Bug#600384: dm-crypt: please backport support for plain64 IV
Package: linux-2.6
Version: 2.6.32-25
Severity: important
Please backport commit 61afef614b013ee1b767cdd10325acae1db1f4d2
"dm crypt: add plain64 iv" from upstream. It should be a clean
cherry-pick.
Without it, Debian squeeze users might not be able to use dm-crypt
volumes created on newer kernels using *-xts-plain64, nor will be able
to create such volumes.
Using "plain" for IVs on block devices with more than 2^32 blocks will
cause the same IV to be used twice due to roll-over. This is not a good
thing, although it might be not bad enough to matter much (or it could
be a terrible problem. Someone who groks crypto for real would have to
answer that).
One cannot fix the "plain" IV to not warp at 2^32, or data after the
roll-over point becomes unreadable on any already-existing devices.
Thus, the only solution was to add a new IV ("plain64"). For devices
smaller than 2^32 512 byte blocks, plain and plain64 are equivalent.
Userspace and docs are already beggining to tell users to use
aes-xts-plain64 and not aes-xts-plain. They will use them in their
portable HDs, possibly on other distros, and then will not be able to
read them back in squeeze.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32.23 (SMP w/8 CPU cores)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Reply to: