From: Simon Glass <simon.glass@canonical.com> Create linux/fsverity.h with fs-verity operation stubs including IS_VERITY(), fsverity_file_open(), fsverity_prepare_setattr(), fsverity_active(), fsverity_cleanup_inode(), fsverity_verify_bio(), fsverity_enqueue_verify_work(), and fsverity_verify_folio(). U-Boot does not support fs-verity, so these are all no-ops or return constant values indicating no verification. Update ext4_uboot.h to use linux/fsverity.h instead of duplicating these definitions. Co-developed-by: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Simon Glass <simon.glass@canonical.com> --- fs/ext4l/ext4_uboot.h | 16 +++---- include/linux/fsverity.h | 97 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+), 11 deletions(-) create mode 100644 include/linux/fsverity.h diff --git a/fs/ext4l/ext4_uboot.h b/fs/ext4l/ext4_uboot.h index 0b1778ad0a6..dc8c9a97877 100644 --- a/fs/ext4l/ext4_uboot.h +++ b/fs/ext4l/ext4_uboot.h @@ -920,7 +920,8 @@ void mapping_clear_folio_cache(struct address_space *mapping); #include <linux/path.h> /* fscrypt_file_open is in ext4_fscrypt.h */ -#define fsverity_file_open(i, f) ({ (void)(i); (void)(f); 0; }) +/* fsverity_file_open is in linux/fsverity.h */ +#include <linux/fsverity.h> /* Quota file open - stub */ #define dquot_file_open(i, f) ({ (void)(i); (void)(f); 0; }) @@ -963,9 +964,7 @@ void mapping_clear_folio_cache(struct address_space *mapping); /* fscrypt_name, fscrypt_match_name, and fscrypt stubs are in ext4_fscrypt.h */ -/* fsverity stubs */ -#define fsverity_prepare_setattr(d, a) ({ (void)(d); (void)(a); 0; }) -#define fsverity_active(i) (0) +/* fsverity stubs are in linux/fsverity.h */ /* Inode time setters - needed for ext4.h */ static inline struct timespec64 inode_set_atime_to_ts(struct inode *inode, @@ -1351,8 +1350,7 @@ int inode_generic_drop(struct inode *inode); #define invalidate_inode_buffers(i) do { } while (0) #define clear_inode(i) do { } while (0) -/* fsverity stubs (fscrypt macros are in ext4_fscrypt.h) */ -#define fsverity_cleanup_inode(i) do { } while (0) +/* fsverity_cleanup_inode is in linux/fsverity.h */ /* NFS export helpers are now in linux/exportfs.h */ @@ -1610,11 +1608,7 @@ bool __folio_start_writeback(struct folio *folio, bool keep_write); /* fscrypt readpage stubs are in ext4_fscrypt.h */ -/* fsverity stubs */ -#define fsverity_verify_bio(bio) do { (void)(bio); } while (0) -#define fsverity_enqueue_verify_work(work) do { (void)(work); } while (0) -#define fsverity_verify_folio(f) ({ (void)(f); 1; }) -#define IS_VERITY(inode) (0) +/* fsverity stubs are in linux/fsverity.h */ /* readahead operations are in linux/pagemap.h */ diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h new file mode 100644 index 00000000000..738bea02d3e --- /dev/null +++ b/include/linux/fsverity.h @@ -0,0 +1,97 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * fs-verity definitions for U-Boot + * + * Based on Linux fsverity.h - fs-verity verification. + * U-Boot stub - fs-verity not supported. + */ +#ifndef _LINUX_FSVERITY_H +#define _LINUX_FSVERITY_H + +/* Forward declarations */ +struct bio; +struct dentry; +struct file; +struct folio; +struct iattr; +struct inode; +struct work_struct; + +/** + * IS_VERITY() - check if inode has fs-verity enabled + * @inode: inode to check + * + * U-Boot stub - always returns false. + */ +#define IS_VERITY(inode) (0) + +/** + * fsverity_file_open() - check verity on file open + * @inode: inode being opened + * @file: file being opened + * + * U-Boot stub - always succeeds. + * + * Return: 0 + */ +#define fsverity_file_open(inode, file) \ + ({ (void)(inode); (void)(file); 0; }) + +/** + * fsverity_prepare_setattr() - prepare for attribute change + * @dentry: dentry being modified + * @attr: new attributes + * + * U-Boot stub - always succeeds. + * + * Return: 0 + */ +#define fsverity_prepare_setattr(dentry, attr) \ + ({ (void)(dentry); (void)(attr); 0; }) + +/** + * fsverity_active() - check if verity is active on inode + * @inode: inode to check + * + * U-Boot stub - always returns false. + * + * Return: false + */ +#define fsverity_active(inode) ({ (void)(inode); 0; }) + +/** + * fsverity_cleanup_inode() - cleanup verity data on inode + * @inode: inode to clean up + * + * U-Boot stub - no-op. + */ +#define fsverity_cleanup_inode(inode) do { (void)(inode); } while (0) + +/** + * fsverity_verify_bio() - verify bio data + * @bio: bio to verify + * + * U-Boot stub - no-op. + */ +#define fsverity_verify_bio(bio) do { (void)(bio); } while (0) + +/** + * fsverity_enqueue_verify_work() - enqueue verification work + * @work: work item + * + * U-Boot stub - no-op. + */ +#define fsverity_enqueue_verify_work(work) \ + do { (void)(work); } while (0) + +/** + * fsverity_verify_folio() - verify folio data + * @folio: folio to verify + * + * U-Boot stub - always succeeds. + * + * Return: true (verified) + */ +#define fsverity_verify_folio(folio) ({ (void)(folio); true; }) + +#endif /* _LINUX_FSVERITY_H */ -- 2.43.0