Bug#821035: ITP: luksipc -- LUKS in-place conversion tool
On Sun, Apr 17, 2016 at 06:30:10PM +0200, Vincent Bernat wrote:
> ❦ 17 avril 2016 18:07 +0200, Philipp Kern <pkern@debian.org> :
> >> I intend to also provide an initramfs hook to make the conversion of a
> >> root filesystem for simple cases only (notably cloud payload).
> >
> > I am still a little bit scared by this tool. If it would optionally
> > persist the block it is currently rewriting (at the loss of a lot of
> > performance and at the possible detriment of the thing you are writing
> > it to, if it's flash-based), I'd feel better about it. This way there
> > should be a fairly strong warning that the resume.bin is completely and
> > utterly lost if you should lose power in the process. There is no state
> > tracking on the disk that is being converted either, AIUI.
>
> From what I understand, the resume.bin file contains the current chunk
> of memory and the the current position. So, it should be possible to
> resume from the resume.bin.
But only if the binary exits cleanly enough to write it out, AIUI
("graceful shutdown"). resume.bin is not persisted anywhere during
the operation.
> If it is about my idea to provide an initramfs hook to make the
> conversion, I agree. However, my use case is for cloud payload where
> you have to start from a clear-text boot image. The conversion would be
> done before putting valuable data on the disk.
Ok, fair point. But people *will* attempt to use it with their
pre-existing non-encrypted disks. Hence the fair warning bit.
Kind regards and thanks
Philipp Kern
Reply to: