fs-verity: add the hook for file ->open()

Add the fsverity_file_open() function, which prepares an fs-verity file to be read from. If not already done, it loads the fs-verity descriptor from the filesystem and sets up an fsverity_info structure for the inode which describes the Merkle tree and contains the file measurement. It also denies all attempts to open verity files for writing. This commit also begins the include/linux/fsverity.h header, which declares the interface between fs/verity/ and filesystems. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com>
author: Eric Biggers <ebiggers@google.com> 2019-07-22 09:26:22 -0700
committer: Eric Biggers <ebiggers@google.com> 2019-07-28 16:59:16 -0700
commit: fd2d1acfcadfe2e42567afaec5e989b38061a7d2 (patch)
tree: 8a0296afe484924a2fcf59ebfaacf114948d206f /fs/verity/init.c
parent: 5585f2af737ae3d7454cb0ae77b995cd3ac7e43c (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/verity/init.c b/fs/verity/init.c
index 40076bbe452a..fff1fd634335 100644
--- a/fs/verity/init.c
+++ b/fs/verity/init.c
@@ -33,8 +33,14 @@ void fsverity_msg(const struct inode *inode, const char *level,
 
 static int __init fsverity_init(void)
 {
+	int err;
+
 	fsverity_check_hash_algs();
 
+	err = fsverity_init_info_cache();
+	if (err)
+		return err;
+
 	pr_debug("Initialized fs-verity\n");
 	return 0;
 }
author	Eric Biggers <ebiggers@google.com>	2019-07-22 09:26:22 -0700
committer	Eric Biggers <ebiggers@google.com>	2019-07-28 16:59:16 -0700
commit	fd2d1acfcadfe2e42567afaec5e989b38061a7d2 (patch)
tree	8a0296afe484924a2fcf59ebfaacf114948d206f /fs/verity/init.c
parent	5585f2af737ae3d7454cb0ae77b995cd3ac7e43c (diff)