On Thu, 30 May 2013, pavankumar.p@xxxxxxxxxxxxxxxxxx wrote: > Hi All, > Thanks for your answers to previous questions. I have some more doubts > regarding DM-Verity please clarify it. > > > 1. When dm-verity validation fails, do we lose access to the file? And how > about accessing the rest of the filesystem? You lose access to the affected files, but the rest of the filesystem is still accessible. > 2. Is there any recovery mechanism for a validation failure? No. > 3. How do we update a DM-Verity filesystem? Can it be done on a file basis? > I believe that dm-verity works on the blocks & not on the file system, is > that true? You don't update it. You create the filesystems, then calculate dm-verity checksums and then mount it read only. Yes, dm-verity works on blocks. > 4. Can we use dm-verity for any filesystem (say UBIFS)? Is there any > restriction on filesystem? You can use it for any filesystem. > 5. How to update DM-Veirty device without removing device mapping. I tried > mounting the dm-verity target but it fails You can't update it. If you want to update it, you need to unmount the filesystem, unload the dm-verity target, mount the underlying device read-write, make changes, unmount it, recreate checksums with veritysetup, load the dm-verity target and mount it read only. > Thanks in advance, > Pavan Kumar P Mikulas -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel