[GIT PULL] fsverity updates for 6.5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following changes since commit f1fcbaa18b28dec10281551dfe6ed3a3ed80e3d6:

  Linux 6.4-rc2 (2023-05-14 12:51:40 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/fs/fsverity/linux.git tags/fsverity-for-linus

for you to fetch changes up to 672d6ef4c775cfcd2e00172e23df34e77e495e85:

  fsverity: improve documentation for builtin signature support (2023-06-20 22:47:55 -0700)

----------------------------------------------------------------

Several updates for fs/verity/:

- Do all hashing with the shash API instead of with the ahash API.  This
  simplifies the code and reduces API overhead.  It should also make
  things slightly easier for XFS's upcoming support for fsverity.  It
  does drop fsverity's support for off-CPU hash accelerators, but that
  support was incomplete and not known to be used.

- Update and export fsverity_get_digest() so that it's ready for
  overlayfs's upcoming support for fsverity checking of lowerdata.

- Improve the documentation for builtin signature support.

- Fix a bug in the large folio support.

----------------------------------------------------------------
Eric Biggers (6):
      fsverity: use shash API instead of ahash API
      fsverity: constify fsverity_hash_alg
      fsverity: don't use bio_first_page_all() in fsverity_verify_bio()
      fsverity: simplify error handling in verify_data_block()
      fsverity: rework fsverity_get_digest() again
      fsverity: improve documentation for builtin signature support

 Documentation/filesystems/fsverity.rst | 192 +++++++++++++++++++++------------
 fs/verity/Kconfig                      |  16 +--
 fs/verity/enable.c                     |  21 ++--
 fs/verity/fsverity_private.h           |  23 ++--
 fs/verity/hash_algs.c                  | 139 +++++-------------------
 fs/verity/measure.c                    |  37 +++++--
 fs/verity/open.c                       |  12 +--
 fs/verity/read_metadata.c              |   4 +-
 fs/verity/signature.c                  |   8 ++
 fs/verity/verify.c                     | 164 +++++++++++-----------------
 include/linux/fsverity.h               |  14 ++-
 security/integrity/ima/ima_api.c       |  31 +++---
 12 files changed, 299 insertions(+), 362 deletions(-)



[Index of Archives]     [Reiser Filesystem Development]     [Ceph FS]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite National Park]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]     [Linux Media]

  Powered by Linux