Hi.
I've recently been poking around the 2.5 source tree. I've noticed that
we now have crypto built into the stock kernel distribution (good). The
loopback driver doesn't appear to support using the crypto API though.
(bad)
Looking at the way the crypto api works (ie: skatterlists) makes it seem
vaguely compatible with what I've read about the new block device IO
mechanisms in 2.5. Is this an accident? Is there some generic crypto
support for block devices planned that will obsolete using the loopback
driver to this end? (like the pages get decrypted upon loading into the
buffer cache from the physical media or whatever? i'm not really sure
how all the block device stuff works,...)
If there are no deeper motives here and the intention is to continue
supporting encrypted filesystems via the loopback interface, is there
anyone working on the project? It seems a little bit slow (or
uncertain) with respects to the 2.5 kernels. If somebody is needed to
write some code, I'd be willing to write a loopback transfer function to
interact with the crypto core. (I'd have no idea where to start for the
generic block device crypto ramblings mentioned above...)
Anyway.. thanks in advance. Please CC replies to my address as I'm not
a list member.
Ryan
On 18 Feb 2003, desrt wrote:
> Looking at the way the crypto api works (ie: skatterlists) makes it seem
> vaguely compatible with what I've read about the new block device IO
> mechanisms in 2.5. Is this an accident? Is there some generic crypto
> support for block devices planned that will obsolete using the loopback
> driver to this end? (like the pages get decrypted upon loading into the
> buffer cache from the physical media or whatever? i'm not really sure
> how all the block device stuff works,...)
>
Nothing like this is planned that I'm aware of.
> If there are no deeper motives here and the intention is to continue
> supporting encrypted filesystems via the loopback interface, is there
> anyone working on the project?
Yes, a few people have been working on loopback crypto support for 2.5,
see the cryptoapi-devel archives.
- James
--
James Morris
<[email protected]>
desrt wrote:
> I've recently been poking around the 2.5 source tree. I've noticed that
> we now have crypto built into the stock kernel distribution (good). The
> loopback driver doesn't appear to support using the crypto API though.
> (bad)
[snip]
> If there are no deeper motives here and the intention is to continue
> supporting encrypted filesystems via the loopback interface, is there
> anyone working on the project? It seems a little bit slow (or
> uncertain) with respects to the 2.5 kernels. If somebody is needed to
> write some code, I'd be willing to write a loopback transfer function to
> interact with the crypto core. (I'd have no idea where to start for the
> generic block device crypto ramblings mentioned above...)
Loop crypto for 2.5 kernels (updated for 2.5.62) is here:
http://loop-aes.sourceforge.net/loop-AES-v1.7b.tar.bz2
http://loop-aes.sourceforge.net/updates/2003-02-19/loop-AES/Makefile.bz2
http://loop-aes.sourceforge.net/updates/2003-02-19/loop-AES/loop.c-2.5.patched.bz2
Regards,
Jari Ruusu <[email protected]>