diff options
| author | Christoph Hellwig <hch@lst.de> | 2026-01-28 18:26:13 +0300 |
|---|---|---|
| committer | Eric Biggers <ebiggers@kernel.org> | 2026-01-29 20:39:41 +0300 |
| commit | e9734653c523c744f03333ece6ae7a315187f05c (patch) | |
| tree | 415c025fcdf1a0231b59cd464a0ab35e2c11bcf3 /include/linux | |
| parent | 63804fed149a6750ffd28610c5c1c98cce6bd377 (diff) | |
| download | linux-e9734653c523c744f03333ece6ae7a315187f05c.tar.xz | |
fs,fsverity: reject size changes on fsverity files in setattr_prepare
Add the check to reject truncates of fsverity files directly to
setattr_prepare instead of requiring the file system to handle it.
Besides removing boilerplate code, this also fixes the complete lack of
such check in btrfs.
Fixes: 146054090b08 ("btrfs: initial fsverity support")
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jan Kara <jack@suse.cz>
Reviewed-by: "Darrick J. Wong" <djwong@kernel.org>
Link: https://lore.kernel.org/r/20260128152630.627409-2-hch@lst.de
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/fsverity.h | 25 |
1 files changed, 0 insertions, 25 deletions
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h index 5bc7280425a7..86fb1708676b 100644 --- a/include/linux/fsverity.h +++ b/include/linux/fsverity.h @@ -179,7 +179,6 @@ int fsverity_get_digest(struct inode *inode, /* open.c */ int __fsverity_file_open(struct inode *inode, struct file *filp); -int __fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr); void __fsverity_cleanup_inode(struct inode *inode); /** @@ -251,12 +250,6 @@ static inline int __fsverity_file_open(struct inode *inode, struct file *filp) return -EOPNOTSUPP; } -static inline int __fsverity_prepare_setattr(struct dentry *dentry, - struct iattr *attr) -{ - return -EOPNOTSUPP; -} - static inline void fsverity_cleanup_inode(struct inode *inode) { } @@ -338,22 +331,4 @@ static inline int fsverity_file_open(struct inode *inode, struct file *filp) return 0; } -/** - * fsverity_prepare_setattr() - prepare to change a verity inode's attributes - * @dentry: dentry through which the inode is being changed - * @attr: attributes to change - * - * Verity files are immutable, so deny truncates. This isn't covered by the - * open-time check because sys_truncate() takes a path, not a file descriptor. - * - * Return: 0 on success, -errno on failure - */ -static inline int fsverity_prepare_setattr(struct dentry *dentry, - struct iattr *attr) -{ - if (IS_VERITY(d_inode(dentry))) - return __fsverity_prepare_setattr(dentry, attr); - return 0; -} - #endif /* _LINUX_FSVERITY_H */ |