Lines Matching +full:block +full:- +full:offset
1 // SPDX-License-Identifier: GPL-2.0
3 * Data verification functions, i.e. hooks for ->readahead()
16 * Returns true if the hash block with index @hblock_idx in the tree, located in
26 * When the Merkle tree block size and page size are the same, then the in is_hash_block_verified()
27 * ->hash_block_verified bitmap isn't allocated, and we use PG_checked in is_hash_block_verified()
28 * to directly indicate whether the page's block has been verified. in is_hash_block_verified()
30 * Using PG_checked also guarantees that we re-verify hash pages that in is_hash_block_verified()
31 * get evicted and re-instantiated from the backing storage, as new in is_hash_block_verified()
34 if (!vi->hash_block_verified) in is_hash_block_verified()
38 * When the Merkle tree block size and page size differ, we use a bitmap in is_hash_block_verified()
39 * to indicate whether each hash block has been verified. in is_hash_block_verified()
42 * re-instantiated from the backing storage are re-verified. To do in is_hash_block_verified()
48 * Otherwise we return the bitmap bit for the requested block. in is_hash_block_verified()
56 * bitmap bit again at worst causes a hash block to be verified in is_hash_block_verified()
66 return test_bit(hblock_idx, vi->hash_block_verified); in is_hash_block_verified()
68 blocks_per_page = vi->tree_params.blocks_per_page; in is_hash_block_verified()
71 clear_bit(hblock_idx + i, vi->hash_block_verified); in is_hash_block_verified()
82 * Verify a single data block against the file's Merkle tree.
86 * only ascend the tree until an already-verified hash block is seen, and then
87 * verify the path to that block.
89 * Return: %true if the data block is valid, else %false.
95 const struct merkle_tree_params *params = &vi->tree_params; in verify_data_block()
96 const unsigned int hsize = params->digest_size; in verify_data_block()
103 /* Page containing the hash block */ in verify_data_block()
105 /* Mapped address of the hash block (will be within @page) */ in verify_data_block()
107 /* Index of the hash block in the tree overall */ in verify_data_block()
109 /* Byte offset of the wanted hash relative to @addr */ in verify_data_block()
113 * The index of the previous level's block within that level; also the in verify_data_block()
114 * index of that block's hash within the current level. in verify_data_block()
116 u64 hidx = data_pos >> params->log_blocksize; in verify_data_block()
121 if (unlikely(data_pos >= inode->i_size)) { in verify_data_block()
124 * tree block size is less than the page size. The Merkle tree in verify_data_block()
130 if (memchr_inv(data, 0, params->block_size)) { in verify_data_block()
140 * the way until we find a hash block that has already been verified, or in verify_data_block()
143 for (level = 0; level < params->num_levels; level++) { in verify_data_block()
153 * The index of the block in the current level; also the index in verify_data_block()
154 * of that block's hash within the next level. in verify_data_block()
156 next_hidx = hidx >> params->log_arity; in verify_data_block()
158 /* Index of the hash block in the tree overall */ in verify_data_block()
159 hblock_idx = params->level_start[level] + next_hidx; in verify_data_block()
162 hpage_idx = hblock_idx >> params->log_blocks_per_page; in verify_data_block()
164 /* Byte offset of the hash block within the page */ in verify_data_block()
166 (hblock_idx << params->log_blocksize) & ~PAGE_MASK; in verify_data_block()
168 /* Byte offset of the hash within the block */ in verify_data_block()
169 hoffset = (hidx << params->log_digestsize) & in verify_data_block()
170 (params->block_size - 1); in verify_data_block()
172 hpage = inode->i_sb->s_vop->read_merkle_tree_page(inode, in verify_data_block()
174 params->tree_pages - hpage_idx) : 0); in verify_data_block()
196 want_hash = vi->root_hash; in verify_data_block()
199 for (; level > 0; level--) { in verify_data_block()
200 struct page *hpage = hblocks[level - 1].page; in verify_data_block()
201 const void *haddr = hblocks[level - 1].addr; in verify_data_block()
202 unsigned long hblock_idx = hblocks[level - 1].index; in verify_data_block()
203 unsigned int hoffset = hblocks[level - 1].hoffset; in verify_data_block()
210 * Mark the hash block as verified. This must be atomic and in verify_data_block()
211 * idempotent, as the same hash block might be verified by in verify_data_block()
214 if (vi->hash_block_verified) in verify_data_block()
215 set_bit(hblock_idx, vi->hash_block_verified); in verify_data_block()
224 /* Finally, verify the data block. */ in verify_data_block()
234 data_pos, level - 1, in verify_data_block()
235 params->hash_alg->name, hsize, want_hash, in verify_data_block()
236 params->hash_alg->name, hsize, real_hash); in verify_data_block()
238 for (; level > 0; level--) { in verify_data_block()
239 kunmap_local(hblocks[level - 1].addr); in verify_data_block()
240 put_page(hblocks[level - 1].page); in verify_data_block()
246 verify_data_blocks(struct folio *data_folio, size_t len, size_t offset, in verify_data_blocks() argument
249 struct inode *inode = data_folio->mapping->host; in verify_data_blocks()
250 struct fsverity_info *vi = inode->i_verity_info; in verify_data_blocks()
251 const unsigned int block_size = vi->tree_params.block_size; in verify_data_blocks()
252 u64 pos = (u64)data_folio->index << PAGE_SHIFT; in verify_data_blocks()
254 if (WARN_ON_ONCE(len <= 0 || !IS_ALIGNED(len | offset, block_size))) in verify_data_blocks()
263 data = kmap_local_folio(data_folio, offset); in verify_data_blocks()
264 valid = verify_data_block(inode, vi, data, pos + offset, in verify_data_blocks()
269 offset += block_size; in verify_data_blocks()
270 len -= block_size; in verify_data_blocks()
276 * fsverity_verify_blocks() - verify data in a folio
279 * @offset: the offset of the data to verify in the folio
283 * length and offset of the data must be Merkle tree block size aligned.
287 bool fsverity_verify_blocks(struct folio *folio, size_t len, size_t offset) in fsverity_verify_blocks() argument
289 return verify_data_blocks(folio, len, offset, 0); in fsverity_verify_blocks()
295 * fsverity_verify_bio() - verify a 'read' bio that has just completed
299 * must be aligned to the file's Merkle tree block size. If any data fails
300 * verification, then bio->bi_status is set to an error status.
302 * This is a helper function for use by the ->readahead() method of filesystems
304 * populate the page cache without issuing bios (e.g. non block-based
313 if (bio->bi_opf & REQ_RAHEAD) { in fsverity_verify_bio()
317 * when a Merkle tree page is read, we also try to piggy-back on in fsverity_verify_bio()
318 * some additional pages -- up to 1/4 the number of data pages. in fsverity_verify_bio()
323 max_ra_pages = bio->bi_iter.bi_size >> (PAGE_SHIFT + 2); in fsverity_verify_bio()
327 if (!verify_data_blocks(fi.folio, fi.length, fi.offset, in fsverity_verify_bio()
329 bio->bi_status = BLK_STS_IOERR; in fsverity_verify_bio()
338 * fsverity_enqueue_verify_work() - enqueue work on the fs-verity workqueue
352 * Use a high-priority workqueue to prioritize verification work, which in fsverity_init_workqueue()