Unverified Commit f0883b9c authored Aug 21, 2025 by Christian Brauner

Merge patch series "Move fscrypt and fsverity info out of struct inode"

Eric Biggers <ebiggers@kernel.org> says:

This is a cleaned-up implementation of moving the i_crypt_info and
i_verity_info pointers out of 'struct inode' and into the fs-specific
part of the inode, as proposed previously by Christian at
https://lore.kernel.org/r/20250723-work-inode-fscrypt-v4-0-c8e11488a0e6@kernel.org/

The high-level concept is still the same: fs/crypto/ and fs/verity/
locate the pointer by adding an offset to the address of struct inode.
The offset is retrieved from fscrypt_operations or fsverity_operations.

I've cleaned up a lot of the details, including:
- Grouped changes into patches differently
- Rewrote commit messages and comments to be clearer
- Adjusted code formatting to be consistent with existing code
- Removed unneeded #ifdefs
- Improved choice and location of VFS_WARN_ON_ONCE() statements
- Added missing kerneldoc for ubifs_inode::i_crypt_info
- Moved field initialization to init_once functions when they exist
- Improved ceph offset calculation and removed unneeded static_asserts
- fsverity_get_info() now checks IS_VERITY() instead of v_ops
- fscrypt_put_encryption_info() no longer checks IS_ENCRYPTED(), since I
  no longer think it's actually correct there.
- verity_data_blocks() now keeps doing a raw dereference
- Dropped fscrypt_set_inode_info()
- Renamed some functions
- Do offset calculation using int, so we don't rely on unsigned overflow
- And more.

* patches from https://lore.kernel.org/20250810075706.172910-1-ebiggers@kernel.org:
  fsverity: check IS_VERITY() in fsverity_cleanup_inode()
  fs: remove inode::i_verity_info
  btrfs: move verity info pointer to fs-specific part of inode
  f2fs: move verity info pointer to fs-specific part of inode
  ext4: move verity info pointer to fs-specific part of inode
  fsverity: add support for info in fs-specific part of inode
  fs: remove inode::i_crypt_info
  ceph: move crypt info pointer to fs-specific part of inode
  ubifs: move crypt info pointer to fs-specific part of inode
  f2fs: move crypt info pointer to fs-specific part of inode
  ext4: move crypt info pointer to fs-specific part of inode
  fscrypt: add support for info in fs-specific part of inode
  fscrypt: replace raw loads of info pointer with helper function

Link: https://lore.kernel.org/20250810075706.172910-1-ebiggers@kernel.org


Signed-off-by: Christian Brauner <brauner@kernel.org>

parents 8f5ae30d 8a3d00dd

fs/btrfs/btrfs_inode.h

+5 −0

Original line number	Diff line number	Diff line
		@@ -338,6 +338,11 @@ struct btrfs_inode {
		struct list_head delayed_iput;

		struct rw_semaphore i_mmap_lock;

		#ifdef CONFIG_FS_VERITY
		struct fsverity_info *i_verity_info;
		#endif

		struct inode vfs_inode;
		};

fs/btrfs/inode.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -7961,6 +7961,9 @@ static void init_once(void *foo)
		struct btrfs_inode *ei = foo;

		inode_init_once(&ei->vfs_inode);
		#ifdef CONFIG_FS_VERITY
		ei->i_verity_info = NULL;
		#endif
		}

		void __cold btrfs_destroy_cachep(void)

fs/btrfs/verity.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -802,6 +802,8 @@ static int btrfs_write_merkle_tree_block(struct inode inode, const void buf,
		}

		const struct fsverity_operations btrfs_verityops = {
		.inode_info_offs = (int)offsetof(struct btrfs_inode, i_verity_info) -
		(int)offsetof(struct btrfs_inode, vfs_inode),
		.begin_enable_verity = btrfs_begin_enable_verity,
		.end_enable_verity = btrfs_end_enable_verity,
		.get_verity_descriptor = btrfs_get_verity_descriptor,

fs/ceph/crypto.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -133,6 +133,8 @@ static const union fscrypt_policy ceph_get_dummy_policy(struct super_block sb)
		}

		static struct fscrypt_operations ceph_fscrypt_ops = {
		.inode_info_offs = (int)offsetof(struct ceph_inode_info, i_crypt_info) -
		(int)offsetof(struct ceph_inode_info, netfs.inode),
		.needs_bounce_pages = 1,
		.get_context = ceph_crypt_get_context,
		.set_context = ceph_crypt_set_context,

fs/ceph/inode.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -665,6 +665,7 @@ struct inode ceph_alloc_inode(struct super_block sb)
		ci->i_work_mask = 0;
		memset(&ci->i_btime, '\0', sizeof(ci->i_btime));
		#ifdef CONFIG_FS_ENCRYPTION
		ci->i_crypt_info = NULL;
		ci->fscrypt_auth = NULL;
		ci->fscrypt_auth_len = 0;
		#endif