Re: Announce: cryptoapi-2.4.3 [aka international crypto (non-)patch]

From: Jari Ruusu (jari.ruusu@pp.inet.fi)
Date: Tue Apr 24 2001 - 06:40:05 EST

Next message: imel96@trustix.co.id: "[PATCH] Single user linux"
Previous message: Matt Johnston: "Re: odd messages in dmesg (network I think)"
Next in thread: Herbert Valerio Riedel: "Re: Announce: cryptoapi-2.4.3 [aka international crypto (non-)patch]"
Reply: Herbert Valerio Riedel: "Re: Announce: cryptoapi-2.4.3 [aka international crypto (non-)patch]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Herbert Valerio Riedel wrote:
> short version:
> this is the international crypto patch, which is built outside of
> the kernel source tree. you don't even have to reboot (unless your
> kernel didn't have loop devices enabled, or some other unthought
> situation exists... :)
>
> As a response to Jari's loop-AES crypto filter for the loop back
> device, which claims to be hassle free since no kernel modification is
> needed; I've repackaged the all known international crypto patch,
> which according to some people suffers from the need to patch the
> kernel in order to make use of it and thus may not be ever get into
> the kernel since there are still some countries where laws don't
> support an individuals need for privacy.
>
> This (re)package has only one major drawback, crypto can only built as
> modules so far and it supports only kernel 2.4.3 and later so far...

linux-2.4.3-cryptoapi-hvr4/drivers/block/loop.c lines 270...279 after your
kernel patch:

static int lo_read_actor(read_descriptor_t * desc, struct page *page, unsigned long offset, unsigned long size)
{
        char *kaddr;
        unsigned long count = desc->count;
        struct lo_read_data *p = (struct lo_read_data*)desc->buf;
        struct loop_device *lo = p->lo;
        unsigned long IV = loop_get_iv(lo, (page->index * PAGE_CACHE_SIZE + offset - lo->lo_offset) >> LO_IV_SECTOR_BITS);
                                            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
        if (size > count)
                size = count;

Have you tested that code with partitions or files that are larger than
4 gigs? On systems where int is 32 bits, that computation overflows.

If you want 512 byte based IV computation without modifying your kernel at
all, you can use the loop.o module from my loop-AES package. I haven't tried
using your modules based cryptoapi and my loop-AES drivers together, but I
don't see any obvious reason why they couldn't be used simultaneously.

My loop-AES package is here:

http://members.surfeu.fi/ce6c8edf/loop-AES-v1.1b.tar.bz2
md5sum 61e521a383ce9a90c3f7b98bcf789813

Regards,
Jari Ruusu <jari.ruusu@pp.inet.fi>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: imel96@trustix.co.id: "[PATCH] Single user linux"
Previous message: Matt Johnston: "Re: odd messages in dmesg (network I think)"
Next in thread: Herbert Valerio Riedel: "Re: Announce: cryptoapi-2.4.3 [aka international crypto (non-)patch]"
Reply: Herbert Valerio Riedel: "Re: Announce: cryptoapi-2.4.3 [aka international crypto (non-)patch]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon Apr 30 2001 - 21:00:10 EST