[dm-devel] Another experimental dm target... an encryption target

Joe Thornber thornber at sistina.com
Tue Jul 29 09:35:01 UTC 2003 

Christophe,

Sorry for not replying sooner, I've been busy.


On Sat, Jul 26, 2003 at 03:11:57AM +0200, Christophe Saout wrote:
> I wrote a dm-crypt target that works like a linear target but does
> encryption using the new cryptoapi in the 2.5/2.6 kernel.

Very impressive, I can see we're going to have to think up something
harder for you to do ;)

> The implementation is somewhat sub-optimal. There are some issues that
> lead to unnecessary complexity:
> 
> 1. I could save a mempool if I could access the target_io structure (I
> could, but that's really ugly). That's because I need to access my
> crypt_c structure in my endio function. Because I also need to access
> the original bio and I can't put two pointers in cloned_bio->bi_private
> I have to allocate a crypt_io structure that contains both pointers.

I can't see a way around this mempool ATM, though you don't need the
io->clone field ?

> 2. I can't use the "new" end_io mechanism for which Joe posted a patch

Agreed.

> The bios device-mapper gives to the target are never sent down. I've got
> the same problem in dm-file (at least I don't need to clone them again
> so it's not a too big waste).

That's fine, md and dm-raid1 work in the same way.

> So you see, at lot of room for improvements. ;)

The main problem I have with the code is with crypt_alloc_buffer(), I
realise this is not your code but copied this from loop.c.  I would
far rather you managed a mempool of struct pages rather than doing
this hacky repeat until alloc works stuff.  Of course this may then
mean you have to split v. large bios.

How much testing has this had ?  Patrick Caulfield tends to break my
code by running a couple of:

find /usr|cpio -pmd /mnt/ &

on a low memory config with the dm device mounted on /mnt.  I suggest
you try the same, I really don't trust any code that has come from
loop.c.

Other than that the code looks very good, I'd be happy to forward it
to Linus for inclusion when it's matured a bit.

- Joe

More information about the dm-devel mailing list