Commit 45a43ac5 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'vfs-7.0-rc1.misc.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs 

Pull more misc vfs updates from Christian Brauner:
 "Features:

   - Optimize close_range() from O(range size) to O(active FDs) by using
     find_next_bit() on the open_fds bitmap instead of linearly scanning
     the entire requested range. This is a significant improvement for
     large-range close operations on sparse file descriptor tables.

   - Add FS_XFLAG_VERITY file attribute for fs-verity files, retrievable
     via FS_IOC_FSGETXATTR and file_getattr(). The flag is read-only.
     Add tracepoints for fs-verity enable and verify operations,
     replacing the previously removed debug printk's.

   - Prevent nfsd from exporting special kernel filesystems like pidfs
     and nsfs. These filesystems have custom ->open() and ->permission()
     export methods that are designed for open_by_handle_at(2) only and
     are incompatible with nfsd. Update the exportfs documentation
     accordingly.

  Fixes:

   - Fix KMSAN uninit-value in ovl_fill_real() where strcmp() was used
     on a non-null-terminated decrypted directory entry name from
     fscrypt. This triggered on encrypted lower layers when the
     decrypted name buffer contained uninitialized tail data.

     The fix also adds VFS-level name_is_dot(), name_is_dotdot(), and
     name_is_dot_dotdot() helpers, replacing various open-coded "." and
     ".." checks across the tree.

   - Fix read-only fsflags not being reset together with xflags in
     vfs_fileattr_set(). Currently harmless since no read-only xflags
     overlap with flags, but this would cause inconsistencies for any
     future shared read-only flag

   - Return -EREMOTE instead of -ESRCH from PIDFD_GET_INFO when the
     target process is in a different pid namespace. This lets userspace
     distinguish "process exited" from "process in another namespace",
     matching glibc's pidfd_getpid() behavior

  Cleanups:

   - Use C-string literals in the Rust seq_file bindings, replacing the
     kernel::c_str!() macro (available since Rust 1.77)

   - Fix typo in d_walk_ret enum comment, add porting notes for the
     readlink_copy() calling convention change"

* tag 'vfs-7.0-rc1.misc.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
  fs: add porting notes about readlink_copy()
  pidfs: return -EREMOTE when PIDFD_GET_INFO is called on another ns
  nfsd: do not allow exporting of special kernel filesystems
  exportfs: clarify the documentation of open()/permission() expotrfs ops
  fsverity: add tracepoints
  fs: add FS_XFLAG_VERITY for fs-verity files
  rust: seq_file: replace `kernel::c_str!` with C-Strings
  fs: dcache: fix typo in enum d_walk_ret comment
  ovl: use name_is_dot* helpers in readdir code
  fs: add helpers name_is_dot{,dot,_dotdot}
  ovl: Fix uninit-value in ovl_fill_real
  fs: reset read-only fsflags together with xflags
  fs/file: optimize close_range() complexity from O(N) to O(Sparse)
parents 543b9b63 dedfae78

Documentation/filesystems/fsverity.rst

+16 −0
Original line number Diff line number Diff line
@@ -341,6 +341,22 @@ the file has fs-verity enabled. This can perform better than 
FS_IOC_GETFLAGS and FS_IOC_MEASURE_VERITY because it doesn't require

opening the file, and opening verity files can be expensive.



FS_IOC_FSGETXATTR

-----------------



Since Linux v7.0, the FS_IOC_FSGETXATTR ioctl sets FS_XFLAG_VERITY (0x00020000)

in the returned flags when the file has verity enabled. Note that this attribute

cannot be set with FS_IOC_FSSETXATTR as enabling verity requires input

parameters. See FS_IOC_ENABLE_VERITY.



file_getattr

------------



Since Linux v7.0, the file_getattr() syscall sets FS_XFLAG_VERITY (0x00020000)

in the returned flags when the file has verity enabled. Note that this attribute

cannot be set with file_setattr() as enabling verity requires input parameters.

See FS_IOC_ENABLE_VERITY.



.. _accessing_verity_files:



Accessing verity files

Documentation/filesystems/porting.rst

+10 −0
Original line number Diff line number Diff line
@@ -1351,3 +1351,13 @@ and do_rmdir()) are gone; they are replaced with non-consuming analogues 
(filename_renameat2(), etc.)

Callers are adjusted - responsibility for dropping the filenames belongs

to them now.



---



**mandatory**



readlink_copy() now requires link length as the 4th argument. Said length needs

to match what strlen() would return if it was ran on the string.



However, if the string is freely accessible for the duration of inode's

lifetime, consider using inode_set_cached_link() instead.

MAINTAINERS

+1 −0
Original line number Diff line number Diff line
@@ -10415,6 +10415,7 @@ T: git https://git.kernel.org/pub/scm/fs/fsverity/linux.git 
F:	Documentation/filesystems/fsverity.rst

F:	fs/verity/

F:	include/linux/fsverity.h

F:	include/trace/events/fsverity.h

F:	include/uapi/linux/fsverity.h









FT260 FTDI USB-HID TO I2C BRIDGE DRIVER
































fs/crypto/fname.c



+1
−1






























Original line number
Diff line number
Diff line







@@ -76,7 +76,7 @@ struct fscrypt_nokey_name {

















static inline bool fscrypt_is_dot_dotdot(const struct qstr *str)









{









	return is_dot_dotdot(str->name, str->len);









	return name_is_dot_dotdot(str->name, str->len);









}



















/**
































fs/dcache.c



+5
−5






























Original line number
Diff line number
Diff line







@@ -1298,8 +1298,8 @@ void shrink_dcache_sb(struct super_block *sb)







EXPORT_SYMBOL(shrink_dcache_sb);



















/**









 * enum d_walk_ret - action to talke during tree walk









 * @D_WALK_CONTINUE:	contrinue walk









 * enum d_walk_ret - action to take during tree walk









 * @D_WALK_CONTINUE:	continue walk









 * @D_WALK_QUIT:	quit walk









 * @D_WALK_NORETRY:	quit when retry is needed









 * @D_WALK_SKIP:	skip this dentry and its children