pub fn measure_verity<H: FsVerityHashValue>(
fd: impl AsFd,
) -> Result<H, MeasureVerityError>Expand description
Measures fs-verity on the given file.
This essentially boils down to the FS_IOC_MEASURE_VERITY ioctl.
If the file has fs-verity enabled then the hash of the fs-verity descriptor is reported as the successful return value. In this case, the kernel guarantees that the file content cannot possibly change for as long as the file descriptor exists.
If the file doesn’t have fs-verity enabled then an error will be returned.
This function is generic over the hash algorithm, which means that you need to choose the expected hash algorithm in advance. If the file has fs-verity enabled, but with a different hash algorithm, then this is also considered an error.
For a version of this function which returns an Option<> depending on if fs-verity is enabled
or not, see measure_verity_opt().
Simply measuring the fs-verity value of a file is not a common operation: you usually want to
compare it to a value that you already know. In that case, it’s better to use the
compare_verity() function in this module.