On Sat, 8 Aug 2020, Chuck Lever wrote: > My interest is in code integrity enforcement for executables stored > in NFS files. > > My struggle with IPE is that due to its dependence on dm-verity, it > does not seem to able to protect content that is stored separately > from its execution environment and accessed via a file access > protocol (FUSE, SMB, NFS, etc). It's not dependent on DM-Verity, that's just one possible integrity verification mechanism, and one of two supported in this initial version. The other is 'boot_verified' for a verified or otherwise trusted rootfs. Future versions will support FS-Verity, at least. IPE was designed to be extensible in this way, with a strong separation of mechanism and policy. Whatever is implemented for NFS should be able to plug in to IPE pretty easily. -- James Morris <jmorris@xxxxxxxxx>
