On Mon, Jan 19, 2026 at 11:02:37AM +0100, Christian Brauner wrote:
> > + if (IS_ENABLED(CONFIG_FS_VERITY) && IS_VERITY(inode)) {
> > + if (filp->f_mode & FMODE_WRITE)
> > + return -EPERM;
> > + return fsverity_file_open(inode, filp);
> > + }
>
> This is the only one where I'm not happy about the location.
> This hides the ordering requirement between fsverity and fscrypt. It's
> easier to miss now. This also really saves very little compared to the
> other changes. So I wonder whether it's really that big of a deal to
> have the call located in the open routines of the filesystems.
So my idea was to do a similar pass for fscrypt eventually, and enforce
the ordering in one place, instead of relying on file systems to get it
right. I'd be fine with delaying this patch until then and give it
another try. The good thing is that unlike say the stat hook fsverity
will simply not work without wiring this up, so it can't be easily
forgotten.
_______________________________________________
Linux-f2fs-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
