On Wed, 7 Sep 2022 13:30:58 -0700, Matthias Kaehlcke wrote: > Verity targets can be configured to ignore corrupted data blocks. > LoadPin must only trust verity targets that are configured to > perform some kind of enforcement when data corruption is detected, > like returning an error, restarting the system or triggering a > panic. > > > [...] Applied to for-next/hardening, thanks! [1/1] dm: verity-loadpin: Only trust verity targets with enforcement https://git.kernel.org/kees/c/2e1875c05267 -- Kees Cook -- dm-devel mailing list dm-devel@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/dm-devel