Re: DM-Verity Tool

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Milan,

> By corrupting the image? :) See tests/verity-compat-test in cryptsetup
> tree, it is basic regression test which is simulating both data and hash
> corruption (it just dd random data to know offset and expects failure.)

In tests/verity-compat-test, in the following line
"check_root_hash  512
9de18652fe74edfb9b805aaed72ae2aa48f94333f1ba5c452ac33b1c39325174 $SALT 1
sha256 8388608"

How's the last parameter (hash_offset) calculated? it's hard coded
here(8388608).

Regards,
Pavan


> Hi All,
>
> Thanks a lot for your support. Now I am able to configure verity target
> using both veritysetup & dmsetup.
>
> Regards,
> Pavan
>
>
>>
>> On 05/23/2013 08:41 AM, pavankumar.p@xxxxxxxxxxxxxxxxxx wrote:
>>> 1. What are the difference between configuring a verity target using
>>> dmsetup & veritysetup. Can these be used interchangeably?
>>
>> dmsetup is just low level tool, you need to know all table parameters
>> while veritysetup will prepare table for you using high level commands
>> and on-disk metadata (if present).
>>
>>> 2. I tried passing the root hash value generated by veritysetup as a
>>> parameter to dmsetup but this doesn't work. On doing dmsetup status,
>>> the
>>> output is showing as the target corrupted (C). I examined dmesg & found
>>> the following error
>>
>> Be sure you are using proper parameters, metadata version etc.
>>
>> Try activate device with veritysetup, then run "dmsetup table" and
>> check what is different in your dmsetup line.
>>
>>> 3. After creating a verity target using "veritysetup" how to test the
>>> target for corrupted case (As soon as creating the status is Verified
>>> (V))
>>
>> By corrupting the image? :) See tests/verity-compat-test in cryptsetup
>> tree, it is basic regression test which is simulating both data and hash
>> corruption (it just dd random data to know offset and expects failure.)
>>
>> Milan
>>
>
>

--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel




[Index of Archives]     [DM Crypt]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite Discussion]     [KDE Users]     [Fedora Docs]

  Powered by Linux