From: Jari Ruusu <jari.ruusu@pp.inet.fi>
To: Herbert Valerio Riedel <hvr@gnu.org>
Cc: linux-crypto@nl.linux.org, linux-kernel@vger.kernel.org,
ak@suse.de, axboe@suse.de, astor@fast.no
Subject: Re: Announce: cryptoapi-2.4.3 [aka international crypto (non-)patch]
Date: Tue, 24 Apr 2001 14:40:05 +0300 [thread overview]
Message-ID: <3AE56615.C53CE33A@pp.inet.fi> (raw)
In-Reply-To: <200104231433.QAA05348@phobos.hvrlab.org>
Herbert Valerio Riedel wrote:
> short version:
> this is the international crypto patch, which is built outside of
> the kernel source tree. you don't even have to reboot (unless your
> kernel didn't have loop devices enabled, or some other unthought
> situation exists... :)
>
> As a response to Jari's loop-AES crypto filter for the loop back
> device, which claims to be hassle free since no kernel modification is
> needed; I've repackaged the all known international crypto patch,
> which according to some people suffers from the need to patch the
> kernel in order to make use of it and thus may not be ever get into
> the kernel since there are still some countries where laws don't
> support an individuals need for privacy.
>
> This (re)package has only one major drawback, crypto can only built as
> modules so far and it supports only kernel 2.4.3 and later so far...
linux-2.4.3-cryptoapi-hvr4/drivers/block/loop.c lines 270...279 after your
kernel patch:
static int lo_read_actor(read_descriptor_t * desc, struct page *page, unsigned long offset, unsigned long size)
{
char *kaddr;
unsigned long count = desc->count;
struct lo_read_data *p = (struct lo_read_data*)desc->buf;
struct loop_device *lo = p->lo;
unsigned long IV = loop_get_iv(lo, (page->index * PAGE_CACHE_SIZE + offset - lo->lo_offset) >> LO_IV_SECTOR_BITS);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
if (size > count)
size = count;
Have you tested that code with partitions or files that are larger than
4 gigs? On systems where int is 32 bits, that computation overflows.
If you want 512 byte based IV computation without modifying your kernel at
all, you can use the loop.o module from my loop-AES package. I haven't tried
using your modules based cryptoapi and my loop-AES drivers together, but I
don't see any obvious reason why they couldn't be used simultaneously.
My loop-AES package is here:
http://members.surfeu.fi/ce6c8edf/loop-AES-v1.1b.tar.bz2
md5sum 61e521a383ce9a90c3f7b98bcf789813
Regards,
Jari Ruusu <jari.ruusu@pp.inet.fi>
next prev parent reply other threads:[~2001-04-24 11:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-04-23 14:33 Announce: cryptoapi-2.4.3 [aka international crypto (non-)patch] Herbert Valerio Riedel
2001-04-24 11:40 ` Jari Ruusu [this message]
2001-04-25 14:05 ` Herbert Valerio Riedel
2001-04-26 10:47 ` Jari Ruusu
2001-04-26 12:37 ` Herbert Valerio Riedel
2001-04-26 18:28 ` Jari Ruusu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3AE56615.C53CE33A@pp.inet.fi \
--to=jari.ruusu@pp.inet.fi \
--cc=ak@suse.de \
--cc=astor@fast.no \
--cc=axboe@suse.de \
--cc=hvr@gnu.org \
--cc=linux-crypto@nl.linux.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox