From: Richard Zidlicky <rz@linux-m68k.org>
To: Milan Broz <mbroz@redhat.com>
Cc: Max Vozeler <max@hinterhof.net>,
linux-crypto@vger.kernel.org, linux-crypto@nl.linux.org,
Jari Ruusu <jariruusu@users.sourceforge.net>,
Alasdair G Kergon <agk@redhat.com>
Subject: Re: [PATCH 1/4] dm-crypt: clarify cipher vs. cipher mode
Date: Tue, 29 Dec 2009 18:37:18 +0100 [thread overview]
Message-ID: <20091229173718.GA10432@linux-m68k.org> (raw)
In-Reply-To: <4B39EA32.8010707@redhat.com>
Hi,
many thanks for the clarifications. Fedora has a very nice and unobstrusive crypto
setup but finding out the technical details involves looking into quite a few places.
The http://code.google.com/p/cryptsetup/ pages seems to have plenty of information
for a start.
> (If you think about coldboot or something similar - dm-crypt provides functions to
> temporarily freeze device and empty keys and I also added support for this to cryptsetup.
> So the controlled suspend/resume to RAM can ask for LUKS passphrase and unlock master key,
> preventing active encryption keys in RAM.
that is a really godd idea - is there a howto somewhere? Coldboot is not my main worry
but it is certainly good to take reasonable precautions.
> If you know about some problem in dm-crypt, just let me know (or write to dm-crypt mailing list).
I have some problems with hibernation which look like it might be related to the dm layer
but am not totally sure. Unfortunately it is rare enough that I could not catch it with
any of the remote debugging methods. I could only email a picture of a stack trace.
Richard
next prev parent reply other threads:[~2009-12-29 17:36 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-12-28 18:59 [RFC PATCH] crypto: loop-AES support Max Vozeler
2009-12-28 18:59 ` [PATCH 1/4] dm-crypt: clarify cipher vs. cipher mode Max Vozeler
2009-12-28 19:37 ` Milan Broz
2009-12-29 1:46 ` Max Vozeler
2010-01-04 15:25 ` Max Vozeler
2010-01-11 21:28 ` Richard Zidlicky
2010-01-13 17:27 ` Max Vozeler
2010-01-17 22:02 ` Richard Zidlicky
2010-01-18 17:08 ` Max Vozeler
2010-01-18 19:51 ` Richard Zidlicky
2009-12-29 9:21 ` Richard Zidlicky
2009-12-29 11:38 ` Milan Broz
2009-12-29 17:37 ` Richard Zidlicky [this message]
2009-12-28 18:59 ` [PATCH 2/4] dm-crypt: multi tfm mode Max Vozeler
2009-12-28 18:59 ` [PATCH 3/4] crypto: md5 - Add export support Max Vozeler
2010-01-13 9:52 ` Herbert Xu
2010-01-13 17:37 ` Max Vozeler
2010-01-17 10:55 ` Herbert Xu
2009-12-28 18:59 ` [PATCH 4/4] crypto: lmk2/lmk3 cipher block modes Max Vozeler
2009-12-29 1:18 ` Richard Zidlicky
2009-12-29 1:56 ` Max Vozeler
2010-01-17 11:03 ` Herbert Xu
2010-01-18 16:52 ` Max Vozeler
2010-01-19 8:00 ` Herbert Xu
2010-02-01 10:32 ` Max Vozeler
2010-02-01 10:44 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20091229173718.GA10432@linux-m68k.org \
--to=rz@linux-m68k.org \
--cc=agk@redhat.com \
--cc=jariruusu@users.sourceforge.net \
--cc=linux-crypto@nl.linux.org \
--cc=linux-crypto@vger.kernel.org \
--cc=max@hinterhof.net \
--cc=mbroz@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.