Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-01 02:36:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
672d6ef4c7
linux-stable/Documentation/filesystems
History
Eric Biggers 672d6ef4c7 fsverity: improve documentation for builtin signature support 
fsverity builtin signatures (CONFIG_FS_VERITY_BUILTIN_SIGNATURES) aren't
the only way to do signatures with fsverity, and they have some major
limitations.  Yet, more users have tried to use them, e.g. recently by
https://github.com/ostreedev/ostree/pull/2640.  In most cases this seems
to be because users aren't sufficiently familiar with the limitations of
this feature and what the alternatives are.

Therefore, make some updates to the documentation to try to clarify the
properties of this feature and nudge users in the right direction.

Note that the Integrity Policy Enforcement (IPE) LSM, which is not yet
upstream, is planned to use the builtin signatures.  (This differs from
IMA, which uses its own signature mechanism.)  For that reason, my
earlier patch "fsverity: mark builtin signatures as deprecated"
(https://lore.kernel.org/r/20221208033548.122704-1-ebiggers@kernel.org),
which marked builtin signatures as "deprecated", was controversial.

This patch therefore stops short of marking the feature as deprecated.
I've also revised the language to focus on better explaining the feature
and what its alternatives are.

Link: https://lore.kernel.org/r/20230620041937.5809-1-ebiggers@kernel.org
Reviewed-by: Colin Walters <walters@verbum.org>
Reviewed-by: Luca Boccassi <bluca@debian.org>
Signed-off-by: Eric Biggers <ebiggers@google.com>
2023-06-20 22:47:55 -07:00
..
caching Remove duplicate words inside documentation 2022-09-27 13:21:43 -06:00
cifs ksmbd: update documentation 2022-10-05 01:15:38 -05:00
ext4 docs: ext4: modify the group desc size to 64 2023-03-07 20:24:05 -05:00
nfs Documentation: Fix sysfs path for the NFSv4 client identifier 2023-02-15 11:01:03 -05:00
spufs Documentation: spufs: correct a duplicate word typo 2022-09-27 13:21:44 -06:00
9p.rst fs/9p: Rework cache modes and add new options to Documentation 2023-04-09 21:41:21 +00:00
adfs.rst docs: filesystems: convert adfs.txt to ReST 2020-03-02 13:58:44 -07:00
affs.rst affs: fix basic permission bits to actually work 2020-08-31 12:20:31 +02:00
afs.rst AFS: Documentation: fix a few typos in afs.rst 2021-01-21 14:06:00 -07:00
api-summary.rst block: move fs/block_dev.c to block/bdev.c 2021-09-07 08:39:40 -06:00
autofs-mount-control.rst Documentation: filesystems: autofs-mount-control: drop doubled words 2020-07-05 14:44:29 -06:00
autofs.rst docs: filesystems: Fix grammatical error "with" to "which" 2021-11-15 02:54:37 -07:00
automount-support.rst docs: filesystems: convert automount-support.txt to ReST 2020-05-05 09:22:21 -06:00
befs.rst docs: filesystems: convert befs.txt to ReST 2020-03-02 14:01:25 -07:00
bfs.rst docs: filesystems: convert bfs.txt to ReST 2020-03-02 14:01:26 -07:00
btrfs.rst Documentation: update btrfs list of features and link to readthedocs.io 2022-06-21 14:47:19 +02:00
ceph.rst ceph: remove Sage's git tree from documentation 2022-10-04 19:18:08 +02:00
coda.rst Documentation: coda: annotate duplicated words 2020-07-13 10:02:32 -06:00
configfs.rst configfs: remove mentions of committable items 2022-12-02 11:11:27 +01:00
cramfs.rst docs: filesystems: convert cramfs.txt to ReST 2020-03-02 14:02:07 -07:00
dax.rst Documentation/filesystem/dax: update DAX description on erofs 2022-03-16 09:38:38 +08:00
debugfs.rst debugfs: small Documentation cleaning 2022-11-09 13:58:55 -07:00
devpts.rst docs: filesystems: convert devpts.txt to ReST 2020-05-05 09:22:21 -06:00
directory-locking.rst Documentation: filesystems: directory-locking: drop doubled word 2020-07-05 14:44:29 -06:00
dlmfs.rst ocfs2: replace HTTP links with HTTPS ones 2020-08-07 11:33:22 -07:00
dnotify.rst docs: filesystems: convert dnotify.txt to ReST 2020-05-05 09:22:22 -06:00
ecryptfs.rst docs: prevent warnings due to autosectionlabel 2020-03-20 17:01:29 -06:00
efivarfs.rst docs: filesystems: add info about efivars content 2020-05-25 18:59:59 -06:00
erofs.rst erofs: set block size to the on-disk block size 2023-04-17 01:15:45 +08:00
ext2.rst ext2: remove nobh support 2022-08-02 12:34:04 -04:00
ext3.rst docs: filesystems: convert ext3.txt to ReST 2020-03-02 14:03:16 -07:00
f2fs.rst docs: f2fs: Correct instruction to disable checkpoint 2023-04-12 20:00:36 -07:00
fiemap.rst A lot of bug fixes and cleanups for ext4, including: 2020-06-05 16:19:28 -07:00
files.rst file: Rename fcheck lookup_fd_rcu 2020-12-10 12:40:07 -06:00
fscrypt.rst fscrypt: support decrypting data from large folios 2023-01-28 15:10:12 -08:00
