Re: [PATCH v4 05/25] fs: add FS_XFLAG_VERITY for verity files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Feb 23, 2024 at 01:55:21PM +0100, Andrey Albershteyn wrote:
> On 2024-02-22 20:23:04, Eric Biggers wrote:
> > On Mon, Feb 12, 2024 at 05:58:02PM +0100, Andrey Albershteyn wrote:
> > > +FS_IOC_FSGETXATTR
> > > +-----------------
> > > +
> > > +Since Linux v6.9, FS_XFLAG_VERITY (0x00020000) file attribute is set for verity
> > > +files. The attribute can be observed via lsattr.
> > > +
> > > +    [root@vm:~]# lsattr /mnt/test/foo
> > > +    --------------------V- /mnt/test/foo
> > > +
> > > +Note that this attribute cannot be set with FS_IOC_FSSETXATTR as enabling verity
> > > +requires input parameters. See FS_IOC_ENABLE_VERITY.
> > 
> > The lsattr example is irrelevant and misleading because lsattr uses
> > FS_IOC_GETFLAGS, not FS_IOC_FSGETXATTR.
> > 
> > Also, I know that you titled the subsection "FS_IOC_FSGETXATTR", but the text
> > itself should make it super clear that FS_XFLAG_VERITY is only for
> > FS_IOC_FSGETXATTR, not FS_IOC_GETFLAGS.
> 
> Sure, I will remove the example. Would something like this be clear
> enough?
> 
>     FS_IOC_FSGETXATTR
>     -----------------
> 
>     Since Linux v6.9, FS_XFLAG_VERITY (0x00020000) file attribute is set for verity
>     files. This attribute can be checked with FS_IOC_FSGETXATTR ioctl. Note that
>     this attribute cannot be set with FS_IOC_FSSETXATTR as enabling verity requires
>     input parameters. See FS_IOC_ENABLE_VERITY.

It's better, but I'd probably put FS_IOC_FSGETXATTR in the first sentence.
Like: Since Linux v6.9, the FS_IOC_FSGETXATTR ioctl sets FS_XFLAG_VERITY
(0x00020000) in the returned flags when the file has verity enabled.

- Eric




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux