lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 12 May 2020 22:43:17 -0700
        Andreas Dilger <>,
        "Theodore Y. Ts'o" <>, Jan Kara <>
Cc:     Ira Weiny <>, Al Viro <>,
        Dan Williams <>,
        Dave Chinner <>,
        Christoph Hellwig <>, Jeff Moyer <>,
        "Darrick J. Wong" <>,,
Subject: [PATCH 2/9] fs/ext4: Disallow verity if inode is DAX

From: Ira Weiny <>

Verity and DAX are incompatible.  Changing the DAX mode due to a verity
flag change is wrong without a corresponding address_space_operations

Make the 2 options mutually exclusive by returning an error if DAX was
set first.

(Setting DAX is already disabled if Verity is set first.)

Signed-off-by: Ira Weiny <>

	remove WARN_ON_ONCE
	Add documentation for DAX/Verity exclusivity
 Documentation/filesystems/ext4/verity.rst | 7 +++++++
 fs/ext4/verity.c                          | 3 +++
 2 files changed, 10 insertions(+)

diff --git a/Documentation/filesystems/ext4/verity.rst b/Documentation/filesystems/ext4/verity.rst
index 3e4c0ee0e068..51ab1aa17e59 100644
--- a/Documentation/filesystems/ext4/verity.rst
+++ b/Documentation/filesystems/ext4/verity.rst
@@ -39,3 +39,10 @@ is encrypted as well as the data itself.
 Verity files cannot have blocks allocated past the end of the verity
+Verity and DAX
+Verity and DAX are not compatible and attempts to set both of these flags on a
+file will fail.
diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c
index dc5ec724d889..f05a09fb2ae4 100644
--- a/fs/ext4/verity.c
+++ b/fs/ext4/verity.c
@@ -113,6 +113,9 @@ static int ext4_begin_enable_verity(struct file *filp)
 	handle_t *handle;
 	int err;
+	if (IS_DAX(inode))
+		return -EINVAL;
 	if (ext4_verity_in_progress(inode))
 		return -EBUSY;

Powered by blists - more mailing lists