mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-07 14:32:23 +00:00
fsverity updates for 5.8
Fix kerneldoc warnings and some coding style inconsistencies. This mirrors the similar cleanups being done in fs/crypto/. -----BEGIN PGP SIGNATURE----- iIoEABYIADIWIQSacvsUNc7UX4ntmEPzXCl4vpKOKwUCXtSdTBQcZWJpZ2dlcnNA Z29vZ2xlLmNvbQAKCRDzXCl4vpKOK8m/AP9+n5FpIxE2X6aYTVLweKIQ2bqfO/5K 5WyPlW5zdMEDyQD+OT8bjqVTDxTI0/c+MBOidwvJF6kUyZyVze3M0pE7OQg= =b+RP -----END PGP SIGNATURE----- Merge tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt Pull fsverity updates from Eric Biggers: "Fix kerneldoc warnings and some coding style inconsistencies. This mirrors the similar cleanups being done in fs/crypto/" * tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt: fs-verity: remove unnecessary extern keywords fs-verity: fix all kerneldoc warnings
This commit is contained in:
commit
4d67829e11
@ -329,6 +329,8 @@ static int enable_verity(struct file *filp,
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* fsverity_ioctl_enable() - enable verity on a file
|
* fsverity_ioctl_enable() - enable verity on a file
|
||||||
|
* @filp: file to enable verity on
|
||||||
|
* @uarg: user pointer to fsverity_enable_arg
|
||||||
*
|
*
|
||||||
* Enable fs-verity on a file. See the "FS_IOC_ENABLE_VERITY" section of
|
* Enable fs-verity on a file. See the "FS_IOC_ENABLE_VERITY" section of
|
||||||
* Documentation/filesystems/fsverity.rst for the documentation.
|
* Documentation/filesystems/fsverity.rst for the documentation.
|
||||||
|
@ -61,7 +61,7 @@ struct merkle_tree_params {
|
|||||||
u64 level_start[FS_VERITY_MAX_LEVELS];
|
u64 level_start[FS_VERITY_MAX_LEVELS];
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/*
|
||||||
* fsverity_info - cached verity metadata for an inode
|
* fsverity_info - cached verity metadata for an inode
|
||||||
*
|
*
|
||||||
* When a verity file is first opened, an instance of this struct is allocated
|
* When a verity file is first opened, an instance of this struct is allocated
|
||||||
@ -134,7 +134,7 @@ void __init fsverity_check_hash_algs(void);
|
|||||||
|
|
||||||
/* init.c */
|
/* init.c */
|
||||||
|
|
||||||
extern void __printf(3, 4) __cold
|
void __printf(3, 4) __cold
|
||||||
fsverity_msg(const struct inode *inode, const char *level,
|
fsverity_msg(const struct inode *inode, const char *level,
|
||||||
const char *fmt, ...);
|
const char *fmt, ...);
|
||||||
|
|
||||||
|
@ -11,6 +11,8 @@
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* fsverity_ioctl_measure() - get a verity file's measurement
|
* fsverity_ioctl_measure() - get a verity file's measurement
|
||||||
|
* @filp: file to get measurement of
|
||||||
|
* @_uarg: user pointer to fsverity_digest
|
||||||
*
|
*
|
||||||
* Retrieve the file measurement that the kernel is enforcing for reads from a
|
* Retrieve the file measurement that the kernel is enforcing for reads from a
|
||||||
* verity file. See the "FS_IOC_MEASURE_VERITY" section of
|
* verity file. See the "FS_IOC_MEASURE_VERITY" section of
|
||||||
|
@ -330,6 +330,7 @@ EXPORT_SYMBOL_GPL(fsverity_prepare_setattr);
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* fsverity_cleanup_inode() - free the inode's verity info, if present
|
* fsverity_cleanup_inode() - free the inode's verity info, if present
|
||||||
|
* @inode: an inode being evicted
|
||||||
*
|
*
|
||||||
* Filesystems must call this on inode eviction to free ->i_verity_info.
|
* Filesystems must call this on inode eviction to free ->i_verity_info.
|
||||||
*/
|
*/
|
||||||
|
@ -28,6 +28,9 @@ static struct key *fsverity_keyring;
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* fsverity_verify_signature() - check a verity file's signature
|
* fsverity_verify_signature() - check a verity file's signature
|
||||||
|
* @vi: the file's fsverity_info
|
||||||
|
* @desc: the file's fsverity_descriptor
|
||||||
|
* @desc_size: size of @desc
|
||||||
*
|
*
|
||||||
* If the file's fs-verity descriptor includes a signature of the file
|
* If the file's fs-verity descriptor includes a signature of the file
|
||||||
* measurement, verify it against the certificates in the fs-verity keyring.
|
* measurement, verify it against the certificates in the fs-verity keyring.
