On Wed, Apr 24, 2024 at 06:52:30PM +0000, Eric Biggers wrote: > On Wed, Apr 24, 2024 at 11:18:26AM -0700, Darrick J. Wong wrote: > > On Thu, Apr 04, 2024 at 11:09:11PM -0400, Eric Biggers wrote: > > > On Fri, Mar 29, 2024 at 05:35:32PM -0700, Darrick J. Wong wrote: > > > > + /** > > > > + * Notify the filesystem that file data validation failed > > > > + * > > > > + * @inode: the inode being validated > > > > + * @pos: the file position of the invalid data > > > > + * @len: the length of the invalid data > > > > + * > > > > + * This is called when fs-verity cannot validate the file contents. > > > > + */ > > > > + void (*fail_validation)(struct inode *inode, loff_t pos, size_t len); > > > > > > There is a difference between the file actually being corrupt (mismatching > > > hashes) and other problems like disk errors reading from the Merkle tree. > > > "Validation failed" is a bit ambiguous, and "cannot validate the file contents" > > > even more so. Do you want only file corruption errors? If so it may be a good > > > idea to call this 'file_corrupt', which would be consistent with the > > > "FILE CORRUPTED" error message in fs/verity/verify.c. Or do you actually want > > > all errors? Either way, it needs to be clarified what is actually meant. > > > > I only want actual file corruption errors -- XFS can handle disk errors > > from reading merkle tree blocks on its own. I'll change this to > > file_corrupt. How's this? > > > > /** > > * Notify the filesystem that file data is corrupt. > > * > > * @inode: the inode being validated > > * @pos: the file position of the invalid data > > * @len: the length of the invalid data > > * > > * This function is called when fs-verity cannot validate the file > > * contents against the merkle tree hashes and logs a FILE CORRUPTED > > * error message. > > */ > > void (*file_corrupt)(struct inode *inode, loff_t pos, size_t len); > > It looks good except for the last sentence, which still has the potentially > misleading "cannot validate the file contents" wording. How about something > like the following: > > "This function is called when fs-verity detects that a portion of a file's data > is inconsistent with the Merkle tree, or a Merkle tree block needed to validate > the data is inconsistent with the level above it." Much better! I'll change it to that, thank you for the suggestion. --D > - Eric >
