Home
last modified time | relevance | path

Searched refs:verity (Results 1 – 25 of 25) sorted by relevance

/Linux-v5.10/Documentation/filesystems/
Dfsverity.rst6 fs-verity: read-only file-based authenticity protection
12 fs-verity (``fs/verity/``) is a support layer that filesystems can
16 needed to support fs-verity.
18 fs-verity is similar to `dm-verity
19 <https://www.kernel.org/doc/Documentation/device-mapper/verity.txt>`_
21 filesystems supporting fs-verity, userspace can execute an ioctl that
31 that fs-verity is enforcing for the file. This ioctl executes in
34 fs-verity is essentially a way to hash a file in constant time,
41 By itself, the base fs-verity feature only provides integrity
44 However, because fs-verity makes retrieving the file hash extremely
[all …]
Dubifs-authentication.rst32 layer, the dm-integrity or dm-verity subsystems [DM-INTEGRITY, DM-VERITY]
444 [DM-VERITY] https://www.kernel.org/doc/Documentation/device-mapper/verity.rst
/Linux-v5.10/fs/verity/
DKconfig10 This option enables fs-verity. fs-verity is the dm-verity
13 ioctl to enable verity for a file, which causes the filesystem
25 fs-verity is especially useful on large files where not all
26 the contents may actually be needed. Also, fs-verity verifies
36 Enable debugging messages related to fs-verity by default.
38 Say N unless you are an fs-verity developer.
45 Support verifying signatures of verity files against the X.509
46 certificates that have been loaded into the ".fs-verity"
50 used to provide an authenticity guarantee for verity files, as
52 need to check that the verity bit is set in order to get an
/Linux-v5.10/Documentation/filesystems/ext4/
Dverity.rst6 ext4 supports fs-verity, which is a filesystem feature that provides
8 fs-verity is common to all filesystems that support it; see
10 fs-verity documentation. However, the on-disk layout of the verity
11 metadata is filesystem-specific. On ext4, the verity metadata is
25 - The verity descriptor, as documented in
32 - The size of the verity descriptor in bytes, as a 4-byte little
37 They can have EXT4_ENCRYPT_FL set, in which case the verity metadata
40 Verity files cannot have blocks allocated past the end of the verity
Doverview.rst27 .. include:: verity.rst
/Linux-v5.10/drivers/md/
DMakefile23 dm-verity-y += dm-verity-target.o
70 obj-$(CONFIG_DM_VERITY) += dm-verity.o
90 dm-verity-objs += dm-verity-fec.o
94 dm-verity-objs += dm-verity-verify-sig.o
DKconfig524 be called dm-verity.
534 Add ability for dm-verity device to be validated if the
546 Add forward error correction support to dm-verity. This option
/Linux-v5.10/Documentation/admin-guide/device-mapper/
Ddm-init.rst32 <target_type> ::= "verity" | "linear" | ... (see list below)
61 `verity` allowed
85 dm-verity,,3,ro,
86 0 1638400 verity 1 /dev/sdc1 /dev/sdc2 4096 4096 204800 1 sha256
120 "verity"::
122 dm-verity,,4,ro,
123 0 1638400 verity 1 8:1 8:2 4096 4096 204800 1 sha256
Dverity.rst2 dm-verity
5 Device-Mapper's "verity" target provides transparent integrity checking of
40 dm-verity device.
105 verity <dev> is encrypted the <fec_dev> should be too.
122 rather than every time. This reduces the overhead of dm-verity so that it
142 dm-verity is meant to be set up as part of a verified boot path. This
146 When a dm-verity device is configured, it is expected that the caller
194 The verity kernel code does not read the verity metadata on-disk header.
197 verity header.
222 "0 2097152 verity 1 /dev/sda1 /dev/sda2 4096 4096 262144 1 sha256 "\
Dindex.rst36 verity
/Linux-v5.10/fs/f2fs/
DMakefile11 f2fs-$(CONFIG_FS_VERITY) += verity.o
Dcompress.c718 void f2fs_decompress_pages(struct bio *bio, struct page *page, bool verity) in f2fs_decompress_pages() argument
801 if (verity) in f2fs_decompress_pages()
803 if (!verity) in f2fs_decompress_pages()
809 if (!verity) in f2fs_decompress_pages()
1558 unsigned int cluster_size, bool err, bool verity) in f2fs_decompress_end_io() argument
1571 if (!verity || fsverity_verify_page(rpage)) { in f2fs_decompress_end_io()
Ddata.c131 static void __read_end_io(struct bio *bio, bool compr, bool verity) in __read_end_io() argument
142 f2fs_decompress_pages(bio, page, verity); in __read_end_io()
145 if (verity) in __read_end_io()
163 static void __f2fs_read_end_io(struct bio *bio, bool compr, bool verity) in __f2fs_read_end_io() argument
166 __read_end_io(bio, false, verity); in __f2fs_read_end_io()
170 static void f2fs_decompress_bio(struct bio *bio, bool verity) in f2fs_decompress_bio() argument
172 __read_end_io(bio, true, verity); in f2fs_decompress_bio()
Dsysfs.c612 F2FS_FEATURE_RO_ATTR(verity, FEAT_VERITY);
700 ATTR_LIST(verity),
Df2fs.h3911 void f2fs_decompress_pages(struct bio *bio, struct page *page, bool verity);
3926 unsigned int cluster_size, bool err, bool verity);
4004 F2FS_FEATURE_FUNCS(verity, VERITY);
/Linux-v5.10/fs/ext4/
DMakefile19 ext4-$(CONFIG_FS_VERITY) += verity.o
Dsysfs.c315 EXT4_ATTR_FEATURE(verity);
332 ATTR_LIST(verity),
Dinode.c1278 bool verity = ext4_verity_in_progress(inode); in ext4_write_end() local
1300 if (!verity) in ext4_write_end()
1305 if (old_size < pos && !verity) in ext4_write_end()
1316 if (pos + len > inode->i_size && !verity && ext4_can_truncate(inode)) in ext4_write_end()
1327 if (pos + len > inode->i_size && !verity) { in ext4_write_end()
1388 bool verity = ext4_verity_in_progress(inode); in ext4_journalled_write_end() local
1418 if (!verity) in ext4_journalled_write_end()
1425 if (old_size < pos && !verity) in ext4_journalled_write_end()
1434 if (pos + len > inode->i_size && !verity && ext4_can_truncate(inode)) in ext4_journalled_write_end()
1445 if (pos + len > inode->i_size && !verity) { in ext4_journalled_write_end()
Dext4.h2006 EXT4_FEATURE_RO_COMPAT_FUNCS(verity, VERITY) in EXT4_FEATURE_COMPAT_FUNCS()
/Linux-v5.10/security/loadpin/
DKconfig12 dm-verity or a CDROM.
/Linux-v5.10/Documentation/admin-guide/LSM/
DLoadPin.rst8 such as dm-verity or CDROM. This allows systems that have a verified
/Linux-v5.10/fs/
DMakefile39 obj-$(CONFIG_FS_VERITY) += verity/
DKconfig116 source "fs/verity/Kconfig"
/Linux-v5.10/Documentation/admin-guide/
Dext4.rst96 * file-based verity support (fsverity)
/Linux-v5.10/
DMAINTAINERS7236 F: fs/verity/