Let filesystem iterate over hashes in the block and check if these are hashes of zeroed data blocks. XFS will use this to decide if it want to store tree block full of these hashes. Signed-off-by: Andrey Albershteyn Reviewed-by: "Darrick J. Wong" Acked-by: Eric Biggers --- fs/btrfs/verity.c | 6 +++++- fs/ext4/verity.c | 4 +++- fs/f2fs/verity.c | 4 +++- fs/verity/enable.c | 4 +++- include/linux/fsverity.h | 6 +++++- 5 files changed, 19 insertions(+), 5 deletions(-) diff --git a/fs/btrfs/verity.c b/fs/btrfs/verity.c index 0062b3a55781..fd3696d3f4ce 100644 --- a/fs/btrfs/verity.c +++ b/fs/btrfs/verity.c @@ -773,11 +773,15 @@ static struct page *btrfs_read_merkle_tree_page(struct inode *inode, * @buf: Merkle tree block to write * @pos: the position of the block in the Merkle tree (in bytes) * @size: the Merkle tree block size (in bytes) + * @zero_digest: the hash of the all-zeroes block + * @digest_size: size of zero_digest, in bytes * * Returns 0 on success or negative error code on failure */ static int btrfs_write_merkle_tree_block(struct file *file, const void *buf, - u64 pos, unsigned int size) + u64 pos, unsigned int size, + const u8 *zero_digest, + unsigned int digest_size) { struct inode *inode = file_inode(file); loff_t merkle_pos = merkle_file_pos(inode); diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c index ca61da53f313..347945ac23a4 100644 --- a/fs/ext4/verity.c +++ b/fs/ext4/verity.c @@ -374,7 +374,9 @@ static void ext4_readahead_merkle_tree(struct inode *inode, pgoff_t index, } static int ext4_write_merkle_tree_block(struct file *file, const void *buf, - u64 pos, unsigned int size) + u64 pos, unsigned int size, + const u8 *zero_digest, + unsigned int digest_size) { pos += ext4_verity_metadata_pos(file_inode(file)); diff --git a/fs/f2fs/verity.c b/fs/f2fs/verity.c index 92ebcc19cab0..b3b3e71604ac 100644 --- a/fs/f2fs/verity.c +++ b/fs/f2fs/verity.c @@ -270,7 +270,9 @@ static void f2fs_readahead_merkle_tree(struct inode *inode, pgoff_t index, } static int f2fs_write_merkle_tree_block(struct file *file, const void *buf, - u64 pos, unsigned int size) + u64 pos, unsigned int size, + const u8 *zero_digest, + unsigned int digest_size) { pos += f2fs_verity_metadata_pos(file_inode(file)); diff --git a/fs/verity/enable.c b/fs/verity/enable.c index 42dfed1ce0ce..ad4ff71d7dd9 100644 --- a/fs/verity/enable.c +++ b/fs/verity/enable.c @@ -50,7 +50,9 @@ static int write_merkle_tree_block(struct file *file, const u8 *buf, int err; err = inode->i_sb->s_vop->write_merkle_tree_block(file, buf, pos, - params->block_size); + params->block_size, + params->zero_digest, + params->digest_size); if (err) fsverity_err(inode, "Error %d writing Merkle tree block %lu", err, index); diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h index 3c3250f6f272..9e7d946676b9 100644 --- a/include/linux/fsverity.h +++ b/include/linux/fsverity.h @@ -124,6 +124,8 @@ struct fsverity_operations { * @buf: the Merkle tree block to write * @pos: the position of the block in the Merkle tree (in bytes) * @size: the Merkle tree block size (in bytes) + * @zero_digest: the hash of the all-zeroes block + * @digest_size: size of zero_digest, in bytes * * This is only called between ->begin_enable_verity() and * ->end_enable_verity(). @@ -131,7 +133,9 @@ struct fsverity_operations { * Return: 0 on success, -errno on failure */ int (*write_merkle_tree_block)(struct file *file, const void *buf, - u64 pos, unsigned int size); + u64 pos, unsigned int size, + const u8 *zero_digest, + unsigned int digest_size); }; #ifdef CONFIG_FS_VERITY -- 2.51.2