Re: Oopsing cryptoapi (or loop device?) on 2.6.*

[Bill Davidsen]

James Morris wrote:
> On Sun, 15 Feb 2004, Jari Ruusu wrote:
>
>
> > Jan Rychter wrote:
> >
> > > FWIW, I've just tried loop-AES with 2.4.24, after using cryptoapi for a
> > > number of years. My machine froze dead in the midst of copying 2.8GB of
> > > data onto my file-backed reiserfs encrypted loopback mount.
> > >
> > > Since the system didn't ever freeze on me before and since I've had zero
> > > problems with cryptoapi, I attribute the freeze to loop-AES.
> > >
> > > Yes, I know this isn't a good bugreport...
> >
> > Is there any particular reason why you insist on using file backed loops?
> >
> > File backed loops have hard to fix re-entry problem: GFP_NOFS memory
> > allocations that cause dirty pages to written out to file backed loop, will
> > have to re-enter the file system anyway to complete the write. This causes
> > deadlocks. Same deadlocks are there in mainline loop+cryptoloop combo.
>
>
> Given the security issues, and the above problems, we should probably just
> remove cryptoloop from the kernel and wait for something with a better
> design.

I hope you're kidding... one of the reasons for going to 2.6 is that you 
no longer have to patch your kernel to get cryptoloop. That is a real 
issue in some organizations, which only allow vendor or kernel.org kernels.

If you start dropping features which work for most people but aren't 
perfect, you will wind up with a microkernel indeed.

--
bill davidsen <davidsen@xxxxxxx>
  CTO TMR Associates, Inc
  Doing interesting things with small computers since 1979
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/