From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1ZLZYo-00044f-QR for mharc-grub-devel@gnu.org; Sat, 01 Aug 2015 12:22:58 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35519) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZLZYm-00040Z-0C for grub-devel@gnu.org; Sat, 01 Aug 2015 12:22:56 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZLZYj-0006Tw-3h for grub-devel@gnu.org; Sat, 01 Aug 2015 12:22:55 -0400 Received: from johnlane.plus.com ([212.159.104.145]:58572 helo=sodium.amajohn.co.uk) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZLZYi-0006Qk-Rd for grub-devel@gnu.org; Sat, 01 Aug 2015 12:22:53 -0400 Received: by sodium.amajohn.co.uk (Postfix, from userid 1000) id 83E9E6B; Sat, 1 Aug 2015 17:22:41 +0100 (BST) Received: from [10.0.200.1] (hydrogen.amajohn.co.uk [10.0.200.1]) by sodium.amajohn.co.uk (Postfix) with ESMTPSA id 6A86C4A; Sat, 1 Aug 2015 17:22:40 +0100 (BST) Message-ID: <55BCF24E.3090602@jelmail.com> Date: Sat, 01 Aug 2015 17:22:38 +0100 From: John Lane User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2 MIME-Version: 1.0 To: Andrei Borzenkov Subject: Re: Cryptomount enhancements - revised References: <1435588260-29456-1-git-send-email-grub@jelmail.com> <55B7CF21.3080808@jelmail.com> <55B87749.6090406@jelmail.com> <20150729202113.0e588e6b@opensuse.site> In-Reply-To: <20150729202113.0e588e6b@opensuse.site> Content-Type: text/plain; charset=utf-8 X-Outbound-Checked: Yes Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 212.159.104.145 Cc: grub-devel@gnu.org X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Aug 2015 16:22:57 -0000 On 29/07/15 18:21, Andrei Borzenkov wrote: > =D0=92 Wed, 29 Jul 2015 07:48:41 +0100 > John Lane =D0=BF=D0=B8=D1=88=D0=B5=D1=82: > >> On 28/07/15 22:38, Vladimir 'phcoder' Serbinenko wrote: >>> Other than 3 and 5 they require difficult configuration. Mapping >>> devices in GRUB isn't trivial. Those features are difficult to >>> autoconfigure. Consider "plain" mode: how will you find which disk is >>> yours when you have 5 disks all looking as random data? >>> >>> >> I don't see what's difficult about providing a LUKs header and key but= I >> am aware of the issue re device identification in plain mode. However, >> if one has a use-case for these crypto routines then I think that woul= d >> be a valid use-case for manually configuring grub.cfg if it's beyond >> what autoconfiguration supports. If an end user wants to make the choi= ce >> then why deny him, just because it may be difficult to autoconfigure ? >> > Yes, it appears people ask for it. At the end, the worst that can > happen is reading garbage. > >> There does seem to be interest in this functionality. Surely >> auto-configuration would't be a bar to supporting this? I don't think = I >> am the only one who thinks these features are useful... >> >> Regarding device identification, I had some thoughts on that and was >> willing to try implementing something. However I wanted to put this >> patch-set to bed before starting on something else. >> > One think I'd like is to separate self-identified containers managed by > cryptomount and dmsetup-like stuff to avoid impression that it is fully > supported. > I'm unclear on what the next step is, having responded to feedback and made changes to address the issues previously raised. Is anything outstanding that absolutely has to happen before these patches can be accepted? Ideally I'd prefer to wrap up this set of changes up before thinking about other features.