Message ID | 20190620205043.64350-7-ebiggers@kernel.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | fs-verity: read-only file-based authenticity protection | expand |
On 06/20, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > Analogous to fs/crypto/, add fields to the VFS inode and superblock for > use by the fs/verity/ support layer: > > - ->s_vop: points to the fsverity_operations if the filesystem supports > fs-verity, otherwise is NULL. > > - ->i_verity_info: points to cached fs-verity information for the inode > after someone opens it, otherwise is NULL. > > - S_VERITY: bit in ->i_flags that identifies verity inodes, even when > they haven't been opened yet and thus still have NULL ->i_verity_info. > > Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> > Signed-off-by: Eric Biggers <ebiggers@google.com> > --- > include/linux/fs.h | 11 +++++++++++ > 1 file changed, 11 insertions(+) > > diff --git a/include/linux/fs.h b/include/linux/fs.h > index f7fdfe93e25d3e..a80a192cdcf285 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -64,6 +64,8 @@ struct workqueue_struct; > struct iov_iter; > struct fscrypt_info; > struct fscrypt_operations; > +struct fsverity_info; > +struct fsverity_operations; > struct fs_context; > struct fs_parameter_description; > > @@ -723,6 +725,10 @@ struct inode { > struct fscrypt_info *i_crypt_info; > #endif > > +#ifdef CONFIG_FS_VERITY > + struct fsverity_info *i_verity_info; > +#endif > + > void *i_private; /* fs or device private pointer */ > } __randomize_layout; > > @@ -1429,6 +1435,9 @@ struct super_block { > const struct xattr_handler **s_xattr; > #ifdef CONFIG_FS_ENCRYPTION > const struct fscrypt_operations *s_cop; > +#endif > +#ifdef CONFIG_FS_VERITY > + const struct fsverity_operations *s_vop; > #endif > struct hlist_bl_head s_roots; /* alternate root dentries for NFS */ > struct list_head s_mounts; /* list of mounts; _not_ for fs use */ > @@ -1964,6 +1973,7 @@ struct super_operations { > #endif > #define S_ENCRYPTED 16384 /* Encrypted file (using fs/crypto/) */ > #define S_CASEFOLD 32768 /* Casefolded file */ > +#define S_VERITY 65536 /* Verity file (using fs/verity/) */ > > /* > * Note that nosuid etc flags are inode-specific: setting some file-system > @@ -2005,6 +2015,7 @@ static inline bool sb_rdonly(const struct super_block *sb) { return sb->s_flags > #define IS_DAX(inode) ((inode)->i_flags & S_DAX) > #define IS_ENCRYPTED(inode) ((inode)->i_flags & S_ENCRYPTED) > #define IS_CASEFOLDED(inode) ((inode)->i_flags & S_CASEFOLD) > +#define IS_VERITY(inode) ((inode)->i_flags & S_VERITY) > > #define IS_WHITEOUT(inode) (S_ISCHR(inode->i_mode) && \ > (inode)->i_rdev == WHITEOUT_DEV) > -- > 2.22.0.410.gd8fdbe21b5-goog
diff --git a/include/linux/fs.h b/include/linux/fs.h index f7fdfe93e25d3e..a80a192cdcf285 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -64,6 +64,8 @@ struct workqueue_struct; struct iov_iter; struct fscrypt_info; struct fscrypt_operations; +struct fsverity_info; +struct fsverity_operations; struct fs_context; struct fs_parameter_description; @@ -723,6 +725,10 @@ struct inode { struct fscrypt_info *i_crypt_info; #endif +#ifdef CONFIG_FS_VERITY + struct fsverity_info *i_verity_info; +#endif + void *i_private; /* fs or device private pointer */ } __randomize_layout; @@ -1429,6 +1435,9 @@ struct super_block { const struct xattr_handler **s_xattr; #ifdef CONFIG_FS_ENCRYPTION const struct fscrypt_operations *s_cop; +#endif +#ifdef CONFIG_FS_VERITY + const struct fsverity_operations *s_vop; #endif struct hlist_bl_head s_roots; /* alternate root dentries for NFS */ struct list_head s_mounts; /* list of mounts; _not_ for fs use */ @@ -1964,6 +1973,7 @@ struct super_operations { #endif #define S_ENCRYPTED 16384 /* Encrypted file (using fs/crypto/) */ #define S_CASEFOLD 32768 /* Casefolded file */ +#define S_VERITY 65536 /* Verity file (using fs/verity/) */ /* * Note that nosuid etc flags are inode-specific: setting some file-system @@ -2005,6 +2015,7 @@ static inline bool sb_rdonly(const struct super_block *sb) { return sb->s_flags #define IS_DAX(inode) ((inode)->i_flags & S_DAX) #define IS_ENCRYPTED(inode) ((inode)->i_flags & S_ENCRYPTED) #define IS_CASEFOLDED(inode) ((inode)->i_flags & S_CASEFOLD) +#define IS_VERITY(inode) ((inode)->i_flags & S_VERITY) #define IS_WHITEOUT(inode) (S_ISCHR(inode->i_mode) && \ (inode)->i_rdev == WHITEOUT_DEV)