From linux-crypto-bounce@nl.linux.org Thu Mar 02 03:39:36 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FEdj0-00055m-Tw; Thu, 02 Mar 2006 03:39:30 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 02 Mar 2006 03:38:48 +0100 (CET) Received: from mail119.messagelabs.com ([216.82.241.179]) by humbolt.nl.linux.org with smtp (Exim 4.22) id 1FEdhS-000507-Os for linux-crypto@nl.linux.org; Thu, 02 Mar 2006 03:37:54 +0100 X-VirusChecked: Checked X-Env-Sender: jiang.zhang@motorola.com X-Msg-Ref: server-2.tower-119.messagelabs.com!1141266668!10873423!1 X-StarScan-Version: 5.5.9.1; banners=-,-,- X-Originating-IP: [129.188.136.100] Received: (qmail 18005 invoked from network); 2 Mar 2006 02:31:08 -0000 Received: from motgate.mot.com (HELO motgate.mot.com) (129.188.136.100) by server-2.tower-119.messagelabs.com with SMTP; 2 Mar 2006 02:31:08 -0000 Received: from az33exr03.mot.com (az33exr03.mot.com [10.64.251.233]) by motgate.mot.com (Motorola/Motgate) with ESMTP id k222V4bT019646 for ; Wed, 1 Mar 2006 19:31:04 -0700 (MST) Received: from ct11exm60.ds.mot.com ([10.177.8.44]) by az33exr03.mot.com (8.13.1/8.13.0) with ESMTP id k222jVx8010008 for ; Wed, 1 Mar 2006 20:45:32 -0600 (CST) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C63DA1.5954FE48" Subject: Re: Loading secure binaries Date: Wed, 1 Mar 2006 21:31:02 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Re: Loading secure binaries Thread-Index: AcY9oVijEACxUkYpS9uv0WATQafPYg== From: "Zhang Jiang jason-MGI8240" To: , Cc: X-Brightmail-Tracker: AAAAAQAAAAQ= X-White-List-Member: TRUE Received-SPF: X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,HTML_30_40, HTML_FONT_BIG,HTML_MESSAGE autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jiang.zhang@motorola.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This is a multi-part message in MIME format. ------_=_NextPart_001_01C63DA1.5954FE48 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi, Ian and Gisle, =20 While I was searching the Internet to solve the similar problem, your = email communications popped up (see the attachment below). Just = wondering if you guys can provide me more progress or information about = loading secure binaries? I also face the same problem that somebody may = load and execute malicious code on top of our embedded Linux OS. If you = guys can share some experience on the embedded Linux, I really = appreciate! =20 Best regards, =20 Jason =20 =20 =20 ________________________________ =20 Re: Loading secure binaries? ________________________________ * To: "Ian S. Nelson" =20 * Subject: Re: Loading secure binaries?=20 * From: Gisle S{lensminde =20 * Date: Mon, 5 Mar 2001 22:08:43 +0100 (MET)=20 * cc: linux-crypto =20 * In-Reply-To: <3A9AE282.147DE47@echostar.com>=20 * Sender: owner-linux-crypto@nl.linux.org=20 ________________________________ On Mon, 26 Feb 2001, Ian S. Nelson wrote: > I'm working on an embedded Linux project and the issue of security is > starting to surface and it's beginning to look kind of interesting. > > Is there any plans with Linux-crypto or some other project that = somebody > knows of to allow the loading of secure binaries? This have been discussed here earlier, and I do not think there are any such plans. Before any such scheme is implemented, it's allways important to consider what they are meant to protect against. More on this later. > > I was thinking of a scheme like this: > > there would be a new linux executable loader, perhaps one of the > misc binary loaders or an ELF hack, you'd want it to reside inside the > kernel though. > > Then add a new system call to provide a key to the kernel. This > could be pulled down off the internet or out of a secure piece of > hardware. In some applications it could be something the user = provides > at login time. > > Then the new binaries would be AES/IDEA/DES encrypted with that = key > and the new loader would use that key to decrypt them at load time. It's a bit unclear what you want to protect against. Some threats i can think about for networked embedded systems is: - The binaries/data are transefered/updated via the network, and an attacker should not be able to steal data or programs by listening to the network, or being a man in the middle. This is best protected by SSL, SSH or some other network encryption protocol. - Prevent people with physical access to the device to get any unautorized access. This could also be archived by disk encryption. This is already done in the kernel for whole partitions. A filesystem with one key per user (or anything similar) would be more direct on the target, but is it necessary. - Prevent intruders from executing malicious code. A = signing/verification scheme will be the right thing to in that case. Possibly combined with disk encryption. In some case, a scheme like the one I think you describes will be = usefull. It's known that attackes have got unathorised access to systems by replacing modules by their own, that can give permanent root acces, backdors etc. This scheme requires somebody to accept each and every executable/module to be executed on the system. This is in practice awkward executables on a workstation, but for systems where the number = of executable is more controllable, like for embedded systems or kernel modules, it's archivable. > Anybody know of something like this? A logical extension would be to > embed GPG into the kernel and then you could execute signed and > encrypted binaries but that seems like overkill for what we're doing, = we > just don't want a few key pieces of code to ever be decrypted anywhere > other than SDRAM. Not the whole of GPG, but such a scheme require asymetric crypto to be inserted into the kernel, and it will require some work, but it's absolutly archivable, the question is whether it will make systems so = much more secure that it's worth the effort. -- Gisle S=E6lensminde ( gisle@ii.uib.no ) With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead. (from RFC 1925) Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ ________________________________ ------_=_NextPart_001_01C63DA1.5954FE48 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Hi, = Ian and=20 Gisle,
 
While = I was=20 searching the Internet to solve the similar problem, your email = communications=20 popped up (see the attachment below). Just wondering if you guys can = provide me=20 more progress or information about loading secure binaries? I also face = the same=20 problem that somebody may load and execute malicious code on top of our = embedded=20 Linux OS. If you guys can share some experience on the embedded Linux, I = really=20 appreciate!
 
Best=20 regards,
 
Jason
 
 
 
 

Re: Loading secure binaries?

  • To: "Ian S. Nelson" <ian.nelson@echostar.com>=20
  • Subject: Re: Loading secure binaries?=20
  • From: Gisle S{lensminde <gisle@ii.uib.no>=20
  • Date: Mon, 5 Mar 2001 22:08:43 +0100 (MET)=20
  • cc: linux-crypto <linux-crypto@nl.linux.org&g= t;=20
  • In-Reply-To: <3A9AE282.147DE47@echostar.com>=20
  • Sender: owner-linux-crypto@nl.lin= ux.org=20 
On Mon, 26 Feb =
2001, Ian S. Nelson wrote:

> I'm working on an embedded Linux project and the issue of security =
is
> starting to surface and it's beginning to look kind of interesting.
>
> Is there any plans with Linux-crypto or some other project that =
somebody
> knows of to allow the loading of secure binaries?

This have been discussed here earlier, and I do not think there are
any such plans. Before any such scheme is implemented, it's allways
important to consider what they are meant to protect against. More on
this later.

>
> I was thinking of a scheme like this:
>
>     there would be a new linux executable loader, perhaps one of =
the
> misc binary loaders or an ELF hack, you'd want it to reside inside =
the
> kernel though.
>
>     Then add a new system call to provide a key to the kernel.  =
This
> could be pulled down off the internet or out of a secure piece of
> hardware.  In some applications it could be something the user =
provides
> at login time.
>
>     Then the new binaries would be AES/IDEA/DES encrypted with that =
key
> and the new loader would use that key to decrypt them at load time.

It's a bit unclear what you want to protect against. Some threats i
can think about for networked embedded systems is:

- The binaries/data are transefered/updated via the network, and
  an attacker should not be able to steal data or programs by
  listening to the network, or being a man in the middle. This
  is best protected by SSL, SSH or some other network encryption
  protocol.

- Prevent people with physical access to the device to get any
  unautorized access. This could also be archived by disk encryption.
  This is already done in the kernel for whole partitions.
  A filesystem with one key per user (or anything similar) would be
  more direct on the target, but is it necessary.

- Prevent intruders from executing malicious code. A =
signing/verification
  scheme will be the right thing to in that case. Possibly combined with
  disk encryption.

In some case, a scheme like the one I think you describes will be =
usefull.
It's known that attackes have got unathorised access to systems by
replacing modules by their own, that can give permanent root acces,
backdors etc. This scheme requires somebody to accept each and every
executable/module to be executed on the system. This is in practice
awkward executables on a workstation, but for systems where the number =
of
executable is more controllable, like for embedded systems or kernel
modules, it's archivable.

> Anybody know of something like this?  A logical extension would be =
to
> embed GPG into the kernel and then you could execute signed and
> encrypted binaries but that seems like overkill for what we're =
doing, we
> just don't want a few key pieces of code to ever be decrypted =
anywhere
> other than SDRAM.

Not the whole of GPG, but such a scheme require asymetric crypto to be
inserted into the kernel, and it will require some work, but it's
absolutly archivable, the question is whether it will make systems so =
much
more secure that it's worth the effort.

--
Gisle S=E6lensminde ( gisle@ii.uib.no )

With sufficient thrust, pigs fly just fine. However, this is not
necessarily a good idea. It is hard to be sure where they are going
to land, and it could be dangerous sitting under them as they fly
overhead. (from RFC 1925)


Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/=
linux-crypto/
=
------_=_NextPart_001_01C63DA1.5954FE48-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Mar 02 08:12:40 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FEhzH-0005dN-B1; Thu, 02 Mar 2006 08:12:35 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 02 Mar 2006 08:12:12 +0100 (CET) Received: from aegean.gsae.edu.gr ([212.205.106.195]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FEhyd-0005aX-Et for linux-crypto@nl.linux.org; Thu, 02 Mar 2006 08:11:55 +0100 Received: by www.gsae.edu.gr with Internet Mail Service (5.5.2653.19) id ; Thu, 2 Mar 2006 08:56:00 +0200 Message-ID: From: NAV for Microsoft Exchange-WEB-SERVER To: "'linux-crypto@nl.linux.org'" Subject: Norton AntiVirus detected a virus in a message you sent. The inf ected attachment was deleted. Date: Thu, 2 Mar 2006 08:55:55 +0200 X-MS-TNEF-Correlator: MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01C63DC6.5A2F3520" Received-SPF: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_50 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: NAVMSE-WEB-SERVER@gsae.edu.gr Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_000_01C63DC6.5A2F3520 Content-Type: text/plain; charset="iso-8859-7" Content-Transfer-Encoding: quoted-printable Recipient of the infected attachment: Pakis = Menderlis\=C5=E9=F3=E5=F1=F7=FC=EC=E5=ED=E1 Subject of the message: Delivery reports about your e-mail One or more attachments were deleted Attachment transcript.zip was Deleted for the following reasons: Virus W32.Mydoom.M@mm was found. Virus W32.Mydoom.M@mm was found in transcript.htm .exe. ------_=_NextPart_000_01C63DC6.5A2F3520 Content-Type: application/ms-tnef Content-Transfer-Encoding: base64 eJ8+IgEGAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5QQAAAAAAADpAAEIgAcAGAAAAElQTS5NaWNy b3NvZnQgTWFpbC5Ob3RlADEIAQWAAwAOAAAA1gcDAAIACAA3ADcABABcAQEggAMADgAAANYHAwAC AAgANwA7AAQAYAEBCYABACEAAABENjVEMjA0MzFEMEU3OTQxOTU5ODc1NEIyQjE2M0VEMwAGBwEE gAEAXwAAAE5vcnRvbiBBbnRpVmlydXMgZGV0ZWN0ZWQgYSB2aXJ1cyBpbiBhIG1lc3NhZ2UgeW91 IHNlbnQuICBUaGUgaW5mZWN0ZWQgYXR0YWNobWVudCB3YXMgZGVsZXRlZC4AHyIBDYAEAAIAAAAC AAIAAQOQBgBABgAAIQAAAAIBCRABAAAAsAEAAKwBAAD1AgAATFpGdfRfaAOHAAoBDQNDdGV4dAH3 /wKkA+QF6wKDAFAC8wa0AoMmMgPFAgBjaArAc2VQdDE2MQAAKgLhYZ0HgCAHEwKABxMgRwnR+msC gH0KgAjPCdkCgAqE/ws3EsIB0AfwBZAFIAiQAjDAIG9mIHRoFIALgMZmBZAO8GQgYQJAANAGaAeA AjA6ICBQYV5rBAAF0AnwBIFsBABckRywJ2M1HNBlORzQvGYzHREdAQBBHWA3HVH/AOAdIB6CHQIL MB0gAFAKsuEKgFN1YmoakRnmB4GQc2FnZRuRRGUcgNJ2BJB5IBbAcBZhBCAXAaAIYAVAeQhhIGUt 5wDAAxAflU9uFIAFsQRgdxbAGukEIHcEkBSAAQBs1xOwHzEKsgoboEEbBxoQZnIAcQUDLnoFICWQ YfcEICGRJiIgAhAFwBoiAhDmbBZQA/BuZyIRKJACIBxzOh+VG6AboFZpcgJ1BCBXMzIuTXmMZG8D cCwgQG1tKHP1AhB1HEAuKu8r/y0GGlH5J4podCzQMV8ybzN/NI+/NZ82rze/OM853zpmLg8ACmUt hn08QAMA/T/lBAAAQAA5ACA1L1rGPcYBAwDxPwkEAAAeADFAAQAAABIAAABOQVZNU0UtV0VCLVNF UlZFUgAAAAMAGkAAAAAAHgAwQAEAAAASAAAATkFWTVNFLVdFQi1TRVJWRVIAAAADABlAAAAAAAIB cQABAAAAFgAAAAHGPcZaLx3AvEE1W0kGjo08TtLaQNEAAAMAJgAAAAAAAwA2AAAAAAAeAHAAAQAA AF8AAABOb3J0b24gQW50aVZpcnVzIGRldGVjdGVkIGEgdmlydXMgaW4gYSBtZXNzYWdlIHlvdSBz ZW50LiAgVGhlIGluZmVjdGVkIGF0dGFjaG1lbnQgd2FzIGRlbGV0ZWQuAAALAPIQAQAAAAIBRwAB AAAAMAAAAGM9R1I7YT0gO3A9R1NBRTtsPVdFQi1TRVJWRVItMDYwMzAyMDY1NTU1Wi0xMjgzAAIB +T8BAAAAUwAAAAAAAADcp0DIwEIQGrS5CAArL+GCAQAAAAAAAAAvTz1HU0FFL09VPUdTQUVfSU5U L0NOPVJFQ0lQSUVOVFMvQ049TkFWTVNFLVdFQi1TRVJWRVIAAB4A+D8BAAAAJgAAAE5BViBmb3Ig TWljcm9zb2Z0IEV4Y2hhbmdlLVdFQi1TRVJWRVIAAAAeADhAAQAAABIAAABOQVZNU0UtV0VCLVNF UlZFUgAAAAIB+z8BAAAAUwAAAAAAAADcp0DIwEIQGrS5CAArL+GCAQAAAAAAAAAvTz1HU0FFL09V PUdTQUVfSU5UL0NOPVJFQ0lQSUVOVFMvQ049TkFWTVNFLVdFQi1TRVJWRVIAAB4A+j8BAAAAJgAA AE5BViBmb3IgTWljcm9zb2Z0IEV4Y2hhbmdlLVdFQi1TRVJWRVIAAAAeADlAAQAAABIAAABOQVZN U0UtV0VCLVNFUlZFUgAAAEAABzDG0ixaxj3GAUAACDAixulcxj3GAR4APQABAAAAAQAAAAAAAAAe AB0OAQAAAF8AAABOb3J0b24gQW50aVZpcnVzIGRldGVjdGVkIGEgdmlydXMgaW4gYSBtZXNzYWdl IHlvdSBzZW50LiAgVGhlIGluZmVjdGVkIGF0dGFjaG1lbnQgd2FzIGRlbGV0ZWQuAAAeADUQAQAA ADkAAAA8QzA1NTdEOTZFOEU3MTg0N0EwRERFRUVERTRDNDNDMEMyNEIwNDlAd3d3LmdzYWUuZWR1 LmdyPgAAAAALACkAAAAAAAsAIwAAAAAAAwAGEGVHrq4DAAcQCQEAAAMAEBAAAAAAAwAREAEAAAAe AAgQAQAAAGUAAABSRUNJUElFTlRPRlRIRUlORkVDVEVEQVRUQUNITUVOVDpQQUtJU01FTkRFUkxJ U8Xp8+Xx9/zs5e3hU1VCSkVDVE9GVEhFTUVTU0FHRTpERUxJVkVSWVJFUE9SVFNBQk9VVFlPAAAA AAIBfwABAAAAOQAAADxDMDU1N0Q5NkU4RTcxODQ3QTBEREVFRURFNEM0M0MwQzI0QjA0OUB3d3cu Z3NhZS5lZHUuZ3I+AAAAAHec ------_=_NextPart_000_01C63DC6.5A2F3520-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri Mar 03 15:49:24 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FFBaq-0006TV-1I; Fri, 03 Mar 2006 15:49:20 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 03 Mar 2006 15:48:27 +0100 (CET) Received: from www.brandinstitute.co.uk ([12.8.7.6] helo=www4.brandinstitute.com) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FFBZS-0006Nw-7V for linux-crypto@nl.linux.org; Fri, 03 Mar 2006 15:47:54 +0100 Received: from interview.brandinstitute.com ([12.8.7.9]) by www4.brandinstitute.com with Microsoft SMTPSVC(5.0.2195.6713); Fri, 3 Mar 2006 09:47:33 -0500 Received: from mail pickup service by interview.brandinstitute.com with Microsoft SMTPSVC; Fri, 3 Mar 2006 09:47:33 -0500 Thread-Topic: Online paid-survey invitation from Brand Institute!!! thread-index: AcY+0Wdvi74EYSh7SX2Fteu0cCWOHA== From: To: Subject: Online paid-survey invitation from Brand Institute!!! Date: Fri, 3 Mar 2006 09:47:33 -0500 Message-ID: <08d601c63ed1$6792f8d0$0700a8c0@brandinstitute.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_08D7_01C63EA7.7EBCF0D0" X-Mailer: Microsoft CDO for Windows 2000 Content-Class: urn:content-classes:message Importance: normal Priority: normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830 X-OriginalArrivalTime: 03 Mar 2006 14:47:33.0356 (UTC) FILETIME=[679542C0:01C63ED1] Received-SPF: X-Spam-Level: * X-Spam-Status: No, score=1.5 required=5.0 tests=BAYES_60,HTML_00_10, HTML_MESSAGE,NO_REAL_NAME,PLING_PLING autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: recruiting-support@brandinstitute.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This is a multi-part message in MIME format. ------=_NextPart_000_08D7_01C63EA7.7EBCF0D0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Greetings from Brand Institute, Inc.! Brand Institute, a leading consulting firm needs your help. Currently we=81fre conducting a study on how marketing influences the purchasing behaviors on financial services.=20 We conduct live and online market research surveys/brainstorming sessions to help our customers develop new and exciting names for their products. We need your ideas and opinions to come up with the best possible names. We will compensate $25 for twenty minutes of your time.=20 If you think you have what it takes to name the next hit television network or the newest household product, please sign up at our website: http://www.brandinst.com/survey/. We will not use your information for anything except the surveys, and of course=81cto mail you your check! We will not sell your information to any lists or use it for illicit advertising. Please feel free to pass this message along to anyone you think would enjoy making extra money while getting involved in the creation of tomorrow's products. Thank you very much; we appreciate your help! Soon, your ideas may be part of a national marketing campaign! Kind regards, The Brand Institute Team recruiting-support@brandinstitute.com ------=_NextPart_000_08D7_01C63EA7.7EBCF0D0 Content-Type: text/html Content-Transfer-Encoding: 8bit Greetings from Brand Institute, Inc.!

Brand Institute, a leading consulting firm needs your help. Currently wefre conducting a study on how marketing influences the purchasing behaviors on financial services.

We conduct live and online market research surveys/brainstorming sessions to help our customers develop new and exciting names for their products. We need your ideas and opinions to come up with the best possible names. We will compensate $25 for twenty minutes of your time.

If you think you have what it takes to name the next hit television network or the newest household product, please sign up at our website: http://www.brandinst.com/survey/. We will not use your information for anything except the surveys, and of coursecto mail you your check! We will not sell your information to any lists or use it for illicit advertising.

Please feel free to pass this message along to anyone you think would enjoy making extra money while getting involved in the creation of tomorrow's products.

Thank you very much; we appreciate your help! Soon, your ideas may be part of a national marketing campaign!

Kind regards,

The Brand Institute Team

recruiting-support@brandinstitute.com
------=_NextPart_000_08D7_01C63EA7.7EBCF0D0-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun Mar 05 23:24:02 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FG1du-0007v5-2j; Sun, 05 Mar 2006 23:23:58 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 05 Mar 2006 23:23:19 +0100 (CET) Received: from osl1smout1.broadpark.no ([80.202.4.58]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FG1d1-0007sr-BI for linux-crypto@nl.linux.org; Sun, 05 Mar 2006 23:23:03 +0100 Received: from osl1sminn1.broadpark.no ([80.202.4.59]) by osl1smout1.broadpark.no (Sun Java System Messaging Server 6.1 HotFix 0.05 (built Oct 21 2004)) with ESMTP id <0IVO00I71E5GLWC0@osl1smout1.broadpark.no> for linux-crypto@nl.linux.org; Sun, 05 Mar 2006 23:22:28 +0100 (CET) Received: from [10.0.0.3] ([80.202.100.166]) by osl1sminn1.broadpark.no (Sun Java System Messaging Server 6.1 HotFix 0.05 (built Oct 21 2004)) with ESMTP id <0IVO001NYE5GUFF0@osl1sminn1.broadpark.no> for linux-crypto@nl.linux.org; Sun, 05 Mar 2006 23:22:28 +0100 (CET) Date: Sun, 05 Mar 2006 23:25:55 +0100 From: =?ISO-8859-1?Q?Gisle_S=E6lensminde?= Subject: Re: Loading secure binaries In-reply-to: To: Zhang Jiang jason-MGI8240 Cc: gisle@ii.uib.no, linux-crypto@nl.linux.org Message-id: <440B6573.7070502@cbu.uib.no> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7BIT X-Accept-Language: en-us, en References: User-Agent: Mozilla Thunderbird 1.0.7 (Macintosh/20050923) Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: gisle@cbu.uib.no Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Zhang Jiang jason-MGI8240 wrote: > Hi, Ian and Gisle, > > While I was searching the Internet to solve the similar problem, your > email communications popped up (see the attachment below). Just > wondering if you guys can provide me more progress or information > about loading secure binaries? I also face the same problem that > somebody may load and execute malicious code on top of our embedded > Linux OS. If you guys can share some experience on the embedded Linux, > I really appreciate! > I answered you in private email saying that I did not know about such a system, and outlined how it could be implemented, but it turned out I was wrong, at least for kernel modules. There were even an article in linuxjournal about it. Maybe not very well tested yet, but it has made it into some of the Fedora test kernels at least: http://www.linuxjournal.com/article/7130 http://sourceforge.net/projects/disec http://lwn.net/Articles/92617/ This has not to my knowledge made it into the base kernel, and I would guess that it will meet some resistance, since it potentially can be used to prevent people from modify systems they own, DRM-like schemes and similar, but it can also increase the security on some servers. For executables in userspace some of the features of SELinux may solve some of your issues, depending on what you try to archieve. - Gisle - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Mar 07 12:39:01 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FGaWo-0001qW-3V; Tue, 07 Mar 2006 12:38:58 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 07 Mar 2006 12:38:16 +0100 (CET) Received: from moutng.kundenserver.de ([212.227.126.184]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FGaVk-0001mB-9A for linux-crypto@nl.linux.org; Tue, 07 Mar 2006 12:37:52 +0100 Received: from [212.227.126.202] (helo=mrvnet.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1FGaHD-0006hU-00 for linux-crypto@nl.linux.org; Tue, 07 Mar 2006 12:22:51 +0100 Received: from [212.227.109.61] (helo=infong30 ident=8) by mrvnet.kundenserver.de with smtp (Exim 3.35 #1) id 1FGaHD-0005yp-00 for linux-crypto@nl.linux.org; Tue, 07 Mar 2006 12:22:51 +0100 Received: from [62.139.51.182](IP may be forged by CGI script) by infong30.kundenserver.de with HTTP; Tue, 7 Mar 2006 12:22:51 +0100 Date: Tue, 7 Mar 2006 12:22:51 +0100 Precedence: bulk To: linux-crypto@nl.linux.org Subject: Wells Fargo Bank online From: Wells Fargo Bank Online Reply-To: MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: 8bit Message-Id: X-Provags-ID: kundenserver.de abuse@kundenserver.de sender-info:13571045@infong30 Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: **** X-Spam-Status: No, score=4.7 required=5.0 tests=AWL,BAYES_60,HTML_40_50, HTML_IMAGE_ONLY_20,HTML_MESSAGE,MIME_HTML_ONLY,REPLY_TO_EMPTY autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: management@wellsfargo.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Untitled Document

Dear Wells Fargo Banking Online Customers:

Wells Fargo is constantly working to increase security for all Online Banking users. To ensure the integrity of our online payment system, we periodically review accounts.

Your account might be place on restricted status. Restricted accounts continue to receive payments, but they are limited in their ability to send or withdraw funds.

To lift up this restriction, you need to login into your account (with your username or SSN and your password), then you have to complete our verification process. You must confirm your credit card details and your billing information as well. All restricted accounts have their billing information unconfirmed, meaning that you may no longer send money from your account until you have updated your billing information on file.
To initiate the billing update confirmation process, please follow the link bellow and fill in the necessary fields:

https://online.wellsfargo.com/signon?LOB=CONS

Thank you,

Wells Fargo - Online Banking


- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Mar 08 16:39:43 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH0lH-0008DD-1S; Wed, 08 Mar 2006 16:39:39 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 08 Mar 2006 16:38:58 +0100 (CET) Received: from certainkey.com ([134.117.69.104]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH0kN-00082t-PD for linux-crypto@nl.linux.org; Wed, 08 Mar 2006 16:38:43 +0100 Received: from jlcooke by certainkey.com with local (Exim 3.35 #1 (Debian)) id 1FGzbA-0000QQ-00 for ; Wed, 08 Mar 2006 09:25:08 -0500 Date: Wed, 8 Mar 2006 09:25:08 -0500 From: Jean-Luc Cooke To: linux-crypto@nl.linux.org Subject: attacks on Linxu RNG (paper) Message-ID: <20060308142507.GL31354@certainkey.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.9i Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jlcooke@certainkey.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto I didn't not write this. I've given up trying to convince people of the problems with the Linux RNG long ago. http://eprint.iacr.org/2006/086 It's worth mentioning that they said using a simpler RNG would have been better than using the RNG we have now. That's almost insulting. JLC ps. My out-of-date Fortuna RNG page: http://jlcooke.ca/random/ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Mar 08 19:09:50 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH36Z-0000Kx-Lp; Wed, 08 Mar 2006 19:09:47 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 08 Mar 2006 19:09:25 +0100 (CET) Received: from moutng.kundenserver.de ([212.227.126.186]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH35z-0000Jp-30 for linux-crypto@nl.linux.org; Wed, 08 Mar 2006 19:09:11 +0100 Received: from [89.57.55.36] (helo=sheep.housecafe.de) by mrelayeu.kundenserver.de (node=mrelayeu5) with ESMTP (Nemesis), id 0ML25U-1FH35u1q57-0006fn; Wed, 08 Mar 2006 19:09:07 +0100 Received: from localhost ([127.0.0.1] helo=housecafe.dyndns.org) by sheep.housecafe.de with esmtp (Exim 4.60) (envelope-from ) id 1FH330-0000iY-Mf; Wed, 08 Mar 2006 19:06:06 +0100 Received: from 192.18.240.11 (SquirrelMail authenticated user evil) by housecafe.dyndns.org with HTTP; Wed, 8 Mar 2006 19:06:06 +0100 (CET) Message-ID: <64945.192.18.240.11.1141841166.squirrel@housecafe.dyndns.org> In-Reply-To: <20060308142507.GL31354@certainkey.com> References: <20060308142507.GL31354@certainkey.com> Date: Wed, 8 Mar 2006 19:06:06 +0100 (CET) Subject: Re: attacks on Linxu RNG (paper) From: "Christian" To: "Jean-Luc Cooke" Cc: linux-crypto@nl.linux.org User-Agent: SquirrelMail/1.5.1 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-Provags-ID: kundenserver.de abuse@kundenserver.de login:f96d4aaab3db5f10cc75fadfe8b23b1e Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: evil@g-house.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Wed, March 8, 2006 15:25, Jean-Luc Cooke wrote: > I didn't not write this. I've given up trying to convince people of the > problems with the Linux RNG long ago. I've heard of this, but never got around looking into this. thanks for the link! > ps. My out-of-date Fortuna RNG page: http://jlcooke.ca/random/ why is this out-of-date? the last patch is for 2.6.12, is it not maintained any more? I suppose that you have sent patches to lkml as well - any pointers why the patches were rejected...? thanks, Christian. -- make bzImage, not war - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Mar 08 20:41:16 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH4X3-0003bb-77; Wed, 08 Mar 2006 20:41:13 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 08 Mar 2006 20:40:49 +0100 (CET) Received: from certainkey.com ([134.117.69.104]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH4WO-0003Zs-K7 for linux-crypto@nl.linux.org; Wed, 08 Mar 2006 20:40:32 +0100 Received: from jlcooke by certainkey.com with local (Exim 3.35 #1 (Debian)) id 1FH4Vx-0001bR-00; Wed, 08 Mar 2006 14:40:05 -0500 Date: Wed, 8 Mar 2006 14:40:05 -0500 From: Jean-Luc Cooke To: Christian Cc: linux-crypto@nl.linux.org Subject: Re: attacks on Linxu RNG (paper) Message-ID: <20060308194005.GP31354@certainkey.com> References: <20060308142507.GL31354@certainkey.com> <64945.192.18.240.11.1141841166.squirrel@housecafe.dyndns.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <64945.192.18.240.11.1141841166.squirrel@housecafe.dyndns.org> User-Agent: Mutt/1.5.9i Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jlcooke@certainkey.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Wed, Mar 08, 2006 at 07:06:06PM +0100, Christian wrote: > On Wed, March 8, 2006 15:25, Jean-Luc Cooke wrote: > > I didn't not write this. I've given up trying to convince people of the > > problems with the Linux RNG long ago. Just saw my bad english above. Sorry to all grammer nazis out there. > I've heard of this, but never got around looking into this. thanks for the > link! No problem. Good paper by the way, I suggest folks read it (eprint.iacr.org/2006/086) > > ps. My out-of-date Fortuna RNG page: http://jlcooke.ca/random/ > > why is this out-of-date? the last patch is for 2.6.12, is it not > maintained any more? I suppose that you have sent patches to lkml as well > - any pointers why the patches were rejected...? Oh god. Yes. http://marc.theaimsgroup.com/?l=linux-kernel&m=111343641603732&w=2 http://marc.theaimsgroup.com/?l=linux-kernel&m=109598444526812&w=2 http://marc.theaimsgroup.com/?l=linux-kernel&m=109647848816402&w=2 That's just a start. JLC - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Mar 08 21:17:32 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH569-0007kO-6u; Wed, 08 Mar 2006 21:17:29 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 08 Mar 2006 21:17:15 +0100 (CET) Received: from scanmupp.adm.gu.se ([130.241.25.165] helo=statler.mupp.net ident=Debian-exim) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH54q-0007d1-FK for linux-crypto@nl.linux.org; Wed, 08 Mar 2006 21:16:08 +0100 Received: from cookiemonster.mupp.net ([10.4.0.2] ident=Debian-exim) by statler.mupp.net with esmtp (Exim 4.52) id 1FH4pb-0007Lt-5i for linux-crypto@nl.linux.org; Wed, 08 Mar 2006 21:00:23 +0100 Received: from waldorf.muppnet.local ([192.168.0.201]) by cookiemonster.mupp.net with esmtp (Exim 4.60) (envelope-from ) id 1FH4pZ-0004Ff-Gk for linux-crypto@nl.linux.org; Wed, 08 Mar 2006 21:00:21 +0100 Content-class: urn:content-classes:message Subject: WIerdness when creating Loop-aes file? MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable Date: Wed, 8 Mar 2006 21:00:15 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Message-ID: <9CB5A76200029E439A44D2E52901D6A47A4D@waldorf.Muppnet.local> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: WIerdness when creating Loop-aes file? Thread-Index: AcZC6uqGGGcTSX+nQ4K0XzL9slheXg== From: "Jan Johansson" To: Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: j2@mupp.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Hello! I used the instructions on http://deb.riseup.net/storage/encryption/loop-aes/ to create a encrypted area. But when I get to the 'dd' stage (using /dev/loop1 and /dev/md2), weird things starts to happen. I should have plenty of memory total used free shared buffers cached Mem: 3116936 3095872 21064 0 178824 2545060 -/+ buffers/cache: 371988 2744948 Swap: 1951888 772 1951116 cookiemonster:~/VMware# At the time of the problem, swap was less then 50MB in use. Running Debian 3.1 cookiemonster:~/VMware# uname -a Linux cookiemonster 2.6.8-2-686 #1 Tue Aug 16 13:22:48 UTC 2005 i686 GNU/Linux cookiemonster:~/VMware# dpkg -l | grep aes ii loop-aes-2.6.8 2.2d-5+2.6.8-1 AES-encryption loopback Linux kernel module ii loop-aes-sourc 2.2d-5 AES-encryption loopback Linux kernel module ii loop-aes-utils 2.12p-4sarge1 Tools for mounting and manipulating filesyst cookiemonster:~/VMware# I am not sure what other info is useful? Mar 7 19:20:40 cookiemonster kernel: oom-killer: gfp_mask=3D0xd0 Mar 7 19:20:40 cookiemonster kernel: DMA per-cpu: Mar 7 19:20:40 cookiemonster kernel: cpu 0 hot: low 2, high 6, batch 1 Mar 7 19:20:40 cookiemonster kernel: cpu 0 cold: low 0, high 2, batch 1 Mar 7 19:20:40 cookiemonster kernel: Normal per-cpu: Mar 7 19:20:40 cookiemonster kernel: cpu 0 hot: low 32, high 96, batch 16 Mar 7 19:20:40 cookiemonster kernel: cpu 0 cold: low 0, high 32, batch 16 Mar 7 19:20:40 cookiemonster kernel: HighMem per-cpu: Mar 7 19:20:40 cookiemonster kernel: cpu 0 hot: low 32, high 96, batch 16 Mar 7 19:20:40 cookiemonster kernel: cpu 0 cold: low 0, high 32, batch 16 Mar 7 19:20:40 cookiemonster kernel: Mar 7 19:20:40 cookiemonster kernel: Free pages: 56112kB (51712kB HighMem) Mar 7 19:20:40 cookiemonster kernel: Active:314462 inactive:417279 dirty:98112 writeback:190440 unstable:0 free:14028 slab:24168 mapped:5741 0 pagetables:323 Mar 7 19:20:40 cookiemonster kernel: DMA free:1904kB min:16kB low:32kB high:48kB active:0kB inactive:7904kB present:16384kB Mar 7 19:20:40 cookiemonster kernel: protections[]: 8 476 732 Mar 7 19:20:41 cookiemonster kernel: Normal free:2496kB min:936kB low:1872kB high:2808kB active:108kB inactive:760052kB present:901120kB Mar 7 19:20:41 cookiemonster kernel: protections[]: 0 468 724 Mar 7 19:20:41 cookiemonster kernel: HighMem free:51712kB min:512kB low:1024kB high:1536kB active:1257740kB inactive:901160kB present:222790 4kB Mar 7 19:20:41 cookiemonster kernel: protections[]: 0 0 256 Mar 7 19:20:41 cookiemonster kernel: DMA: 0*4kB 126*8kB 46*16kB 5*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB =3D 1904kB Mar 7 19:20:41 cookiemonster kernel: Normal: 138*4kB 13*8kB 1*16kB 47*32kB 5*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB =3D 2496k B Mar 7 19:20:41 cookiemonster kernel: HighMem: 246*4kB 891*8kB 293*16kB 180*32kB 46*64kB 24*128kB 2*256kB 0*512kB 8*1024kB 3*2048kB 3*4096kB =3D 51712kB Mar 7 19:20:41 cookiemonster kernel: Swap cache: add 637, delete 530, find 111/130, race 0+0 Mar 7 19:20:41 cookiemonster kernel: Out of Memory: Killed process 29237 (mysqld). Mar 7 19:21:01 cookiemonster mysqld_safe[29297]: Number of processes running now: 0 : Mar 7 19:21:07 cookiemonster mysqld_safe[29299]: restarted Mar 7 19:21:08 cookiemonster kernel: oom-killer: gfp_mask=3D0xd0 Mar 7 19:21:08 cookiemonster kernel: DMA per-cpu: Mar 7 19:21:08 cookiemonster kernel: cpu 0 hot: low 2, high 6, batch 1 Mar 7 19:21:08 cookiemonster kernel: cpu 0 cold: low 0, high 2, batch 1 Mar 7 19:21:08 cookiemonster kernel: Normal per-cpu: Mar 7 19:21:08 cookiemonster kernel: cpu 0 hot: low 32, high 96, batch 16 Mar 7 19:21:08 cookiemonster kernel: cpu 0 cold: low 0, high 32, batch 16 Mar 7 19:21:08 cookiemonster kernel: HighMem per-cpu: Mar 7 19:21:08 cookiemonster kernel: cpu 0 hot: low 32, high 96, batch 16 Mar 7 19:21:08 cookiemonster kernel: cpu 0 cold: low 0, high 32, batch 16 Mar 7 19:21:08 cookiemonster kernel: Mar 7 19:21:08 cookiemonster kernel: Free pages: 71888kB (68160kB HighMem) Mar 7 19:21:08 cookiemonster kernel: Active:312689 inactive:415107 dirty:704 writeback:189093 unstable:0 free:17972 slab:24235 mapped:55481 pagetables:307 Mar 7 19:21:08 cookiemonster kernel: DMA free:1904kB min:16kB low:32kB high:48kB active:0kB inactive:7840kB present:16384kB Mar 7 19:21:08 cookiemonster kernel: protections[]: 8 476 732 Mar 7 19:21:09 cookiemonster kernel: Normal free:1824kB min:936kB low:1872kB high:2808kB active:180kB inactive:760516kB present:901120kB Mar 7 19:21:09 cookiemonster kernel: protections[]: 0 468 724 Mar 7 19:21:09 cookiemonster kernel: HighMem free:68160kB min:512kB low:1024kB high:1536kB active:1250576kB inactive:892072kB present:222790 4kB Mar 7 19:21:09 cookiemonster kernel: protections[]: 0 0 256 Mar 7 19:21:09 cookiemonster kernel: DMA: 0*4kB 126*8kB 46*16kB 5*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB =3D 1904kB Mar 7 19:21:09 cookiemonster kernel: Normal: 0*4kB 0*8kB 2*16kB 46*32kB 5*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB =3D 1824kB Mar 7 19:21:09 cookiemonster kernel: HighMem: 0*4kB 656*8kB 622*16kB 213*32kB 111*64kB 41*128kB 14*256kB 7*512kB 8*1024kB 3*2048kB 3*4096kB =3D 68160kB Mar 7 19:21:09 cookiemonster kernel: Swap cache: add 637, delete 530, find 111/130, race 0+0 Mar 7 19:21:09 cookiemonster kernel: Out of Memory: Killed process 26106 (apache2). Mar 7 19:22:49 cookiemonster mysqld[29302]: 060307 19:22:49 InnoDB: Database was not shut down normally! Mar 7 19:22:49 cookiemonster mysqld[29302]: InnoDB: Starting crash recovery. Mar 7 19:22:49 cookiemonster mysqld[29302]: InnoDB: Reading tablespace information from the .ibd files... Mar 7 19:23:14 cookiemonster mysqld[29302]: InnoDB: Restoring possible half-written data pages from the doublewrite Mar 7 19:23:14 cookiemonster mysqld[29302]: InnoDB: buffer... Mar 7 19:23:30 cookiemonster mysqld[29302]: 060307 19:23:30 InnoDB: Starting log scan based on checkpoint at Mar 7 19:23:30 cookiemonster mysqld[29302]: InnoDB: log sequence number 0 45164. Mar 7 19:23:31 