Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

FS-VERITY Updated For Read-Only, File-Based Authenticity Protection On EXT4/F2FS

Written by Michael Larabel in Linux Storage on 19 February 2019 at 12:03 AM EST. 4 Comments

LINUX STORAGE

Since November we haven't heard much about Google's effort around FS-VERITY as transparent integrity / authenticity support for read-only files on a writable file-system. Fortunately, the effort didn't stop and new patches are pending for this implementation that complements DM-VERITY.

FS-VERITY offers read-only, file-based authenticity protection on a per-file basis that can reside on a read-write file-system, like DM-VERITY being at the block level. FS-VERITY is being implemented as its own framework akin to fs-crypt for file-system encryption. The initial Linux file-systems that Google cares about for hooking into FS-VERITY are EXT4 and F2FS, both of which are used by Android devices.

More details on the current FS-VERITY implementation are outlined in this cover letter while the patches under review can be found via this fsverity branch.

Embedded above is a video about FS-VERITY from the Linux Security Summit in 2018. Android currently makes use of DM-VERITY for verifying its system image but in the future, fs-verity could potentially replace it as well as extending the file authenticity support on the mobile operating system.

4 Comments

Related News

OpenZFS 2.3-rc4 Released With Linux 6.12 LTS Support

Linux Fixes Regression That Broke File Names With ❤️ & Other Special Characters

OpenZFS 2.2.7 Released With Linux 6.12 Support, Many Fixes

Optimizing Linux MD Bitmap Code Yields 89% Throughput Boost For Quad SSDs

NFS Server Scalability Improvement & Other NFS Enhancements For Linux 6.13

IO_uring Enjoys Hybrid IO Polling & Ring Resizing With Linux 6.13

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts

How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs

Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd

Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal

GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd

KDE Starts December By Landing A Number Of New Features

NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance

Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries