[dm-crypt] verity setup on active device.
shivaramakrishnan740 at gmail.com
Mon Apr 7 01:13:15 CEST 2014
I don't see the downloadable version for dm-integrity .Is there a link to
it.I see just dm-verity
Can you please let me know the link?
On Sun, Apr 6, 2014 at 3:53 AM, Milan Broz <gmazyland at gmail.com> wrote:
> On 04/06/2014 12:26 AM, Shivaramakrishnan Vaidyanathan wrote:
> > Also,
> > http://lwn.net/Articles/533558/ tells that
> > "The key advantage over dm-verity is that the target supports
> read-write and requires less hash calculation operations.Device-mapper
> "integrity" target provides transparent cryptographic integrity protection
> of underlying read-write block device using hash-based message
> authentication codes (HMACs), which can be stored on the same or different
> block device."
> > I dont understand or get the main purpose of this tool. Could you please
> explain in a bit more elaborate way.Thanks
> DM-integrity is completely different tool, I just know it was
> proposed on dm-devel but never merged to mainline.
> The main difference from dm-verity is obviously it provides read-write
> Please read dmdevel archive and use Google, there is nice presentation
> by author of dm-integrity on LinuxCon Europe (2013)
> "Integrity protection solutions in Linux" which shortly mentions both
> verity and integrity targets.
> (And it is big question if this integrity checking should be on block or
> filesystem level.)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dm-crypt