From: Eric Biggers <ebiggers@kernel.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: fsverity@lists.linux.dev, linux-fsdevel@vger.kernel.org,
linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org,
Theodore Ts'o <tytso@mit.edu>,
Alexander Larsson <alexl@redhat.com>
Subject: [GIT PULL] fsverity updates for 6.5
Date: Sun, 25 Jun 2023 18:54:15 -0700 [thread overview]
Message-ID: <20230626015415.GB1024@sol.localdomain> (raw)
The following changes since commit f1fcbaa18b28dec10281551dfe6ed3a3ed80e3d6:
Linux 6.4-rc2 (2023-05-14 12:51:40 -0700)
are available in the Git repository at:
https://git.kernel.org/pub/scm/fs/fsverity/linux.git tags/fsverity-for-linus
for you to fetch changes up to 672d6ef4c775cfcd2e00172e23df34e77e495e85:
fsverity: improve documentation for builtin signature support (2023-06-20 22:47:55 -0700)
----------------------------------------------------------------
Several updates for fs/verity/:
- Do all hashing with the shash API instead of with the ahash API. This
simplifies the code and reduces API overhead. It should also make
things slightly easier for XFS's upcoming support for fsverity. It
does drop fsverity's support for off-CPU hash accelerators, but that
support was incomplete and not known to be used.
- Update and export fsverity_get_digest() so that it's ready for
overlayfs's upcoming support for fsverity checking of lowerdata.
- Improve the documentation for builtin signature support.
- Fix a bug in the large folio support.
----------------------------------------------------------------
Eric Biggers (6):
fsverity: use shash API instead of ahash API
fsverity: constify fsverity_hash_alg
fsverity: don't use bio_first_page_all() in fsverity_verify_bio()
fsverity: simplify error handling in verify_data_block()
fsverity: rework fsverity_get_digest() again
fsverity: improve documentation for builtin signature support
Documentation/filesystems/fsverity.rst | 192 +++++++++++++++++++++------------
fs/verity/Kconfig | 16 +--
fs/verity/enable.c | 21 ++--
fs/verity/fsverity_private.h | 23 ++--
fs/verity/hash_algs.c | 139 +++++-------------------
fs/verity/measure.c | 37 +++++--
fs/verity/open.c | 12 +--
fs/verity/read_metadata.c | 4 +-
fs/verity/signature.c | 8 ++
fs/verity/verify.c | 164 +++++++++++-----------------
include/linux/fsverity.h | 14 ++-
security/integrity/ima/ima_api.c | 31 +++---
12 files changed, 299 insertions(+), 362 deletions(-)
next reply other threads:[~2023-06-26 1:54 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-26 1:54 Eric Biggers [this message]
2023-06-26 20:02 ` [GIT PULL] fsverity updates for 6.5 pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230626015415.GB1024@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=alexl@redhat.com \
--cc=fsverity@lists.linux.dev \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).