4 <meta http-equiv='content-type' content='text/html; charset=utf-
8'
>
5 <meta name='viewport' content='width=device-width, initial-scale=
1.0'
>
6 <style type='text/css'
>
7 body { margin:
1em
15%; }
11 <div class='story-header'
>
12 <h2><a href='
0000763729.html'
>[$] Protecting files with fs-verity
</a></h2>
13 <div class='details'
>([Kernel] Aug
30,
2018 18:
50 UTC (Thu) (corbet))
</div>
15 <div class='content' style='text-align: justify'
>
16 The developers of the Android system have, among their many goals, the wish to better protect Android devices against persistent compromise. It is bad if a device is taken over by an attacker; it
's worse if it remains compromised even after a reboot. Numerous mechanisms for ensuring the integrity of installed system files have been proposed and implemented over the years. But it seems there is always room for one more; to fill that space, the [
1]fs-verity mechanism is being proposed as a way to protect individual files from malicious modification.
<br/><br/><br/><br/>[
1] https://lwn.net/ml/linux-fsdevel/
20180824161642.1144-
1-ebiggers@kernel.org/