There is some part of dm-verity that seems to be unclear to me. Reading the documentation of veritysetup , I can use one device for data and hash by specifying --hash-offset, let's say /dev/mmcblk0p1. But what happens if runtime I change the whole content of /dev/mmcblk0p1 and its hash accordingly? Should I store somewhere the root hash in order to prevent that? Note: not talking about Android.
↧