Lines Matching refs:verity

34 a file's origin, such as dm-verity or fs-verity, which provide a layer of
36 that trust files from a dm-verity protected device. dm-verity ensures the
38 of its contents. Similarly, fs-verity offers filesystem-level integrity
40 fs-verity. These two features cannot be turned off once established, so
50 property. The latter includes checking the roothash of a dm-verity
51 protected device, determining whether dm-verity possesses a valid
52 signature, assessing the digest of a fs-verity protected file, or
53 determining whether fs-verity possesses a valid built-in signature. This
648    specific dm-verity volumes, identified via their root hashes. It has a
673    This property can be utilized for authorization of all dm-verity
675    specified by dm-verity's configuration, either the system trusted
705    This property is used to authorize all fs-verity enabled files that have
706    been verified by fs-verity's built-in signature mechanism. The signature
707    verification relies on a key stored within the ".fs-verity" keyring. It
737 Allow any signed and validated dm-verity volume and the initramfs
748 Prohibit execution from a specific dm-verity volume
761 Allow only a specific dm-verity volume
771 Allow any fs-verity file with a valid built-in signature
781 Allow execution of a specific fs-verity file