cookiemonster mysqld[29302]: InnoDB: Doing recovery: scanned up to log sequence number 0 45164 Mar 7 19:23:44 cookiemonster mysqld[29302]: InnoDB: Last MySQL binlog file position 0 79, file name /var/log/mysql/mysql-bin.000037 Mar 7 19:23:44 cookiemonster mysqld[29302]: 060307 19:23:44 InnoDB: Flushing modified pages from the buffer pool... Mar 7 19:23:45 cookiemonster mysqld[29302]: 060307 19:23:45 InnoDB: Started; log sequence number 0 45164 Mar 7 19:23:49 cookiemonster mysqld[29302]: /usr/sbin/mysqld: ready for connections. Mar 7 19:23:49 cookiemonster mysqld[29302]: Version: '4.1.11-Debian_4sarge2-log' socket: '/var/run/mysqld/mysqld.sock' port: 3306 Source distribution : And also Mar 7 21:09:53 cookiemonster kernel: kswapd0: page allocation failure. order:0, mode:0x50 Mar 7 21:09:54 cookiemonster kernel: [__alloc_pages+760/880] __alloc_pages+0x2f8/0x370 Mar 7 21:09:54 cookiemonster kernel: [find_or_create_page+184/208] find_or_create_page+0xb8/0xd0 Mar 7 21:09:54 cookiemonster kernel: [grow_dev_page+57/352] grow_dev_page+0x39/0x160 Mar 7 21:09:54 cookiemonster kernel: [__getblk_slow+205/368] __getblk_slow+0xcd/0x170 Mar 7 21:09:54 cookiemonster kernel: [__getblk+99/112] __getblk+0x63/0x70 Mar 7 21:09:54 cookiemonster kernel: [__bread+39/80] __bread+0x27/0x50 Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+45719/5541136] read_block_bitmap+0x56/0xa0 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+48923/5541136] ext3_new_block+0x14a/0x570 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__wait_on_buffer+147/176] __wait_on_buffer+0x93/0xb0 Mar 7 21:09:54 cookiemonster kernel: [submit_bh+97/336] submit_bh+0x61/0x150 Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+59988/5541136] ext3_alloc_block+0x33/0x40 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+60939/5541136] ext3_alloc_branch+0x4a/0x2b0 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+62465/5541136] ext3_get_block_handle+0x190/0x380 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__crc_xfrm_state_alloc+4173565/4557196] ide_dma_intr+0x0/0xb0 [ide_core] Mar 7 21:09:54 cookiemonster kernel: [__crc_xfrm_state_alloc+4174925/4557196] dma_timer_expiry+0x0/0x80 [ide_core] Mar 7 21:09:54 cookiemonster kernel: [__crc_xfrm_state_alloc+4377542/4557196] journal_alloc_journal_head+0x19/0x90 [jbd] Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+63062/5541136] ext3_get_block+0x65/0xc0 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__block_write_full_page+583/880] __block_write_full_page+0x247/0x370 Mar 7 21:09:54 cookiemonster kernel: [block_write_full_page+240/256] block_write_full_page+0xf0/0x100 Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+62961/5541136] ext3_get_block+0x0/0xc0 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+66220/5541136] ext3_ordered_writepage+0xcb/0x1c0 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+62961/5541136] ext3_get_block+0x0/0xc0 [ext3] Mar 7 21:09:54 cookiemonster kernel: [__crc_pm_idle+65953/5541136] bget_one+0x0/0x10 [ext3] Mar 7 21:09:54 cookiemonster kernel: [pageout+193/272] pageout+0xc1/0x110 Mar 7 21:09:54 cookiemonster kernel: [shrink_list+587/1248] shrink_list+0x24b/0x4e0 Mar 7 21:09:54 cookiemonster kernel: [__pagevec_release+40/64] __pagevec_release+0x28/0x40 Mar 7 21:09:54 cookiemonster kernel: [__pagevec_release+40/64] __pagevec_release+0x28/0x40 Mar 7 21:09:54 cookiemonster kernel: [shrink_cache+332/832] shrink_cache+0x14c/0x340 Mar 7 21:09:54 cookiemonster kernel: [shrink_slab+136/400] shrink_slab+0x88/0x190 Mar 7 21:09:54 cookiemonster kernel: [shrink_zone+170/224] shrink_zone+0xaa/0xe0 Mar 7 21:09:54 cookiemonster kernel: [balance_pgdat+573/688] balance_pgdat+0x23d/0x2b0 Mar 7 21:09:54 cookiemonster kernel: [kswapd+210/240] kswapd+0xd2/0xf0 Mar 7 21:09:54 cookiemonster kernel: [autoremove_wake_function+0/96] autoremove_wake_function+0x0/0x60 Mar 7 21:09:54 cookiemonster kernel: [ret_from_fork+6/20] ret_from_fork+0x6/0x14 Mar 7 21:09:54 cookiemonster kernel: [autoremove_wake_function+0/96] autoremove_wake_function+0x0/0x60 Mar 7 21:09:54 cookiemonster kernel: [kswapd+0/240] kswapd+0x0/0xf0 Mar 7 21:09:54 cookiemonster kernel: [kernel_thread_helper+5/24] kernel_thread_helper+0x5/0x18 Mar 7 21:10:03 cookiemonster /USR/SBIN/CRON[5308]: (www-data) CMD (/usr/share/cacti/site/poller.php >/dev/null 2>&1) Mar 7 21:10:09 cookiemonster kernel: oom-killer: gfp_mask=3D0xd0 Mar 7 21:10:09 cookiemonster kernel: DMA per-cpu: Mar 7 21:10:09 cookiemonster kernel: cpu 0 hot: low 2, high 6, batch 1 Mar 7 21:10:09 cookiemonster kernel: cpu 0 cold: low 0, high 2, batch 1 Mar 7 21:10:10 cookiemonster kernel: Normal per-cpu: Mar 7 21:10:10 cookiemonster kernel: cpu 0 hot: low 32, high 96, batch 16 Mar 7 21:10:10 cookiemonster kernel: cpu 0 cold: low 0, high 32, batch 16 Mar 7 21:10:10 cookiemonster kernel: HighMem per-cpu: Mar 7 21:10:10 cookiemonster kernel: cpu 0 hot: low 32, high 96, batch 16 Mar 7 21:10:10 cookiemonster kernel: cpu 0 cold: low 0, high 32, batch 16 Mar 7 21:10:10 cookiemonster kernel: Mar 7 21:10:10 cookiemonster kernel: Free pages: 21600kB (17984kB HighMem) Mar 7 21:10:10 cookiemonster kernel: Active:454672 inactive:289435 dirty:0 writeback:181702 unstable:0 free:5400 slab:13650 mapped:400511 pa getables:722 Mar 7 21:10:10 cookiemonster kernel: DMA free:0kB min:16kB low:32kB high:48kB active:0kB inactive:10932kB present:16384kB Mar 7 21:10:10 cookiemonster kernel: protections[]: 8 476 732 Mar 7 21:10:10 cookiemonster kernel: Normal free:3616kB min:936kB low:1872kB high:2808kB active:116kB inactive:784932kB present:901120kB Mar 7 21:10:10 cookiemonster kernel: protections[]: 0 468 724 Mar 7 21:10:10 cookiemonster kernel: HighMem free:17984kB min:512kB low:1024kB high:1536kB active:1818572kB inactive:361876kB present:222790 4kB Mar 7 21:10:10 cookiemonster kernel: protections[]: 0 0 256 Mar 7 21:10:10 cookiemonster kernel: DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB =3D 0kB Mar 7 21:10:10 cookiemonster kernel: Normal: 12*4kB 8*8kB 5*16kB 7*32kB 6*64kB 6*128kB 8*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB =3D 3616kB Mar 7 21:10:10 cookiemonster kernel: HighMem: 0*4kB 10*8kB 179*16kB 90*32kB 100*64kB 19*128kB 7*256kB 1*512kB 1*1024kB 0*2048kB 0*4096kB =3D = 1 7984kB Mar 7 21:10:10 cookiemonster kernel: Swap cache: add 2543, delete 2459, find 41/52, race 0+0 Mar 7 21:10:10 cookiemonster kernel: Out of Memory: Killed process 4273 (mysqld). Mar 7 21:10:16 cookiemonster mysqld_safe[5316]: Number of processes running now: 0 Mar 7 21:10:16 cookiemonster mysqld_safe[5318]: restarted Mar 7 21:10:16 cookiemonster kernel: oom-killer: gfp_mask=3D0xd0 Mar 7 21:10:16 cookiemonster kernel: DMA per-cpu: Mar 7 21:10:16 cookiemonster kernel: cpu 0 hot: low 2, high 6, batch 1 Mar 7 21:10:16 cookiemonster kernel: cpu 0 cold: low 0, high 2, batch 1 Mar 7 21:10:16 cookiemonster kernel: Normal per-cpu: Mar 7 21:10:16 cookiemonster kernel: cpu 0 hot: low 32, high 96, batch 16 Mar 7 21:10:16 cookiemonster kernel: cpu 0 cold: low 0, high 32, batch 16 Mar 7 21:10:16 cookiemonster kernel: HighMem per-cpu: Mar 7 21:10:16 cookiemonster kernel: cpu 0 hot: low 32, high 96, batch 16 Mar 7 21:10:16 cookiemonster kernel: cpu 0 cold: low 0, high 32, batch 16 Mar 7 21:10:16 cookiemonster kernel: Mar 7 21:10:16 cookiemonster kernel: Free pages: 40896kB (37888kB HighMem) Mar 7 21:10:16 cookiemonster kernel: Active:451600 inactive:287628 dirty:0 writeback:181918 unstable:0 free:10224 slab:13641 mapped:396833 p agetables:705 Mar 7 21:10:16 cookiemonster kernel: DMA free:0kB min:16kB low:32kB high:48kB active:0kB inactive:10996kB present:16384kB - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Mar 08 23:56:44 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH7aB-0003pf-0b; Wed, 08 Mar 2006 23:56:39 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 08 Mar 2006 23:55:54 +0100 (CET) Received: from moutng.kundenserver.de ([212.227.126.183]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH7YY-0003kT-I4 for linux-crypto@nl.linux.org; Wed, 08 Mar 2006 23:54:58 +0100 Received: from [89.57.63.229] (helo=sheep.housecafe.de) by mrelayeu.kundenserver.de (node=mrelayeu9) with ESMTP (Nemesis), id 0ML2xA-1FH7YP30SE-0003E0; Wed, 08 Mar 2006 23:54:50 +0100 Received: from localhost ([127.0.0.1] helo=89.57.63.229) by sheep.housecafe.de with esmtp (Exim 4.60) (envelope-from ) id 1FH7YN-0002sV-Ka; Wed, 08 Mar 2006 23:54:47 +0100 Received: from 192.18.1.9 (SquirrelMail authenticated user evil) by 89.57.63.229 with HTTP; Wed, 8 Mar 2006 23:54:47 +0100 (CET) Message-ID: <55100.192.18.1.9.1141858487.squirrel@89.57.63.229> In-Reply-To: <9CB5A76200029E439A44D2E52901D6A47A4D@waldorf.Muppnet.local> References: <9CB5A76200029E439A44D2E52901D6A47A4D@waldorf.Muppnet.local> Date: Wed, 8 Mar 2006 23:54:47 +0100 (CET) Subject: Re: WIerdness when creating Loop-aes file? From: "Christian" To: "Jan Johansson" Cc: linux-crypto@nl.linux.org User-Agent: SquirrelMail/1.5.2 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-Provags-ID: kundenserver.de abuse@kundenserver.de login:f96d4aaab3db5f10cc75fadfe8b23b1e Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,RCVD_BY_IP autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: evil@g-house.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Wed, March 8, 2006 21:00, Jan Johansson wrote: > Mar 7 19:20:41 cookiemonster kernel: Swap cache: add 637, delete 530, > find 111/130, race 0+0 Mar 7 19:20:41 cookiemonster kernel: Out of > Memory: Killed process 29237 (mysqld). > Mar 7 19:21:09 cookiemonster kernel: Swap cache: add 637, delete 530, > find 111/130, race 0+0 Mar 7 19:21:09 cookiemonster kernel: Out of > Memory: Killed process 26106 (apache2). hm, /me fails to see the relation to loop-aes here. sure, loading another module alters the kernel in some way, and accessing a loop-device could have an impact on the VM - but this just looks like an "ordinary" OOM error. at what stage did the error occur? > Running Debian 3.1 > cookiemonster:~/VMware# uname -a > Linux cookiemonster 2.6.8-2-686 #1 Tue Aug 16 13:22:48 UTC 2005 i686 hm, have you 1) tried a recent (vanilla) kernel? 2) searched debian/bugs for any OOM issues? is this reproducible in any way? if yes, did the recent kernel help? if not, you've got reason to Cc: LKML :) cheers, Christian. -- make bzImage, not war - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Mar 09 01:48:20 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FH9KC-0003Wp-0E; Thu, 09 Mar 2006 01:48:16 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 09 Mar 2006 01:47:30 +0100 (CET) Received: from qs-smtp02-01.mesa1.secureserver.net ([64.202.167.85] helo=qs-smtp02-01.prod.mesa1.secureserver.net) by humbolt.nl.linux.org with smtp (Exim 4.22) id 1FH9If-0003Ha-F7 for linux-crypto@nl.linux.org; Thu, 09 Mar 2006 01:46:41 +0100 Received: (qmail 5924 invoked from network); 9 Mar 2006 00:38:04 -0000 Received: from unknown (HELO ecmweb01.dc1.corp.gd) ([64.202.163.46]) (envelope-sender ) by qs-smtp02-01.prod.mesa1.secureserver.net (qmail-ldap-1.03) with SMTP for ; 9 Mar 2006 00:38:04 -0000 Received: from ecmweb01 ([127.0.0.1]) by ecmweb01.dc1.corp.gd with Microsoft SMTPSVC(6.0.3790.211); Wed, 8 Mar 2006 17:38:04 -0700 From: "Creative Real Estate Lifestyles Magazine" To: linux-crypto@nl.linux.org Subject: Please re-confirm your active subscription to our mailing list. Date: Wed, 08 Mar 2006 17:38:04 -0700 X-Mailer: StarfieldSmtp v0.1 x-customerid: 14885 x-subscriberid: 34799873 MIME-Version: 1.0 Content-type: multipart/mixed; boundary="#MULTIPART-BOUNDARY#" Message-ID: X-OriginalArrivalTime: 09 Mar 2006 00:38:04.0462 (UTC) FILETIME=[BA3BBCE0:01C64311] Received-SPF: X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_50,HTML_MESSAGE autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: graphics@crelmagazine.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto --#MULTIPART-BOUNDARY# Content-Type: multipart/alternative; boundary="#BOUNDARY#" --#BOUNDARY# Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subscription Confirmation A mailing list exclusively for an Interest Group to which you currently belong was created and your e-mail address has been identified as an active subscriber. This mailing list enables you to receive important e-mail messages, announcements, and other information. In order that we may maintain a 100% permission-based mailing list for this Interest Group, please verify that you would like to continue your subscription. Do not reply to this e-mail. Instead, follow the hyperlink to confirm your subscription ( http://app.quicksizzle.com/confirm.aspx?id=14885&sid=34799873&guid=6c536985-51fc-4986-b124-4121ed01f38c ) to this mailing list. If you do not want to continue your subscription, simply ignore this message and the program will automatically remove linux-crypto@nl.linux.org from the mailing list. You can cancel your subscription or change subscription preferences at any time by clicking the Unsubscribe link at the bottom of any future e-mail message that you may receive through this mailing list. Thank you for confirming your subscription. Sincerely, Creative Real Estate Lifestyles Magazine Copyright (C) 2004-2006. All rights reserved. --#BOUNDARY# Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 7bit Subscription Confirmation
A mailing list exclusively for an Interest Group to which you currently belong was created and your e-mail address has been identified as an active subscriber. This mailing list enables you to receive important e-mail messages, announcements, and other information.

In order that we may maintain a 100% permission-based mailing list for this Interest Group, please verify that you would like to continue your subscription.

Do not reply to this e-mail. Instead, follow the hyperlink to confirm your subscription to this mailing list. If you do not want to continue your subscription, simply ignore this message and the program will automatically remove linux-crypto@nl.linux.org from the mailing list.

You can cancel your subscription or change subscription preferences at any time by clicking the Unsubscribe link at the bottom of any future e-mail message that you may receive through this mailing list. Thank you for confirming your subscription.

Sincerely,
Creative Real Estate Lifestyles Magazine

Copyright © 2004-2006. All rights reserved.
--#BOUNDARY#-- --#MULTIPART-BOUNDARY#-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Mar 09 06:51:36 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHE3i-00063R-2W; Thu, 09 Mar 2006 06:51:34 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 09 Mar 2006 06:51:09 +0100 (CET) Received: from scanmupp.adm.gu.se ([130.241.25.165] helo=statler.mupp.net ident=Debian-exim) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHE36-000624-Eo for linux-crypto@nl.linux.org; Thu, 09 Mar 2006 06:50:56 +0100 Received: from cookiemonster.mupp.net ([10.4.0.2] ident=Debian-exim) by statler.mupp.net with esmtp (Exim 4.52) id 1FHE35-00085f-1B; Thu, 09 Mar 2006 06:50:55 +0100 Received: from waldorf.muppnet.local ([192.168.0.201]) by cookiemonster.mupp.net with esmtp (Exim 4.60) (envelope-from ) id 1FHE2l-0005Ze-HC; Thu, 09 Mar 2006 06:50:35 +0100 Content-class: urn:content-classes:message Subject: RE: WIerdness when creating Loop-aes file? MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable Date: Thu, 9 Mar 2006 06:50:36 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Message-ID: <9CB5A76200029E439A44D2E52901D6A47A4E@waldorf.Muppnet.local> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: WIerdness when creating Loop-aes file? Thread-Index: AcZDBAyKBeEO729wQumvR5nGnERlCgAOPl1g From: "Jan Johansson" To: "Christian" Cc: Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: j2@mupp.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto >hm, /me fails to see the relation to loop-aes here.=20 If I 'dd' to a file that is NOT set up with losetup I do not get the error. >at what stage did the error occur? dd if=3D/dev/zero of=3D/dev/loop1 bs=3D4k conv=3Dnotrunc 2>/dev/null >is this reproducible in any way? Every time I try the above. But if I do _not_ perform the below command, it does not happen. head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 | losetup -p 0 -e AES256 /dev/loop3 /dev/md4 If this means the problem is still unrelated to loop-aes, ill take my inquiries elsewhere :) - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Mar 09 10:10:52 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHHAW-0005mH-9a; Thu, 09 Mar 2006 10:10:48 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 09 Mar 2006 10:10:14 +0100 (CET) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHH9h-0005jq-Ug for linux-crypto@nl.linux.org; Thu, 09 Mar 2006 10:09:57 +0100 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id 7096B36390D; Thu, 9 Mar 2006 11:09:52 +0200 (EET) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18758-08; Thu, 9 Mar 2006 11:09:51 +0200 (EET) Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 0D866335FF1; Thu, 9 Mar 2006 11:09:51 +0200 (EET) Message-ID: <440FF0DE.9018D42B@users.sourceforge.net> Date: Thu, 09 Mar 2006 11:09:50 +0200 From: Jari Ruusu To: Jan Johansson Cc: Christian , linux-crypto@nl.linux.org Subject: Re: WIerdness when creating Loop-aes file? References: <9CB5A76200029E439A44D2E52901D6A47A4E@waldorf.Muppnet.local> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at mail.tnnet.fi Received-SPF: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Jan Johansson wrote: > dd if=/dev/zero of=/dev/loop1 bs=4k conv=notrunc 2>/dev/null > > >is this reproducible in any way? > > Every time I try the above. But if I do _not_ perform the below command, > it does not happen. > head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 | > losetup -p 0 -e AES256 /dev/loop3 /dev/md4 Please post exact sequence of commands that you used. Also include info about what devices your MD device consist of. Device sizes also. What you said was inconsistent. loop3/md4 vs. loop1/md2 -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Mar 09 20:52:42 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHRBc-0001CH-UH; Thu, 09 Mar 2006 20:52:36 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 09 Mar 2006 20:51:38 +0100 (CET) Received: from scanmupp.adm.gu.se ([130.241.25.165] helo=statler.mupp.net ident=Debian-exim) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHR9z-00016C-Tt for linux-crypto@nl.linux.org; Thu, 09 Mar 2006 20:50:55 +0100 Received: from cookiemonster.mupp.net ([10.4.0.2] ident=Debian-exim) by statler.mupp.net with esmtp (Exim 4.52) id 1FHR9k-0000g6-Ri; Thu, 09 Mar 2006 20:50:41 +0100 Received: from waldorf.muppnet.local ([192.168.0.201]) by cookiemonster.mupp.net with esmtp (Exim 4.60) (envelope-from ) id 1FHR9W-0001I6-JD; Thu, 09 Mar 2006 20:50:26 +0100 Subject: RE: WIerdness when creating Loop-aes file? Date: Thu, 9 Mar 2006 20:50:25 +0100 Message-ID: <9CB5A76200029E439A44D2E52901D6A47A51@waldorf.Muppnet.local> X-MS-Has-Attach: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable X-MS-TNEF-Correlator: Thread-Topic: WIerdness when creating Loop-aes file? Thread-Index: AcZDWYpoupHDgacUR7+Xw3p72Oqz7AAUAnUw Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft Exchange V6.5 From: "Jan Johansson" To: Cc: "Jari Ruusu" Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: j2@mupp.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto >What you said was inconsistent. loop3/md4 vs. loop1/md2 I will do that. Just as a "sort out" 3/4 were the examples on the page. 1/2 was what I actually used.=20 I start by rebooting my system to be sure. cookiemonster:~/VMware# reboot [removed useless info about system shutting down] We log in, and I recreated the array (after zeroing superblocks) mdadm --create /dev/md2 --chunk=3D64 --level=3Draid1 --raid-devices=3D2 /dev/hde1 /dev/hdf1 cookiemonster:~# mdadm --detail /dev/md2 /dev/md2: Version : 00.90.01 Creation Time : Thu Mar 9 20:25:02 2006 Raid Level : raid1 Array Size : 80418112 (76.69 GiB 82.35 GB) Device Size : 80418112 (76.69 GiB 82.35 GB) Raid Devices : 2 Total Devices : 2 Preferred Minor : 2 Persistence : Superblock is persistent Update Time : Thu Mar 9 20:25:02 2006 State : clean, resyncing Active Devices : 2 Working Devices : 2 Failed Devices : 0 Spare Devices : 0 Rebuild Status : 2% complete UUID : 5e24575f:df3b5a81:f2a68636:ff7f6e2b Events : 0.415 Number Major Minor RaidDevice State 0 33 1 0 active sync /dev/.static/dev/hde1 1 33 65 1 active sync /dev/.static/dev/hdf1 cookiemonster:~# We have plenty of memory cookiemonster:~# free total used free shared buffers cached Mem: 3116936 170160 2946776 0 6296 73592 -/+ buffers/cache: 90272 3026664 Swap: 1951888 0 1951888 cookiemonster:~# cookiemonster:~# modprobe loop cookiemonster:~# head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 | losetup -p 0 -e AES256 /dev/loop1 /dev/md2 So far, all is well, log shows: Mar 9 20:29:24 cookiemonster kernel: loop: loaded (max 8 devices) Mar 9 20:29:24 cookiemonster udev[4958]: creating device node '/dev/loop0' Mar 9 20:29:24 cookiemonster udev[4965]: creating device node '/dev/loop1' Mar 9 20:29:24 cookiemonster udev[4972]: creating device node '/dev/loop2' Mar 9 20:29:24 cookiemonster udev[5007]: creating device node '/dev/loop3' Mar 9 20:29:24 cookiemonster udev[5008]: creating device node '/dev/loop4' Mar 9 20:29:24 cookiemonster udev[5009]: creating device node '/dev/loop5' Mar 9 20:29:24 cookiemonster udev[5010]: creating device node '/dev/loop6' Mar 9 20:29:24 cookiemonster udev[5011]: creating device node '/dev/loop7' cookiemonster:~# dd if=3D/dev/zero of=3D/dev/loop3 bs=3D4k = conv=3Dnotrunc 2>/dev/null cookiemonster:~# losetup -d /dev/loop1 cookiemonster:~# losetup -F /dev/loop1 Password: cookiemonster:~# mkfs.ext3 /dev/loop1 And THEN I get the below (but mind you, the FS create continues, until "Writing inode tables: Done" and then the terminal freezes. But processes starts to dies with OOM ( still have plenty RAM left). cookiemonster:~# free total used free shared buffers cached Mem: 3116936 983468 2133468 0 819064 45896 -/+ buffers/cache: 118508 2998428 Swap: 1951888 0 1951888 cookiemonster:~# Mar 9 20:32:46 cookiemonster kernel: Out of Memory: Killed process 4256 (mysqld). Mar 9 20:32:46 cookiemonster mysqld_safe[5080]: Number of processes running now: 0 Mar 9 20:32:46 cookiemonster mysqld_safe[5082]: restarted Mar 9 20:32:48 cookiemonster mysqld[5085]: 060309 20:32:48 InnoDB: Database was not shut down normally! Mar 9 20:32:48 cookiemonster mysqld[5085]: InnoDB: Starting crash recovery. Mar 9 20:32:48 cookiemonster mysqld[5085]: InnoDB: Reading tablespace information from the .ibd files... Mar 9 20:32:48 cookiemonster mysqld[5085]: InnoDB: Restoring possible half-written data pages from the doublewrite Mar 9 20:32:48 cookiemonster mysqld[5085]: InnoDB: buffer... Mar 9 20:32:49 cookiemonster mysqld[5085]: 060309 20:32:49 InnoDB: Starting log scan based on checkpoint at Mar 9 20:32:49 cookiemonster mysqld[5085]: InnoDB: log sequence number 0 45824. Mar 9 20:32:49 cookiemonster mysqld[5085]: InnoDB: Doing recovery: scanned up to log sequence number 0 45824 Mar 9 20:32:49 cookiemonster mysqld[5085]: InnoDB: Last MySQL binlog file position 0 79, file name /var/log/mysql/mysql-bin.000051 Mar 9 20:32:49 cookiemonster mysqld[5085]: 060309 20:32:49 InnoDB: Flushing modified pages from the buffer pool... Mar 9 20:32:50 cookiemonster mysqld[5085]: 060309 20:32:50 InnoDB: Started; log sequence number 0 45824 Mar 9 20:32:51 cookiemonster mysqld[5085]: /usr/sbin/mysqld: ready for connections. Mar 9 20:32:51 cookiemonster mysqld[5085]: Version: '4.1.11-Debian_4sarge2-log' socket: '/var/run/mysqld/mysqld.sock' port: 3306 Source distribution =3D=3D> /var/log/messages <=3D=3D Mar 9 20:31:58 cookiemonster kernel: swapper: page allocation failure. order:0, mode:0x20 Mar 9 20:31:59 cookiemonster kernel: [__alloc_pages+760/880] __alloc_pages+0x2f8/0x370 Mar 9 20:31:59 cookiemonster kernel: [__get_free_pages+37/64] __get_free_pages+0x25/0x40 Mar 9 20:31:59 cookiemonster kernel: [kmem_getpages+34/192] kmem_getpages+0x22/0xc0 Mar 9 20:31:59 cookiemonster kernel: [cache_grow+186/384] cache_grow+0xba/0x180 Mar 9 20:31:59 cookiemonster kernel: [cache_alloc_refill+362/544] cache_alloc_refill+0x16a/0x220 Mar 9 20:31:59 cookiemonster kernel: [__crc_xfrm_state_alloc+4160046/4557196] do_rw_taskfile+0x1c1/0x290 [ide_core] Mar 9 20:31:59 cookiemonster kernel: [kmem_cache_alloc+62/64] kmem_cache_alloc+0x3e/0x40 Mar 9 20:31:59 cookiemonster kernel: [send_signal+174/368] send_signal+0xae/0x170 Mar 9 20:31:59 cookiemonster kernel: [__group_send_sig_info+142/224] __group_send_sig_info+0x8e/0xe0 Mar 9 20:31:59 cookiemonster kernel: [group_send_sig_info+138/176] group_send_sig_info+0x8a/0xb0 Mar 9 20:31:59 cookiemonster kernel: [it_real_fn+0/96] it_real_fn+0x0/0x60 Mar 9 20:31:59 cookiemonster kernel: [send_group_sig_info+49/96] send_group_sig_info+0x31/0x60 Mar 9 20:31:59 cookiemonster kernel: [it_real_fn+36/96] it_real_fn+0x24/0x60 