-
Milan Broz authored
The kernel 4.17 will include a new dm-verity flag that instructs kernel to verify data blocks only once. This patch adds support for it to libcryptsetup and veritysetup. This flag can be dangerous; if you can control underlying device (you can change its content after it was verified) it will no longer prevent reading tampered data and also it does not prevent to silent data corrruptions that appears after the block was once read.
fef5121c