Subject: Re: Filesystem question
Newsgroups: gmane.linux.kernel.device-mapper.dm-crypt
Date: 2004-08-05 12:18:59 GMT (4 years, 47 weeks, 5 days, 10 hours and 55 minutes ago)
> hi list! i want to encrypt a 230GB harddisk with dm-crypt. i'd like
> to create a ReiserFS partition on this disk but i've read (in an
> article about crypto-loop) that journaling filesystems may cause
> trouble on encrypted partitions and journal replay may corrupt data.
To quote from the loop-AES readme:
----
2.2. Use of journaling file systems on loop device
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Don't use a journaling file system on top of file backed loop device.
Device backed loop device can be used with journaling file systems as
device backed loops guarantee that writes reach disk platters in order
required by journaling file system (write caching must be disabled on
the disk drive, of course). With file backed loop devices, correct write
ordering may extend only to page cache (which resides in RAM) of
underlying file system. VM can write such pages to disk in any order it
wishes, and thus break write order expectation of journaling file system.
----
I.e. journaling on a device is fine. I myself use ext3 via loop-AES[1]
on a similar sized partition without problems.
-Thomas
[1] Because dm-crypt doesn't support gpgkeys yet, I'd prefer not to
re-encrypt all my data and because my benchmarks show that loop-AES due
to all the assembler optimisations at least for x86 is still faster
(using the same partition with cryptsetup -c aes -s 128 -y -h sha256
create <name> <dev>, I know I could probalbly patch the kernel with
aes-i586-asm-2.6.6-3.diff for that).