fsverity.rst - OpenGrok cross reference for /linux/Documentation/filesystems/fsverity.rst

Lines Matching full:files
14 of read-only files.  Currently, it is supported by the ext4, f2fs, and
20 but works on files rather than block devices.  On regular files on
52 (APK) files, for example.  These typically contain many translations,
62 still be used on read-only filesystems.  fs-verity is for files that
72   files can be trusted to authenticate them.  Consider e.g. an
73   application that wants to authenticate data files before using them,
85   "IMA appraisal" enforces that files contain a valid, matching
90   control decisions based on immutable security properties of files,
93   files using properties ``fsverity_digest`` for identifying
94   files by their verity digest, and ``fsverity_signature`` to authorize
95   files with a verified fs-verity's built-in signature. For
155 take a long time to execute on large files, and it is interruptible by
342 opening the file, and opening verity files can be expensive.
346 Accessing verity files
352 - Verity files are readonly.  They cannot be opened for writing or
356   allowed, since these are not measured by fs-verity.  Verity files
359 - Direct I/O is not supported on verity files.  Attempts to use direct
360   I/O on such files will fall back to buffered I/O.
362 - DAX (Direct Access) is not supported on verity files, because this
374 its "verity"-ness.  fs-verity is primarily meant for files like
386 compute fs-verity file digests itself, e.g. in order to sign files.
422 large files the Merkle tree's size converges to approximately 1/127 of
423 the original file size.  However, for small files, the padding is
478    relies on this behavior to recognize and label fsverity files
482    When set to 1, the kernel requires that all verity files have a
502   that any files actually have fs-verity enabled.  Thus, it is not a
505   code to explicitly check whether files have fs-verity enabled with a
515   files with a verified fs-verity builtin signature to perform certain
526   all fs-verity enabled files on the system.  Different keys cannot be
527   trusted for different files; each key is all or nothing.
586 To create verity files on an ext4 filesystem, the filesystem must have
596 ext4 sets the EXT4_VERITY_FL on-disk inode flag on verity files.  It
606 i_size.  This approach works because (a) verity files are readonly,
615 ext4 only allows verity on extent-based files.
622 To create verity files on an f2fs filesystem, the filesystem must have
625 f2fs sets the FADVISE_VERITY_BIT on-disk inode flag on verity files.
635 f2fs doesn't support enabling verity on files that currently have
720 On many filesystems, files can contain holes.  Normally,
726 Filesystems also disable direct I/O on verity files, since otherwise
738 including examples of setting up fs-verity protected files.
757     hashing individual files using a Merkle tree.  In contrast, IMA
758     specifies a system-wide policy that specifies which files are
779     userspace code that authenticates the files; fs-verity is just a
781     userspace code will consider non-verity files to be inauthentic.
823     wasn't a critical use case.  Files are usually installed once and
854 :Q: Since verity files are immutable, why isn't the immutable bit set?