From: John Lane <grub@jelmail.com>
To: grub-devel@gnu.org
Subject: Re: Cryptomount enhancements - revised
Date: Wed, 29 Jul 2015 07:48:41 +0100 [thread overview]
Message-ID: <55B87749.6090406@jelmail.com> (raw)
In-Reply-To: <CAEaD8JO5pht8F6sKhSR4qvvsBSQ3QAwDTNgPDTO=aTLUY4fVMg@mail.gmail.com>
On 28/07/15 22:38, Vladimir 'phcoder' Serbinenko wrote:
>
> Other than 3 and 5 they require difficult configuration. Mapping
> devices in GRUB isn't trivial. Those features are difficult to
> autoconfigure. Consider "plain" mode: how will you find which disk is
> yours when you have 5 disks all looking as random data?
>
>
I don't see what's difficult about providing a LUKs header and key but I
am aware of the issue re device identification in plain mode. However,
if one has a use-case for these crypto routines then I think that would
be a valid use-case for manually configuring grub.cfg if it's beyond
what autoconfiguration supports. If an end user wants to make the choice
then why deny him, just because it may be difficult to autoconfigure ?
There does seem to be interest in this functionality. Surely
auto-configuration would't be a bar to supporting this? I don't think I
am the only one who thinks these features are useful...
Regarding device identification, I had some thoughts on that and was
willing to try implementing something. However I wanted to put this
patch-set to bed before starting on something else.
next prev parent reply other threads:[~2015-07-29 6:49 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-29 14:30 Cryptomount enhancements - revised John Lane
2015-06-29 14:30 ` [PATCH 1/5] Cryptomount support LUKS detached header John Lane
2015-06-29 14:30 ` [PATCH 2/5] Cryptomount support key files John Lane
2015-06-29 14:30 ` [PATCH 3/5] cryptomount luks allow multiple passphrase attempts John Lane
2015-06-29 14:56 ` John Lane
2015-06-29 14:30 ` [PATCH 4/5] Cryptomount support plain dm-crypt John Lane
2016-02-12 15:19 ` Vladimir 'φ-coder/phcoder' Serbinenko
2015-06-29 14:31 ` [PATCH 5/5] Cryptomount support for hyphens in UUID John Lane
2015-06-29 14:52 ` John Lane
2015-07-29 3:08 ` Andrei Borzenkov
2015-07-29 6:51 ` John Lane
2015-07-29 16:51 ` Andrei Borzenkov
2015-07-29 18:53 ` John Lane
2015-07-28 18:51 ` Cryptomount enhancements - revised John Lane
2015-07-28 21:38 ` Vladimir 'phcoder' Serbinenko
2015-07-29 6:48 ` John Lane [this message]
2015-07-29 17:21 ` Andrei Borzenkov
2015-08-01 16:22 ` John Lane
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55B87749.6090406@jelmail.com \
--to=grub@jelmail.com \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).