Enable support for fs-verity based on file digest
configname: CONFIG_IPE_PROP_FS_VERITY
Linux Kernel Configuration
└─>Security options
└─>Integrity Policy Enforcement (IPE)
└─>IPE Trust Providers
└─>Enable support for fs-verity based on file digest
In linux kernel since version 6.1.112 (release Date: 2024-09-30)
This option enables the 'fsverity_digest' property within IPE
policies. The property evaluates to TRUE when a file is fsverity
enabled and its digest matches the supplied digest value in the
policy.
if unsure, answer Y.
policies. The property evaluates to TRUE when a file is fsverity
enabled and its digest matches the supplied digest value in the
policy.
if unsure, answer Y.