, struct iov_iter *i); > > +/* > > + * Returns: > > + * < 0 : error > > + * = 0 : success > > + */ > > +typedef int (*dm_finalize_fn) (struct dm_target *target); > > > > void dm_error(const char *message); > > > > @@ -209,6 +215,7 @@ struct target_type { > > dm_dax_direct_access_fn direct_access; > > dm_dax_zero_page_range_fn dax_zero_page_range; > > dm_dax_recovery_write_fn dax_recovery_write; > > + dm_finalize_fn finalize; > > > > /* For internal device-mapper use. */ > > struct list_head list; > > -- > > 2.25.1 -- paul-moore.com
