All of lore.kernel.org
 help / color / mirror / Atom feed
From: Milan Broz <gmazyland@gmail.com>
To: Shivaramakrishnan Vaidyanathan <shivaramakrishnan740@gmail.com>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] verity setup on active device.
Date: Sun, 06 Apr 2014 09:53:38 +0200	[thread overview]
Message-ID: <53410802.3050309@gmail.com> (raw)
In-Reply-To: <CAAQucXbC1JFnx=qYF4XUuRDvK_2YfJsozptkGyU=vpf+JK8wtg@mail.gmail.com>

On 04/06/2014 12:26 AM, Shivaramakrishnan Vaidyanathan wrote:
> Also,
> http://lwn.net/Articles/533558/ tells that
>  "The key advantage over dm-verity is that the target supports read-write and requires less hash calculation operations.Device-mapper "integrity" target provides transparent cryptographic integrity protection of underlying read-write block device using hash-based message authentication codes (HMACs), which can be stored on the same or different block device."
> 
> I dont understand or get the main purpose of this tool. Could you please explain in a bit more elaborate way.Thanks

DM-integrity is completely different tool, I just know it was
proposed on dm-devel but never merged to mainline.

The main difference from dm-verity is obviously it provides read-write
functionality.

Please read dmdevel archive and use Google, there is nice presentation
by author of dm-integrity on LinuxCon Europe (2013)
"Integrity protection solutions in Linux" which shortly mentions both
verity and integrity targets.

(And it is big question if this integrity checking should be on block or filesystem level.)

Milan

  reply	other threads:[~2014-04-06  7:53 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-04-04 21:34 [dm-crypt] verity setup on active device Shiva
2014-04-05 18:39 ` Milan Broz
2014-04-05 22:11   ` Shivaramakrishnan Vaidyanathan
2014-04-05 22:26     ` Shivaramakrishnan Vaidyanathan
2014-04-06  7:53       ` Milan Broz [this message]
2014-04-06 23:13         ` Shivaramakrishnan Vaidyanathan
2014-04-06  7:44     ` Milan Broz
2014-04-07  3:11       ` Shivaramakrishnan Vaidyanathan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53410802.3050309@gmail.com \
    --to=gmazyland@gmail.com \
    --cc=dm-crypt@saout.de \
    --cc=shivaramakrishnan740@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.