Mar 9 20:31:59 cookiemonster kernel: [run_timer_softirq+203/448] run_timer_softirq+0xcb/0x1c0 Mar 9 20:31:59 cookiemonster kernel: [do_timer+224/240] do_timer+0xe0/0xf0 Mar 9 20:31:59 cookiemonster kernel: [__do_softirq+123/128] __do_softirq+0x7b/0x80 Mar 9 20:31:59 cookiemonster kernel: [do_softirq+39/48] do_softirq+0x27/0x30 Mar 9 20:31:59 cookiemonster kernel: [do_IRQ+251/304] do_IRQ+0xfb/0x130 Mar 9 20:31:59 cookiemonster kernel: [common_interrupt+24/32] common_interrupt+0x18/0x20 Mar 9 20:31:59 cookiemonster kernel: [pvc_info+123/256] pvc_info+0x7b/0x100 Mar 9 20:31:59 cookiemonster kernel: [default_idle+35/64] default_idle+0x23/0x40 Mar 9 20:31:59 cookiemonster kernel: [cpu_idle+52/64] cpu_idle+0x34/0x40 Mar 9 20:31:59 cookiemonster kernel: [start_kernel+424/496] start_kernel+0x1a8/0x1f0 Mar 9 20:31:59 cookiemonster kernel: [unknown_bootoption+0/352] unknown_bootoption+0x0/0x160 =3D=3D> /var/log/syslog <=3D=3D Mar 9 20:31:58 cookiemonster kernel: swapper: page allocation failure. order:0, mode:0x20 Mar 9 20:31:59 cookiemonster kernel: [__alloc_pages+760/880] __alloc_pages+0x2f8/0x370 Mar 9 20:31:59 cookiemonster kernel: [__get_free_pages+37/64] __get_free_pages+0x25/0x40 Mar 9 20:31:59 cookiemonster kernel: [kmem_getpages+34/192] kmem_getpages+0x22/0xc0 Mar 9 20:31:59 cookiemonster kernel: [cache_grow+186/384] cache_grow+0xba/0x180 Mar 9 20:31:59 cookiemonster kernel: [cache_alloc_refill+362/544] cache_alloc_refill+0x16a/0x220 Mar 9 20:31:59 cookiemonster kernel: [__crc_xfrm_state_alloc+4160046/4557196] do_rw_taskfile+0x1c1/0x290 [ide_core] Mar 9 20:31:59 cookiemonster kernel: [kmem_cache_alloc+62/64] kmem_cache_alloc+0x3e/0x40 Mar 9 20:31:59 cookiemonster kernel: [send_signal+174/368] send_signal+0xae/0x170 Mar 9 20:31:59 cookiemonster kernel: [__group_send_sig_info+142/224] __group_send_sig_info+0x8e/0xe0 Mar 9 20:31:59 cookiemonster kernel: [group_send_sig_info+138/176] group_send_sig_info+0x8a/0xb0 Mar 9 20:31:59 cookiemonster kernel: [it_real_fn+0/96] it_real_fn+0x0/0x60 Mar 9 20:31:59 cookiemonster kernel: [send_group_sig_info+49/96] send_group_sig_info+0x31/0x60 Mar 9 20:31:59 cookiemonster kernel: [it_real_fn+36/96] it_real_fn+0x24/0x60 Mar 9 20:31:59 cookiemonster kernel: [run_timer_softirq+203/448] run_timer_softirq+0xcb/0x1c0 Mar 9 20:31:59 cookiemonster kernel: [do_timer+224/240] do_timer+0xe0/0xf0 Mar 9 20:31:59 cookiemonster kernel: [__do_softirq+123/128] __do_softirq+0x7b/0x80 Mar 9 20:31:59 cookiemonster kernel: [do_softirq+39/48] do_softirq+0x27/0x30 Mar 9 20:31:59 cookiemonster kernel: [do_IRQ+251/304] do_IRQ+0xfb/0x130 Mar 9 20:31:59 cookiemonster kernel: [common_interrupt+24/32] common_interrupt+0x18/0x20 Mar 9 20:31:59 cookiemonster kernel: [pvc_info+123/256] pvc_info+0x7b/0x100 Mar 9 20:31:59 cookiemonster kernel: [default_idle+35/64] default_idle+0x23/0x40 Mar 9 20:31:59 cookiemonster kernel: [cpu_idle+52/64] cpu_idle+0x34/0x40 Mar 9 20:31:59 cookiemonster kernel: [start_kernel+424/496] start_kernel+0x1a8/0x1f0 Mar 9 20:31:59 cookiemonster kernel: [unknown_bootoption+0/352] unknown_bootoption+0x0/0x160 - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Mar 09 22:38:05 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHSpd-0006zD-Cf; Thu, 09 Mar 2006 22:38:01 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 09 Mar 2006 22:37:20 +0100 (CET) Received: from moutng.kundenserver.de ([212.227.126.171]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHSok-0006xo-Kh for linux-crypto@nl.linux.org; Thu, 09 Mar 2006 22:37:06 +0100 Received: from [89.57.14.185] (helo=sheep.housecafe.de) by mrelayeu.kundenserver.de (node=mrelayeu2) with ESMTP (Nemesis), id 0MKwtQ-1FHSoj2R5s-0007D4; Thu, 09 Mar 2006 22:37:05 +0100 Received: from localhost ([127.0.0.1] helo=housecafe.dyndns.org) by sheep.housecafe.de with esmtp (Exim 4.60) (envelope-from ) id 1FHSoi-0004Wr-87 for linux-crypto@nl.linux.org; Thu, 09 Mar 2006 22:37:04 +0100 Received: from 192.18.1.5 (SquirrelMail authenticated user evil) by housecafe.dyndns.org with HTTP; Thu, 9 Mar 2006 22:37:04 +0100 (CET) Message-ID: <42377.192.18.1.5.1141940224.squirrel@housecafe.dyndns.org> In-Reply-To: <9CB5A76200029E439A44D2E52901D6A47A51@waldorf.Muppnet.local> References: <9CB5A76200029E439A44D2E52901D6A47A51@waldorf.Muppnet.local> Date: Thu, 9 Mar 2006 22:37:04 +0100 (CET) Subject: RE: WIerdness when creating Loop-aes file? From: "Christian" To: linux-crypto@nl.linux.org User-Agent: SquirrelMail/1.5.2 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-Provags-ID: kundenserver.de abuse@kundenserver.de login:f96d4aaab3db5f10cc75fadfe8b23b1e Received-SPF: X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: evil@g-house.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Thu, March 9, 2006 20:50, Jan Johansson wrote: > And THEN I get the below (but mind you, the FS create continues, until so, you're saying that the OOM killer kicks in during mkfs.ext3? I suppose apache/mysql were already running. If so, did you monitor the processes as to how fast the RAM gets consumed? > "Writing inode tables: Done" and then the terminal freezes. But > processes starts to dies with OOM ( still have plenty RAM left). I read it, that if you try to restart the processes again, the OOM killer hits them again? I'm no kernel guru, but it really looks like a bug. No mkfs should trigger an OOM all of a sudden. So I'd go with a current kernel (and current loop-aes modules)...just to be sure... Christian. -- make bzImage, not war - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri Mar 10 07:07:12 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHamJ-0006EP-HC; Fri, 10 Mar 2006 07:07:07 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 10 Mar 2006 07:06:15 +0100 (CET) Received: from scanmupp.adm.gu.se ([130.241.25.165] helo=statler.mupp.net ident=Debian-exim) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHal1-0004FV-De for linux-crypto@nl.linux.org; Fri, 10 Mar 2006 07:05:47 +0100 Received: from cookiemonster.mupp.net ([10.4.0.2] ident=Debian-exim) by statler.mupp.net with esmtp (Exim 4.52) id 1FHakN-0001KA-Ey; Fri, 10 Mar 2006 07:05:07 +0100 Received: from waldorf.muppnet.local ([192.168.0.201]) by cookiemonster.mupp.net with esmtp (Exim 4.60) (envelope-from ) id 1FHak7-0002ZO-KY; Fri, 10 Mar 2006 07:04:51 +0100 Subject: RE: WIerdness when creating Loop-aes file? MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable Date: Fri, 10 Mar 2006 07:04:50 +0100 Content-class: urn:content-classes:message Message-ID: <9CB5A76200029E439A44D2E52901D6A47A53@waldorf.Muppnet.local> X-MimeOLE: Produced By Microsoft Exchange V6.5 X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: WIerdness when creating Loop-aes file? Thread-Index: AcZDweUvGSKPCD8+ThWX2NibY1/gPgARl32Q From: "Jan Johansson" To: "Christian" , Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: j2@mupp.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto >so, you're saying that the OOM killer kicks in during mkfs.ext3?=20 Yes. But come to think about it. It struck during 'dd' instead of 'mkfs' >I suppose >apache/mysql were already running. If so, did you monitor the processes as >to how fast the RAM gets consumed? That's the thing, I did "free" as fast as i could, I never had less then 900MB of physical RAM available. >I read it, that if you try to restart the processes again, the OOM killer >hits them again? I cant do anything with _that_ terminal. But, yes, if I try to restart anything from another terminal, I get OOM again. >I'm no kernel guru, but it really looks like a bug. No mkfs should trigger >an OOM all of a sudden. So I'd go with a current kernel (and current >loop-aes modules)...just to be sure... I know what I'll be doing during the weekend then :) - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri Mar 10 15:17:12 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHhkS-0004e3-IM; Fri, 10 Mar 2006 14:33:40 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 10 Mar 2006 14:32:51 +0100 (CET) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHhj4-0004bx-UL for linux-crypto@nl.linux.org; Fri, 10 Mar 2006 14:32:14 +0100 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id 50FDE372240; Fri, 10 Mar 2006 15:32:03 +0200 (EET) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 05620-07; Fri, 10 Mar 2006 15:32:02 +0200 (EET) Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 0AD30362119; Fri, 10 Mar 2006 15:32:02 +0200 (EET) Message-ID: <44117FD1.F539A23F@users.sourceforge.net> Date: Fri, 10 Mar 2006 15:32:01 +0200 From: Jari Ruusu To: Jan Johansson Cc: linux-crypto@nl.linux.org Subject: Re: WIerdness when creating Loop-aes file? References: <9CB5A76200029E439A44D2E52901D6A47A51@waldorf.Muppnet.local> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at mail.tnnet.fi Received-SPF: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Jan Johansson wrote: > cookiemonster:~# head -c 15 /dev/urandom | uuencode -m - | head -n 2 | > tail -n 1 | losetup -p 0 -e AES256 /dev/loop1 /dev/md2 You set up loop1 device. Ok so far. > cookiemonster:~# dd if=/dev/zero of=/dev/loop3 bs=4k conv=notrunc > 2>/dev/null But here you are writing to loop3 instead of loop1. What does loop3 contain, and what gets overwritten here? Maybe loop3 was uninitialized zero length device, so effectively nothing was written anywhere. > Mar 9 20:32:46 cookiemonster kernel: Out of Memory: Killed process 4256 > (mysqld). [snip] > Mar 9 20:31:58 cookiemonster kernel: swapper: page allocation failure. > order:0, mode:0x20 Kernel is running out of free RAM. Someone completely depleted kernel's free RAM pools. Even emergency pools are gone (mode:0x20 == __GFP_HIGH). Device backed loop-AES does not allocate any RAM at run time. All RAM that it needs is allocated at losetup/mount time. To me this looks like the kernel code that sends write requests to loop device depletes kernel RAM pool by agressively allocating RAM pages to hold the data to write. Loop driver will queue all writes thrown at it, so that significant portion of RAM pages are queued waiting to be written to underlying device. There is something strange going on in your kernel's RAM allocation code. Have you set any strange values to /proc/sys/vm/* files? Any values set in /etc/sysctl.conf file? -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri Mar 10 23:32:52 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHqA9-00066u-6F; Fri, 10 Mar 2006 23:32:45 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 10 Mar 2006 23:32:00 +0100 (CET) Received: from moutng.kundenserver.de ([212.227.126.188]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHq97-00065m-S2 for linux-crypto@nl.linux.org; Fri, 10 Mar 2006 23:31:41 +0100 Received: from [89.57.15.222] (helo=sheep.housecafe.de) by mrelayeu.kundenserver.de (node=mrelayeu7) with ESMTP (Nemesis), id 0ML2Dk-1FHq953MYa-00019g; Fri, 10 Mar 2006 23:31:39 +0100 Received: from localhost ([127.0.0.1] helo=housecafe.dyndns.org) by sheep.housecafe.de with esmtp (Exim 4.60) (envelope-from ) id 1FHq94-00039F-9N for linux-crypto@nl.linux.org; Fri, 10 Mar 2006 23:31:38 +0100 Received: from 192.18.240.11 (SquirrelMail authenticated user evil) by housecafe.dyndns.org with HTTP; Fri, 10 Mar 2006 23:31:38 +0100 (CET) Message-ID: <53016.192.18.240.11.1142029898.squirrel@housecafe.dyndns.org> In-Reply-To: <9CB5A76200029E439A44D2E52901D6A47A53@waldorf.Muppnet.local> References: <9CB5A76200029E439A44D2E52901D6A47A53@waldorf.Muppnet.local> Date: Fri, 10 Mar 2006 23:31:38 +0100 (CET) Subject: RE: WIerdness when creating Loop-aes file? From: "Christian" To: linux-crypto@nl.linux.org User-Agent: SquirrelMail/1.5.2 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-Provags-ID: kundenserver.de abuse@kundenserver.de login:f96d4aaab3db5f10cc75fadfe8b23b1e Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: evil@g-house.