[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: patches; problems w/ AES, Twofish + losetup
On Sun, Jan 07, 2001 at 12:19:50PM +0100, Christoph Hertel wrote:
> * Alexander S A Kjeldaas [2001-01-06]:
>
> > > Does this mean that I can skip section 4.2 "Patching the util-linux
> > > source" in the HOWTO?
> > If you plan on using features (esp new ciphers) introduced in a patch
> > later than 2.2.13.3, you'll want to patch util-linux yourself.
> I patched it and the make failed; the HOWTO seems to have the answer:
>
> "If the make step fails, check that /usr/include/linux and
> /usr/include/asm resp. are symlinks to include/linux and
> include/asm-arch resp. Some distributions (e.g. Debian) only have a copy
> of the kernel include there. If you change the kernel, they
> become outdated."
>
> What is meant by "include/linux and include/asm-arch"? I chose
> /usr/src/linux/include/linux/ and /usr/src/linux/include/asm; the latter
> points to asm-i386 (I have a PPro). The make didn't complain. Is it
> about right what I did? Or should I change it now back to the original
> state?
>
It's up to you. These directories contain kernel header files, and
they should generally have kernel headers that represent kernel
interfaces that your currently running kernel supports. So just
leaving them as you've changed them is probably ok.
On the other hand, I think it's possible to patch util-linux into
looking for kernel-headers in a specific place instead of
/usr/include/linux. So that's an alternative - cleaner IMO. But
generally - don't bother about this.. you're fine.
> > You should be able to patch [linux] 2.2.14 with the [linux-int]
> > 2.2.17.x patches. No guarantees though.
> I patched a 2.2.16 kernel with the 2.2.18.3 int_patch and
> util-linux-2.10q with the util-linux-2.10o.int.patch; configure
> complained:
> "You don't have <linux/blkpg.h>"
> "You don't have __NR_pivot_root"
> "Your rpcgen output does not compile"
>
Don't know what these messages mean.
> And strange things are happening:
> /home/chh# losetup -e Twofish /dev/loop0 cryptotest
> Password :
> ioctl: LOOP_SET_STATUS: Invalid argument
> /home/chh# losetup -e AES /dev/loop0 cryptotest
> Unsupported encryption type AES
> /home/chh# losetup -e Rijndael /dev/loop0 cryptotest
> Unsupported encryption type Rijndael
> /home/chh# losetup -e Blowfish /dev/loop0 cryptotest
> Password :
> The last one worked, but I compiled my kernel with AES, Twofish and
> Blowfish (CONFIG_CIPHER_AES=m, CONFIG_CIPHER_TWOFISH=m,
> CONFIG_CIPHER_BLOWFISH=m, but "# CONFIG_CIPHER_RIJNDAEL is not set")
>
I always use lower-case names. From the top of my head I'm not sure
that it works with mixed-case (I'll have to fix that I think).
> modprobe complains in my logs:
> modprobe: modprobe: Can't locate module loop-xfer-3
> modprobe: modprobe: Can't locate module cipher-3
>
> kern.log only said:
> kernel: cryptoapi: Registered blowfish (4)
> kernel: cryptoapi: Registered blowfish-cbc (65540)
>
> in /var/log/ksymoops/20010107112329.modules (the last one):
> blowfish 8608 0 (autoclean) (unused)
> loop_gen 1312 1 (autoclean)
> cryptoapi 1872 2 (autoclean) [blowfish loop_gen]
> loop 8032 2 (autoclean) [loop_gen]
>
> my modules.conf has all the modules:
> alias loop-xfer-3 loop_fish2
> alias cipher-3 fish2
> alias cipher-4 blowfish
> alias cipher-16 rijndael
>
> and they are, where they should be in /lib/modules/2.2.16:
> 10104 Jan 6 15:21 blowfish.o
> 18148 Jan 6 15:21 rijndael.o
> 40564 Jan 6 15:21 twofish.o
>
You cipher-3 alias is wrong - it should point to twofish, not fish2.
>
> However, all the other things seem to work (mounting, writing to, moving
> the crypto-file, etc.). Thanks for all your help!
>
That's good to hear. :-)
astor
--
Alexander Kjeldaas Mail: astor@fast.no
finger astor@master.kernel.org for OpenPGP key.
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/