Am Freitag, 1. Mai 2015, 11:20:35 schrieb Herbert Xu: Hi Herbert, >On Tue, Apr 28, 2015 at 04:58:31AM +0200, Stephan Mueller wrote: >> Hm, in case of dm-crypt, that is not really possible, because this is fully >> driven by user space: libcryptsetup sets up a temporary dm-crypt container >> for the LUKS header space. Then user space accesses the data it needs and >> re- injects it into the kernel for the bulk encryption dm-crypt component. >If both user-space and the kernel implements the same algorithm >correctly why wouldn't it work? User space does not use any ciphers to protect the key, that is the interesting part. The LUKS header will be mapped by a dm-crypt mapping and then read from user space to access the key. So, userspace does not en/decrypt the data. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