|
||||||
|
@ -179,6 +179,7 @@ static bool verify_page(struct inode *inode, const struct fsverity_info *vi,
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* fsverity_verify_page() - verify a data page
|
* fsverity_verify_page() - verify a data page
|
||||||
|
* @page: the page to verity
|
||||||
*
|
*
|
||||||
* Verify a page that has just been read from a verity file. The page must be a
|
* Verify a page that has just been read from a verity file. The page must be a
|
||||||
* pagecache page that is still locked and not yet uptodate.
|
* pagecache page that is still locked and not yet uptodate.
|
||||||
@ -206,6 +207,7 @@ EXPORT_SYMBOL_GPL(fsverity_verify_page);
|
|||||||
#ifdef CONFIG_BLOCK
|
#ifdef CONFIG_BLOCK
|
||||||
/**
|
/**
|
||||||
* fsverity_verify_bio() - verify a 'read' bio that has just completed
|
* fsverity_verify_bio() - verify a 'read' bio that has just completed
|
||||||
|
* @bio: the bio to verify
|
||||||
*
|
*
|
||||||
* Verify a set of pages that have just been read from a verity file. The pages
|
* Verify a set of pages that have just been read from a verity file. The pages
|
||||||
* must be pagecache pages that are still locked and not yet uptodate. Pages
|
* must be pagecache pages that are still locked and not yet uptodate. Pages
|
||||||
@ -264,6 +266,7 @@ EXPORT_SYMBOL_GPL(fsverity_verify_bio);
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* fsverity_enqueue_verify_work() - enqueue work on the fs-verity workqueue
|
* fsverity_enqueue_verify_work() - enqueue work on the fs-verity workqueue
|
||||||
|
* @work: the work to enqueue
|
||||||
*
|
*
|
||||||
* Enqueue verification work for asynchronous processing.
|
* Enqueue verification work for asynchronous processing.
|
||||||
*/
|
*/
|
||||||
|
@ -121,23 +121,23 @@ static inline struct fsverity_info *fsverity_get_info(const struct inode *inode)
|
|||||||
|
|
||||||
/* enable.c */
|
/* enable.c */
|
||||||
|
|
||||||
extern int fsverity_ioctl_enable(struct file *filp, const void __user *arg);
|
int fsverity_ioctl_enable(struct file *filp, const void __user *arg);
|
||||||
|
|
||||||
/* measure.c */
|
/* measure.c */
|
||||||
|
|
||||||
extern int fsverity_ioctl_measure(struct file *filp, void __user *arg);
|
int fsverity_ioctl_measure(struct file *filp, void __user *arg);
|
||||||
|
|
||||||
/* open.c */
|
/* open.c */
|
||||||
|
|
||||||
extern int fsverity_file_open(struct inode *inode, struct file *filp);
|
int fsverity_file_open(struct inode *inode, struct file *filp);
|
||||||
extern int fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr);
|
int fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr);
|
||||||
extern void fsverity_cleanup_inode(struct inode *inode);
|
void fsverity_cleanup_inode(struct inode *inode);
|
||||||
|
|
||||||
/* verify.c */
|
/* verify.c */
|
||||||
|
|
||||||
extern bool fsverity_verify_page(struct page *page);
|
bool fsverity_verify_page(struct page *page);
|
||||||
extern void fsverity_verify_bio(struct bio *bio);
|
void fsverity_verify_bio(struct bio *bio);
|
||||||
extern void fsverity_enqueue_verify_work(struct work_struct *work);
|
void fsverity_enqueue_verify_work(struct work_struct *work);
|
||||||
|
|
||||||
#else /* !CONFIG_FS_VERITY */
|
#else /* !CONFIG_FS_VERITY */
|
||||||
|
|
||||||
@ -200,6 +200,7 @@ static inline void fsverity_enqueue_verify_work(struct work_struct *work)
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* fsverity_active() - do reads from the inode need to go through fs-verity?
|
* fsverity_active() - do reads from the inode need to go through fs-verity?
|
||||||
|
* @inode: inode to check
|
||||||
*
|
*
|
||||||
* This checks whether ->i_verity_info has been set.
|
* This checks whether ->i_verity_info has been set.
|
||||||
*
|
*
|
||||||
@ -207,6 +208,8 @@ static inline void fsverity_enqueue_verify_work(struct work_struct *work)
|
|||||||
* be verified or not. Don't use IS_VERITY() for this purpose; it's subject to
|
* be verified or not. Don't use IS_VERITY() for this purpose; it's subject to
|
||||||
* a race condition where the file is being read concurrently with
|
* a race condition where the file is being read concurrently with
|
||||||
* FS_IOC_ENABLE_VERITY completing. (S_VERITY is set before ->i_verity_info.)
|
* FS_IOC_ENABLE_VERITY completing. (S_VERITY is set before ->i_verity_info.)
|
||||||
|
*
|
||||||
|
* Return: true if reads need to go through fs-verity, otherwise false
|
||||||
*/
|
*/
|
||||||
static inline bool fsverity_active(const struct inode *inode)
|
static inline bool fsverity_active(const struct inode *inode)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user