From: "boojin.kim" <boojin.kim@samsung.com>
To: "'Mike Snitzer'" <snitzer@redhat.com>
Cc: "'Herbert Xu'" <herbert@gondor.apana.org.au>,
"'David S. Miller'" <davem@davemloft.net>,
"'Eric Biggers'" <ebiggers@kernel.org>,
"'Theodore Y. Ts'o'" <tytso@mit.edu>,
"'Chao Yu'" <chao@kernel.org>,
"'Jaegeuk Kim'" <jaegeuk@kernel.org>,
"'Andreas Dilger'" <adilger.kernel@dilger.ca>,
"'Theodore Ts'o'" <tytso@mit.edu>, <dm-devel@redhat.com>,
"'Mike Snitzer'" <snitzer@redhat.com>,
"'Alasdair Kergon'" <agk@redhat.com>,
"'Jens Axboe'" <axboe@kernel.dk>,
"'Krzysztof Kozlowski'" <krzk@kernel.org>,
"'Kukjin Kim'" <kgene@kernel.org>,
"'Jaehoon Chung'" <jh80.chung@samsung.com>,
"'Ulf Hansson'" <ulf.hansson@linaro.org>,
<linux-crypto@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<linux-fscrypt@vger.kernel.org>, <linux-mmc@vger.kernel.org>,
<linux-samsung-soc@vger.kernel.org>,
<linux-block@vger.kernel.org>, <linux-ext4@vger.kernel.org>,
<linux-f2fs-devel@lists.sourceforge.net>,
<linux-samsung-soc@vger.kernel.org>,
<linux-arm-kernel@lists.infradead.org>,
<linux-fsdevel@vger.kernel.org>
Subject: Re: [PATCH 6/9] dm crypt: support diskcipher
Date: Wed, 21 Aug 2019 16:54:32 +0900 [thread overview]
Message-ID: <001a01d557f5$ab0a4a40$011edec0$@samsung.com> (raw)
In-Reply-To: CGME20190821075432epcas2p3758bf7b07f209fb4094d79bf46c8f4e9@epcas2p3.samsung.com
On Wed, Aug 21, 2019 at 09:13:36AM +0200, Milan Broz wrote:
>
> NACK.
>
> The whole principle of dm-crypt target is that it NEVER EVER submits
> plaintext data down the stack in bio.
>
> If you want to do some lower/higher layer encryption, use key management
> on a different layer.
> So here, just setup encryption for fs, do not stack it with dm-crypt.
>
> Also, dm-crypt is software-independent solution
> (software-based full disk encryption), it must not depend on
> any underlying hardware.
> Hardware can be of course used used for acceleration, but then
> just implement proper crypto API module that accelerates particular
cipher.
I'm sorry for breaking the basic rules of dm-crypt.
But, if I want to use the H/W crypto accelerator running in storage
controller,
I have to drop plaintext to bio.
I think the "proper crypto API module" that you mentioned is diskcipher
because diskcipher isn't only for FMP.
Diskcipher is a crypto API that supports encryption on storage controllers.
Thanks
Boojin Kim
next parent reply other threads:[~2019-08-21 7:54 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20190821075432epcas2p3758bf7b07f209fb4094d79bf46c8f4e9@epcas2p3.samsung.com>
2019-08-21 7:54 ` boojin.kim [this message]
[not found] <CGME20190823071848epcas2p3fe4d229d22b14162c354f88a29f366c2@epcas2p3.samsung.com>
2019-08-23 7:18 ` [PATCH 6/9] dm crypt: support diskcipher boojin.kim
[not found] <CGME20190823042038epcas2p2000738f3ca7f5f3d92ea1c32de2bcf99@epcas2p2.samsung.com>
2019-08-23 4:20 ` boojin.kim
2019-08-23 4:27 ` Herbert Xu
[not found] <CGME20190821075742epcas2p4b9104e8249067c048d4050f2888da0a9@epcas2p4.samsung.com>
2019-08-21 7:57 ` boojin.kim
2019-08-21 8:17 ` Herbert Xu
[not found] <CGME20190821064230epcas2p1ad7301f2b1331bcab3126e6e37c0e272@epcas2p1.samsung.com>
2019-08-21 6:42 ` boojin.kim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='001a01d557f5$ab0a4a40$011edec0$@samsung.com' \
--to=boojin.kim@samsung.com \
--cc=adilger.kernel@dilger.ca \
--cc=agk@redhat.com \
--cc=axboe@kernel.dk \
--cc=chao@kernel.org \
--cc=davem@davemloft.net \
--cc=dm-devel@redhat.com \
--cc=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=jaegeuk@kernel.org \
--cc=jh80.chung@samsung.com \
--cc=kgene@kernel.org \
--cc=krzk@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mmc@vger.kernel.org \
--cc=linux-samsung-soc@vger.kernel.org \
--cc=snitzer@redhat.com \
--cc=tytso@mit.edu \
--cc=ulf.hansson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).