diff options
| author | Boris Burkov <boris@bur.io> | 2022-08-15 13:54:28 -0700 |
|---|---|---|
| committer | David Sterba <dsterba@suse.com> | 2022-09-26 12:27:55 +0200 |
| commit | 38622010a6de3a62cc72688348548854ed82dcf5 (patch) | |
| tree | 0ea2e8084cf69994d818ec9a0bc9ba50d3ab82b4 /fs/verity | |
| parent | e5677f056010298d3a8d43f710f8b445dd73462d (diff) | |
btrfs: send: add support for fs-verity
Preserve the fs-verity status of a btrfs file across send/recv.
There is no facility for installing the Merkle tree contents directly on
the receiving filesystem, so we package up the parameters used to enable
verity found in the verity descriptor. This gives the receive side
enough information to properly enable verity again. Note that this means
that receive will have to re-compute the whole Merkle tree, similar to
how compression worked before encoded_write.
Since the file becomes read-only after verity is enabled, it is
important that verity is added to the send stream after any file writes.
Therefore, when we process a verity item, merely note that it happened,
then actually create the command in the send stream during
'finish_inode_if_needed'.
This also creates V3 of the send stream format, without any format
changes besides adding the new commands and attributes.
Signed-off-by: Boris Burkov <boris@bur.io>
Signed-off-by: David Sterba <dsterba@suse.com>
Diffstat (limited to 'fs/verity')
| -rw-r--r-- | fs/verity/fsverity_private.h | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/fs/verity/fsverity_private.h b/fs/verity/fsverity_private.h index 629785c95007..dbe1ce5b450a 100644 --- a/fs/verity/fsverity_private.h +++ b/fs/verity/fsverity_private.h @@ -70,8 +70,6 @@ struct fsverity_info { const struct inode *inode; }; -/* Arbitrary limit to bound the kmalloc() size. Can be changed. */ -#define FS_VERITY_MAX_DESCRIPTOR_SIZE 16384 #define FS_VERITY_MAX_SIGNATURE_SIZE (FS_VERITY_MAX_DESCRIPTOR_SIZE - \ sizeof(struct fsverity_descriptor)) |