Re: dm-verity design question

cryptsetup.lists.linux.dev archive mirror
 help / color / mirror / Atom feed

From: Milan Broz <gmazyland@gmail.com>
To: cryptsetup@lists.linux.dev
Subject: Re: dm-verity design question
Date: Tue, 12 Apr 2022 11:47:07 +0200	[thread overview]
Message-ID: <c5bb5388-d22f-4973-30a5-873d621f1833@gmail.com> (raw)
In-Reply-To: <CAH4tiUts6MVKNv6RVQhPD3fSGruZo=iYpeY1XrbMs-rUx7TLFw@mail.gmail.com>

Hi Jasper,

if it is question about kernel code, the best is to ask on dm-devel@redhat.com list
(you can cc cryptsetup list too).

Not all device-mapper kernel developers are here (dm-devel is official list
for kernel device-mapper subsystem; this one mainly for userspace cryptsetup tools).

Milan


On 12/04/2022 11:38, Jasper Surmont wrote:
> Hey,
> 
> After going through the dm-verity source code for a while I think I
> kind of figured out the general design; on a read:
> 1. Multiple possible problems get checked like alignment, out of range
> etc. Also variables get set based on the request
> 2. The request is prefetched to the cache
> 3. The actual integrity check is done when the bio ends (bi_end_io
> points to verity_end_io which submits the work to verify digest etc
> 
> If this is correct, I have 2 questions:
> 1. What is the main benefit of prefetching here? We know the remapped
> request is going to be executed very soon, so I don't really see why
> we prefetch.
> 2. In verity_end_io(...), we only submit the work to verify the digest
> if FEC is enabled. Why? Can't we check integrity without using FEC?
> 
> I hope my questions are clear.
> 
> Thanks a lot!
> 
> Sincerely, Jasper Surmont
>

     prev parent reply	other threads:[~2022-04-12  9:47 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-12  9:38 dm-verity design question Jasper Surmont
2022-04-12  9:47 ` Milan Broz [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=c5bb5388-d22f-4973-30a5-873d621f1833@gmail.com \
    --to=gmazyland@gmail.com \
    --cc=cryptsetup@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).