From 4dd893d832cf4da5409e1fecea9c4f6452a93f2b Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 22 Jul 2019 09:26:23 -0700 Subject: fs-verity: implement FS_IOC_MEASURE_VERITY ioctl Add a function for filesystems to call to implement the FS_IOC_MEASURE_VERITY ioctl. This ioctl retrieves the file measurement that fs-verity calculated for the given file and is enforcing for reads; i.e., reads that don't match this hash will fail. This ioctl can be used for authentication or logging of file measurements in userspace. See the "FS_IOC_MEASURE_VERITY" section of Documentation/filesystems/fsverity.rst for the documentation. Reviewed-by: Theodore Ts'o Reviewed-by: Jaegeuk Kim Signed-off-by: Eric Biggers --- include/linux/fsverity.h | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'include/linux/fsverity.h') diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h index d1a5dbf450c4..3b6b8ccebe7d 100644 --- a/include/linux/fsverity.h +++ b/include/linux/fsverity.h @@ -118,6 +118,10 @@ static inline struct fsverity_info *fsverity_get_info(const struct inode *inode) extern int fsverity_ioctl_enable(struct file *filp, const void __user *arg); +/* measure.c */ + +extern int fsverity_ioctl_measure(struct file *filp, void __user *arg); + /* open.c */ extern int fsverity_file_open(struct inode *inode, struct file *filp); @@ -145,6 +149,13 @@ static inline int fsverity_ioctl_enable(struct file *filp, return -EOPNOTSUPP; } +/* measure.c */ + +static inline int fsverity_ioctl_measure(struct file *filp, void __user *arg) +{ + return -EOPNOTSUPP; +} + /* open.c */ static inline int fsverity_file_open(struct inode *inode, struct file *filp) -- cgit v1.2.3-70-g09d2