On Wed, Jun 19 2019 at 3:10pm -0400, Jaskaran Khurana <jaskarankhurana@xxxxxxxxxxxxxxxxxxx> wrote: > The verification is to support cases where the roothash is not secured by > Trusted Boot, UEFI Secureboot or similar technologies. > One of the use cases for this is for dm-verity volumes mounted after boot, > the root hash provided during the creation of the dm-verity volume has to > be secure and thus in-kernel validation implemented here will be used > before we trust the root hash and allow the block device to be created. > > The signature being provided for verification must verify the root hash and > must be trusted by the builtin keyring for verification to succeed. > > The hash is added as a key of type "user" and the description is passed to > the kernel so it can look it up and use it for verification. > > Kernel commandline parameter will indicate whether to check (only if > specified) or force (for all dm verity volumes) roothash signature > verification. > > Kernel commandline: dm_verity.verify_sig=1 or 2 for check/force root hash > signature validation respectively. > > Signed-off-by: Jaskaran Khurana <jaskarankhurana@xxxxxxxxxxxxxxxxxxx> Milan and/or others: could you please provide review and if you're OK with this patch respond accordingly? Thanks, Mike
