fs-verity: Native File-based Authenticity - Michael Halcrow & Eric Biggers, Google The Android platform uses dm-verity to protect its system image, but there are critical components in that image that require incremental updates. Michael Halcrow and Eric Biggers introduce fs-verity as a mechanism for file systems to validate the authenticity of individual files. They furthermore propose fs-verity as a capability that can integrate with the Integrity Measurement Architecture (IMA) to efficiently validate only the parts of a file that are accessed. They will also discuss potential applications of file- based authenticity in validating container image content. About Eric Biggers Google About Michael Halcrow Michael Halcrow is a software engineer at Google in Seattle. He was the original author of both eCryptfs and native file-based encryption in the upstream Linux kernel. He has previously spoken at the Ottawa Linux Symposium and at several Linux Security Summits.
