| 1 |
no not yet, I put the patch on hold anyway, it's probably going to turn |
| 2 |
out to be easier in the long run to modify or fork dmsetup to do the |
| 3 |
hashing itself, otherwise getting hashalot to cooperate with dmsetup |
| 4 |
securely is a bit of a pain. |
| 5 |
|
| 6 |
Justin |
| 7 |
|
| 8 |
On Sat, 2004-02-28 at 10:15 -0800, Max Kalika wrote: |
| 9 |
|
| 10 |
> Quoting Justin Whitney <ripple@××××××.be>: |
| 11 |
> |
| 12 |
> > I submitted a patch to device-mapper-1.00.07 that makes dmsetup lock its |
| 13 |
> > pages. This should prevent swaps between 'hashalot | dmsetup', so with |
| 14 |
> > a few changes to the dm-crypt init script, people should be able to |
| 15 |
> > encrypt their block devices leaving swap unencrypted, and not have to |
| 16 |
> > worry about their key leaking to swap. checkout the following if |
| 17 |
> > interested. |
| 18 |
> > |
| 19 |
> > http://bugs.gentoo.org/show_bug.cgi?id=43162 |
| 20 |
> |
| 21 |
> Is this something the dm upstream folk are aware of? |
| 22 |
> |
| 23 |
> -- |
| 24 |
> max kalika |
| 25 |
> .. public key: http://www.gentoo.org/~max/max.asc |
| 26 |
> .. fingerprint: 2D59 74B5 8785 3C22 74F2 87B0 6DD4 E810 CBC3 AB79 |
| 27 |
|
| 28 |
|
| 29 |
-- |
| 30 |
gentoo-dev@g.o mailing list |
Archives