Re: [dm-crypt] hardware encryption question

DM-Crypt Archive on lore.kernel.org
 help / color / mirror / Atom feed

From: Milan Broz <mbroz@redhat.com>
To: Chuck Tuffli <ctuffli@gmail.com>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] hardware encryption question
Date: Wed, 09 Mar 2011 11:34:13 +0100	[thread overview]
Message-ID: <4D7757A5.2000201@redhat.com> (raw)
In-Reply-To: <AANLkTinyhuTPvSJ2ZgWH3zbSmLUUxNNN6X9sGYj0pWQK@mail.gmail.com>

On 03/03/2011 02:28 AM, Chuck Tuffli wrote:
> The device cannot separate encryption from the IO path, but cryptsetup
> seems like a great interface and I would love to take advantage of it
> if at all possible. Do you have any advice on possible approaches I
> might consider? For example, would creating a new dm-something driver
> that passed keys etc. to my driver + modifications to cryptsetup to
> recognize this path work? Or would it make more sense to by-pass the
> device mapper entirely but still use cryptsetup? Or ... ?

If there is (or will be) some generic interface for hw-disk FDE, maybe
it can be added some day into libcryptsetup.

dm-crypt (resp. device-mapper) backend is currently fixed in code,
but if there is an alternative, I'll add code to support different backend.

(devel code just did the same for various userspace crypto backends)

But adding code just for one proprietary device is not the option.

Milan

     prev parent reply	other threads:[~2011-03-09 10:34 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-02-25 23:35 [dm-crypt] hardware encryption question Chuck Tuffli
2011-02-26 10:18 ` Milan Broz
2011-03-03  1:28   ` Chuck Tuffli
2011-03-09 10:34     ` Milan Broz [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4D7757A5.2000201@redhat.com \
    --to=mbroz@redhat.com \
    --cc=ctuffli@gmail.com \
    --cc=dm-crypt@saout.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox