My notes on making encrypted filesystems "Just Work(tm)"

David Zeuthen david at fubar.dk
Thu Dec 16 13:08:05 PST 2004


On Thu, 2004-12-16 at 21:35 +0100, Sjoerd Simons wrote:
> On Sun, Dec 12, 2004 at 09:47:53PM -0500, David Zeuthen wrote:
> > Finally, since the hal daemon understands the clear text block
> > devices, /dev/dm-0 and onwards, provided by dm and hal must knows how to
> > add hal device objects for these. Thus, if /dev/dm-0 is really the
> > decrypted version of /dev/sda1 then hald must create a hal device object
> > representing /dev/dm-0. This device object will be a sibling to the
> > device object representing /dev/sda1 and will have the same storage
> > device as a parent. 
> 
> The current code in hal for dm detection is really ugly imho. 

Really ugly? It's extremely ugly!! Don't try this at home!

> I think the right
> way (tm) is to push the kernel people to put some more info in sysfs for dm
> devices. (I'm currently playing with the code to see how i can do that).
> 

If the kernel could just store the name we pass to dmsetup it would be
sufficient. E.g. we just have the invariant that the crypto device is to
be called sesame_crypto_<uuid> and the extremly ugly code can be made
nice again.

> And obviously i'm interested in your sesame code :), so lemme know if the starts
> of it are available somewhere..
> 

I'll dig it out.

Cheers,
David


_______________________________________________
hal mailing list
hal at lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/hal



More information about the Hal mailing list