diff options
author | Miklos Szeredi <mszeredi@redhat.com> | 2025-02-10 20:14:37 +0100 |
---|---|---|
committer | Miklos Szeredi <mszeredi@redhat.com> | 2025-04-30 10:55:27 +0200 |
commit | b71db54ef3b86c94eb87f68a6d4d3d866e704a4a (patch) | |
tree | 1bcd45bbd972c2fd5e39cf481df63db6b47d8340 /scripts/gdb/linux/modules.py | |
parent | 5ef7bcdeecc982ae17d13b682a85123c7d74b200 (diff) |
ovl: don't require "metacopy=on" for "verity"
This allows the "verity" mount option to be used with "userxattr" data-only
layer(s).
Also it allows dropping the "metacopy=on" option when the "datadir+" option
is to be used. This cleanly separates the two features that have been
lumped together under "metacopy=on":
- data-redirect: data access is redirected to the data-only layer
- meta-copy: copy up metadata only if possible
Previous patches made sure that with "userxattr" metacopy only works in the
lower -> data scenario.
In this scenario the lower (metadata) layer must be secured against
tampering, in which case the verity checksums contained in this layer can
ensure integrity of data even in the case of an untrusted data layer.
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Diffstat (limited to 'scripts/gdb/linux/modules.py')
0 files changed, 0 insertions, 0 deletions