Re: [PATCH v2] btrfs-progs: receive: add support for fs-verity

David Sterba <dsterba@xxxxxxx> · Tue, 2 Aug 2022 16:52:04 +0200

On Thu, Jul 28, 2022 at 11:14:35AM -0700, Boris Burkov wrote:
> Process an enable_verity cmd by running the enable verity ioctl on the
> file. Since enabling verity denies write access to the file, it is
> important that we don't have any open write file descriptors.
> 
> This also revs the send stream format to version 3 with no format
> changes besides the new commands and attributes.
> 
> Signed-off-by: Boris Burkov <boris@xxxxxx>
> --
> Changes for v2:
> - remove verity.h copy, use UAPI
> ---
>  cmds/receive-dump.c  | 10 +++++++++
>  cmds/receive.c       | 51 ++++++++++++++++++++++++++++++++++++++++++++
>  common/send-stream.c | 16 ++++++++++++++
>  common/send-stream.h |  3 +++
>  kernel-shared/send.h | 13 +++++++++--
>  5 files changed, 91 insertions(+), 2 deletions(-)
> 
> diff --git a/cmds/receive-dump.c b/cmds/receive-dump.c
> index 92e0a4c9a..5d68ecbca 100644
> --- a/cmds/receive-dump.c
> +++ b/cmds/receive-dump.c
> @@ -344,6 +344,15 @@ static int print_fileattr(const char *path, u64 attr, void *user)
>  	return PRINT_DUMP(user, path, "fileattr", "fileattr=0x%llu", attr);
>  }
>  
> +static int print_enable_verity (const char *path, u8 algorithm, u32 block_size,
> +				int salt_len, char *salt,
> +				int sig_len, char *sig, void *user)
> +{
> +	return PRINT_DUMP(user, path, "enable_verity",
> +			  "algorithm=%u block_size=%u salt_len=%d sig_len=%d",
> +			  algorithm, block_size, salt_len, sig_len);
> +}
> +
>  struct btrfs_send_ops btrfs_print_send_ops = {
>  	.subvol = print_subvol,
>  	.snapshot = print_snapshot,
> @@ -369,4 +378,5 @@ struct btrfs_send_ops btrfs_print_send_ops = {
>  	.encoded_write = print_encoded_write,
>  	.fallocate = print_fallocate,
>  	.fileattr = print_fileattr,
> +	.enable_verity = print_enable_verity,
>  };
> diff --git a/cmds/receive.c b/cmds/receive.c
> index aec324587..c4778d6c0 100644
> --- a/cmds/receive.c
> +++ b/cmds/receive.c
> @@ -39,6 +39,7 @@
>  #include <sys/uio.h>
>  #include <sys/xattr.h>
>  #include <linux/fs.h>
> +#include <linux/fsverity.h>

This fails on Centos 7 that is used as base for build support. As
mentioned before, we can either ship local header to make it compile or
ifdef it out and skip verity records on receive side.  We already have
conditional compresion support for receive, but mostly it's by user
choice not because of lack of support.

You can test if it builds with docker and ci/ci-build-centos7 .