From: Milan Broz <gmazyland@gmail.com>
To: mat.jonczyk@o2.pl, dm-crypt@saout.de
Subject: [dm-crypt] Re: [RFC] Partial support for reading DiskCryptor volumes
Date: Wed, 3 Nov 2021 10:39:54 +0100 [thread overview]
Message-ID: <fd6ec162-4ca8-3d79-5abb-62b97d1286f7@gmail.com> (raw)
In-Reply-To: <617e96f8-8e04-e693-c202-dd97e01dd453@gmail.com>
On 02/11/2021 21:23, Mateusz Jończyk wrote:
>> then the best is perhaps open merge request (or issue) on the project
>> page and discuss it there.
>> (For now, the code looks simple enough.)
>
> You mean open now, or once the code is ready?
Once the code is ready for review (so all major parts, like activation, are there).
>
>> What is missing to more "stable" code? Only the parts marked TODO,
>> or something crucial for format parsing?
>
> The major parts missing in the code I posted:
>
> - setting up mapping in the device mapper,
>
> - libcryptsetup: support for *dm_error_target_set()* that would be
> similar to *dm_zero_target_set()* to create a region in the block
> device that errors out reads and writes. This is necessary as sometimes
> the first 2048 bytes of the encrypted filesystem are relocated to another
> place in the image ( https://diskcryptor.org/volume/ ):
Please do not use error target, this will cause more problems.
(Error can trigger unexpected actions. Perhaps integrity error
can work here, but we do not have such DM target yet.)
We use zero mapping segments for Bitlocker (where it covers metadata area,
or fake NTFS files tat maps to underlying metadata) - use exactly the same approach.
See Vojta's talk https://vtrefny.fedorapeople.org/misc/devconf-bitlocker.pdf
(and bitlk code). I think you are solving exactly the same problem here.
>> Relocation area - is a contiguous sequence of sectors where the first 2048
>> bytes of partition are stored.
>>
>> Currently there are two methods of placement of this area that are being used: in $dcsys$ file, or at the end of partition. On encryption of partition that has data on it, this area is being placed in $dcsys$ file [its name contains the dollar signs] , which is located in a contiguous sequence of clusters. On formatting a new partition, this area is being placed at the end of partition, after user data.
See above. For existing systems it can be masked/reallocated the same way as in bitlk code.
Milan
_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de
next prev parent reply other threads:[~2021-11-03 9:42 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-02 20:23 [dm-crypt] Re: [RFC] Partial support for reading DiskCryptor volumes Mateusz Jończyk
2021-11-03 9:39 ` Milan Broz [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-11-02 20:19 Mateusz Jończyk
2021-10-31 22:36 [dm-crypt] " Mateusz Jończyk
2021-11-01 10:55 ` [dm-crypt] " Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fd6ec162-4ca8-3d79-5abb-62b97d1286f7@gmail.com \
--to=gmazyland@gmail.com \
--cc=dm-crypt@saout.de \
--cc=mat.jonczyk@o2.pl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox