From patchwork Mon Jan 19 06:15:05 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 1614 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1768803380; bh=wnjbwPBXM/5sBrTsYjGCH86UjXDa9uCZlqVAAk5k7vg=; h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=slECpbbvdRABX5lQ8UyGRf+RLBUULqvfiEdLk/aSzFt2GD+95/XYUeXCH3KC/KTTE tqTO76wvhXyD1q4fIi9C+JdIJhZ7Qr7XTyi8Cnss7Mc10qUSjgbFvfie07R2B6M60U 7VxdYBCUnPmZCD4ozy9/EXJKzYFSCuqcPwwu+1i3DP/BzwI1lI9xZea7qD8oZy8rq+ xsGflysPzsOY9wXkzWoiJTg+K1at9SVn2EKeXnrTOy4l8ScyT1RQUXIY6ftqsTZxX6 Ffn0DOkV7XVKdIR87pqe+0aJeRXZHoLfYpcrQT316OcA2tNQv20hBhzESJF8B70K4l YmaqbybIDP5cw== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id F0254694D3 for ; Sun, 18 Jan 2026 23:16:20 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id sL7uRZm2_Cwe for ; Sun, 18 Jan 2026 23:16:20 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1768803380; bh=wnjbwPBXM/5sBrTsYjGCH86UjXDa9uCZlqVAAk5k7vg=; h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=slECpbbvdRABX5lQ8UyGRf+RLBUULqvfiEdLk/aSzFt2GD+95/XYUeXCH3KC/KTTE tqTO76wvhXyD1q4fIi9C+JdIJhZ7Qr7XTyi8Cnss7Mc10qUSjgbFvfie07R2B6M60U 7VxdYBCUnPmZCD4ozy9/EXJKzYFSCuqcPwwu+1i3DP/BzwI1lI9xZea7qD8oZy8rq+ xsGflysPzsOY9wXkzWoiJTg+K1at9SVn2EKeXnrTOy4l8ScyT1RQUXIY6ftqsTZxX6 Ffn0DOkV7XVKdIR87pqe+0aJeRXZHoLfYpcrQT316OcA2tNQv20hBhzESJF8B70K4l YmaqbybIDP5cw== Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id D7567694C7 for ; Sun, 18 Jan 2026 23:16:20 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1768803378; bh=3NsbWntPdnkDy5W7/tV8xyH2QOKS8UF8lAQaz/02sDE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=eDNWw6vMbdny8Fuzq1SX/6HwbNAXROA6StZnNMM2TpmQ1kpdRZZjXWkLX3S/XtzFG Bzi+xjxkoLu/XFMFyL0FeypN0oIrkalbW1v6gtGbDlKKnkU545ZeZfHlbwZwu/HtX3 PbIN9btVyqvOfG0zg+RvRDPbraCSFQyo2BwvT0I+SNFGhHPLY95BdA0K9Y8RqXlzQS zbT7hnPpxw4WBl8Q0NSZ0ow8MkEpQ22XhuNteD0clT+l6LJSU7MPp1NJpABa0LzwIf ZGYJMZlpjdmdDPWgp2JkBACGiltGtrl5zR64euOUxYj8tBLzNXEeaQqrMS42VFeZY+ hqYMlDuVQJ03w== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 540E8694CE; Sun, 18 Jan 2026 23:16:18 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10026) with ESMTP id oqkejP9x3xeB; Sun, 18 Jan 2026 23:16:18 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1768803374; bh=SYY5HsEIDt24tT6xJEwFiWDn03i9I+uaaOujemOTOoY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=RqX5gWg8QcIaklwgnv/UEzSPNnTyge6FyBpLdvc7YQyQJNNv2itq+GZdJAh8+akPB UOPZJoJbDDTLuDVW5LQfpBfDrJTQYdgSYqXqhiX7k9hr40pJfTmI4cI/dxnfDpW1nG 4TQVm5BChxWgTxUupNNDcLYnADcvr1+p/OkaJxga64Qihdtw/Jn1dmmRjKIO+2IcNj zI/VMFoCy3LWPy3VraJcEeCiu/uSyi5sIp1VdFxJBdxcTdRdMrrjic8cVovproQTkk z5vfivCvazBLslpxlzUolMwh96tR39eda/QngYm3TYOMGvyFoFsYy7KKpPgZJYLhJ0 rezE7YsEmHU5Q== Received: from u-boot.org (unknown [73.34.74.121]) by mail.u-boot.org (Postfix) with ESMTPSA id EE33B693AE; Sun, 18 Jan 2026 23:16:13 -0700 (MST) From: Simon Glass To: U-Boot Concept Date: Sun, 18 Jan 2026 23:15:05 -0700 Message-ID: <20260119061529.3383191-8-sjg@u-boot.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260119061529.3383191-1-sjg@u-boot.org> References: <20260119061529.3383191-1-sjg@u-boot.org> MIME-Version: 1.0 Message-ID-Hash: MAT73LWDSLSAX7M3S5HL2RKB44OLICBR X-Message-ID-Hash: MAT73LWDSLSAX7M3S5HL2RKB44OLICBR X-MailFrom: sjg@u-boot.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , "Claude Opus 4 . 5" X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 07/23] linux: Add fsverity.h with fs-verity stubs List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Simon Glass Create linux/fsverity.h with fs-verity operation stubs including IS_VERITY(), fsverity_file_open(), fsverity_prepare_setattr(), fsverity_active(), fsverity_cleanup_inode(), fsverity_verify_bio(), fsverity_enqueue_verify_work(), and fsverity_verify_folio(). U-Boot does not support fs-verity, so these are all no-ops or return constant values indicating no verification. Update ext4_uboot.h to use linux/fsverity.h instead of duplicating these definitions. Co-developed-by: Claude Opus 4.5 Signed-off-by: Simon Glass --- fs/ext4l/ext4_uboot.h | 16 +++---- include/linux/fsverity.h | 97 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+), 11 deletions(-) create mode 100644 