Hi list, I'm wondering how safe it is to specify a device size when re-encrypting a block device using cryptsetup-reencrypt. In particular I would like to know if specifying a size smaller than the underlying block device might actually corrupt data? The man page mentions some warnings in regards to this option. In our use case the underlying block device is ~ 100G, while only 11G are actually used by filesystems on top of the block device. To speed things up we were thinking about a device size, e.g. something like 16G, so not the whole device needs to be re-encrypted. I'm not familiar enough with the LUKS internals, but I'm pretty sure that it is not filesystem aware, so it will only reencrypt the first 16GB of the device, while LVM and any filesystems may actually put data anywhere on the device. So am I right in assuming that providing a device size smaller than the actual block device size might lead to data corruption or is it safe to use it in the way described above? Best regards, Karol Babioch
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
