From: Milan Broz <gmazyland@gmail.com>
To: Robert Nichols <rnicholsNOSPAM@comcast.net>, dm-crypt@saout.de
Subject: Re: [dm-crypt] Why is it necessary to "wipe" an authenticated luks2 device when creating it?
Date: Fri, 27 Sep 2019 10:52:53 +0200 [thread overview]
Message-ID: <74364243-f95e-3e06-4829-62e8bee54baf@gmail.com> (raw)
In-Reply-To: <qmjag0$39d1$1@blaine.gmane.org>
On 26/09/2019 23:27, Robert Nichols wrote:
> I wasn't even thinking of trim pass-through. I routinely set up VMs
> with space allocations that, in total, exceed the space available on
> the host. Such VMs cannot use authenticated encryption since they
> would have to immediately use all of their allocated space. I also
> routinely save system images with partclone or clonezilla,
> specifically to avoid saving the content of the free space in the
> filesystems. Such an image would fail authentication when restored.
> These are fairly common practices. LUKS2 authenticated encryption
> should come with huge warnings.
I do not quite well understand your complaint.
LUKS2 is just on-disk format, it is much more flexible, and allows some
new features like integrity protection, but nobody forces you to use that.
Default options are precisely the same as in LUKS1, and you can still
use LUKS1 if you prefer it.
Actually, even the authenticated encryption does not need to wipe
the space in principle. It is a workaround to avoid bugs (to avoid
reading areas that were never written). You can skip it if your
environment is doing IO operations correctly.
TRIM passthrough is in some situations complicated, so it is not yet
supported for authenticated encryption (dm-integrity backed devices).
It is just missing a feature, that can be implemented later.
A full device wipe is present in many other systems - VeraCrypt by default does it;
Debian installer wipes LUKS devices by writing random data to it.
And these systems use just length preserving encryption.
A common practice is to TRIM the device to free unused space.
We are missing better documentation of common use cases and limitations.
I am well aware of that, but sometimes things take longer than expected,
sorry for that.
Milan
next prev parent reply other threads:[~2019-09-27 8:52 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-25 19:40 [dm-crypt] Why is it necessary to "wipe" an authenticated luks2 device when creating it? .. ink ..
2019-09-26 7:41 ` Milan Broz
2019-09-26 9:36 ` Christoph Anton Mitterer
2019-09-26 13:38 ` Robert Nichols
2019-09-26 14:29 ` Ondrej Kozina
2019-09-26 21:27 ` Robert Nichols
2019-09-26 22:20 ` Arno Wagner
2019-09-27 8:52 ` Milan Broz [this message]
2019-09-26 14:23 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74364243-f95e-3e06-4829-62e8bee54baf@gmail.com \
--to=gmazyland@gmail.com \
--cc=dm-crypt@saout.de \
--cc=rnicholsNOSPAM@comcast.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.