From: "Darrick J. Wong" <djwong@kernel.org>
To: aalbersh@redhat.com, ebiggers@kernel.org, cem@kernel.org,
djwong@kernel.org
Cc: linux-fsdevel@vger.kernel.org, linux-xfs@vger.kernel.org,
fsverity@lists.linux.dev
Subject: [PATCH 19/38] xfs_db: make attr_set/remove/modify be able to handle fs-verity attrs
Date: Mon, 29 Apr 2024 20:35:50 -0700 [thread overview]
Message-ID: <171444683404.960383.1311017460455777404.stgit@frogsfrogsfrogs> (raw)
In-Reply-To: <171444683053.960383.12871831441554683674.stgit@frogsfrogsfrogs>
From: Andrey Albershteyn <aalbersh@redhat.com>
Signed-off-by: Andrey Albershteyn <aalbersh@redhat.com>
---
db/attrset.c | 28 +++++++++++++++++++++-------
libxfs/libxfs_api_defs.h | 1 +
2 files changed, 22 insertions(+), 7 deletions(-)
diff --git a/db/attrset.c b/db/attrset.c
index 915c20f8beb8..477ea7cb29c1 100644
--- a/db/attrset.c
+++ b/db/attrset.c
@@ -26,15 +26,15 @@ static void attrset_help(void);
static const cmdinfo_t attr_set_cmd =
{ "attr_set", "aset", attr_set_f, 1, -1, 0,
- N_("[-r|-s|-u|-p] [-n] [-R|-C] [-v n] name"),
+ N_("[-r|-s|-u|-p|-f] [-n] [-R|-C] [-v n] name"),
N_("set the named attribute on the current inode"), attrset_help };
static const cmdinfo_t attr_remove_cmd =
{ "attr_remove", "aremove", attr_remove_f, 1, -1, 0,
- N_("[-r|-s|-u|-p] [-n] name"),
+ N_("[-r|-s|-u|-p|-f] [-n] name"),
N_("remove the named attribute from the current inode"), attrset_help };
static const cmdinfo_t attr_modify_cmd =
{ "attr_modify", "amodify", attr_modify_f, 1, -1, 0,
- N_("[-r|-s|-u] [-o n] [-v n] [-m n] name value"),
+ N_("[-r|-s|-u|-f] [-o n] [-v n] [-m n] name value"),
N_("modify value of the named attribute of the current inode"),
attrset_help };
@@ -53,6 +53,7 @@ attrset_help(void)
" -u -- 'user' (default)\n"
" -s -- 'secure'\n"
" -p -- 'parent'\n"
+" -f -- 'fs-verity'\n"
"\n"
" For attr_set, these options further define the type of set operation:\n"
" -C -- 'create' - create attribute, fail if it already exists\n"
@@ -116,7 +117,8 @@ get_buf_from_file(
#define LIBXFS_ATTR_NS (LIBXFS_ATTR_SECURE | \
LIBXFS_ATTR_ROOT | \
- LIBXFS_ATTR_PARENT)
+ LIBXFS_ATTR_PARENT | \
+ LIBXFS_ATTR_VERITY)
static int
attr_set_f(
@@ -144,7 +146,7 @@ attr_set_f(
return 0;
}
- while ((c = getopt(argc, argv, "ruspCRnN:v:V:")) != EOF) {
+ while ((c = getopt(argc, argv, "fruspCRnN:v:V:")) != EOF) {
switch (c) {
/* namespaces */
case 'r':
@@ -162,6 +164,10 @@ attr_set_f(
args.attr_filter &= ~LIBXFS_ATTR_NS;
args.attr_filter |= XFS_ATTR_PARENT;
break;
+ case 'f':
+ args.attr_filter &= ~LIBXFS_ATTR_NS;
+ args.attr_filter |= LIBXFS_ATTR_VERITY;
+ break;
/* modifiers */
case 'C':
@@ -317,7 +323,7 @@ attr_remove_f(
return 0;
}
- while ((c = getopt(argc, argv, "ruspnN:")) != EOF) {
+ while ((c = getopt(argc, argv, "fruspnN:")) != EOF) {
switch (c) {
/* namespaces */
case 'r':
@@ -335,6 +341,10 @@ attr_remove_f(
args.attr_filter &= ~LIBXFS_ATTR_NS;
args.attr_filter |= XFS_ATTR_PARENT;
break;
+ case 'f':
+ args.attr_filter &= ~LIBXFS_ATTR_NS;
+ args.attr_filter |= LIBXFS_ATTR_VERITY;
+ break;
case 'N':
name_from_file = optarg;
@@ -445,7 +455,7 @@ attr_modify_f(
return 0;
}
