[GIT PULL] fsverity updates for 6.5

From: Eric Biggers
Date: Sun Jun 25 2023 - 21:54:22 EST

Next message: Li zeming: "[PATCH] time: ntp: Remove unnecessary ‘-ENODEV’ values from err"
Previous message: Stephen Rothwell: "linux-next: manual merge of the crypto tree with Linus' tree"
Next in thread: pr-tracker-bot: "Re: [GIT PULL] fsverity updates for 6.5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The following changes since commit f1fcbaa18b28dec10281551dfe6ed3a3ed80e3d6:

Linux 6.4-rc2 (2023-05-14 12:51:40 -0700)

are available in the Git repository at:

https://git.kernel.org/pub/scm/fs/fsverity/linux.git tags/fsverity-for-linus

for you to fetch changes up to 672d6ef4c775cfcd2e00172e23df34e77e495e85:

fsverity: improve documentation for builtin signature support (2023-06-20 22:47:55 -0700)

----------------------------------------------------------------

Several updates for fs/verity/:

- Do all hashing with the shash API instead of with the ahash API. This
simplifies the code and reduces API overhead. It should also make
things slightly easier for XFS's upcoming support for fsverity. It
does drop fsverity's support for off-CPU hash accelerators, but that
support was incomplete and not known to be used.

- Update and export fsverity_get_digest() so that it's ready for
overlayfs's upcoming support for fsverity checking of lowerdata.

- Improve the documentation for builtin signature support.

- Fix a bug in the large folio support.

----------------------------------------------------------------
Eric Biggers (6):
fsverity: use shash API instead of ahash API
fsverity: constify fsverity_hash_alg
fsverity: don't use bio_first_page_all() in fsverity_verify_bio()
fsverity: simplify error handling in verify_data_block()
fsverity: rework fsverity_get_digest() again
fsverity: improve documentation for builtin signature support

Documentation/filesystems/fsverity.rst | 192 +++++++++++++++++++++------------
fs/verity/Kconfig | 16 +--
fs/verity/enable.c | 21 ++--
fs/verity/fsverity_private.h | 23 ++--
fs/verity/hash_algs.c | 139 +++++-------------------
fs/verity/measure.c | 37 +++++--
fs/verity/open.c | 12 +--
fs/verity/read_metadata.c | 4 +-
fs/verity/signature.c | 8 ++
fs/verity/verify.c | 164 +++++++++++-----------------
include/linux/fsverity.h | 14 ++-
security/integrity/ima/ima_api.c | 31 +++---
12 files changed, 299 insertions(+), 362 deletions(-)

Next message: Li zeming: "[PATCH] time: ntp: Remove unnecessary ‘-ENODEV’ values from err"
Previous message: Stephen Rothwell: "linux-next: manual merge of the crypto tree with Linus' tree"
Next in thread: pr-tracker-bot: "Re: [GIT PULL] fsverity updates for 6.5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]