diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-25 15:33:49 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-25 15:33:49 -0400 |
| commit | 6f97b220f414e3599ea5374905ba6d0dc47d63b0 (patch) | |
| tree | 79b268ea6efcd417d923fdbc1aed7bc0fce15554 /Documentation | |
| parent | 4b7227ca321ccf447cdc04538687c895db8b77f5 (diff) | |
| parent | e3dcc5a387fc38e9c3c6c4f857cd9a7f71a8553a (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-2.6-dm
* git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-2.6-dm: (24 commits)
dm crypt: add documentation
dm: remove md argument from specific_minor
dm table: remove unused dm_create_error_table
dm table: drop void suspend_targets return
dm: unplug queues in threads
dm raid1: use timer
dm: move include files
dm kcopyd: rename
dm: expose macros
dm kcopyd: remove redundant client counting
dm kcopyd: private mempool
dm kcopyd: per device
dm log: make module use tracking internal
dm log: move register functions
dm log: clean interface
dm kcopyd: clean interface
dm io: clean interface
dm io: rename error to error_bits
dm snapshot: store pointer to target instance
dm log: move dirty region log code into separate module
...
Diffstat (limited to 'Documentation')
| -rw-r--r-- | Documentation/device-mapper/dm-crypt.txt | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/Documentation/device-mapper/dm-crypt.txt b/Documentation/device-mapper/dm-crypt.txt new file mode 100644 index 000000000000..6680cab2c705 --- /dev/null +++ b/Documentation/device-mapper/dm-crypt.txt | |||
| @@ -0,0 +1,52 @@ | |||
| 1 | dm-crypt | ||
| 2 | ========= | ||
| 3 | |||
| 4 | Device-Mapper's "crypt" target provides transparent encryption of block devices | ||
| 5 | using the kernel crypto API. | ||
| 6 | |||
| 7 | Parameters: <cipher> <key> <iv_offset> <device path> <offset> | ||
| 8 | |||
| 9 | <cipher> | ||
| 10 | Encryption cipher and an optional IV generation mode. | ||
| 11 | (In format cipher-chainmode-ivopts:ivmode). | ||
| 12 | Examples: | ||
| 13 | des | ||
| 14 | aes-cbc-essiv:sha256 | ||
| 15 | twofish-ecb | ||
| 16 | |||
| 17 | /proc/crypto contains supported crypto modes | ||
| 18 | |||
| 19 | <key> | ||
| 20 | Key used for encryption. It is encoded as a hexadecimal number. | ||
| 21 | You can only use key sizes that are valid for the selected cipher. | ||
| 22 | |||
| 23 | <iv_offset> | ||
| 24 | The IV offset is a sector count that is added to the sector number | ||
| 25 | before creating the IV. | ||
| 26 | |||
| 27 | <device path> | ||
| 28 | This is the device that is going to be used as backend and contains the | ||
| 29 | encrypted data. You can specify it as a path like /dev/xxx or a device | ||
| 30 | number <major>:<minor>. | ||
| 31 | |||
| 32 | <offset> | ||
| 33 | Starting sector within the device where the encrypted data begins. | ||
| 34 | |||
| 35 | Example scripts | ||
| 36 | =============== | ||
| 37 | LUKS (Linux Unified Key Setup) is now the preferred way to set up disk | ||
| 38 | encryption with dm-crypt using the 'cryptsetup' utility, see | ||
| 39 | http://luks.endorphin.org/ | ||
| 40 | |||
| 41 | [[ | ||
| 42 | #!/bin/sh | ||
| 43 | # Create a crypt device using dmsetup | ||
| 44 | dmsetup create crypt1 --table "0 `blockdev --getsize $1` crypt aes-cbc-essiv:sha256 babebabebabebabebabebabebabebabe 0 $1 0" | ||
| 45 | ]] | ||
| 46 | |||
| 47 | [[ | ||
| 48 | #!/bin/sh | ||
| 49 | # Create a crypt device using cryptsetup and LUKS header with default cipher | ||
| 50 | cryptsetup luksFormat $1 | ||
| 51 | cryptsetup luksOpen $1 crypt1 | ||
| 52 | ]] | ||