From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3f38GIWSl8lf for ; Wed, 18 Jan 2012 17:24:20 +0100 (CET) Received: from v4.tansi.org (ns.km33513-03.keymachine.de [87.118.94.3]) by mail.saout.de (Postfix) with ESMTP for ; Wed, 18 Jan 2012 17:24:20 +0100 (CET) Received: from gatewagner.dyndns.org (84-74-163-71.dclient.hispeed.ch [84.74.163.71]) by v4.tansi.org (Postfix) with ESMTPA id 31B892048BA for ; Wed, 18 Jan 2012 17:24:20 +0100 (CET) Date: Wed, 18 Jan 2012 17:24:19 +0100 From: Arno Wagner Message-ID: <20120118162419.GA27569@tansi.org> References: <1326902198.77527.YahooMailNeo@web161402.mail.bf1.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1326902198.77527.YahooMailNeo@web161402.mail.bf1.yahoo.com> Subject: Re: [dm-crypt] Bypass encrypt and decrypt data in dm-crypt List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Hi, while I do not know what the issue you encounter is, it would be better to have your status block before the encrypted part and simply map with an offset, e.g. "-p 1" to skip the first sector. Thsi would not break layering, as your approach seems to do. Is there a specific reason you want the non-encrypted block somewhere in the middle? (if I understand this correctly...) I cannot see any security reason, as a non-encrypted block will allways stick out and can be found automatically anyways. Arno On Wed, Jan 18, 2012 at 07:56:38AM -0800, FAN ZHANG wrote: > All: > ? > ? > > We are using dm-crypt for Android device encryption.? However, we need > reserve some sectors in block device for status and integration check and > do not want to encrypt/decrypt some sectors when using dm-crypt. > > ? > So in crypt_convert_block() > ? > When > offset sector of ctx +? sector number of bio_in? is the range of bypass sector list. > ? > ? > instead call > if (bio_data_dir(ctx->bio_in) == WRITE) > ?r = crypt_copy_write_data(bv_in, bv_out, offset, 1 << SECTOR_SHIFT); else? r = crypt_copy_read_data(bv_in, bv_out, offset, 1 << SECTOR_SHIFT); > ? > I want to call another function to copy data of a sector from > ctx->bio_in to > ctx->bio_out directly. > ? > ? > I tried the following implementation > ? > in ps_copy_write_data() > ? > ? > struct bio_vec *bv_in = bio_iovec_idx(ctx->bio_in, ctx->idx_in); > struct bio_vec *bv_out = bio_iovec_idx(ctx->bio_out, ctx->idx_out); > struct page * page_in = bv_in->bv_page; > struct page * page_out = bv_out->bv_page; > ? > void * addr1 = kmap_atomic(page_in, KM_USER0); > void * addr2 = kmap_atomic(page_out, KM_USER1); > ? > unsigned int offset = ctx->offset_in; > ? > memcpy(addr2 + offset, addr1 + offset, 1 << SECTOR_SHIFT); > ? > kunmap_atomic(addr2, KM_USER1); > kunmap_atomic(addr1, KM_USER0); > ? > but above implementation works for read (since bv_in and bv_out are same for decryption) but does not work for write. > ? > It seems that > memcpy(addr2 + offset, addr1 + offset, 1 << SECTOR_SHIFT); > ? > fails to copy page associated with bv_in? to page associated with bv_out > ? > ? > ? > Could you give me a?hint to reslove this issue? > ? > Thanks > ? > Fan > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell