Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 26953 Details for
Bug 43146
Support for dm-crypt in baselayout
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for handling swap space better
dm-crypt-swap.diff (text/plain), 3.06 KB, created by
Vadim Trochinsky
on 2004-03-06 12:38:55 UTC
(
hide
)
Description:
Patch for handling swap space better
Filename:
MIME Type:
Creator:
Vadim Trochinsky
Created:
2004-03-06 12:38:55 UTC
Size:
3.06 KB
patch
obsolete
>diff -u dmcrypt.orig/dm-crypt.conf dmcrypt/dm-crypt.conf >--- dmcrypt.orig/dm-crypt.conf 2004-03-06 21:19:51.026290088 +0100 >+++ dmcrypt/dm-crypt.conf 2004-03-06 21:19:09.109662384 +0100 >@@ -6,7 +6,9 @@ > #IMPORTANT: you should use either *no* swap at all or *only* encrypted swaps > #when using the dm-crypt init script, otherwise you risk leaking keys to > #swapspace. >-#For swap devices, you should use random keystrokes as passphrase >+#For swap devices, you should use the swap type. It will read some random >+#data from the random device instead of asking for a password, and then >+#run mkswap on it. > > #The optional 'salt=' argument specifies a seed to use along with the hash. > #Use of a salt makes dictionary attacks more difficult - if possible, >@@ -18,5 +20,5 @@ > #for every encrypted device, but it is also not a bad idea to do so. > > #examples >-#map=swap0 cipher=aes-plain keysize=32 hash=sha512 device=/dev/hda2 salt=my >-#map=hdb cipher=aes-plain keysize=32 hash=sha512 device=/dev/hdb >+#map=swap0 type=swap cipher=aes-plain keysize=32 hash=sha512 device=/dev/hda2 salt=my >+#map=hdb type=disk cipher=aes-plain keysize=32 hash=sha512 device=/dev/hdb >diff -u dmcrypt.orig/dm-crypt.rc dmcrypt/dm-crypt.rc >--- dmcrypt.orig/dm-crypt.rc 2004-03-06 21:19:51.027289936 +0100 >+++ dmcrypt/dm-crypt.rc 2004-03-06 21:22:11.469939408 +0100 >@@ -10,6 +10,7 @@ > dmpath=/dev/mapper/ > dmtarget=crypt > salts=/etc/salts/ >+random_device=/dev/urandom > > #FIXME: refuses to start before localmount > depend() { >@@ -30,9 +31,15 @@ > ewarn "${salts}salt.${salt} does not exist" > return 1 > fi >- hashcmd="$hashcmd -s $salt" >+ hashcmd="$hashcmd -s $salt" > fi > >+ #for a swap device we get the key from /dev/random >+ if [ "$type" == "swap" ] >+ then >+ hashcmd="head -c $(($keysize/8)) $random_device" >+ fi >+ > key="`$hashcmd 2> /dev/null \ > | hexdump -e \"\\\"\\\" $keysize/1 \\\"%02x\\\" \\\"\\\n\\\"\" \ > | sed -e 's/ /0/g' | head -n 1`" >@@ -80,13 +87,20 @@ > > eval `echo ${maps[$i]} | tr ',' ' '` > >- if [ "$map" == "" ] || [ "$cipher" == "" ] || [ "$keysize" == "" ] || [ "$hash" == "" ] || [ "$device" == "" ] >+ if [ "$type" == "" ] || [ "$map" == "" ] || [ "$cipher" == "" ] || [ "$keysize" == "" ] || [ "$hash" == "" ] || [ "$device" == "" ] > then > ewarn "config for $map missing required values, skipping" > status=1 > continue > fi > >+ if [ "$type" != "disk" ] && [ "$type" != "swap" ] >+ then >+ ewarn "The type must be either 'disk' or 'swap', skipping" >+ status=1 >+ continue >+ fi >+ > ebegin "creating $map for $device ($cipher/$hash)" > > if [ ! -b "$device" ] >@@ -115,6 +129,14 @@ > eend 1 > fi > >+ if [ "$type" == "swap" ] && ! mkswap "$dmpath$map" &> /dev/null >+ then >+ ewarn "Failed to create a swap area on $map" >+ dmsetup remove "$map" &> /dev/null >+ status=1 >+ eend 1 >+ fi >+ > eend 0 > done > >@@ -143,6 +165,14 @@ > status=1 > continue > fi >+ >+ if [ "$type" == "swap" ] && grep -qE "^$dmpath$map" /proc/swaps >+ then >+ ewarn "$dmpath$map is still being used for swap space, skipping" >+ eend 1 >+ status=1 >+ continue >+ fi > > if ! dmsetup remove $map > then
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 43146
:
26492
|
26567
|
26568
|
26578
| 26953 |
27067
|
27268
|
36320
|
36321
|
36322
|
36323
|
36463
|
36464
|
37800
|
40036
|
40037
|
40114