Hi Mikulas, Thanks for the reply. Pavan>> 5. How to update DM-Veirty device without removing device mapping. I tried mounting the dm-verity target but it fails Mikulas> Mikulas> You can't update it. Mikulas> Mikulas> If you want to update it, you need to unmount the filesystem, unload the dm-verity target, mount the underlying device read-write, make changes, unmount it, recreate checksums with veritysetup, load the dm-verity target and mount it read only. If the filesystem is mounted as read-only, how the filesystem can be modified or corrupted (without removing mapping)? How we can test the dm-verity functionality? Thanks, Pavan > > > On Thu, 30 May 2013, pavankumar.p@xxxxxxxxxxxxxxxxxx wrote: > >> Hi All, >> Thanks for your answers to previous questions. I have some more >> doubts >> regarding DM-Verity please clarify it. >> 1. When dm-verity validation fails, do we lose access to the file? And how >> about accessing the rest of the filesystem? > > You lose access to the affected files, but the rest of the filesystem is still accessible. > >> 2. Is there any recovery mechanism for a validation failure? > > No. > >> 3. How do we update a DM-Verity filesystem? Can it be done on a file basis? >> I believe that dm-verity works on the blocks & not on the file system, is >> that true? > > You don't update it. You create the filesystems, then calculate dm-verity > checksums and then mount it read only. > > Yes, dm-verity works on blocks. > >> 4. Can we use dm-verity for any filesystem (say UBIFS)? Is there any restriction on filesystem? > > You can use it for any filesystem. > >> 5. How to update DM-Veirty device without removing device mapping. I tried >> mounting the dm-verity target but it fails > > You can't update it. > > If you want to update it, you need to unmount the filesystem, unload the dm-verity target, mount the underlying device read-write, make changes, unmount it, recreate checksums with veritysetup, load the dm-verity target > and mount it read only. > >> Thanks in advance, >> Pavan Kumar P > > Mikulas > -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
