[dm-crypt] The future of disk encryption with LUKS2

f-dm-c at media.mit.edu f-dm-c at media.mit.edu
Mon Feb 8 20:49:59 CET 2016


    > Date: Mon, 8 Feb 2016 17:48:22 +0100
    > From: Arno Wagner <arno at wagner.name>

    > I like the end, because it is clear and far away. It is also what
    > md-RAID for superblock 0.90 does.

Doesn't that increase the chances of mdraid 0.90 stepping on your own
"far away" header?

    > Non-redudancy during resize is not an issue, as anybody sane will 
    > only resize with a header-backup done before. Insane people will 
    > manage to screw up anyways, nothing we can do about that. Resize
    > is a dangerous operation, no way around that. We can prevent
    > people from hosing their LUKS container when creating filesysems
    > on it though, or partition sectors or the like.

As long as whatever redundancy gets added doesn't eliminate the
ability to do an -online- grow, I don't care.  It's when people
start saying "disallow online resize -because of- the redudancy"
that I start questioning the wisdom of the entire concept, and
that's why I spoke up at all.

(Note that I don't care so much re online -shrink-, because ext4
at least can't do that either.)


More information about the dm-crypt mailing list