diff options
| author | Alexander Larsson <alexl@redhat.com> | 2023-04-19 13:58:45 +0200 |
|---|---|---|
| committer | Amir Goldstein <amir73il@gmail.com> | 2023-08-12 18:02:38 +0200 |
| commit | 0c71faf5a607c8744ccee702846970bdb1a8005f (patch) | |
| tree | 77927ca9e28ea199e627a4ee5b734ea0cff7c3cb /fs/overlayfs/overlayfs.h | |
| parent | ovl: Validate verity xattr when resolving lowerdata (diff) | |
| download | linux-0c71faf5a607c8744ccee702846970bdb1a8005f.tar.xz linux-0c71faf5a607c8744ccee702846970bdb1a8005f.zip | |
ovl: Handle verity during copy-up
During regular metacopy, if lowerdata file has fs-verity enabled, and
the verity option is enabled, we add the digest to the metacopy xattr.
If verity is required, and lowerdata does not have fs-verity enabled,
fall back to full copy-up (or the generated metacopy would not
validate).
Signed-off-by: Alexander Larsson <alexl@redhat.com>
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Diffstat (limited to 'fs/overlayfs/overlayfs.h')
| -rw-r--r-- | fs/overlayfs/overlayfs.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h index 02ce60048457..488bd14c2ed8 100644 --- a/fs/overlayfs/overlayfs.h +++ b/fs/overlayfs/overlayfs.h @@ -487,11 +487,14 @@ int ovl_set_metacopy_xattr(struct ovl_fs *ofs, struct dentry *d, struct ovl_metacopy *metacopy); bool ovl_is_metacopy_dentry(struct dentry *dentry); char *ovl_get_redirect_xattr(struct ovl_fs *ofs, const struct path *path, int padding); +int ovl_ensure_verity_loaded(struct path *path); int ovl_get_verity_xattr(struct ovl_fs *ofs, const struct path *path, u8 *digest_buf, int *buf_length); int ovl_validate_verity(struct ovl_fs *ofs, struct path *metapath, struct path *datapath); +int ovl_get_verity_digest(struct ovl_fs *ofs, struct path *src, + struct ovl_metacopy *metacopy); int ovl_sync_status(struct ovl_fs *ofs); static inline void ovl_set_flag(unsigned long flag, struct inode *inode) |