mount: (dm-verity) update man page

* move to separate section (like we use for LOOP DEVICE support)
* explain what dm-verity + mount(8) does

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/sys-utils/mount.8 b/sys-utils/mount.8
index 9c633bf26b46a8407c90995c81637c67d2eeaf1f..5ab776c07695db2e358ba4dc5baa394a312d419f 100644 (file)
--- a/sys-utils/mount.8
+++ b/sys-utils/mount.8
@@ -2373,11 +2373,14 @@ Set the owner and group and mode of the file
 .I devices
 (default: uid=gid=0, mode=0444).  The mode is given in octal.
 
-.SS "Mount options for dm-verity""
-Mounting volumes using dm-verity for integrity verification is supported where appropriate
-using the following options. Requires libcryptsetup.
-If libcryptsetup supports extracting the root hash of an already mounted device, existing
-devices will be automatically reused in case of a match.
+.SH "DM-VERITY SUPPORT (experimental)"
+The device-mapper verity target provides read-only transparent integrity
+checking of block devices using kernel crypto API.  The mount command can open
+the dm-verity device and do the integrity verification before on the device
+filesystem is mounted.  Requires libcryptsetup with in libmount.  If
+libcryptsetup supports extracting the root hash of an already mounted device,
+existing devices will be automatically reused in case of a match.
+Mount options for dm-verity:
 .TP
 \fBverity.hashdevice=\fP\,\fIpath\fP
 Path to the hash tree device associated with the source volume to pass to dm-verity.
@@ -2390,8 +2393,11 @@ Hex-encoded hash of the root of
 If the hash tree device is embedded in the source volume,
 .I offset
 (default: 0) is used by dm-verity to get to the tree.
+.RE
+.PP
+Supported since util-linux v2.35.
 
-.SH "THE LOOP DEVICE"
+.SH "LOOP-DEVICE SUPPORT"
 One further possible type is a mount via the loop device.  For example,
 the command
 .RS