My notes on making encrypted filesystems "Just Work(tm)"

Sjoerd Simons sjoerd at
Thu Dec 16 13:15:56 PST 2004

On Thu, Dec 16, 2004 at 04:08:05PM -0500, David Zeuthen wrote:
> On Thu, 2004-12-16 at 21:35 +0100, Sjoerd Simons wrote:
> > On Sun, Dec 12, 2004 at 09:47:53PM -0500, David Zeuthen wrote:
> > > Finally, since the hal daemon understands the clear text block
> > > devices, /dev/dm-0 and onwards, provided by dm and hal must knows how to
> > > add hal device objects for these. Thus, if /dev/dm-0 is really the
> > > decrypted version of /dev/sda1 then hald must create a hal device object
> > > representing /dev/dm-0. This device object will be a sibling to the
> > > device object representing /dev/sda1 and will have the same storage
> > > device as a parent. 
> > 
> > The current code in hal for dm detection is really ugly imho. 
> Really ugly? It's extremely ugly!! Don't try this at home!

Good to see that you know it too :)
> > I think the right
> > way (tm) is to push the kernel people to put some more info in sysfs for dm
> > devices. (I'm currently playing with the code to see how i can do that).
> > 
> If the kernel could just store the name we pass to dmsetup it would be
> sufficient. E.g. we just have the invariant that the crypto device is to
> be called sesame_crypto_<uuid> and the extremly ugly code can be made
> nice again.

Would be nice if it would also work with dm devices not created by hal :) Which
isn't the case when you need the special name.

The price of success in philosophy is triviality.
		-- C. Glymour.
hal mailing list
hal at

More information about the Hal mailing list