fsverity: add dependency on 64K or smaller pages

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Currently, all filesystems that support fsverity (ext4, f2fs, and btrfs)
cache the Merkle tree in the pagecache at a 64K aligned offset after the
end of the file data. This offset needs to be a multiple of the page
size, which is guaranteed only when the page size is 64K or smaller.

64K was chosen to be the "largest reasonable page size". But it isn't
the largest *possible* page size: the hexagon and powerpc ports of Linux
support 256K pages, though that configuration is rarely used.

For now, just disable support for FS_VERITY in these odd configurations
to ensure it isn't used in cases where it would have incorrect behavior.

Fixes: 671e67b47e9f ("fs-verity: add Kconfig and the helper functions for hashing")
Reported-by: Christoph Hellwig <hch@lst.de>
Closes: https://lore.kernel.org/r/20260119063349.GA643@lst.de
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Link: https://lore.kernel.org/r/20260221204525.30426-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>

Eric Biggers 3 days ago a3000002 6de23f81

1 changed file

expand all

unified split

verity

Kconfig

fs/verity/Kconfig

··· 2 2 3 3 config FS_VERITY 4 4 bool "FS Verity (read-only file-based authenticity protection)" 5 + # Filesystems cache the Merkle tree at a 64K aligned offset in the 6 + # pagecache. That approach assumes the page size is at most 64K. 7 + depends on PAGE_SHIFT <= 16 5 8 select CRYPTO_HASH_INFO 6 9 select CRYPTO_LIB_SHA256 7 10 select CRYPTO_LIB_SHA512