- while ((c = getopt(argc, argv, "ruspnv:o:m:")) != EOF) {
+ while ((c = getopt(argc, argv, "fruspnv:o:m:")) != EOF) {
switch (c) {
/* namespaces */
case 'r':
@@ -463,6 +473,10 @@ attr_modify_f(
args.attr_filter &= ~LIBXFS_ATTR_NS;
args.attr_filter |= XFS_ATTR_PARENT;
break;
+ case 'f':
+ args.attr_filter &= ~LIBXFS_ATTR_NS;
+ args.attr_filter |= LIBXFS_ATTR_VERITY;
+ break;
case 'n':
/*
diff --git a/libxfs/libxfs_api_defs.h b/libxfs/libxfs_api_defs.h
index 1b6efac9290d..6ad728af2e0a 100644
--- a/libxfs/libxfs_api_defs.h
+++ b/libxfs/libxfs_api_defs.h
@@ -16,6 +16,7 @@
#define LIBXFS_ATTR_ROOT XFS_ATTR_ROOT
#define LIBXFS_ATTR_SECURE XFS_ATTR_SECURE
#define LIBXFS_ATTR_PARENT XFS_ATTR_PARENT
+#define LIBXFS_ATTR_VERITY XFS_ATTR_VERITY
#define xfs_agfl_size libxfs_agfl_size
#define xfs_agfl_walk libxfs_agfl_walk
next prev parent reply other threads:[~2024-04-30 3:35 UTC|newest]
Thread overview: 165+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-30 3:11 [PATCHBOMB v5.6] fs-verity support for XFS Darrick J. Wong
2024-04-30 3:18 ` [PATCHSET v5.6 1/2] fs-verity: support merkle tree access by blocks Darrick J. Wong
2024-04-30 3:19 ` [PATCH 01/18] fs: add FS_XFLAG_VERITY for verity files Darrick J. Wong
2024-04-30 3:19 ` [PATCH 02/18] fsverity: pass tree_blocksize to end_enable_verity() Darrick J. Wong
2024-04-30 3:20 ` [PATCH 03/18] fsverity: convert verification to use byte instead of page offsets Darrick J. Wong
2024-05-01 7:33 ` Christoph Hellwig
2024-05-01 22:33 ` Darrick J. Wong
2024-05-02 0:42 ` Eric Biggers
2024-05-08 20:14 ` Darrick J. Wong
2024-04-30 3:20 ` [PATCH 04/18] fsverity: support block-based Merkle tree caching Darrick J. Wong
2024-05-01 7:36 ` Christoph Hellwig
2024-05-01 22:35 ` Darrick J. Wong
2024-05-02 4:42 ` Christoph Hellwig
2024-05-15 2:16 ` Eric Biggers
2024-04-30 3:20 ` [PATCH 05/18] fsverity: pass the merkle tree block level to fsverity_read_merkle_tree_block Darrick J. Wong
2024-04-30 3:20 ` [PATCH 06/18] fsverity: add per-sb workqueue for post read processing Darrick J. Wong
2024-04-30 3:21 ` [PATCH 07/18] fsverity: add tracepoints Darrick J. Wong
2024-04-30 3:21 ` [PATCH 08/18] fsverity: pass the new tree size and block size to ->begin_enable_verity Darrick J. Wong
2024-04-30 3:21 ` [PATCH 09/18] fsverity: expose merkle tree geometry to callers Darrick J. Wong
2024-04-30 3:22 ` [PATCH 10/18] fsverity: box up the write_merkle_tree_block parameters too Darrick J. Wong
2024-04-30 3:22 ` [PATCH 11/18] fsverity: pass the zero-hash value to the implementation Darrick J. Wong
2024-04-30 3:22 ` [PATCH 12/18] fsverity: report validation errors back to the filesystem Darrick J. Wong
2024-04-30 3:22 ` [PATCH 13/18] fsverity: pass super_block to fsverity_enqueue_verify_work Darrick J. Wong
2024-04-30 3:23 ` [PATCH 14/18] ext4: use a per-superblock fsverity workqueue Darrick J. Wong
2024-04-30 3:23 ` [PATCH 15/18] f2fs: " Darrick J. Wong
2024-04-30 3:23 ` [PATCH 16/18] btrfs: " Darrick J. Wong
2024-04-30 3:23 ` [PATCH 17/18] fsverity: remove system-wide workqueue Darrick J. Wong
2024-04-30 3:24 ` [PATCH 18/18] iomap: integrate fs-verity verification into iomap's read path Darrick J. Wong
