• Milan Broz's avatar
    dm crypt: optionally support larger encryption sector size · 8f0009a2
    Milan Broz authored
    Add  optional "sector_size"  parameter that specifies encryption sector
    size (atomic unit of block device encryption).
    
    Parameter can be in range 512 - 4096 bytes and must be power of two.
    For compatibility reasons, the maximal IO must fit into the page limit,
    so the limit is set to the minimal page size possible (4096 bytes).
    
    NOTE: this device cannot yet be handled by cryptsetup if this parameter
    is set.
    
    IV for the sector is calculated from the 512 bytes sector offset unless
    the iv_large_sectors option is used.
    
    Test script using dmsetup:
    
      DEV="/dev/sdb"
      DEV_SIZE=$(blockdev --getsz $DEV)
      KEY="9c1185a5c5e9fc54612808977ee8f548b2258d31ddadef707ba62c166051b9e3cd0294c27515f2bccee924e8823ca6e124b8fc3167ed478bca702babe4e130ac"
      BLOCK_SIZE=4096
    
      # dmsetup create test_crypt --table "0 $DEV_SIZE crypt aes-xts-plain64 $KEY 0 $DEV 0 1 sector_size:$BLOCK_SIZE"
      # dmsetup table --showkeys test_crypt
    Signed-off-by: default avatarMilan Broz <gmazyland@gmail.com>
    Signed-off-by: default avatarMike Snitzer <snitzer@redhat.com>
    8f0009a2
dm-crypt.c 76.3 KB