^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) .. SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) Verity files
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) ------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) ext4 supports fs-verity, which is a filesystem feature that provides
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) Merkle tree based hashing for individual readonly files. Most of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) fs-verity is common to all filesystems that support it; see
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) :ref:`Documentation/filesystems/fsverity.rst <fsverity>` for the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) fs-verity documentation. However, the on-disk layout of the verity
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) metadata is filesystem-specific. On ext4, the verity metadata is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) stored after the end of the file data itself, in the following format:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) - Zero-padding to the next 65536-byte boundary. This padding need not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) actually be allocated on-disk, i.e. it may be a hole.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) - The Merkle tree, as documented in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) :ref:`Documentation/filesystems/fsverity.rst
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) <fsverity_merkle_tree>`, with the tree levels stored in order from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) root to leaf, and the tree blocks within each level stored in their
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) natural order.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) - Zero-padding to the next filesystem block boundary.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) - The verity descriptor, as documented in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) :ref:`Documentation/filesystems/fsverity.rst <fsverity_descriptor>`,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) with optionally appended signature blob.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) - Zero-padding to the next offset that is 4 bytes before a filesystem
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) block boundary.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) - The size of the verity descriptor in bytes, as a 4-byte little
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) endian integer.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) Verity inodes have EXT4_VERITY_FL set, and they must use extents, i.e.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) EXT4_EXTENTS_FL must be set and EXT4_INLINE_DATA_FL must be clear.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) They can have EXT4_ENCRYPT_FL set, in which case the verity metadata
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) is encrypted as well as the data itself.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) Verity files cannot have blocks allocated past the end of the verity
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) metadata.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) Verity and DAX are not compatible and attempts to set both of these flags
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) on a file will fail.
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags