This patchset provides support for fsverity in btrfs. At a high level, we store the verity descriptor and Merkle tree data in the file system btree with the file's inode as the objectid, and direct reads/writes to those items to implement the generic fsverity interface required by fs/verity/.
The first patch is a preparatory patch which adds a notion of compat_flags to the btrfs_inode and inode_item in order to allow enabling verity on a file without making the file system unmountable for older kernels. (It runs afoul of the leaf corruption check otherwise) The second patch is the bulk of the fsverity implementation. It implements the fsverity interface and adds verity checks for the typical file reading case. The third patch cleans up the corner cases in readpage, covering inline extents, preallocated extents, and holes. The fourth patch handles direct io of a veritied file by falling back to buffered io. The fifth patch adds a feature file in sysfs for verity. Boris Burkov (4): btrfs: add compat_flags to btrfs_inode_item btrfs: check verity for reads of inline extents and holes btrfs: fallback to buffered io for verity files btrfs: add sysfs feature for fsverity Chris Mason (1): btrfs: initial fsverity support fs/btrfs/Makefile | 1 + fs/btrfs/btrfs_inode.h | 2 + fs/btrfs/ctree.h | 14 +- fs/btrfs/delayed-inode.c | 2 + fs/btrfs/extent_io.c | 29 +- fs/btrfs/file.c | 9 + fs/btrfs/inode.c | 31 +- fs/btrfs/ioctl.c | 21 +- fs/btrfs/super.c | 1 + fs/btrfs/sysfs.c | 6 + fs/btrfs/tree-log.c | 1 + fs/btrfs/verity.c | 527 ++++++++++++++++++++++++++++++++ include/uapi/linux/btrfs.h | 1 + include/uapi/linux/btrfs_tree.h | 15 +- 14 files changed, 625 insertions(+), 35 deletions(-) create mode 100644 fs/btrfs/verity.c -- 2.24.1