diff --git a/lib/internal.h b/lib/internal.h
index 9b2459b9..af0c3b2d 100644
--- a/lib/internal.h
+++ b/lib/internal.h
@@ -76,6 +76,8 @@ ssize_t write_lseek_blockwise(int fd, char *buf, size_t count, off_t offset);
 int device_ready(struct crypt_device *cd, const char *device, int mode);
 int device_size(const char *device, uint64_t *size);
 
+int crypt_getpagesize(void);
+
 enum devcheck { DEV_OK = 0, DEV_EXCL = 1, DEV_SHARED = 2 };
 int device_check_and_adjust(struct crypt_device *cd,
 			    const char *device,
diff --git a/lib/utils.c b/lib/utils.c
index ae87ac52..8eae6ad6 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -38,6 +38,11 @@
 #include "libcryptsetup.h"
 #include "internal.h"
 
+int crypt_getpagesize(void)
+{
+	return (int)sysconf(_SC_PAGESIZE);
+}
+
 static int get_alignment(int fd)
 {
 	int alignment = DEFAULT_MEM_ALIGNMENT;
diff --git a/lib/verity/verity_hash.c b/lib/verity/verity_hash.c
index 39086b76..b449d438 100644
--- a/lib/verity/verity_hash.c
+++ b/lib/verity/verity_hash.c
@@ -346,9 +346,16 @@ int VERITY_create(struct crypt_device *cd,
 		  char *root_hash,
 		  size_t root_hash_size)
 {
+	int pgsize = crypt_getpagesize();
+
 	if (verity_hdr->salt_size > VERITY_MAX_SALT_SIZE)
 		return -EINVAL;
 
+	if (verity_hdr->hash_block_size > pgsize ||
+	    verity_hdr->data_block_size > pgsize)
+		log_err(cd, _("WARNING: Kernel cannot activate device if block "
+			      "size exceeds page size (%u).\n"), pgsize);
+
 	return VERITY_create_or_verify_hash(cd, 0,
 		verity_hdr->version,
 		verity_hdr->hash_name,
diff --git a/src/veritysetup.c b/src/veritysetup.c
index 2ad27c44..5ec7abd2 100644
--- a/src/veritysetup.c
+++ b/src/veritysetup.c
@@ -23,7 +23,6 @@
  * - audit alloc errors / error path
  * - change command names (cryptsetup style)
  * - extend superblock (UUID)
- * - warn if block_size > PAGE_SIZE
  * - configure.in/config.h defaults
  */