| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 Nov 2019 17:48:47 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: linux-ext4@...r.kernel.org
Subject: [PATCH 1/6] chattr.1: document the verity attribute
From: Eric Biggers <ebiggers@...gle.com>
Document the verity file attribute ('V').
Signed-off-by: Eric Biggers <ebiggers@...gle.com>
---
misc/chattr.1.in | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/misc/chattr.1.in b/misc/chattr.1.in
index 1c9e8964..2122a13e 100644
--- a/misc/chattr.1.in
+++ b/misc/chattr.1.in
@@ -52,7 +52,8 @@ The following attributes are read-only, and may be listed by
but not modified by chattr:
encrypted (E),
indexed directory (I),
-and inline data (N).
+inline data (N),
+and verity (V).
.PP
Not all flags are supported or utilized by all filesystems; refer to
filesystem-specific man pages such as
@@ -189,6 +190,15 @@ saved. This allows the user to ask for its undeletion. Note: please
make sure to read the bugs and limitations section at the end of this
document.
.PP
+A file with the 'V' attribute set has fs-verity enabled. It cannot be
+written to, and the filesystem will automatically verify all data read
+from it against a cryptographic hash that covers the entire file's
+contents, e.g. via a Merkle tree. This makes it possible to efficiently
+authenticate the file. This attribute may not be set or reset using
+.BR chattr (1),
+although it can be displayed by
+.BR lsattr (1).
+.PP
.SH AUTHOR
.B chattr
was written by Remy Card <Remy.Card@...ux.org>. It is currently being
--
2.24.0
Powered by blists - more mailing lists