@@ -8740,6 +8740,7 @@ T: git https://git.kernel.org/pub/scm/fs/fsverity/linux.git
F: Documentation/filesystems/fsverity.rst
F: fs/verity/
F: include/linux/fsverity.h
+F: include/trace/events/fsverity.h
F: include/uapi/linux/fsverity.h
FT260 FTDI USB-HID TO I2C BRIDGE DRIVER
@@ -227,6 +227,8 @@ static int enable_verity(struct file *filp,
if (err)
goto out;
+ trace_fsverity_enable(inode, desc, ¶ms);
+
/*
* Start enabling verity on this file, serialized by the inode lock.
* Fail if verity is already enabled or is already being enabled.
@@ -255,6 +257,7 @@ static int enable_verity(struct file *filp,
fsverity_err(inode, "Error %d building Merkle tree", err);
goto rollback;
}
+ trace_fsverity_tree_done(inode, desc, ¶ms);
/*
* Create the fsverity_info. Don't bother trying to save work by
@@ -162,4 +162,6 @@ void __init fsverity_init_workqueue(void);
void fsverity_drop_block(struct inode *inode,
struct fsverity_blockbuf *block);
+#include <trace/events/fsverity.h>
+
#endif /* _FSVERITY_PRIVATE_H */
@@ -5,6 +5,7 @@
* Copyright 2019 Google LLC
*/
+#define CREATE_TRACE_POINTS
#include "fsverity_private.h"
#include <linux/ratelimit.h>
@@ -53,6 +53,8 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
struct fsverity_formatted_digest *d;
int err;
+ trace_fsverity_verify_signature(inode, signature, sig_size);
+
if (sig_size == 0) {
if (fsverity_require_signatures) {
fsverity_err(inode,
@@ -118,6 +118,7 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
/* Byte offset of the wanted hash relative to @addr */
unsigned int hoffset;
} hblocks[FS_VERITY_MAX_LEVELS];
+ trace_fsverity_verify_block(inode, data_pos);
/*
* The index of the previous level's block within that level; also the
* index of that block's hash within the current level.
@@ -215,6 +216,8 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
if (is_hash_block_verified(inode, block, hblock_idx)) {
memcpy(_want_hash, block->kaddr + hoffset, hsize);
want_hash = _want_hash;
+ trace_fsverity_merkle_tree_block_verified(inode,
+ block, FSVERITY_TRACE_DIR_ASCEND);
fsverity_drop_block(inode, block);
goto descend;
}
@@ -248,6 +251,8 @@ verify_data_block(struct inode *inode, struct fsverity_info *vi,
SetPageChecked(hpage);
memcpy(_want_hash, haddr + hoffset, hsize);
want_hash = _want_hash;
+ trace_fsverity_merkle_tree_block_verified(inode, block,
+ FSVERITY_TRACE_DIR_DESCEND);
fsverity_drop_block(inode, block);
}
@@ -405,6 +410,8 @@ void fsverity_invalidate_block(struct inode *inode,
struct fsverity_info *vi = inode->i_verity_info;
const unsigned int log_blocksize = vi->tree_params.log_blocksize;
+ trace_fsverity_invalidate_block(inode, block);
+
if (block->offset > vi->tree_params.tree_size) {
fsverity_err(inode,
"Trying to invalidate beyond Merkle tree (tree %lld, offset %lld)",
new file mode 100644
@@ -0,0 +1,181 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#undef TRACE_SYSTEM
+#define TRACE_SYSTEM fsverity
+
+#if !defined(_TRACE_FSVERITY_H) || defined(TRACE_HEADER_MULTI_READ)
+#define _TRACE_FSVERITY_H
+
+#include <linux/tracepoint.h>
+
+struct fsverity_descriptor;
+struct merkle_tree_params;
+struct fsverity_info;
+
+#define FSVERITY_TRACE_DIR_ASCEND (1ul << 0)
+#define FSVERITY_TRACE_DIR_DESCEND (1ul << 1)
+#define FSVERITY_HASH_SHOWN_LEN 20
+
+TRACE_EVENT(fsverity_enable,
+ TP_PROTO(struct inode *inode, struct fsverity_descriptor *desc,
+ struct merkle_tree_params *params),
+ TP_ARGS(inode, desc, params),
+ TP_STRUCT__entry(
+ __field(ino_t, ino)
+ __field(u64, data_size)
+ __field(unsigned int, block_size)
+ __field(unsigned int, num_levels)
+ __field(u64, tree_size)
+ ),
+ TP_fast_assign(
+ __entry->ino = inode->i_ino;
+ __entry->data_size = desc->data_size;
+ __entry->block_size = params->block_size;
+ __entry->num_levels = params->num_levels;
+ __entry->tree_size = params->tree_size;
+ ),
+ TP_printk("ino %lu data size %llu tree size %llu block size %u levels %u",
+ (unsigned long) __entry->ino,
+ __entry->data_size,
+ __entry->tree_size,
