Hi, On 07/12/2019 00:10, Chris Murphy wrote:
I'm wondering if it's possible, or LUKS2 could be extended, to support an non-encrypted target. That is, the virtual device and backing device would contain the same information.
(You are not the first one asking for support for this option.) In fact, the support is already there. But I am reluctant to officially support it for a very long time, because it would be super confusing for users (We have LUKS, but actually no encryption?!) So, the first method: you can always use cipher_null (and you must use empty passphrase in this case). That variant should work already and it is intended for debugging/measuring dm-crypt layer overhead (dm-crypt is used, but with the null cipher). The second variant is to directly use dm-linear target instead of dm-crypt, and it is already used during online (re)encryption in one phase - when adding encryption to not yet encrypted device. You cannot format such a device initially this way. It is not so complicated to add support for this to format operation, but ... I am still not sure. Any comments? Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
