[Kconfig documentation patch] dm-crypto && cryptoloop

From: bert hubert
Date: Thu Feb 19 2004 - 10:54:51 EST

Next message: cassio: "E-mail recusado"
Previous message: Bartlomiej Zolnierkiewicz: "Re: [PATCH] IDE update for 2.6.3 (1/9)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Current bitkeeper features a cryptoloop which is not safe for journaled file
systems and also a Device Mapper target which is. The patch below updates
Kconfig to that effect.

--- linux-2.6.3/drivers/block/Kconfig.orig 2004-02-19 16:40:05.000000000 +0100
+++ linux-2.6.3/drivers/block/Kconfig 2004-02-19 16:48:14.000000000 +0100
@@ -235,10 +235,13 @@
bits of, say, a sound file). This is also safe if the file resides
on a remote file server.

- There are several ways of doing this. Some of these require kernel
- patches. The vanilla kernel offers the cryptoloop option. If you
- want to use that, say Y to both LOOP and CRYPTOLOOP, and make sure
- you have a recent (version 2.12 or later) version of util-linux.
+ There are several ways of encrypting disks. Some of these require
+ kernel patches. The vanilla kernel offers the cryptoloop option
+ and a Device Mapper target (which is superior, as it supports all
+ file systems). If you want to use the cryptoloop, say Y to both
+ LOOP and CRYPTOLOOP, and make sure you have a recent (version 2.12
+ or later) version of util-linux. Additionally, be aware that
+ the cryptoloop is not safe for storing journaled filesystems.

Note that this loop device has nothing to do with the loopback
device used for network connections from the machine to itself.
@@ -257,6 +260,11 @@
provided by the CryptoAPI as loop transformation. This might be
used as hard disk encryption.

+ WARNING: This device is not safe for journaled file systems like
+ ext3 or Reiserfs. Please use the Device Mapper crypto module
+ instead, which can be configured to be on-disk compatible with the
+ cryptoloop device.
+
config BLK_DEV_NBD
tristate "Network block device support"
depends on NET

--
http://www.PowerDNS.com Open source, database driven DNS Software
http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: cassio: "E-mail recusado"
Previous message: Bartlomiej Zolnierkiewicz: "Re: [PATCH] IDE update for 2.6.3 (1/9)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]