Expand description
Linux fs-verity support for integrity verification.
This module provides complete fs-verity functionality including userspace digest computation, kernel ioctl interfaces for enabling and measuring verity, and hash value types for SHA-256 and SHA-512.
Modulesยง
- digest ๐
- Userspace fs-verity digest computation.
- hashvalue ๐
- Hash value types and trait definitions for fs-verity.
- ioctl ๐
- Low-level ioctl interfaces for fs-verity kernel operations.
Structsยง
- FsVerity
Hasher - Incremental fs-verity digest computation.
- Sha256
Hash Value - A SHA-256 hash value for fs-verity operations.
- Sha512
Hash Value - A SHA-512 hash value for fs-verity operations.
Enumsยง
- Compare
Verity Error - A verity comparison failed.
- Enable
Verity Error - Enabling fsverity failed.
- Measure
Verity Error - Measuring fsverity failed.
Traitsยง
- FsVerity
Hash Value - Trait for fs-verity hash value types supporting SHA-256 and SHA-512.
Functionsยง
- compute_
verity - Compute the fs-verity digest for a given block of data, in userspace.
- enable_
verity_ maybe_ copy - Enable fs-verity on the given file. If the given file cannot be enabled because it is opened as writable, then a new copy of the file will be returned instead. No attempt is made to sync the copied file contents to disk, it is up to the caller to do so if desired.
- enable_
verity_ ๐on_ copy - Enable fs-verity on a new copy of
fd, consumingfdand returning the new copy. The copy is created via O_TMPFILE relative todirfd. - enable_
verity_ raw - Enable fs-verity on the given file.
- enable_
verity_ with_ retry - Enable fs-verity on the given file, retrying if file is opened for writing.
- ensure_
verity_ equal - Compare the fs-verity digest of the file versus the expected digest.
- measure_
verity - Measures fs-verity on the given file.
- measure_
verity_ opt - Measures fs-verity on the given file.