1# SPDX-License-Identifier: GPL-2.0 2 3config FS_VERITY 4 bool "FS Verity (read-only file-based authenticity protection)" 5 select CRYPTO 6 select CRYPTO_HASH_INFO 7 # SHA-256 is selected as it's intended to be the default hash algorithm. 8 # To avoid bloat, other wanted algorithms must be selected explicitly. 9 select CRYPTO_SHA256 10 help 11 This option enables fs-verity. fs-verity is the dm-verity 12 mechanism implemented at the file level. On supported 13 filesystems (currently ext4, f2fs, and btrfs), userspace can 14 use an ioctl to enable verity for a file, which causes the 15 filesystem to build a Merkle tree for the file. The filesystem 16 will then transparently verify any data read from the file 17 against the Merkle tree. The file is also made read-only. 18 19 This serves as an integrity check, but the availability of the 20 Merkle tree root hash also allows efficiently supporting 21 various use cases where normally the whole file would need to 22 be hashed at once, such as: (a) auditing (logging the file's 23 hash), or (b) authenticity verification (comparing the hash 24 against a known good value, e.g. from a digital signature). 25 26 fs-verity is especially useful on large files where not all 27 the contents may actually be needed. Also, fs-verity verifies 28 data each time it is paged back in, which provides better 29 protection against malicious disks vs. an ahead-of-time hash. 30 31 If unsure, say N. 32 33config FS_VERITY_BUILTIN_SIGNATURES 34 bool "FS Verity builtin signature support" 35 depends on FS_VERITY 36 select SYSTEM_DATA_VERIFICATION 37 help 38 This option adds support for in-kernel verification of 39 fs-verity builtin signatures. 40 41 Please take great care before using this feature. It is not 42 the only way to do signatures with fs-verity, and the 43 alternatives (such as userspace signature verification, and 44 IMA appraisal) can be much better. For details about the 45 limitations of this feature, see 46 Documentation/filesystems/fsverity.rst. 47 48 If unsure, say N. 49