include/linux/fsverity.h diff --git a/fs/ext4l/ext4_uboot.h b/fs/ext4l/ext4_uboot.h index 0b1778ad0a6..dc8c9a97877 100644 --- a/fs/ext4l/ext4_uboot.h +++ b/fs/ext4l/ext4_uboot.h @@ -920,7 +920,8 @@ void mapping_clear_folio_cache(struct address_space *mapping); #include /* fscrypt_file_open is in ext4_fscrypt.h */ -#define fsverity_file_open(i, f) ({ (void)(i); (void)(f); 0; }) +/* fsverity_file_open is in linux/fsverity.h */ +#include /* Quota file open - stub */ #define dquot_file_open(i, f) ({ (void)(i); (void)(f); 0; }) @@ -963,9 +964,7 @@ void mapping_clear_folio_cache(struct address_space *mapping); /* fscrypt_name, fscrypt_match_name, and fscrypt stubs are in ext4_fscrypt.h */ -/* fsverity stubs */ -#define fsverity_prepare_setattr(d, a) ({ (void)(d); (void)(a); 0; }) -#define fsverity_active(i) (0) +/* fsverity stubs are in linux/fsverity.h */ /* Inode time setters - needed for ext4.h */ static inline struct timespec64 inode_set_atime_to_ts(struct inode *inode, @@ -1351,8 +1350,7 @@ int inode_generic_drop(struct inode *inode); #define invalidate_inode_buffers(i) do { } while (0) #define clear_inode(i) do { } while (0) -/* fsverity stubs (fscrypt macros are in ext4_fscrypt.h) */ -#define fsverity_cleanup_inode(i) do { } while (0) +/* fsverity_cleanup_inode is in linux/fsverity.h */ /* NFS export helpers are now in linux/exportfs.h */ @@ -1610,11 +1608,7 @@ bool __folio_start_writeback(struct folio *folio, bool keep_write); /* fscrypt readpage stubs are in ext4_fscrypt.h */ -/* fsverity stubs */ -#define fsverity_verify_bio(bio) do { (void)(bio); } while (0) -#define fsverity_enqueue_verify_work(work) do { (void)(work); } while (0) -#define fsverity_verify_folio(f) ({ (void)(f); 1; }) -#define IS_VERITY(inode) (0) +/* fsverity stubs are in linux/fsverity.h */ /* readahead operations are in linux/pagemap.h */ diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h new file mode 100644 index 00000000000..738bea02d3e --- /dev/null +++ b/include/linux/fsverity.h @@ -0,0 +1,97 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * fs-verity definitions for U-Boot + * + * Based on Linux fsverity.h - fs-verity verification. + * U-Boot stub - fs-verity not supported. + */ +#ifndef _LINUX_FSVERITY_H +#define _LINUX_FSVERITY_H + +/* Forward declarations */ +struct bio; +struct dentry; +struct file; +struct folio; +struct iattr; +struct inode; +struct work_struct; + +/** + * IS_VERITY() - check if inode has fs-verity enabled + * @inode: inode to check + * + * U-Boot stub - always returns false. + */ +#define IS_VERITY(inode) (0) + +/** + * fsverity_file_open() - check verity on file open + * @inode: inode being opened + * @file: file being opened + * + * U-Boot stub - always succeeds. + * + * Return: 0 + */ +#define fsverity_file_open(inode, file) \ + ({ (void)(inode); (void)(file); 0; }) + +/** + * fsverity_prepare_setattr() - prepare for attribute change + * @dentry: dentry being modified + * @attr: new attributes + * + * U-Boot stub - always succeeds. + * + * Return: 0 + */ +#define fsverity_prepare_setattr(dentry, attr) \ + ({ (void)(dentry); (void)(attr); 0; }) + +/** + * fsverity_active() - check if verity is active on inode + * @inode: inode to check + * + * U-Boot stub - always returns false. + * + * Return: false + */ +#define fsverity_active(inode) ({ (void)(inode); 0; }) + +/** + * fsverity_cleanup_inode() - cleanup verity data on inode + * @inode: inode to clean up + * + * U-Boot stub - no-op. + */ +#define fsverity_cleanup_inode(inode) do { (void)(inode); } while (0) + +/** + * fsverity_verify_bio() - verify bio data + * @bio: bio to verify + * + * U-Boot stub - no-op. + */ +#define fsverity_verify_bio(bio) do { (void)(bio); } while (0) + +/** + * fsverity_enqueue_verify_work() - enqueue verification work + * @work: work item + * + * U-Boot stub - no-op. + */ +#define fsverity_enqueue_verify_work(work) \ + do { (void)(work); } while (0) + +/** + * fsverity_verify_folio() - verify folio data + * @folio: folio to verify + * + * U-Boot stub - always succeeds. + * + * Return: true (verified) + */ +#define fsverity_verify_folio(folio) ({ (void)(folio); true; }) + +#endif /* _LINUX_FSVERITY_H */