Hello,
I get repeatable errors with 2.4.6 patched with the international encryption
patch patch-int-2.4.3.1.bz2 when building loop device filesystems on top of
Reiserfs.
All I have to do is:
1. dd if=/dev/zero of=testfs bs=1024 count=100000
2. losetup -e aes /dev/loop0 ./testfs
3. mke2fs /dev/loop0
4. mount /dev/loop0 ./test
5. cd test ; touch m ; cd ..
6. umount ./test
7. losetup -d /dev/loop0
8. losetup -e aes /dev/loop0 ./testfs
9. e2fsck /dev/loop0 *** All heck breaks loose.
The thing is, I can still mount previously created AES loopback filesystems
but I can't e2fsck them. Well, if I do I get the following:
e2fsck 1.19, 13-Jul-2000 for EXT2 FS 0.5b, 95/08/09
Group descriptors look bad... trying backup blocks...
Inode count in superblock is 27112, should be 25064.
Fix? yes
Block bitmap for group 0 is not in group. (block 1569951131)
Relocate? yes
Inode bitmap for group 0 is not in group. (block 1258458187)
Relocate? yes
Inode table for group 0 is not in group. (block 865539952)
WARNING: SEVERE DATA LOSS POSSIBLE.
Relocate?
On Wed, Jul 04, 2001 at 05:14:02PM -0400, Mark Swanson wrote:
> I get repeatable errors with 2.4.6 patched with the international encryption
> patch patch-int-2.4.3.1.bz2 when building loop device filesystems on top of
> Reiserfs.
Well, exactly this happens here on 2.4.5 and earlier too...
I can't verify this on 2.4.6 (plain) because the kernel hangs right after
partition-check on my Thinkpad A21p. :(
--
ciao -
Stefan
CONFIG_HANG_AFTER_PARTITION_CHECK=y
Mark Swanson wrote:
> I get repeatable errors with 2.4.6 patched with the international encryption
> patch patch-int-2.4.3.1.bz2 when building loop device filesystems on top of
> Reiserfs.
International crypto patch assumes that block size never changes. Everyone
and their brother knows that it isn't true. And when block size does get
changed, international crypto patch gets the IV completely wrong, and
corrupts your data. To see block size changes in file systems alone, use
command something like this:
grep set_blocksize `find /usr/src/linux-2.4.6/fs -name "*.c" -print`
And the block size thing is not the only thing wrong with international
crypto patch. The whole cryptoapi thing is just bloat that does not belong
in kernel. Cipher name string to number code mappings should be done in user
space instead of kernel. And the ice on the cake is that cryptoapi ciphers
are non-re-entrant and are actually used in re-entrant code path. This
non-re-entrant code in re-entrant code path is another source of data
corruption.
Loop-AES is a superior replacement for international crypto patch, for more
information about loop-AES, see this announcement:
http://mail.nl.linux.org/linux-crypto/2001-06/msg00016.html
http://lwn.net/2001/0628/a/file-crypto.php3
Regards,
Jari Ruusu <[email protected]>
>
> Mark Swanson wrote:
> > I get repeatable errors with 2.4.6 patched with the international encryption
> > patch patch-int-2.4.3.1.bz2 when building loop device filesystems on top of
> > Reiserfs.
>
<snip>
> And the block size thing is not the only thing wrong with international
> crypto patch. The whole cryptoapi thing is just bloat that does not belong
> in kernel. Cipher name string to number code mappings should be done in user
> space instead of kernel. And the ice on the cake is that cryptoapi ciphers
Why is this any more evil than protocol names in kernel, or filesystem names
in kernel. The consequences of getting the cipher wrong are often worse
than that of getting the filesystem wrong.
<snip>
> Loop-AES is a superior replacement for international crypto patch, for more
> information about loop-AES, see this announcement:
That has a fraction of the features.
And no, I'm not completely happy with crypto-API, I managed to get it to
corrupt a test FS with a few weeks stress-test a while back.
Jari Ruusu wrote:
>
> Mark Swanson wrote:
> > I get repeatable errors with 2.4.6 patched with the international encryption
> > patch patch-int-2.4.3.1.bz2 when building loop device filesystems on top of
> > Reiserfs.
>
> International crypto patch assumes that block size never changes. Everyone
> and their brother knows that it isn't true. And when block size does get
> changed, international crypto patch gets the IV completely wrong, and
> corrupts your data. To see block size changes in file systems alone, use
Jari,
This has been most enlightening.
I must say that I hope other people take a look at your README
and learn how to be as thorough as you.
Cheers.
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com