• Linus Torvalds's avatar
    Merge tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt · f60c55a9
    Linus Torvalds authored
    Pull fs-verity support from Eric Biggers:
     "fs-verity is a filesystem feature that provides Merkle tree based
      hashing (similar to dm-verity) for individual readonly files, mainly
      for the purpose of efficient authenticity verification.
    
      This pull request includes:
    
       (a) The fs/verity/ support layer and documentation.
    
       (b) fs-verity support for ext4 and f2fs.
    
      Compared to the original fs-verity patchset from last year, the UAPI
      to enable fs-verity on a file has been greatly simplified. Lots of
      other things were cleaned up too.
    
      fs-verity is planned to be used by two different projects on Android;
      most of the userspace code is in place already. Another userspace tool
      ("fsverity-utils"), and xfstests, are also available. e2fsprogs and
      f2fs-tools already have fs-verity support. Other people have shown
      interest in using fs-verity too.
    
      I've tested this on ext4 and f2fs with xfstests, both the existing
      tests and the new fs-verity tests. This has also been in linux-next
      since July 30 with no reported issues except a couple minor ones I
      found myself and folded in fixes for.
    
      Ted and I will be co-maintaining fs-verity"
    
    * tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt:
      f2fs: add fs-verity support
      ext4: update on-disk format documentation for fs-verity
      ext4: add fs-verity read support
      ext4: add basic fs-verity support
      fs-verity: support builtin file signatures
      fs-verity: add SHA-512 support
      fs-verity: implement FS_IOC_MEASURE_VERITY ioctl
      fs-verity: implement FS_IOC_ENABLE_VERITY ioctl
      fs-verity: add data verification hooks for ->readpages()
      fs-verity: add the hook for file ->setattr()
      fs-verity: add the hook for file ->open()
      fs-verity: add inode and superblock fields
      fs-verity: add Kconfig and the helper functions for hashing
      fs: uapi: define verity bit for FS_IOC_GETFLAGS
      fs-verity: add UAPI header
      fs-verity: add MAINTAINERS file entry
      fs-verity: add a documentation file
    f60c55a9
file.c 79.1 KB