On Thu, Jun 14, 2012 at 01:47:16PM +0200, Ludwig Nussel wrote:
> Karel Zak wrote:
> > On Wed, Jun 13, 2012 at 04:53:04PM +0200, Ludwig Nussel wrote:
> >> Is there any reason to still keep the encryption options in losetup and
> >> mount around? They look entirely useless to me. Even when using passfd
> >> and an external key generation function it's still broken as the key
> >> size is fixed at 32 byte and the last byte is always set to '\0'.
> >> So would a patch that removes encryption support completely be
> >> acceptable?
> >
> > Our goal is to follow kernel, so it would be better to remove this
> > feature from kernel loopdev first.
>
> Well, someone could come up with another tool to support cryptoloop, or
> rather 'transfer functions'.
> If losetup has the philosophy to provide the canonical implementation
> for all loop features then losetup isn't complete anyways. It needs
I don't know what was original idea, but the current '--encryption'
works somehow. Yes, it's not perfect, it's maybe almost useless,
but it's still have some users and we cannot remove it without a
prior warning.
Fortunately, cryptoloop is in our deprecated.txt for years, so I think
it's should be enough to add a fat warning to the next v2.22 release
and remove this feature in v2.23.
Anyway, I like Milan's idea with libcryptsetup, and we will try to
prepare any solution. BTW, the current cryptsetup also support loop-aes ;-)
We will see...
Karel
--
Karel Zak <kzak@xxxxxxxxxx>
http://karelzak.blogspot.com
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
