Announcement

Collapse
No announcement yet.

FS-VERITY Updated For Read-Only, File-Based Authenticity Protection On EXT4/F2FS

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • ebiggers
    replied
    Originally posted by doublez13 View Post

    What use cases does dm-verify have that fs-verify couldn't fulfill?
    dm-verity authenticates a whole block device including all filesystem metadata, while fs-verity only authenticates individual files. dm-verity is generally the better option for read-only filesystems, but it can't be used on writable filesystems.

    Leave a comment:


  • doublez13
    replied
    Originally posted by ebiggers View Post
    Also, fs-verity is not intended to replace dm-verity in Android, but rather be used to verify important files on the userdata partition where dm-verity cannot be used.
    What use cases does dm-verify have that fs-verify couldn't fulfill?

    Leave a comment:


  • ebiggers
    replied
    Also, fs-verity is not intended to replace dm-verity in Android, but rather be used to verify important files on the userdata partition where dm-verity cannot be used.

    Leave a comment:


  • ebiggers
    replied
    To clarify, the "v3" patches you linked to in my git repository are work-in-progress and haven't been sent out for review yet. We need consensus on the API to move forward; see this LWN article and the latest API proposal.

    Leave a comment:


  • FS-VERITY Updated For Read-Only, File-Based Authenticity Protection On EXT4/F2FS

    Phoronix: FS-VERITY Updated For Read-Only, File-Based Authenticity Protection On EXT4/F2FS

    Since November we haven't heard much about Google's effort around FS-VERITY as transparent integrity / authenticity support for read-only files on a writable file-system. Fortunately, the effort didn't stop and new patches are pending for this implementation that complements DM-VERITY...

    http://www.phoronix.com/scan.php?pag...e-Authenticity
Working...
X