2024-05-01 7:10 ` Christoph Hellwig
2024-05-01 22:37 ` Darrick J. Wong
2024-04-30 3:18 ` [PATCHSET v5.6 2/2] xfs: fs-verity support Darrick J. Wong
2024-04-30 3:24 ` [PATCH 01/26] xfs: use unsigned ints for non-negative quantities in xfs_attr_remote.c Darrick J. Wong
2024-05-01 6:55 ` Christoph Hellwig
2024-05-01 22:39 ` Darrick J. Wong
2024-05-02 4:56 ` Christoph Hellwig
2024-05-02 5:56 ` Chandan Babu R
2024-05-02 6:34 ` Christoph Hellwig
2024-04-30 3:24 ` [PATCH 02/26] xfs: turn XFS_ATTR3_RMT_BUF_SPACE into a function Darrick J. Wong
2024-05-01 6:55 ` Christoph Hellwig
2024-04-30 3:24 ` [PATCH 03/26] xfs: create a helper to compute the blockcount of a max sized remote value Darrick J. Wong
2024-05-01 6:56 ` Christoph Hellwig
2024-04-30 3:25 ` [PATCH 04/26] xfs: minor cleanups of xfs_attr3_rmt_blocks Darrick J. Wong
2024-05-01 6:56 ` Christoph Hellwig
2024-04-30 3:25 ` [PATCH 05/26] xfs: use an empty transaction to protect xfs_attr_get from deadlocks Darrick J. Wong
2024-05-01 6:57 ` Christoph Hellwig
2024-05-01 22:42 ` Darrick J. Wong
2024-04-30 3:25 ` [PATCH 06/26] xfs: add attribute type for fs-verity Darrick J. Wong
2024-04-30 3:25 ` [PATCH 07/26] xfs: do not use xfs_attr3_rmt_hdr for remote verity value blocks Darrick J. Wong
2024-04-30 3:26 ` [PATCH 08/26] xfs: add fs-verity ro-compat flag Darrick J. Wong
2024-04-30 3:26 ` [PATCH 09/26] xfs: add inode on-disk VERITY flag Darrick J. Wong
2024-04-30 3:26 ` [PATCH 10/26] xfs: initialize fs-verity on file open and cleanup on inode destruction Darrick J. Wong
2024-04-30 3:26 ` [PATCH 11/26] xfs: don't allow to enable DAX on fs-verity sealed inode Darrick J. Wong
2024-04-30 3:27 ` [PATCH 12/26] xfs: disable direct read path for fs-verity files Darrick J. Wong
2024-04-30 3:27 ` [PATCH 13/26] xfs: widen flags argument to the xfs_iflags_* helpers Darrick J. Wong
2024-05-01 6:54 ` Christoph Hellwig
2024-05-01 22:44 ` Darrick J. Wong
2024-04-30 3:27 ` [PATCH 14/26] xfs: add fs-verity support Darrick J. Wong
2024-04-30 3:28 ` [PATCH 15/26] xfs: create a per-mount shrinker for verity inodes merkle tree blocks Darrick J. Wong
2024-04-30 3:28 ` [PATCH 16/26] xfs: shrink verity blob cache Darrick J. Wong
2024-04-30 3:28 ` [PATCH 17/26] xfs: don't store trailing zeroes of merkle tree blocks Darrick J. Wong
2024-04-30 3:28 ` [PATCH 18/26] xfs: use merkle tree offset as attr hash Darrick J. Wong
2024-05-01 6:53 ` Christoph Hellwig
2024-05-01 7:23 ` Christoph Hellwig
2024-05-07 21:24 ` Darrick J. Wong
2024-05-08 11:47 ` Christoph Hellwig
2024-05-08 20:26 ` Darrick J. Wong
2024-05-09 5:02 ` Christoph Hellwig
2024-05-09 20:02 ` Darrick J. Wong
2024-05-10 5:08 ` Christoph Hellwig
2024-05-10 6:20 ` Christoph Hellwig
2024-05-17 17:17 ` Darrick J. Wong
2024-05-20 12:39 ` Christoph Hellwig
2024-05-20 16:02 ` Darrick J. Wong
2024-05-22 14:37 ` Christoph Hellwig
2024-05-22 18:29 ` Eric Biggers
2024-05-31 21:28 ` Darrick J. Wong
2024-05-31 21:45 ` Eric Biggers
2024-05-09 17:46 ` Eric Biggers
2024-05-09 18:04 ` Darrick J. Wong
2024-05-09 18:36 ` Eric Biggers
2024-04-30 3:29 ` [PATCH 19/26] xfs: don't bother storing merkle tree blocks for zeroed data blocks Darrick J. Wong
