diff options
author | Ingo Franzki <ifranzki@linux.ibm.com> | 2024-08-16 13:21:33 +0200 |
---|---|---|
committer | Mikulas Patocka <mpatocka@redhat.com> | 2024-08-21 15:36:27 +0200 |
commit | 4441686b24a1d7acf9834ca95864d67e3f97666a (patch) | |
tree | be49dd02030192c614050bcff9fee3681485ddfa /Documentation/admin-guide/device-mapper | |
parent | f3631ae11d4694e2befff9dd10dab8cd56033f6c (diff) | |
download | lwn-4441686b24a1d7acf9834ca95864d67e3f97666a.tar.gz lwn-4441686b24a1d7acf9834ca95864d67e3f97666a.zip |
dm-crypt: Allow to specify the integrity key size as option
For the MAC based integrity operation, the integrity key size (i.e.
key_mac_size) is currently set to the digest size of the used digest.
For wrapped key HMAC algorithms, the key size is independent of the
cryptographic key size. So there is no known size of the mac key in
such cases. The desired key size can optionally be specified as argument
when the dm-crypt device is configured via 'integrity_key_size:%u'.
If no integrity_key_size argument is specified, the mac key size
is still set to the digest size, as before.
Increase version number to 1.28.0 so that support for the new
argument can be detected by user space (i.e. cryptsetup).
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Milan Broz <gmazyland@gmail.com>
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Diffstat (limited to 'Documentation/admin-guide/device-mapper')
-rw-r--r-- | Documentation/admin-guide/device-mapper/dm-crypt.rst | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/Documentation/admin-guide/device-mapper/dm-crypt.rst b/Documentation/admin-guide/device-mapper/dm-crypt.rst index 552c9155165d..cde1d5594b0d 100644 --- a/Documentation/admin-guide/device-mapper/dm-crypt.rst +++ b/Documentation/admin-guide/device-mapper/dm-crypt.rst @@ -160,6 +160,10 @@ iv_large_sectors The <iv_offset> must be multiple of <sector_size> (in 512 bytes units) if this flag is specified. +integrity_key_size:<bytes> + Use an integrity key of <bytes> size instead of using an integrity key size + of the digest size of the used HMAC algorithm. + Module parameters:: |