Currently, all filesystems that support fsverity (ext4, f2fs, and btrfs)
cache the Merkle tree in the pagecache at a 64K aligned offset after the
end of the file data. This offset needs to be a multiple of the page
size, which is guaranteed only when the page size is 64K or smaller.
64K was chosen to be the "largest reasonable page size". But it isn't
the largest *possible* page size: the hexagon and powerpc ports of Linux
support 256K pages, though that configuration is rarely used.
For now, just disable support for FS_VERITY in these odd configurations
to ensure it isn't used in cases where it would have incorrect behavior.
Fixes: 671e67b47e9f ("fs-verity: add Kconfig and the helper functions for
hashing")
Reported-by: Christoph Hellwig <[email protected]>
Closes: https://lore.kernel.org/r/[email protected]
Signed-off-by: Eric Biggers <[email protected]>
---
fs/verity/Kconfig | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/verity/Kconfig b/fs/verity/Kconfig
index 76d1c5971b82..b20882963ffb 100644
--- a/fs/verity/Kconfig
+++ b/fs/verity/Kconfig
@@ -1,9 +1,12 @@
# SPDX-License-Identifier: GPL-2.0
config FS_VERITY
bool "FS Verity (read-only file-based authenticity protection)"
+ # Filesystems cache the Merkle tree at a 64K aligned offset in the
+ # pagecache. That approach assumes the page size is at most 64K.
+ depends on PAGE_SHIFT <= 16
select CRYPTO_HASH_INFO
select CRYPTO_LIB_SHA256
select CRYPTO_LIB_SHA512
help
This option enables fs-verity. fs-verity is the dm-verity
base-commit: 8934827db5403eae57d4537114a9ff88b0a8460f
--
2.53.0
_______________________________________________
Linux-f2fs-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
