[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Announce loop-AES-v1.6e file/swap crypto package

To: Iain <iain@minihub.org>
Subject: Re: Announce loop-AES-v1.6e file/swap crypto package
From: Jari Ruusu <jari.ruusu@pp.inet.fi>
Date: Tue, 18 Jun 2002 21:02:32 +0300
CC: linux-crypto@nl.linux.org
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org
References: <3D0E24E5.4AA57226@pp.inet.fi> <20020618071722Z16011-24756+2@humbolt.nl.linux.org> <3D0F0B87.4A60EB95@pp.inet.fi> <20020618104114Z16696-11563+337@humbolt.nl.linux.org>
Sender: linux-crypto-bounce@nl.linux.org

Iain wrote:
> I.e. I have a file ENCRYPTED_STUFF that is my loop file containing a resierfs
> filesystem. It is stored on a partition that has a reiserfs filesystem. Is
> that ok? Reiser doesn't seem to have the data=ordered options that ext3 has.

That will not work reliably, not in loop-AES, and not in cryptoapi. Well, it
may seem to work, until your encrypted reiserfs re-plays a bogus or damaged
journal that destroys your encrypted fs.

Problem is that reiserfs guarantees only meta-data integrity but does not
guarantee file-data integrity in system crash situation, yet it assumes that
all lower layer devices do provide data integrity and ordered writes. When
you put journaled fs on loop that can't provide data integrity and ordered
writes all the way down to disk platters, you have problems.

Good setups:

    ext2 -> loop -> partition
    ext3 -> loop -> partition
    reiserfs -> loop -> partition
    ext2 -> loop -> ext2 -> partition
    ext2 -> loop -> reiserfs -> partition
    reiserfs -> loop -> ext3 -> partition
                         ^
                         |
                    data=journal
                        or
                    data=ordered

Bad setups:

    reiserfs -> loop -> reiserfs -> partition
    reiserfs -> loop -> ext2 -> partition
    ext3 -> loop -> ext2 -> partition

Regards,
Jari Ruusu <jari.ruusu@pp.inet.fi>

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: Announce loop-AES-v1.6e file/swap crypto package
  - From: Dale Amon <amon@vnl.com>
- Re: Announce loop-AES-v1.6e file/swap crypto package
  - From: Iain <iain@minihub.org>
- Re: Announce loop-AES-v1.6e file/swap crypto package
  - From: Gian Piero Carzino <gianpiero.carzino@fastwebnet.it>

References:
- Announce loop-AES-v1.6e file/swap crypto package
  - From: Jari Ruusu <jari.ruusu@pp.inet.fi>
- Re: Announce loop-AES-v1.6e file/swap crypto package
  - From: Iain <iain@minihub.org>
- Re: Announce loop-AES-v1.6e file/swap crypto package
  - From: Jari Ruusu <jari.ruusu@pp.inet.fi>
- Re: Announce loop-AES-v1.6e file/swap crypto package
  - From: Iain <iain@minihub.org>

Prev by Date: RE: Announce loop-AES-v1.6e file/swap crypto package
Next by Date: Re: Announce loop-AES-v1.6e file/swap crypto package
Prev by thread: RE: Announce loop-AES-v1.6e file/swap crypto package
Next by thread: Re: Announce loop-AES-v1.6e file/swap crypto package
Index(es):
- Date
- Thread