[dm-devel] DM-Verity Tool
pavankumar.p at globaledgesoft.com
pavankumar.p at globaledgesoft.com
Thu May 23 06:41:15 UTC 2013
Hi Milan,
Thanks for the reply.
> I think the question was about tool to generate hash,
> not the target itself.
As mentioned by you, I was looking for a tool which generates the root
hash (digest) which can be used as a parameter to dmsetup tool. I used
sha256sum tool to generate the hash but dmsetup is not accepting this
hash.
Thanks to Mikulas for providing the link to veritysetup using which I
could configure verity target. But still I have some doubts regarding
dmsetup & veritysetup
1. What are the difference between configuring a verity target using
dmsetup & veritysetup. Can these be used interchangeably?
2. I tried passing the root hash value generated by veritysetup as a
parameter to dmsetup but this doesn't work. On doing dmsetup status, the
output is showing as the target corrupted (C). I examined dmesg & found
the following error
[22885.758996] device-mapper: verity: metadata block 62 is corrupted
[22885.759001] Buffer I/O error on device dm-1, logical block 1
3. After creating a verity target using "veritysetup" how to test the
target for corrupted case (As soon as creating the status is Verified (V))
?
Thanks in advance
Pavan
> On 05/22/2013 01:07 PM, Marian Csontos wrote:
>> On 05/21/2013 05:11 PM, pavankumar.p at globaledgesoft.com wrote:
>>> Hello Mandeep,
>>> I was trying to download the source code to generate the hash from the
following location. But looks like this is moved. Pls share the latest
git
>>> hub location of the source.
>>> http://git.chromium.org/cgi-bin/gitweb.cgi?p=dm-verity.git;a=tree
>> Hi Pavan, dm-verity is in upstream kernel tree now:
>> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/md/dm-verity.c
>
> I think the question was about tool to generate hash,
> not the target itself.
>
> In any case, dm-verity is in kernel and veritysetup tool is part of
upstream
> cryptsetup package.
>
> Documentation to kernel dm-verity
> http://code.google.com/p/cryptsetup/wiki/DMVerity
>
> And some release notes info about veritysetup (see man page as well)
http://code.google.com/p/cryptsetup/wiki/Cryptsetup150
>
> Milan
>
>
More information about the dm-devel
mailing list