[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Kernel Migration

To: linux-crypto@nl.linux.org
Subject: Kernel Migration
From: David Belohrad <david.belohrad@cern.ch>
Date: Sun, 14 Dec 2003 12:43:16 +0100
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org
Sender: linux-crypto-bounce@nl.linux.org
User-Agent: Mozilla/5.0 (X11; U; Linux i686; cs-CZ; rv:1.5) Gecko/20031007

Hi all,
please is there somewhere consistent talk about migration of cryptoapi 
when changing the kernel?
In my case:

-- I have linux kernel 'Linux localhost 2.4.21-0.13mdkcustom-dejfson #6 
Čt dub 10 23:29:41 CEST 2003 i686 unknown unknown GNU/Linux', which is 
mdk 2.4.21
with added support for 'old' cryptoapi (= loop-jari + int patch).
-- because of security I want to move to 2.4.23 kernel. The problem is, 
that 2.4.23 already has some 'strange' version of CryptoAPI inside, so 
if I want to add my old
cryptoapi support, the patches are confusing the kernel.
-- for this I've found in this mailing conference how to make it with 
the crypto what is in kernel (adding patch 
patch-cryptoloop-jari-2.4.22.0 to vanilla 2.4.23). This
works without problem, but when I go to make xconfig, and I select loop 
device and cryptoloop device (as modules), the cryptographic support is 
then completely
grayed, so I cannot make a selection of the cipher I have (twofish-256).
-- if I compile the system as it is (with grayed ciphers), i compile 
util-linux + hashalot, then when I try to mount, it says that the cipher 
is not existing.
....................
-- ok, another try: i've hacked little Config.in from crypto not to have 
tristate buttons in cryptoapi menu, then I've selected to compile loop, 
cryptoloop, two-fish (as module)
-- compile -- ok, makes module of twofish
-- insmod cryptoloop, twofish = ok
-- compile util-linux, -- ok
.....................
try to mount:

sha256 | ./losetup -p0 -e twofish-256 /dev/loop0 /dev/hdb
mount /dev/loop0 /pool

........... incorrect fs type....

so some questions:

where I do the mistake?
what is the difference between manual patched cryptoapi (ie it creates 
in kernel directory /crypto, /crypto/ciphers, /crypto/cryptoloop...) and
the cryptoapi which is already in the kernel 2.4.22?
what is the correct migration to be able to mount the 'old' cryptoapi 
with new kernel cryptoapi? (i have 120gb disk encrypted with twofish, so 
i cannot simply make
a new partition and copy there all the data to be able to make new 
cryptoapi partition)
is there any document to read about all the 'loop' and other patches?? 
there is a lot of patches, which do different things...

thanks for answers
david belohrad

-------------------------------------------
David Belohrad, Div. PS/Beam Diagnostics
C.E.R.N. Site de Meyrin, CH 1211 Geneva 23
http://www.cern.ch
David.Belohrad@cern.ch
Tel +41.22.76.76318  Fax +41.22.76.78200
GSM +41.79.73.50937
-------------------------------------------




-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: Kernel Migration
  - From: Petro Verkhogliad <Petro@ncf.ca>
- Re: Kernel Migration
  - From: David Belohrad <david.belohrad@cern.ch>
- Re: Kernel Migration
  - From: fchabaud@free.fr
- Re: Kernel Migration
  - From: Ben Slusky <sluskyb@paranoiacs.org>

Prev by Date: linux-crypto-archive
Next by Date: Re: Kernel Migration
Prev by thread: linux-crypto-archive
Next by thread: Re: Kernel Migration
Index(es):
- Date
- Thread