fsverity.rst fsverity: improve documentation for builtin signature support 2023-06-20 22:47:55 -07:00
fuse-io.rst docs: filesystems: convert fuse-io.txt to ReST 2020-05-05 09:22:22 -06:00
fuse.rst fuse: Add module param for CAP_SYS_ADMIN access bypassing allow_other 2022-07-21 16:06:19 +02:00
gfs2-glocks.rst docs: filesystems: convert gfs2-glocks.txt to ReST 2020-06-02 19:45:05 +02:00
gfs2-uevents.rst docs: filesystems: convert gfs2-uevents.txt to ReST 2020-03-02 14:03:35 -07:00
gfs2.rst Documentation: Update filesystems/gfs2.rst 2020-12-01 00:25:20 +01:00
hfs.rst Replace HTTP links with HTTPS ones: Documentation/filesystems 2020-06-26 11:14:12 -06:00
hfsplus.rst docs: filesystems: convert hfsplus.txt to ReST 2020-03-02 14:03:47 -07:00
hpfs.rst Replace HTTP links with HTTPS ones: Documentation/filesystems 2020-06-26 11:14:12 -06:00
idmappings.rst Documentation: update idmappings.rst 2023-03-14 14:16:57 +01:00
index.rst xfs: document the motivation for online fsck design 2023-04-11 18:59:45 -07:00
inotify.rst docs: filesystems: convert inotify.txt to ReST 2020-03-02 14:03:55 -07:00
isofs.rst docs: filesystems: convert isofs.txt to ReST 2020-03-02 14:04:06 -07:00
journalling.rst jbd2: drop jbd2_fc_init documentation 2020-11-06 23:01:03 -05:00
locking.rst mm: hold the RCU read lock over calls to ->map_pages 2023-04-05 19:43:00 -07:00
locks.rst docs: fs: locks.rst: update comment about mandatory file locking 2021-10-19 06:48:21 -04:00
mount_api.rst fs_context: drop the unused lsm_flags member 2023-03-16 14:38:28 +01:00
netfs_library.rst netfs: do not unlock and put the folio twice 2022-07-14 10:10:12 +02:00
nilfs2.rst docs: filesystems: convert nilfs2.txt to ReST 2020-03-02 14:04:06 -07:00
ntfs3.rst fs/ntfs3: Remove noacsrules 2023-03-27 16:59:17 +04:00
ntfs.rst docs: filesystems: convert ntfs.txt to ReST 2020-03-02 14:04:06 -07:00
ocfs2-online-filecheck.rst docs: filesystems: convert ocfs2-online-filecheck.txt to ReST 2020-03-02 14:04:06 -07:00
ocfs2.rst ocfs2: replace HTTP links with HTTPS ones 2020-08-07 11:33:22 -07:00
omfs.rst Replace HTTP links with HTTPS ones: OMFS 2020-07-13 11:24:43 -06:00
orangefs.rst docs: orangefs: fix pvfs2tab literal block 2020-04-28 12:35:47 -06:00
overlayfs.rst Revert "ovl: turn of SB_POSIXACL with idmapped layers temporarily" 2022-07-15 22:10:51 +02:00
path-lookup.rst Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2021-07-03 11:41:14 -07:00
path-lookup.txt Replace HTTP links with HTTPS ones: documentation 2020-06-08 09:30:19 -06:00
porting.rst fs: rename current get acl method 2022-10-20 10:13:27 +02:00
proc.rst Mainly singleton patches all over the place. Series of note are: 2023-04-27 19:57:00 -07:00
qnx6.rst Documentation: filesystems: correct possessive "its" 2022-09-27 13:21:44 -06:00
quota.rst quota: Fixup http links in quota doc 2020-07-09 08:14:01 +02:00
ramfs-rootfs-initramfs.rst Documentation: Fix intiramfs script name 2021-07-18 23:48:14 +09:00
relay.rst docs: filesystems: convert relay.txt to ReST 2020-03-02 14:04:41 -07:00
romfs.rst docs: filesystems: convert romfs.txt to ReST 2020-03-02 14:04:41 -07:00
seq_file.rst seq_file: document how per-entry resources are managed. 2021-02-26 09:41:05 -08:00
sharedsubtree.rst docs: filesystems: convert sharedsubtree.txt to ReST 2020-05-05 09:22:23 -06:00
splice.rst docs: Bring some order to filesystem documentation 2019-03-06 09:46:10 -07:00
squashfs.rst docs: filesystems: convert squashfs.txt to ReST 2020-03-02 14:04:41 -07:00
sysfs.rst driver core: bus: mark the struct bus_type for sysfs callbacks as constant 2023-03-23 13:20:40 +01:00
sysv-fs.rst docs: filesystems: convert sysv-fs.txt to ReST 2020-03-02 14:04:41 -07:00
tmpfs.rst shmem: add support to ignore swap 2023-03-28 16:20:15 -07:00
ubifs-authentication.rst docs: ubifs-authentication: Add a top-level heading 2020-09-09 11:53:33 -06:00
ubifs.rst Documentation: ubifs: Fix compression idiom 2022-10-10 13:01:10 -06:00
udf.rst udf: Replace HTTP links with HTTPS ones 2020-07-14 14:37:39 +02:00
vfat.rst docs: filesystems: Fix a mundane typo 2021-03-25 11:51:23 -06:00
vfs.rst docs: filesystems: vfs: actualize struct super_operations description 2023-03-14 12:12:12 -06:00
virtiofs.rst virtiofs: Add mount option and atime behavior to the doc 2020-04-20 17:01:34 +02:00
xfs-delayed-logging-design.rst Documentation: filesystems: correct possessive "its" 2022-09-27 13:21:44 -06:00
xfs-online-fsck-design.rst xfs: document future directions of online fsck 2023-04-11 18:59:52 -07:00
xfs-self-describing-metadata.rst xfs: document the filesystem metadata checking strategy 2023-04-11 18:59:47 -07:00
zonefs.rst documentation: zonefs: Document sysfs attributes 2022-04-26 14:53:06 +09:00