dm-verity support

Thomas Petazzoni thomas.petazzoni at
Thu Jul 30 03:13:34 EDT 2020


On Thu, 30 Jul 2020 00:17:28 +0200
<mail at> wrote:

> your dm-verity patchset is in our patchwork since November 2019 (v2).
> Unfortunately, nobody seemed to be particularly interested in
> reviewing/merging it.
> Since I don't see a reason why this should change in another 8
> months, I'm going to finally mark it as Rejected now. After all, our
> resources are limited.
> I'm sorry, and although I fear a similar fate will hit the SELinux
> effort, I still hope you will not feel repelled and continue to
> contribute to OpenWrt in the future.

This is overall quite unfortunate. Initially, I have done this work for
a customer that was using an old vendor-modified OpenWrt version.
Instead of doing like most companies do: simply hack the old
vendor-modified OpenWrt and keep the changes private, I instead took an
upstream compatible approach: I did all my development on the latest
OpenWrt upstream, submitted it to the community, and only then
backported it to my customer vendor-specific OpenWrt.

It is therefore quite sad that despite this intention of being a good
open-source citizen and try to do the "right" thing, OpenWrt as an
upstream project is not interested. Such security features are more and
more commonly needed, and it will at some point be a problem for
OpenWrt to not have such features supported.

Best regards,

Thomas Petazzoni
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering

More information about the openwrt-devel mailing list