Re: DM-Verity Tool

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Thu, 30 May 2013, pavankumar.p@xxxxxxxxxxxxxxxxxx wrote:

> Hi All,
>    Thanks for your answers to previous questions. I have some more doubts
> regarding DM-Verity please clarify it.
> 
> 
> 1. When dm-verity validation fails, do we lose access to the file?  And how
> about accessing the rest of the filesystem?

You lose access to the affected files, but the rest of the filesystem is 
still accessible.

> 2. Is there any recovery mechanism for a validation failure?

No.

> 3. How do we update a DM-Verity filesystem?  Can it be done on a file basis?
> I believe that dm-verity works on the blocks & not on the file system, is
> that true?

You don't update it. You create the filesystems, then calculate dm-verity 
checksums and then mount it read only.

Yes, dm-verity works on blocks.

> 4. Can we use dm-verity for any filesystem (say UBIFS)? Is there any
> restriction on filesystem?

You can use it for any filesystem.

> 5. How to update DM-Veirty device without removing device mapping. I tried
> mounting the dm-verity target but it fails

You can't update it.

If you want to update it, you need to unmount the filesystem, unload the 
dm-verity target, mount the underlying device read-write, make changes, 
unmount it, recreate checksums with veritysetup, load the dm-verity target 
and mount it read only.

> Thanks in advance,
> Pavan Kumar P

Mikulas

--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel




[Index of Archives]     [DM Crypt]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite Discussion]     [KDE Users]     [Fedora Docs]

  Powered by Linux