On Wed, Mar 17, 2021 at 04:09:46PM -0700, Aditya Prakash wrote: > Hi, > I am trying to implement DM-Verity for the rootfs. However, I am not sure > what the scope of DM Verity. I can see that given a root/sudo user, I can > unload the verity target, write to rootfs and format and load it again, is > it possible that this is normal that can be carried out using rootkits or > any privileged app? > Also, how can DM-Verity ensure that the system boots to correct rootfs if > rootfs was changed after an OTA? > Please help me to understand the actual scope of DM Verity > > Thanks, > AP dm-verity's only job is to verify the contents of a block device against a root hash which is provided by userspace when setting up the dm-verity target. It's up to the userspace code setting up dm-verity to provide the "correct" root hash -- for example, by verifying that the root hash is digitally signed by a trusted source. Take a look at how dm-verity is used in Verified Boot in Android and Chrome OS, for example. There are multiple components, and dm-verity is just one of them. - Eric _______________________________________________ dm-crypt mailing list -- dm-crypt@xxxxxxxx To unsubscribe send an email to dm-crypt-leave@xxxxxxxx