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Fri, March 10, 2006 07:04, Jan Johansson wrote: > I cant do anything with _that_ terminal. But, yes, if I try to restart > anything from another terminal, I get OOM again. crazy. >> an OOM all of a sudden. So I'd go with a current kernel (and current >> loop-aes modules)...just to be sure... > > I know what I'll be doing during the weekend then :) um, a "make bzImage" shouldn't take _that_ long :) but Jari had some good advice in his post, better fix these things first instead of blindly updating... Christian. -- make bzImage, not war - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Mar 11 00:53:48 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHrQX-0006L9-Ct; Sat, 11 Mar 2006 00:53:45 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 11 Mar 2006 00:53:22 +0100 (CET) Received: from scanmupp.adm.gu.se ([130.241.25.165] helo=statler.mupp.net ident=Debian-exim) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FHrPx-0006KE-CL for linux-crypto@nl.linux.org; Sat, 11 Mar 2006 00:53:09 +0100 Received: from cookiemonster.mupp.net ([10.4.0.2]) by statler.mupp.net with esmtp (Exim 4.52) id 1FHrPv-0002dF-Rf; Sat, 11 Mar 2006 00:53:07 +0100 Received: from waldorf.muppnet.local ([192.168.0.201]) by cookiemonster.mupp.net with esmtp (Exim 4.60) (envelope-from ) id 1FHrPv-0001t3-Vt; Sat, 11 Mar 2006 00:53:07 +0100 Subject: RE: WIerdness when creating Loop-aes file? Date: Sat, 11 Mar 2006 00:53:01 +0100 Message-ID: <9CB5A76200029E439A44D2E52901D6A47A5A@waldorf.Muppnet.local> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable X-MS-Has-Attach: X-MS-TNEF-Correlator: Content-class: urn:content-classes:message Thread-Topic: WIerdness when creating Loop-aes file? X-MimeOLE: Produced By Microsoft Exchange V6.5 Thread-Index: AcZElmp9/MOdIw7NRQufTJ/TChLCGAABxTTg From: "Jan Johansson" To: "Christian" , Received-SPF: X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: j2@mupp.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto >crazy. Well, upgrading to 2.6.15 helped. It seem to work now... Unfortunately, my MD-arrays somehow shifted in the upgrade (md2 swapped place with md1) so I accidentally clobbered about 200GB of stuff... "Luckilly" in this case "stuff" is equal to recordings from mythtv which cant really be considered vital... But still :) I still do not know what was up with the 2.6.8 stuff...=20 - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Mar 14 20:42:19 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJFPJ-0002mY-QT; Tue, 14 Mar 2006 20:42:13 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 14 Mar 2006 20:41:33 +0100 (CET) Received: from scooter.mupp.net ([213.212.33.23]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJFOF-0002gp-Dz for linux-crypto@nl.linux.org; Tue, 14 Mar 2006 20:41:07 +0100 Received: from cookiemonster ([10.4.1.2] helo=cookiemonster.mupp.net) by scooter.mupp.net with esmtp (Exim 4.41 and XAMS 0.0.15) id 1FJFNr-0001jY-3S for linux-crypto@nl.linux.org; Tue, 14 Mar 2006 20:40:43 +0100 Received: from waldorf.muppnet.local ([192.168.0.201]) by cookiemonster.mupp.net with esmtp (Exim 4.60) (envelope-from ) id 1FJFNg-0006fU-2R for linux-crypto@nl.linux.org; Tue, 14 Mar 2006 20:40:32 +0100 MIME-Version: 1.0 Subject: Encrypt swap? LOOP:_SET_STATUS failed. Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Tue, 14 Mar 2006 20:40:30 +0100 Content-Type: multipart/signed; micalg=SHA1; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_005A_01C647A7.88A47E70" Message-ID: <9CB5A76200029E439A44D2E52901D6A47A78@waldorf.Muppnet.local> X-MS-Has-Attach: yes X-MS-TNEF-Correlator: Thread-Topic: Encrypt swap? LOOP:_SET_STATUS failed. Thread-Index: AcZHnya+sOz0EwGORtOkhn9r0pRdbw== From: "Jan Johansson" To: X-mupp.net-MailScanner: Found to be clean X-MailScanner-From: j2@mupp.net Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: j2@mupp.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This is a multi-part message in MIME format. ------=_NextPart_000_005A_01C647A7.88A47E70 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Running on Debian testing, and trying to encrypt swap with the help of /usr/share/doc/loop-aes-2.6.15-1-686/README.gz But I get a error when I get to the swapon-all stage? cookiemonster:/var/log/samba# cat /etc/fstab | grep swap /dev/hda2 none swap sw,loop=/dev/loop2,encryption=ASE128 0 0 cookiemonster:/var/log/samba# mkswap /dev/hda2 Setting up swapspace version 1, size = 1998737 kB no label, UUID=3cd21164-207b-41d3-9cb5-65cd53a16ec8 cookiemonster:/var/log/samba# swapon -a swapon: LOOP_SET_STATUS failed cookiemonster:/var/log/samba# Any hints? ------=_NextPart_000_005A_01C647A7.88A47E70 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIIyTCCAlEw ggG6oAMCAQICAw+dbzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0EwHhcNMDUxMDA4MDQ1OTExWhcNMDYxMDA4MDQ1OTExWjBGMR8wHQYDVQQD ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSMwIQYJKoZIhvcNAQkBFhRzcGFtZmlsdGVyMkBtdXBw Lm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyC/N+HkGr800HbBU+5OaBX0oWi46u18K 3wrZ4FcqcQf09ylNOpyp2K+8+y8VSWDGeQC4N/oSjA7s4DBMT9qxgD0JY3UfNL9cL9PLm9dsQDHQ oZ1mjPXDJNZD6IMNg9KBWD7uCpZHCG/mdLUppDn+Kwhz3wt9KVbYKxaKiLkz40UCAwEAAaMxMC8w HwYDVR0RBBgwFoEUc3BhbWZpbHRlcjJAbXVwcC5uZXQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B AQQFAAOBgQAUnVI6pyIaHXyamn+NeNM1PHVRrinrckVjZThTGBZARVyx8K9CQ2pxinLACfiZBBOO 27E0KL7j0Psj+AmjQhYprIiuxW2rH4wDO5E9mBfFFo/RtWaWqqGuF1j61ZTiD45mt5Vz5L72WZwR cmeGpQxz6119EMDvA3EB+3Q44NSPkzCCAy0wggKWoAMCAQICAQAwDQYJKoZIhvcNAQEEBQAwgdEx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEa MBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqG SIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw05NjAxMDEwMDAwMDBaFw0y MDEyMzEyMzU5NTlaMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYD VQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0 aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJl ZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wgZ8w DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANRp19SwlGRbcelH2AxRtupykbCEXn0tDY97Et+FJXUo dDpCLGMnn5V7S+9+GYcdhuqj3bnOlmQawhRuRKx85o/oTQ9xH0A4pgCjh3j2+ZSGXq3qwF5269kU o11uenwMpUtVfwYZKX+emibVars4JAhqmMex2qOYkf152+VaxBy5AgMBAAGjEzARMA8GA1UdEwEB /wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAx+ySfk749ZalZ2IqpPBNEWDQb41gWGGsJrtSNVwI zzD7qEqWih9iQiOMFw/0umScF6xHKd+dmF7SbGBxXKKs3Hnj524ARx+1DSjoAp3kmv0T9KbZfLH4 3F8jJgmRgHPQFBveQ6mDJfLmnC8Vyv6mq4oHdYsM3VGEa+T40c53ooEwggM/MIICqKADAgECAgEN MA0GCSqGSIb3DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIw EAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9D ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwg RnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20w HhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMc VGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZy ZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSmPFVzVftOucqZ Wh5owHUEcJ3f6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuv PAsH5/EfkTYkKhPPK9Xzgnc9A74r/rsYPge/QIACZNenprufZdHFKlSFD0gEf6e20TxhBEAeZBly YLf7AgMBAAGjgZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNVHR8EPDA6MDigNqA0hjJodHRw Oi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVlbWFpbENBLmNybDALBgNVHQ8EBAMC AQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDItMTM4MA0GCSqGSIb3DQEB BQUAA4GBAEiM0VCD6gsuzA2jZqxnD3+vrL7CF6FDlpSdf0whuPg2H6otnzYvwPQcUCCTcDz9reFh YsPZOhl+hLGZGwDFGguCdJ4lUJRix9sncVcljd2pnDmOjCBPZV+V2vf3h9bGCE6u9uo05RAaWzVN d+NWIXiC3CEZNd4ksdMdRv9dX2VPMYICzzCCAssCAQEwaTBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFs IEZyZWVtYWlsIElzc3VpbmcgQ0ECAw+dbzAJBgUrDgMCGgUAoIIBvDAYBgkqhkiG9w0BCQMxCwYJ KoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNjAzMTQxOTQwMzBaMCMGCSqGSIb3DQEJBDEWBBSC Vd+Pla4NairI45+f6h1C+O7zFDBnBgkqhkiG9w0BCQ8xWjBYMAoGCCqGSIb3DQMHMA4GCCqGSIb3 DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDAHBgUrDgMCGjAK BggqhkiG9w0CBTB4BgkrBgEEAYI3EAQxazBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3 dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1h aWwgSXNzdWluZyBDQQIDD51vMHoGCyqGSIb3DQEJEAILMWugaTBiMQswCQYDVQQGEwJaQTElMCMG A1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAw+dbzANBgkqhkiG9w0BAQEFAASBgC/yzYXVLHauUNLp BdQVUf5skT9gPrCwgaLUqHTdhtYV9DLkKSLFG/k4ztxxZcQ709kqKllgWiLXJ1q9E5zZFQ8D7vZ/ gJJBLZwQAtJcnP2DS7G3uFFAn6W7xXg2P1Zz9lw4jmB9CwooFY+9UM0+5vFWFtJ9muZAf8WVc+V1 8+hkAAAAAAAA ------=_NextPart_000_005A_01C647A7.88A47E70-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Mar 14 20:59:31 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJFfy-0005BB-RZ; Tue, 14 Mar 2006 20:59:26 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 14 Mar 2006 20:58:31 +0100 (CET) Received: from mx01.hinterhof.net ([83.137.99.114]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJFer-00059b-0j for linux-crypto@nl.linux.org; Tue, 14 Mar 2006 20:58:17 +0100 Received: from localhost (localhost [127.0.0.1]) by mx01.hinterhof.net (Postfix) with ESMTP id E2FCA100C5; Tue, 14 Mar 2006 20:58:07 +0100 (CET) Received: from dp.vpn.nusquama.org (p54A78827.dip0.t-ipconnect.de [84.167.136.39]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "dp.vpn.nusquama.org", Issuer "Max Vozeler" (verified OK)) by mx01.hinterhof.net (Postfix) with ESMTP id 0B046FFEF; Tue, 14 Mar 2006 20:58:02 +0100 (CET) Received: by dp.vpn.nusquama.org (Postfix, from userid 1000) id 68ACEC0A8C; Tue, 14 Mar 2006 20:58:27 +0100 (CET) Date: Tue, 14 Mar 2006 20:58:27 +0100 From: Max Vozeler To: Jan Johansson Cc: linux-crypto@nl.linux.org Subject: Re: Encrypt swap? LOOP:_SET_STATUS failed. Message-ID: <20060314195827.GA6612@dp.vpn.nusquama.org> Mail-Followup-To: Jan Johansson , linux-crypto@nl.linux.org References: <9CB5A76200029E439A44D2E52901D6A47A78@waldorf.Muppnet.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <9CB5A76200029E439A44D2E52901D6A47A78@waldorf.Muppnet.local> X-Virus-Scanned: amavisd-new at mx01.hinterhof.net Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: max@nusquama.org Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Tue, Mar 14, 2006 at 08:40:30PM +0100, Jan Johansson wrote: > Running on Debian testing, and trying to encrypt swap with the help of > /usr/share/doc/loop-aes-2.6.15-1-686/README.gz > > But I get a error when I get to the swapon-all stage? > > cookiemonster:/var/log/samba# cat /etc/fstab | grep swap > /dev/hda2 none swap sw,loop=/dev/loop2,encryption=ASE128 ^^^^^^ You have a typo there. s/ASE/AES/ cheers, Max - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Mar 14 21:02:45 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJFj5-0005Z3-4Z; Tue, 14 Mar 2006 21:02:39 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 14 Mar 2006 21:02:30 +0100 (CET) Received: from scooter.mupp.net ([213.212.33.23]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJFiH-0005WK-2h for linux-crypto@nl.linux.org; Tue, 14 Mar 2006 21:01:49 +0100 Received: from cookiemonster ([10.4.1.2] helo=cookiemonster.mupp.net) by scooter.mupp.net with esmtp (Exim 4.41 and XAMS 0.0.15) id 1FJFi9-0001rC-4n; Tue, 14 Mar 2006 21:01:41 +0100 Received: from waldorf.muppnet.local ([192.168.0.201]) by cookiemonster.mupp.net with esmtp (Exim 4.60) (envelope-from ) id 1FJFi6-0006i9-H4; Tue, 14 Mar 2006 21:01:38 +0100 MIME-Version: 1.0 Subject: RE: Encrypt swap? LOOP:_SET_STATUS failed. Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Tue, 14 Mar 2006 21:01:37 +0100 Content-Type: multipart/signed; micalg=SHA1; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_0064_01C647AA.7B7E1230" Message-ID: <9CB5A76200029E439A44D2E52901D6A47A79@waldorf.Muppnet.local> X-MS-Has-Attach: yes X-MS-TNEF-Correlator: Thread-Topic: Encrypt swap? LOOP:_SET_STATUS failed. Thread-Index: AcZHodoeqx/vrckLTfazbtwjgtYLeAAAB6nQ From: "Jan Johansson" To: "Max Vozeler" Cc: X-mupp.net-MailScanner: Found to be clean X-MailScanner-From: j2@mupp.net Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: j2@mupp.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This is a multi-part message in MIME format. ------=_NextPart_000_0064_01C647AA.7B7E1230 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit >You have a typo there. s/ASE/AES/ Guess how stupid I feel now? Thanks. :) Silly question here. Do I understand correctly that this will generate a new key every reboot? But how does that logic work? What scripts/inits takes care of that= ------=_NextPart_000_0064_01C647AA.7B7E1230 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIIyTCCAlEw ggG6oAMCAQICAw+dbzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0EwHhcNMDUxMDA4MDQ1OTExWhcNMDYxMDA4MDQ1OTExWjBGMR8wHQYDVQQD ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSMwIQYJKoZIhvcNAQkBFhRzcGFtZmlsdGVyMkBtdXBw Lm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyC/N+HkGr800HbBU+5OaBX0oWi46u18K 3wrZ4FcqcQf09ylNOpyp2K+8+y8VSWDGeQC4N/oSjA7s4DBMT9qxgD0JY3UfNL9cL9PLm9dsQDHQ oZ1mjPXDJNZD6IMNg9KBWD7uCpZHCG/mdLUppDn+Kwhz3wt9KVbYKxaKiLkz40UCAwEAAaMxMC8w HwYDVR0RBBgwFoEUc3BhbWZpbHRlcjJAbXVwcC5uZXQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B AQQFAAOBgQAUnVI6pyIaHXyamn+NeNM1PHVRrinrckVjZThTGBZARVyx8K9CQ2pxinLACfiZBBOO 27E0KL7j0Psj+AmjQhYprIiuxW2rH4wDO5E9mBfFFo/RtWaWqqGuF1j61ZTiD45mt5Vz5L72WZwR cmeGpQxz6119EMDvA3EB+3Q44NSPkzCCAy0wggKWoAMCAQICAQAwDQYJKoZIhvcNAQEEBQAwgdEx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEa MBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqG SIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw05NjAxMDEwMDAwMDBaFw0y MDEyMzEyMzU5NTlaMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYD VQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0 aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJl ZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wgZ8w DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANRp19SwlGRbcelH2AxRtupykbCEXn0tDY97Et+FJXUo dDpCLGMnn5V7S+9+GYcdhuqj3bnOlmQawhRuRKx85o/oTQ9xH0A4pgCjh3j2+ZSGXq3qwF5269kU o11uenwMpUtVfwYZKX+emibVars4JAhqmMex2qOYkf152+VaxBy5AgMBAAGjEzARMA8GA1UdEwEB /wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAx+ySfk749ZalZ2IqpPBNEWDQb41gWGGsJrtSNVwI zzD7qEqWih9iQiOMFw/0umScF6xHKd+dmF7SbGBxXKKs3Hnj524ARx+1DSjoAp3kmv0T9KbZfLH4 3F8jJgmRgHPQFBveQ6mDJfLmnC8Vyv6mq4oHdYsM3VGEa+T40c53ooEwggM/MIICqKADAgECAgEN MA0GCSqGSIb3DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIw EAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9D ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwg RnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20w HhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMc VGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZy ZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSmPFVzVftOucqZ Wh5owHUEcJ3f6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuv PAsH5/EfkTYkKhPPK9Xzgnc9A74r/rsYPge/QIACZNenprufZdHFKlSFD0gEf6e20TxhBEAeZBly YLf7AgMBAAGjgZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNVHR8EPDA6MDigNqA0hjJodHRw Oi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVlbWFpbENBLmNybDALBgNVHQ8EBAMC AQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDItMTM4MA0GCSqGSIb3DQEB BQUAA4GBAEiM0VCD6gsuzA2jZqxnD3+vrL7CF6FDlpSdf0whuPg2H6otnzYvwPQcUCCTcDz9reFh YsPZOhl+hLGZGwDFGguCdJ4lUJRix9sncVcljd2pnDmOjCBPZV+V2vf3h9bGCE6u9uo05RAaWzVN d+NWIXiC3CEZNd4ksdMdRv9dX2VPMYICzzCCAssCAQEwaTBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFs IEZyZWVtYWlsIElzc3VpbmcgQ0ECAw+dbzAJBgUrDgMCGgUAoIIBvDAYBgkqhkiG9w0BCQMxCwYJ KoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNjAzMTQyMDAxMzZaMCMGCSqGSIb3DQEJBDEWBBT0 wbq8b8XhIGCcCRnWHYRKFzJWOTBnBgkqhkiG9w0BCQ8xWjBYMAoGCCqGSIb3DQMHMA4GCCqGSIb3 DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDAHBgUrDgMCGjAK BggqhkiG9w0CBTB4BgkrBgEEAYI3EAQxazBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3 dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1h aWwgSXNzdWluZyBDQQIDD51vMHoGCyqGSIb3DQEJEAILMWugaTBiMQswCQYDVQQGEwJaQTElMCMG A1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAw+dbzANBgkqhkiG9w0BAQEFAASBgDvJG/GXvbgDjpsf rkWAd2L2TcI2yC7CQT9eqt/atzCH42SDoBDc+Njn7CllWpnm14C7R7GqlfqZbzXmvSaQY+ZQgzJi 38UGwW7fJwSRSRyw1fl/7IDctYrmEc3XZf/j4PwluMk2You2mvFHT+059IEBtltXEqT8zIuhZXsX IyTrAAAAAAAA ------=_NextPart_000_0064_01C647AA.7B7E1230-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Mar 14 21:17:51 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJFxi-0007CJ-II; Tue, 14 Mar 2006 21:17:46 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 14 Mar 2006 21:17:30 +0100 (CET) Received: from mx01.hinterhof.net ([83.137.99.114]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJFx0-0007AI-DO for linux-crypto@nl.linux.org; Tue, 14 Mar 2006 21:17:02 +0100 Received: from localhost (localhost [127.0.0.1]) by mx01.hinterhof.net (Postfix) with ESMTP id A8BF8100C6; Tue, 14 Mar 2006 21:16:59 +0100 (CET) Received: from dp.vpn.nusquama.org (p54A78827.dip0.t-ipconnect.de [84.167.136.39]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "dp.vpn.nusquama.org", Issuer "Max Vozeler" (verified OK)) by mx01.hinterhof.net (Postfix) with ESMTP id C89DFFFEF; Tue, 14 Mar 2006 21:16:53 +0100 (CET) Received: by dp.vpn.nusquama.org (Postfix, from userid 1000) id 7C324C0A8C; Tue, 14 Mar 2006 21:17:19 +0100 (CET) Date: Tue, 14 Mar 2006 21:17:19 +0100 From: Max Vozeler To: Jan Johansson Cc: linux-crypto@nl.linux.org Subject: Re: Encrypt swap? LOOP:_SET_STATUS failed. Message-ID: <20060314201719.GA7211@dp.vpn.nusquama.org> Mail-Followup-To: Jan Johansson , linux-crypto@nl.linux.org References: <9CB5A76200029E439A44D2E52901D6A47A79@waldorf.Muppnet.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <9CB5A76200029E439A44D2E52901D6A47A79@waldorf.Muppnet.local> X-Virus-Scanned: amavisd-new at mx01.hinterhof.net Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: max@nusquama.org Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Tue, Mar 14, 2006 at 09:01:37PM +0100, Jan Johansson wrote: > >You have a typo there. s/ASE/AES/ > > Guess how stupid I feel now? Thanks. :) Happens to everyone :-) > Do I understand correctly that this will generate a new key every reboot? > But how does that logic work? What scripts/inits takes care of that= Yes, the key is regenerated every reboot. swapon takes a hash of existing data on the partition and 32 bytes from /dev/urandom and generates keys from those. There are no scripts involved. cheers, Max - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Mar 14 23:18:36 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJHqZ-0001Cz-TS; Tue, 14 Mar 2006 23:18:31 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 14 Mar 2006 23:18:08 +0100 (CET) Received: from moutng.kundenserver.de ([212.227.126.188]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJHpw-0001A4-DB for linux-crypto@nl.linux.org; Tue, 14 Mar 2006 23:17:52 +0100 Received: from [89.57.44.60] (helo=sheep.housecafe.de) by mrelayeu.kundenserver.de (node=mrelayeu9) with ESMTP (Nemesis), id 0ML2xA-1FJHpl2JgP-0003Dy; Tue, 14 Mar 2006 23:17:44 +0100 Received: from localhost ([127.0.0.1] helo=housecafe.dyndns.org) by sheep.housecafe.de with esmtp (Exim 4.60) (envelope-from ) id 1FJHpk-0004p3-BC for linux-crypto@nl.linux.org; Tue, 14 Mar 2006 23:17:40 +0100 Received: from 192.18.240.11 (SquirrelMail authenticated user evil) by housecafe.dyndns.org with HTTP; Tue, 14 Mar 2006 23:17:40 +0100 (CET) Message-ID: <33922.192.18.240.11.1142374660.squirrel@housecafe.dyndns.org> In-Reply-To: <9CB5A76200029E439A44D2E52901D6A47A5A@waldorf.Muppnet.local> References: <9CB5A76200029E439A44D2E52901D6A47A5A@waldorf.Muppnet.local> Date: Tue, 14 Mar 2006 23:17:40 +0100 (CET) Subject: RE: WIerdness when creating Loop-aes file? From: "Christian" To: linux-crypto@nl.linux.org User-Agent: SquirrelMail/1.5.2 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-Provags-ID: kundenserver.de abuse@kundenserver.de login:f96d4aaab3db5f10cc75fadfe8b23b1e Received-SPF: X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: evil@g-house.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Sat, March 11, 2006 00:53, Jan Johansson wrote: > Unfortunately, my MD-arrays somehow shifted in the upgrade (md2 swapped > place with md1) so I accidentally clobbered about 200GB of stuff... > "Luckilly" in this case "stuff" is equal to recordings from mythtv which > cant really be considered vital... But still :) ouch! that was not supposed to happen :( my condolence for the lost data, Christian. -- make bzImage, not war - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Mar 15 07:36:43 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJPcc-0002Ea-Ag; Wed, 15 Mar 2006 07:36:38 +0100 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 15 Mar 2006 07:36:06 +0100 (CET) Received: from scooter.mupp.net ([213.212.33.23]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FJPbk-0002CN-8I for linux-crypto@nl.linux.org; Wed, 15 Mar 2006 07:35:44 +0100 Received: from cookiemonster ([10.4.1.2] helo=cookiemonster.mupp.net) by scooter.mupp.net with esmtp (Exim 4.41 and XAMS 0.0.15) id 1FJPbe-0004dg-0r; Wed, 15 Mar 2006 07:35:38 +0100 Received: from waldorf.muppnet.local ([192.168.0.201]) by cookiemonster.mupp.net with esmtp (Exim 4.60) (envelope-from ) id 1FJPbC-00080S-0e; Wed, 15 Mar 2006 07:35:10 +0100 MIME-Version: 1.0 Subject: RE: WIerdness when creating Loop-aes file? Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Wed, 15 Mar 2006 07:35:10 +0100 Content-Type: multipart/signed; micalg=SHA1; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_0000_01C64802.FC456AA0" Message-ID: <9CB5A76200029E439A44D2E52901D6A47A7B@waldorf.Muppnet.local> X-MS-Has-Attach: yes X-MS-TNEF-Correlator: Thread-Topic: WIerdness when creating Loop-aes file? Thread-Index: AcZHtVlZh3MoxQogSzimLp1dxqF7bwARRNYg From: "Jan Johansson" To: "Christian" , X-mupp.net-MailScanner: Found to be clean X-MailScanner-From: j2@mupp.net Received-SPF: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_20 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: j2@mupp.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This is a multi-part message in MIME format. ------=_NextPart_000_0000_01C64802.FC456AA0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit >ouch! that was not supposed to happen :( No real pain. I SHOULD have checked everything before doing anything. But seriously, got any idea _why_ it happened? >my condolence for the lost data, I did not have a backup, since I had judged it as "non vital", so it is just an annoyance and not a crisis :) ------=_NextPart_000_0000_01C64802.FC456AA0 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIIyTCCAlEw ggG6oAMCAQICAw+dbzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3R