[dm-crypt] [ANNOUNCE] cryptsetup 1.4.0-rc1 (test release candidate)

Milan Broz mbroz at redhat.com
Mon Oct 10 22:22:37 CEST 2011

On 10/10/2011 10:03 PM, Arno Wagner wrote:
>> * If device is not rotational disk, cryptsetup no longer tries
>>   to wipe keyslot with Gutmann algorithm for magnetic media erase
>>   but simply rewrites area once by random data.
> Hmm. How do you determine that? Not that I see any fundamental
> problem,

Through kernel sysfs, rotational flag:

If not available, then it is expected that device is rotational.

(This flag should be authoritative, e.g. filesystems like btrfs uses it
as well to determine allocation strategies.)

>>    WARNING: There is no possible check that specified ciphertext device
>>             matches detached on-disk header. Use with care, it can destroy
>>             your data in case of a mistake.
> It should refuse to mount though, just like a plain dm-crypt
> device if you enter the wrong passphrase.

yes. I just want to say that by separating header user is responsible
to proper pair header and ciphertext device.
>>    WARNING: Storing LUKS header in a file means that anti-forensic splitter
>>             cannot properly work (there is filesystem allocation layer between
>>             header and disk).
> You mean the splitted data may end up all over the disk making
> wiping problematic, especially if the filesystem does "overwrites" 
> to different places?

You cannot be sure how is the file represented on disk, it can be fragmented
etc. (AF has perhaps problems with SSD wear-leveling so it is nothing new.
We should analyse AF with new storage types anyway...)

Anyway, header in file is exactly as the same situation as header backup to file.

In fact, I forgot to mention that header backup can be directly used
in --header parameter.

>> * Enhance check of device size before writing LUKS header.
> To prevent problems if the device is smaller than the header?

Old code did not checked if header + all keyslots fit on device 
(but device activation was not possible because payload offset
exceeded device size then).

But now with separate header it is needed - header write is refused
if device is too small.


More information about the dm-crypt mailing list