summaryrefslogtreecommitdiff
path: root/drivers/md/Kconfig
diff options
context:
space:
mode:
authorMikulas Patocka <mpatocka@redhat.com>2017-01-04 20:23:53 +0100
committerMike Snitzer <snitzer@redhat.com>2017-03-24 15:49:07 -0400
commit7eada909bfd7ac90a4522e56aa3179d1fd68cd14 (patch)
treec39c6f09604428e790a9fe8946431830c75bb790 /drivers/md/Kconfig
parent400a0befc96240f7bb2a53b9622deffd55d385fe (diff)
dm: add integrity target
The dm-integrity target emulates a block device that has additional per-sector tags that can be used for storing integrity information. A general problem with storing integrity tags with every sector is that writing the sector and the integrity tag must be atomic - i.e. in case of crash, either both sector and integrity tag or none of them is written. To guarantee write atomicity the dm-integrity target uses a journal. It writes sector data and integrity tags into a journal, commits the journal and then copies the data and integrity tags to their respective location. The dm-integrity target can be used with the dm-crypt target - in this situation the dm-crypt target creates the integrity data and passes them to the dm-integrity target via bio_integrity_payload attached to the bio. In this mode, the dm-crypt and dm-integrity targets provide authenticated disk encryption - if the attacker modifies the encrypted device, an I/O error is returned instead of random data. The dm-integrity target can also be used as a standalone target, in this mode it calculates and verifies the integrity tag internally. In this mode, the dm-integrity target can be used to detect silent data corruption on the disk or in the I/O path. Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Signed-off-by: Milan Broz <gmazyland@gmail.com> Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Diffstat (limited to 'drivers/md/Kconfig')
-rw-r--r--drivers/md/Kconfig10
1 files changed, 10 insertions, 0 deletions
diff --git a/drivers/md/Kconfig b/drivers/md/Kconfig
index 982cd0626bc7..5c5ed97c9fda 100644
--- a/drivers/md/Kconfig
+++ b/drivers/md/Kconfig
@@ -500,4 +500,14 @@ config DM_LOG_WRITES
If unsure, say N.
+config DM_INTEGRITY
+ tristate "Integrity target"
+ depends on BLK_DEV_DM
+ select BLK_DEV_INTEGRITY
+ select DM_BUFIO
+ select CRYPTO
+ select ASYNC_XOR
+ ---help---
+ This is the integrity target.
+
endif # MD