Simple: You need to get it into the kernel. dm-crypt does not supply the run-time encryption, it just does the kernel cm-crypt module setup, i.e. it establishes the "mapping". After that, all encryption is done by the kernel. If your stuff is non-GPL, then I suspect you will need to maintain your own kernel patch-set. Basically that will be a waste of time, and has zero engineering or security justification. It can be necessary for political reasons, I can see that. But expect it to be a huge pain and effort for zero technological advantage and you cannot distribute it legally. Note on GPL: As long as you do not distribute this kernel, or the patch-set, you can do whathever you like. As soon as you distribute, even only to specific customers or as part of a "blackbox" product, you are screwed and need to GPL the module. There is no freew lunch here. If you want your own non-GPL crypto in a Linux-like kernel, then you need to re-implement that Linux-like kernel yourself, possibly spending a few billions on it. You may want to look at the xBDSs. They have more permissive licenses. Arno On Tue, Sep 11, 2012 at 09:17:17AM -0700, Anil wrote: > Suppose I have a library of various crypto algorithms. It is proprietary. > I build it as a module and want the user to run dm-crypt specifying my module to be run. > For example, > crypt FooCryptoLibrary-aes-xts > I read that if your module is not GPL, then one cannot access core functions. > Will there be a problem here? > > > ________________________________ > From: Arno Wagner <arno@xxxxxxxxxxx> > To: dm-crypt@xxxxxxxx > Sent: Wednesday, September 5, 2012 7:41 AM > Subject: Re: newbie qs on dm-crypt > > On Tue, Sep 04, 2012 at 02:14:09PM -0700, Anil wrote: > > Thanks for replying. > > You said, > > "Ciphers and modes are the job of the kernel, not dm-crypt." > > > > > I am trying to understand if?proprietary software can be used with > > dm-crypt. > > > > That depends. > > > I read it is in GPL mode. Which version? GPL v2, v3, LGPL...? > > > > For example, there is some in-house proprietary developed code for > > AES-XTS. > > > > If I understood your reply correctly, then dm-crypt will call these > > functions loaded into the kernel and there will not be any problem as the > > GPL code (dm-crypt) will not be linked with the proprietary code.? Is that > > so?? > > No. Kernels are different. If you do not distribute, it does not > matter anyways. If you distribute, and want your stuff to stay > closed, you should probably talk to an IP lawyer. > > I have to say though that there is pobably no point, as AES-XTS is > open and the kernel implementation is probably better than yours > anyways. > > Arno > > > > > > > > > > > ________________________________ > >? From: Arno Wagner <arno@xxxxxxxxxxx> > > To: dm-crypt@xxxxxxxx > > Sent: Monday, September 3, 2012 8:29 PM > > Subject: Re: (no subject) > >? > > On Mon, Sep 03, 2012 at 06:20:35PM -0700, Anil wrote: > > > Newbie here. I need to use dm-crypt with aes-xts. How is dm-crypt called? > > > > Refer to the man-page and the FAQ. > > > > > Is it possible to encrypt data while being saved on the fly? > > > > That is its job. It is not possible to do it in any other way. > > > > > Will there be file filters to encrypt/decrypt while saving > > > and opening the file? > > > > No. > > > > > Is aes-xts provided elsewhere as a plugin? or is it part of dmcrypt? > > > > Ciphers and modes are the job of the kernel, not dm-crypt. > > It just uses them. > > > > Arno > > -- > > Arno Wagner,? ? Dr. sc. techn., Dipl. Inform.,?? Email: arno@xxxxxxxxxxx > > GnuPG:? ID: 1E25338F? FP: 0C30 5782 9D93 F785 E79C? 0296 797F 6B50 1E25 338F > > ---- > > One of the painful things about our time is that those who feel certainty > > are stupid, and those with any imagination and understanding are filled > > with doubt and indecision. -- Bertrand Russell > > _______________________________________________ > > dm-crypt mailing list > > dm-crypt@xxxxxxxx > > http://www.saout.de/mailman/listinfo/dm-crypt > > > _______________________________________________ > > dm-crypt mailing list > > dm-crypt@xxxxxxxx > > http://www.saout.de/mailman/listinfo/dm-crypt > > > -- > Arno Wagner,? ? Dr. sc. techn., Dipl. Inform.,? Email: arno@xxxxxxxxxxx > GnuPG:? ID: 1E25338F? FP: 0C30 5782 9D93 F785 E79C? 0296 797F 6B50 1E25 338F > ---- > One of the painful things about our time is that those who feel certainty > are stupid, and those with any imagination and understanding are filled > with doubt and indecision. -- Bertrand Russell > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
