On Tue, Sep 17, 2019 at 5:57 PM James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> wrote: > with. The biggest problem with fs-verity has been where to store the > merkel tree. However, what I've heard from IMA people is as long as > the merkle tree storage problem gets solved satisfactorily, they're > perfectly happy to have per page hash verification be an IMA mechanism > because it's a simple extension of policy and an addition of a gate. The way I see this is that the greatest asset to protect on any device is the user data. The data security comes first, then the device security as a mechanism to protect that same data. You could even say that the device security is worthless when the device is empty. The user data is almost always mutable by nature. So, would be really great if the fs-verity metadata storage would take it into a consideration that one day someone will want to use it for the mutable data as well, even if Google does not want at this point in time. Things like photos, videos are ideal use cases for the verity like Ted pointed out. Heck, doubt we would even have the conspiracy over the moon landings anymore if the photos were taken with a device that could reliably identify the device, the device user, location and the time when the photos were taken ;) -- Janne