2024-05-01 6:47 ` Christoph Hellwig
2024-05-01 22:47 ` Darrick J. Wong
2024-05-02 0:01 ` Eric Biggers
2024-05-08 20:26 ` Darrick J. Wong
2024-04-30 3:29 ` [PATCH 20/26] xfs: add fs-verity ioctls Darrick J. Wong
2024-04-30 3:29 ` [PATCH 21/26] xfs: advertise fs-verity being available on filesystem Darrick J. Wong
2024-04-30 3:29 ` [PATCH 22/26] xfs: check and repair the verity inode flag state Darrick J. Wong
2024-04-30 3:30 ` [PATCH 23/26] xfs: teach online repair to evaluate fsverity xattrs Darrick J. Wong
2024-04-30 3:30 ` [PATCH 24/26] xfs: report verity failures through the health system Darrick J. Wong
2024-04-30 3:30 ` [PATCH 25/26] xfs: make it possible to disable fsverity Darrick J. Wong
2024-05-01 6:48 ` Christoph Hellwig
2024-05-01 22:50 ` Darrick J. Wong
2024-05-02 0:15 ` Eric Biggers
2024-05-08 20:31 ` Darrick J. Wong
2024-05-09 5:04 ` Christoph Hellwig
2024-05-09 14:45 ` Darrick J. Wong
2024-05-09 15:06 ` Christoph Hellwig
2024-05-09 15:09 ` Darrick J. Wong
2024-05-09 15:13 ` Christoph Hellwig
2024-05-09 15:43 ` Darrick J. Wong
2024-05-17 19:36 ` Theodore Ts'o
2024-04-30 3:30 ` [PATCH 26/26] xfs: enable ro-compat fs-verity flag Darrick J. Wong
2024-04-30 3:19 ` [PATCHSET v5.6] xfsprogs: fs-verity support for XFS Darrick J. Wong
2024-04-30 3:31 ` [PATCH 01/38] fs: add FS_XFLAG_VERITY for verity files Darrick J. Wong
2024-04-30 3:31 ` [PATCH 02/38] xfs: use unsigned ints for non-negative quantities in xfs_attr_remote.c Darrick J. Wong
2024-04-30 3:31 ` [PATCH 03/38] xfs: turn XFS_ATTR3_RMT_BUF_SPACE into a function Darrick J. Wong
2024-04-30 3:31 ` [PATCH 04/38] xfs: create a helper to compute the blockcount of a max sized remote value Darrick J. Wong
2024-04-30 3:32 ` [PATCH 05/38] xfs: minor cleanups of xfs_attr3_rmt_blocks Darrick J. Wong
2024-04-30 3:32 ` [PATCH 06/38] xfs: use an empty transaction to protect xfs_attr_get from deadlocks Darrick J. Wong
2024-04-30 3:32 ` [PATCH 07/38] xfs: add attribute type for fs-verity Darrick J. Wong
2024-04-30 3:32 ` [PATCH 08/38] xfs: do not use xfs_attr3_rmt_hdr for remote verity value blocks Darrick J. Wong
2024-04-30 3:33 ` [PATCH 09/38] xfs: add fs-verity ro-compat flag Darrick J. Wong
2024-04-30 3:33 ` [PATCH 10/38] xfs: add inode on-disk VERITY flag Darrick J. Wong
2024-04-30 3:33 ` [PATCH 11/38] xfs: add fs-verity support Darrick J. Wong
2024-04-30 3:34 ` [PATCH 12/38] xfs: use merkle tree offset as attr hash Darrick J. Wong
2024-04-30 3:34 ` [PATCH 13/38] xfs: advertise fs-verity being available on filesystem Darrick J. Wong
2024-04-30 3:34 ` [PATCH 14/38] xfs: report verity failures through the health system Darrick J. Wong
2024-04-30 3:34 ` [PATCH 15/38] xfs: enable ro-compat fs-verity flag Darrick J. Wong
2024-04-30 3:35 ` [PATCH 16/38] libfrog: add fsverity to xfs_report_geom output Darrick J. Wong
2024-04-30 3:35 ` [PATCH 17/38] xfs_db: introduce attr_modify command Darrick J. Wong
2024-04-30 3:35 ` [PATCH 18/38] xfs_db: add ATTR_PARENT support to " Darrick J. Wong
2024-04-30 3:35 ` Darrick J. Wong [this message]
2024-04-30 3:36 ` [PATCH 20/38] man: document " Darrick J. Wong
