On Sun, Jul 11, 2021 at 09:52:56AM -0500, Eric Biggers wrote: > On Wed, Jun 30, 2021 at 01:01:49PM -0700, Boris Burkov wrote: > > Add support for fsverity in btrfs. To support the generic interface in > > fs/verity, we add two new item types in the fs tree for inodes with > > verity enabled. One stores the per-file verity descriptor and btrfs > > verity item and the other stores the Merkle tree data itself. > > > > Verity checking is done in end_page_read just before a page is marked > > uptodate. This naturally handles a variety of edge cases like holes, > > preallocated extents, and inline extents. Some care needs to be taken to > > not try to verity pages past the end of the file, which are accessed by > > the generic buffered file reading code under some circumstances like > > reading to the end of the last page and trying to read again. Direct IO > > on a verity file falls back to buffered reads. > > > > Verity relies on PageChecked for the Merkle tree data itself to avoid > > re-walking up shared paths in the tree. For this reason, we need to > > cache the Merkle tree data. Since the file is immutable after verity is > > turned on, we can cache it at an index past EOF. > > > > Use the new inode ro_flags to store verity on the inode item, so that we > > can enable verity on a file, then rollback to an older kernel and still > > mount the file system and read the file. Since we can't safely write the > > file anymore without ruining the invariants of the Merkle tree, we mark > > a ro_compat flag on the file system when a file has verity enabled. > > > > Reported-by: kernel test robot <lkp@xxxxxxxxx> > > Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > > Co-developed-by: Chris Mason <clm@xxxxxx> > > Signed-off-by: Chris Mason <clm@xxxxxx> > > Signed-off-by: Boris Burkov <boris@xxxxxx> > > Generally looks good, feel free to add: > > Acked-by: Eric Biggers <ebiggers@xxxxxxxxxx> > > A few minor comments below: Thanks for the comments. Lots of them are minor fixups, I can do that when applying the patch. There are some questions that I'll leave to Boris to answer, I don't think they'd prevent merging the patches now and fixing up later.
|