diff options
| author | Eric Biggers <ebiggers@google.com> | 2022-12-14 14:43:02 -0800 |
|---|---|---|
| committer | Eric Biggers <ebiggers@google.com> | 2023-01-01 15:46:48 -0800 |
| commit | 01d90c07a592b532c7a673dfd8baa6d6e496273d (patch) | |
| tree | cc7c24c3f7b9ea47812358d6acabd5e60e6115d2 /include/linux/fsverity.h | |
| parent | a6528a960b78715d4c3d2c9cda85714b15a0faa4 (diff) | |
| download | linux-01d90c07a592b532c7a673dfd8baa6d6e496273d.tar.gz linux-01d90c07a592b532c7a673dfd8baa6d6e496273d.tar.bz2 linux-01d90c07a592b532c7a673dfd8baa6d6e496273d.zip | |
fsverity: optimize fsverity_prepare_setattr() on non-verity files
Make fsverity_prepare_setattr() an inline function that does the
IS_VERITY() check, then (if needed) calls __fsverity_prepare_setattr()
to do the real work. This reduces the overhead on non-verity files.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Acked-by: Dave Chinner <dchinner@redhat.com>
Link: https://lore.kernel.org/r/20221214224304.145712-3-ebiggers@kernel.org
Diffstat (limited to 'include/linux/fsverity.h')
| -rw-r--r-- | include/linux/fsverity.h | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h index 326bf2e2b903..84b498fff7ec 100644 --- a/include/linux/fsverity.h +++ b/include/linux/fsverity.h @@ -149,7 +149,7 @@ int fsverity_get_digest(struct inode *inode, /* open.c */ int __fsverity_file_open(struct inode *inode, struct file *filp); -int fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr); +int __fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr); void fsverity_cleanup_inode(struct inode *inode); /* read_metadata.c */ @@ -198,10 +198,10 @@ static inline int __fsverity_file_open(struct inode *inode, struct file *filp) return -EOPNOTSUPP; } -static inline int fsverity_prepare_setattr(struct dentry *dentry, - struct iattr *attr) +static inline int __fsverity_prepare_setattr(struct dentry *dentry, + struct iattr *attr) { - return IS_VERITY(d_inode(dentry)) ? -EOPNOTSUPP : 0; + return -EOPNOTSUPP; } static inline void fsverity_cleanup_inode(struct inode *inode) @@ -274,4 +274,22 @@ static inline int fsverity_file_open(struct inode *inode, struct file *filp) return 0; } +/** + * fsverity_prepare_setattr() - prepare to change a verity inode's attributes + * @dentry: dentry through which the inode is being changed + * @attr: attributes to change + * + * Verity files are immutable, so deny truncates. This isn't covered by the + * open-time check because sys_truncate() takes a path, not a file descriptor. + * + * Return: 0 on success, -errno on failure + */ +static inline int fsverity_prepare_setattr(struct dentry *dentry, + struct iattr *attr) +{ + if (IS_VERITY(d_inode(dentry))) + return __fsverity_prepare_setattr(dentry, attr); + return 0; +} + #endif /* _LINUX_FSVERITY_H */ |