Karel Zak wrote: > On Wed, Jun 13, 2012 at 04:53:04PM +0200, Ludwig Nussel wrote: >> Is there any reason to still keep the encryption options in losetup and >> mount around? They look entirely useless to me. Even when using passfd >> and an external key generation function it's still broken as the key >> size is fixed at 32 byte and the last byte is always set to '\0'. >> So would a patch that removes encryption support completely be >> acceptable? > > Our goal is to follow kernel, so it would be better to remove this > feature from kernel loopdev first. Well, someone could come up with another tool to support cryptoloop, or rather 'transfer functions'. If losetup has the philosophy to provide the canonical implementation for all loop features then losetup isn't complete anyways. It needs options to set lo_encrypt_type, lo_crypt_name and lo_encrypt_key_size independent of each other then. Also, overwriting the last 8 bits of the key with zeroes certainly defeats the purpose. Those transfer functions are dynamic so it's possible to have others than cryptoloop with different semantics on the lo_encrypt_* fields. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
