Add dmverity support to the erofs snapshotter using veritysetup-go#14
Draft
aadhar-agarwal wants to merge 1 commit intomainfrom
Draft
Add dmverity support to the erofs snapshotter using veritysetup-go#14aadhar-agarwal wants to merge 1 commit intomainfrom
aadhar-agarwal wants to merge 1 commit intomainfrom
Conversation
aadhar-agarwal
changed the title
aadhar-agarwal
changed the base branch from
main
to
aadagarwal/erofs-snapshotter-with-dmverity
aadhar-agarwal
changed the base branch from
aadagarwal/erofs-snapshotter-with-dmverity
to
main
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
3 times, most recently
from
8e2fe31 to
589fb71
Compare
aadhar-agarwal
changed the title
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
from
e5e5a33 to
ec43167
Compare
aadhar-agarwal
changed the title
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
19 times, most recently
from
15ad777 to
aabd751
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
2 times, most recently
from
19dc570 to
cc76209
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
from
2727074 to
a200f4d
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
8 times, most recently
from
cb166d3 to
c98e8c0
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
2 times, most recently
from
b5d5935 to
f0c88fb
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
from
f0c88fb to
c635aec
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
3 times, most recently
from
e92963c to
8f3632d
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
6 times, most recently
from
53db6d5 to
b85c87b
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
from
b85c87b to
fee0ecb
Compare
aadhar-agarwal
force-pushed
the
aadagarwal/integrate-with-goverity
branch
7 times, most recently
from
dab3689 to
064bba7
Compare
Signed-off-by: Aadhar Agarwal <aadagarwal@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add dm-verity support for EROFS layers in containerd
This PR introduces block-level data integrity verification for EROFS container layers using device-mapper verity (dm-verity):
veritysetup-goto natively create Merkle hash trees and dm-verity devices for EROFS blobs.enable_dmverity = truefor both snapshotter and differ plugins.layer.erofs.dmverityalongside the blob.Note: When enabled, it requires a Linux kernel with dm-verity support and the
dm_veritymodule loaded. If using the veritysetup cli is preffered, please refer to