Merge tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt (1c1ff483) · Commits · 戴 / test

Documentation/filesystems/fsverity.rst

+10 −2

Original line number	Diff line number	Diff line
		@@ -226,6 +226,14 @@ To do so, check for FS_VERITY_FL (0x00100000) in the returned flags.
		The verity flag is not settable via FS_IOC_SETFLAGS. You must use
		FS_IOC_ENABLE_VERITY instead, since parameters must be provided.

		statx
		-----

		Since Linux v5.5, the statx() system call sets STATX_ATTR_VERITY if
		the file has fs-verity enabled. This can perform better than
		FS_IOC_GETFLAGS and FS_IOC_MEASURE_VERITY because it doesn't require
		opening the file, and opening verity files can be expensive.

		Accessing verity files
		======================

		@@ -398,7 +406,7 @@ pages have been read into the pagecache. (See `Verifying data`_.)
		ext4
		----

		ext4 supports fs-verity since Linux TODO and e2fsprogs v1.45.2.
		ext4 supports fs-verity since Linux v5.4 and e2fsprogs v1.45.2.

		To create verity files on an ext4 filesystem, the filesystem must have
		been formatted with ``-O verity`` or had ``tune2fs -O verity`` run on
		@@ -434,7 +442,7 @@ also only supports extent-based files.
		f2fs
		----

		f2fs supports fs-verity since Linux TODO and f2fs-tools v1.11.0.
		f2fs supports fs-verity since Linux v5.4 and f2fs-tools v1.11.0.

		To create verity files on an f2fs filesystem, the filesystem must have
		been formatted with ``-O verity``.

+4 −1

Original line number	Diff line number	Diff line
		@@ -5717,12 +5717,15 @@ int ext4_getattr(const struct path path, struct kstat stat,
		stat->attributes \|= STATX_ATTR_IMMUTABLE;
		if (flags & EXT4_NODUMP_FL)
		stat->attributes \|= STATX_ATTR_NODUMP;
		if (flags & EXT4_VERITY_FL)
		stat->attributes \|= STATX_ATTR_VERITY;

		stat->attributes_mask \|= (STATX_ATTR_APPEND \|
		STATX_ATTR_COMPRESSED \|
		STATX_ATTR_ENCRYPTED \|
		STATX_ATTR_IMMUTABLE \|
		STATX_ATTR_NODUMP);
		STATX_ATTR_NODUMP \|
		STATX_ATTR_VERITY);

		generic_fillattr(inode, stat);
		return 0;

+4 −1

Original line number	Diff line number	Diff line
		@@ -726,11 +726,14 @@ int f2fs_getattr(const struct path path, struct kstat stat,
		stat->attributes \|= STATX_ATTR_IMMUTABLE;
		if (flags & F2FS_NODUMP_FL)
		stat->attributes \|= STATX_ATTR_NODUMP;
		if (IS_VERITY(inode))
		stat->attributes \|= STATX_ATTR_VERITY;

		stat->attributes_mask \|= (STATX_ATTR_APPEND \|
		STATX_ATTR_ENCRYPTED \|
		STATX_ATTR_IMMUTABLE \|
		STATX_ATTR_NODUMP);
		STATX_ATTR_NODUMP \|
		STATX_ATTR_VERITY);

		generic_fillattr(inode, stat);

+2 −1

Original line number	Diff line number	Diff line
		@@ -33,7 +33,8 @@ struct kstat {
		STATX_ATTR_IMMUTABLE \| \
		STATX_ATTR_APPEND \| \
		STATX_ATTR_NODUMP \| \
		STATX_ATTR_ENCRYPTED \
		STATX_ATTR_ENCRYPTED \| \
		STATX_ATTR_VERITY \
		)/* Attrs corresponding to FS__FL flags /
		u64 ino;
		dev_t dev;

+1 −1

Original line number	Diff line number	Diff line
		@@ -167,8 +167,8 @@ struct statx {
		#define STATX_ATTR_APPEND 0x00000020 /* [I] File is append-only */
		#define STATX_ATTR_NODUMP 0x00000040 /* [I] File is not to be dumped */
		#define STATX_ATTR_ENCRYPTED 0x00000800 /* [I] File requires key to decrypt in fs */

		#define STATX_ATTR_AUTOMOUNT 0x00001000 /* Dir: Automount trigger */
		#define STATX_ATTR_VERITY 0x00100000 /* [I] Verity protected file */


		#endif /* _UAPI_LINUX_STAT_H */