2024-04-30 3:36 ` [PATCH 21/38] xfs_db: create hex string as a field type Darrick J. Wong
2024-04-30 3:36 ` [PATCH 22/38] xfs_db: dump verity features and metadata Darrick J. Wong
2024-04-30 3:36 ` [PATCH 23/38] xfs_db: dump merkle tree data Darrick J. Wong
2024-04-30 3:37 ` [PATCH 24/38] xfs_db: dump the verity descriptor Darrick J. Wong
2024-04-30 3:37 ` [PATCH 25/38] xfs_db: don't obfuscate verity xattrs Darrick J. Wong
2024-04-30 3:37 ` [PATCH 26/38] xfs_db: dump the inode verity flag Darrick J. Wong
2024-04-30 3:37 ` [PATCH 27/38] xfs_db: compute hashes of merkle tree blocks Darrick J. Wong
2024-04-30 3:38 ` [PATCH 28/38] xfs_repair: junk fsverity xattrs when unnecessary Darrick J. Wong
2024-04-30 3:38 ` [PATCH 29/38] xfs_repair: clear verity iflag when verity isn't supported Darrick J. Wong
2024-04-30 3:38 ` [PATCH 30/38] xfs_repair: handle verity remote attrs Darrick J. Wong
2024-04-30 3:38 ` [PATCH 31/38] xfs_repair: allow upgrading filesystems with verity Darrick J. Wong
2024-04-30 3:39 ` [PATCH 32/38] xfs_scrub: check verity file metadata Darrick J. Wong
2024-04-30 3:39 ` [PATCH 33/38] xfs_scrub: validate verity file contents when doing a media scan Darrick J. Wong
2024-04-30 3:39 ` [PATCH 34/38] xfs_scrub: use MADV_POPULATE_READ to check verity files Darrick J. Wong
2024-04-30 3:40 ` [PATCH 35/38] xfs_spaceman: report data corruption Darrick J. Wong
2024-04-30 3:40 ` [PATCH 36/38] xfs_io: report fsverity status via statx Darrick J. Wong
2024-04-30 3:40 ` [PATCH 37/38] xfs_io: create magic command to disable verity Darrick J. Wong
2024-04-30 3:40 ` [PATCH 38/38] mkfs.xfs: add verity parameter Darrick J. Wong
2024-04-30 3:19 ` [PATCHSET v5.6] fstests: fs-verity support for XFS Darrick J. Wong
2024-04-30 3:41 ` [PATCH 1/6] common/verity: enable fsverity " Darrick J. Wong
2024-04-30 12:39 ` Andrey Albershteyn
2024-04-30 15:35 ` Darrick J. Wong
2024-04-30 3:41 ` [PATCH 2/6] xfs/{021,122}: adapt to fsverity xattrs Darrick J. Wong
2024-04-30 12:46 ` Andrey Albershteyn
2024-04-30 15:36 ` Darrick J. Wong
2024-04-30 3:41 ` [PATCH 3/6] xfs/122: adapt to fsverity Darrick J. Wong
2024-04-30 12:45 ` Andrey Albershteyn
2024-04-30 15:37 ` Darrick J. Wong
2024-04-30 3:41 ` [PATCH 4/6] xfs: test xfs_scrub detection and correction of corrupt fsverity metadata Darrick J. Wong
2024-04-30 12:29 ` Andrey Albershteyn
2024-04-30 15:43 ` Darrick J. Wong
2024-04-30 3:42 ` [PATCH 5/6] xfs: test disabling fsverity Darrick J. Wong
2024-04-30 12:56 ` Andrey Albershteyn
2024-04-30 13:11 ` Andrey Albershteyn
2024-04-30 15:48 ` Darrick J. Wong
2024-04-30 18:06 ` Andrey Albershteyn
2024-04-30 3:42 ` [PATCH 6/6] common/populate: add verity files to populate xfs images Darrick J. Wong
2024-04-30 13:22 ` Andrey Albershteyn
2024-04-30 15:49 ` Darrick J. Wong
2024-05-11 5:01 ` [PATCHSET v5.6] fstests: fs-verity support for XFS Zorro Lang
2024-05-17 15:56 ` Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=171444683404.960383.1311017460455777404.stgit@frogsfrogsfrogs \
--to=djwong@kernel.org \
--cc=aalbersh@redhat.com \
--cc=cem@kernel.org \
--cc=ebiggers@kernel.org \
--cc=fsverity@lists.linux.dev \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).