+ __entry->block_size,
+ __entry->num_levels)
+);
+
+TRACE_EVENT(fsverity_tree_done,
+ TP_PROTO(struct inode *inode, struct fsverity_descriptor *desc,
+ struct merkle_tree_params *params),
+ TP_ARGS(inode, desc, params),
+ TP_STRUCT__entry(
+ __field(ino_t, ino)
+ __field(unsigned int, levels)
+ __field(unsigned int, tree_blocks)
+ __field(u64, tree_size)
+ __array(u8, tree_hash, 64)
+ ),
+ TP_fast_assign(
+ __entry->ino = inode->i_ino;
+ __entry->levels = params->num_levels;
+ __entry->tree_blocks =
+ params->tree_size >> params->log_blocksize;
+ __entry->tree_size = params->tree_size;
+ memcpy(__entry->tree_hash, desc->root_hash, 64);
+ ),
+ TP_printk("ino %lu levels %d tree_blocks %d tree_size %lld root_hash %s",
+ (unsigned long) __entry->ino,
+ __entry->levels,
+ __entry->tree_blocks,
+ __entry->tree_size,
+ __print_hex(__entry->tree_hash, 64))
+);
+
+TRACE_EVENT(fsverity_verify_block,
+ TP_PROTO(struct inode *inode, u64 offset),
+ TP_ARGS(inode, offset),
+ TP_STRUCT__entry(
+ __field(ino_t, ino)
+ __field(u64, offset)
+ __field(unsigned int, block_size)
+ ),
+ TP_fast_assign(
+ __entry->ino = inode->i_ino;
+ __entry->offset = offset;
+ __entry->block_size =
+ inode->i_verity_info->tree_params.block_size;
+ ),
+ TP_printk("ino %lu data offset %lld data block size %u",
+ (unsigned long) __entry->ino,
+ __entry->offset,
+ __entry->block_size)
+);
+
+TRACE_EVENT(fsverity_merkle_tree_block_verified,
+ TP_PROTO(struct inode *inode,
+ struct fsverity_blockbuf *block,
+ u8 direction),
+ TP_ARGS(inode, block, direction),
+ TP_STRUCT__entry(
+ __field(ino_t, ino)
+ __field(u64, offset)
+ __field(u8, direction)
+ ),
+ TP_fast_assign(
+ __entry->ino = inode->i_ino;
+ __entry->offset = block->offset;
+ __entry->direction = direction;
+ ),
+ TP_printk("ino %lu block offset %llu %s",
+ (unsigned long) __entry->ino,
+ __entry->offset,
+ __entry->direction == 0 ? "ascend" : "descend")
+);
+
+TRACE_EVENT(fsverity_invalidate_block,
+ TP_PROTO(struct inode *inode, struct fsverity_blockbuf *block),
+ TP_ARGS(inode, block),
+ TP_STRUCT__entry(
+ __field(ino_t, ino)
+ __field(u64, offset)
+ __field(unsigned int, block_size)
+ ),
+ TP_fast_assign(
+ __entry->ino = inode->i_ino;
+ __entry->offset = block->offset;
+ __entry->block_size = block->size;
+ ),
+ TP_printk("ino %lu block position %llu block size %u",
+ (unsigned long) __entry->ino,
+ __entry->offset,
+ __entry->block_size)
+);
+
+TRACE_EVENT(fsverity_read_merkle_tree_block,
+ TP_PROTO(struct inode *inode, u64 offset, unsigned int log_blocksize),
+ TP_ARGS(inode, offset, log_blocksize),
+ TP_STRUCT__entry(
+ __field(ino_t, ino)
+ __field(u64, offset)
+ __field(u64, index)
+ __field(unsigned int, block_size)
+ ),
+ TP_fast_assign(
+ __entry->ino = inode->i_ino;
+ __entry->offset = offset;
+ __entry->index = offset >> log_blocksize;
+ __entry->block_size = 1 << log_blocksize;
+ ),
+ TP_printk("ino %lu tree offset %llu block index %llu block hize %u",
+ (unsigned long) __entry->ino,
+ __entry->offset,
+ __entry->index,
+ __entry->block_size)
+);
+
+TRACE_EVENT(fsverity_verify_signature,
+ TP_PROTO(const struct inode *inode, const u8 *signature, size_t sig_size),
+ TP_ARGS(inode, signature, sig_size),
+ TP_STRUCT__entry(
+ __field(ino_t, ino)
+ __dynamic_array(u8, signature, sig_size)
+ __field(size_t, sig_size)
+ __field(size_t, sig_size_show)
+ ),
+ TP_fast_assign(
+ __entry->ino = inode->i_ino;
+ memcpy(__get_dynamic_array(signature), signature, sig_size);
+ __entry->sig_size = sig_size;
+ __entry->sig_size_show = (sig_size > FSVERITY_HASH_SHOWN_LEN ?
+ FSVERITY_HASH_SHOWN_LEN : sig_size);
+ ),
+ TP_printk("ino %lu sig_size %zu %s%s%s",
+ (unsigned long) __entry->ino,
+ __entry->sig_size,
+ (__entry->sig_size ? "sig " : ""),
+ __print_hex(__get_dynamic_array(signature),
+ __entry->sig_size_show),
+ (__entry->sig_size ? "..." : ""))
+);
+
+#endif /* _TRACE_FSVERITY_H */
+
+/* This part must be outside protection */
+#include <trace/define_trace.h>