[dm-crypt] Tcrypt hidden volume
gmazyland at gmail.com
Mon Jul 1 21:17:03 CEST 2013
On 1.7.2013 12:33, Jan Janssen wrote:
> while testing how the tcrypt passphrase + keyfile logic works, I
> realized that there doesn't seem to be a way to protect the hidden
> volume from being damaged by writes to a mounted outer volume like
> truecrypt does. I think this deserves a warning in the man page
> since this is a potential data loss.
Yes, you are right. There is no protection of hidden volume once
outer volume is mounted.
(BTW the protection itself reveals hidden volume existence.)
Protection can be done on DM (kernel level) quite easily
(map this linear part to virtual zero or error target masking
out the data underneath) but it would require quite big changes
in cryptsetup wrapper (which was meant to be simple 1:1 mapping).
So I decided to ignore this problem for now...
But yes, there should be some note in man page.
More information about the dm-crypt