fs/verity/Kconfig - linux - Git at Google

 # SPDX-License-Identifier: GPL-2.0

 config FS_VERITY
 	bool "FS Verity (read-only file-based authenticity protection)"
 	select CRYPTO
 	select CRYPTO_HASH_INFO
 	# SHA-256 is implied as it's intended to be the default hash algorithm.
 	# To avoid bloat, other wanted algorithms must be selected explicitly.
 	# Note that CRYPTO_SHA256 denotes the generic C implementation, but
 	# some architectures provided optimized implementations of the same
 	# algorithm that may be used instead. In this case, CRYPTO_SHA256 may
 	# be omitted even if SHA-256 is being used.
 	imply CRYPTO_SHA256
 	help
 	  This option enables fs-verity.  fs-verity is the dm-verity
 	  mechanism implemented at the file level.  On supported
 	  filesystems (currently ext4, f2fs, and btrfs), userspace can
 	  use an ioctl to enable verity for a file, which causes the
 	  filesystem to build a Merkle tree for the file.  The filesystem
 	  will then transparently verify any data read from the file
 	  against the Merkle tree.  The file is also made read-only.

 	  This serves as an integrity check, but the availability of the
 	  Merkle tree root hash also allows efficiently supporting
 	  various use cases where normally the whole file would need to
 	  be hashed at once, such as: (a) auditing (logging the file's
 	  hash), or (b) authenticity verification (comparing the hash
 	  against a known good value, e.g. from a digital signature).

 	  fs-verity is especially useful on large files where not all
 	  the contents may actually be needed.  Also, fs-verity verifies
 	  data each time it is paged back in, which provides better
 	  protection against malicious disks vs. an ahead-of-time hash.

 	  If unsure, say N.

 config FS_VERITY_BUILTIN_SIGNATURES
 	bool "FS Verity builtin signature support"
 	depends on FS_VERITY
 	select SYSTEM_DATA_VERIFICATION
 	help
 	  This option adds support for in-kernel verification of
 	  fs-verity builtin signatures.

 	  Please take great care before using this feature.  It is not
 	  the only way to do signatures with fs-verity, and the
 	  alternatives (such as userspace signature verification, and
 	  IMA appraisal) can be much better.  For details about the
 	  limitations of this feature, see
 	  Documentation/filesystems/fsverity.rst.

 	  If unsure, say N.
	# SPDX-License-Identifier: GPL-2.0

	config FS_VERITY
	bool "FS Verity (read-only file-based authenticity protection)"
	select CRYPTO
	select CRYPTO_HASH_INFO
	# SHA-256 is implied as it's intended to be the default hash algorithm.
	# To avoid bloat, other wanted algorithms must be selected explicitly.
	# Note that CRYPTO_SHA256 denotes the generic C implementation, but
	# some architectures provided optimized implementations of the same
	# algorithm that may be used instead. In this case, CRYPTO_SHA256 may
	# be omitted even if SHA-256 is being used.
	imply CRYPTO_SHA256
	help
	This option enables fs-verity. fs-verity is the dm-verity
	mechanism implemented at the file level. On supported
	filesystems (currently ext4, f2fs, and btrfs), userspace can
	use an ioctl to enable verity for a file, which causes the
	filesystem to build a Merkle tree for the file. The filesystem
	will then transparently verify any data read from the file
	against the Merkle tree. The file is also made read-only.

	This serves as an integrity check, but the availability of the
	Merkle tree root hash also allows efficiently supporting
	various use cases where normally the whole file would need to
	be hashed at once, such as: (a) auditing (logging the file's
	hash), or (b) authenticity verification (comparing the hash
	against a known good value, e.g. from a digital signature).

	fs-verity is especially useful on large files where not all
	the contents may actually be needed. Also, fs-verity verifies
	data each time it is paged back in, which provides better
	protection against malicious disks vs. an ahead-of-time hash.

	If unsure, say N.

	config FS_VERITY_BUILTIN_SIGNATURES
	bool "FS Verity builtin signature support"
	depends on FS_VERITY
	select SYSTEM_DATA_VERIFICATION
	help
	This option adds support for in-kernel verification of
	fs-verity builtin signatures.

	Please take great care before using this feature. It is not
	the only way to do signatures with fs-verity, and the
	alternatives (such as userspace signature verification, and
	IMA appraisal) can be much better. For details about the
	limitations of this feature, see
	Documentation/filesystems/fsverity.rst.

	If unsure, say N.