Lines Matching full:files

14 of read-only files.  Currently, it is supported by the ext4 and f2fs
20 but works on files rather than block devices.  On regular files on
58 (APK) files, for example.  These typically contain many translations,
68 still be used on read-only filesystems.  fs-verity is for files that
73 authenticating the files is up to userspace.  However, to meet some
76 that all fs-verity files be signed by a key loaded into a keyring; see
131 take a long time to execute on large files, and it is interruptible by
235 opening the file, and opening verity files can be expensive.
237 Accessing verity files
243 - Verity files are readonly.  They cannot be opened for writing or
247   allowed, since these are not measured by fs-verity.  Verity files
250 - Direct I/O is not supported on verity files.  Attempts to use direct
251   I/O on such files will fall back to buffered I/O.
253 - DAX (Direct Access) is not supported on verity files, because this
266 its "verity"-ness.  fs-verity is primarily meant for files like
314 large files the Merkle tree's size converges to approximately 1/127 of
315 the original file size.  However, for small files, the padding is
369    When set to 1, the kernel requires that all verity files have a
384 authenticity protection for verity files, as an alternative to doing
388 files being swapped around.
411 To create verity files on an ext4 filesystem, the filesystem must have
419 ext4 sets the EXT4_VERITY_FL on-disk inode flag on verity files.  It
429 i_size.  This approach works because (a) verity files are readonly,
440 also only supports extent-based files.
447 To create verity files on an f2fs filesystem, the filesystem must have
450 f2fs sets the FADVISE_VERITY_BIT on-disk inode flag on verity files.
461 Also, f2fs doesn't support enabling verity on files that currently
542 Files on ext4 and f2fs may contain holes.  Normally, ``->readpages()``
547 ext4 and f2fs disable direct I/O on verity files, since otherwise
549 encrypted files.)
560 including examples of setting up fs-verity protected files.
579     hashing individual files using a Merkle tree.  In contrast, IMA
580     specifies a system-wide policy that specifies which files are
601     userspace code that authenticates the files; fs-verity is just a
603     userspace code will consider non-verity files to be inauthentic.
645     wasn't a critical use case.  Files are usually installed once and
676 :Q: Since verity files are immutable, why isn't the immutable bit set?