diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-08-02 20:49:21 -1000 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-08-02 20:49:21 -1000 |
| commit | f3406816bb2486fc44558bec77179cd9bcbd4450 (patch) | |
| tree | 718db1ef45e55314b5e7290f77e70e6328d855a4 /Documentation/device-mapper/dm-crypt.txt | |
| parent | 4400478ba3d939b680810aa004f1e954b4f8ba16 (diff) | |
| parent | ed8b752bccf2560e305e25125721d2f0ac759e88 (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-2.6-dm
* git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-2.6-dm: (34 commits)
dm table: set flush capability based on underlying devices
dm crypt: optionally support discard requests
dm raid: add md raid1 support
dm raid: support metadata devices
dm raid: add write_mostly parameter
dm raid: add region_size parameter
dm raid: improve table parameters documentation
dm ioctl: forbid multiple device specifiers
dm ioctl: introduce __get_dev_cell
dm ioctl: fill in device parameters in more ioctls
dm flakey: add corrupt_bio_byte feature
dm flakey: add drop_writes
dm flakey: support feature args
dm flakey: use dm_target_offset and support discards
dm table: share target argument parsing functions
dm snapshot: skip reading origin when overwriting complete chunk
dm: ignore merge_bvec for snapshots when safe
dm table: clean dm_get_device and move exports
dm raid: tidy includes
dm ioctl: prevent empty message
...
Diffstat (limited to 'Documentation/device-mapper/dm-crypt.txt')
| -rw-r--r-- | Documentation/device-mapper/dm-crypt.txt | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/Documentation/device-mapper/dm-crypt.txt b/Documentation/device-mapper/dm-crypt.txt index 6b5c42dbbe8..2c656ae43ba 100644 --- a/Documentation/device-mapper/dm-crypt.txt +++ b/Documentation/device-mapper/dm-crypt.txt @@ -4,7 +4,8 @@ dm-crypt Device-Mapper's "crypt" target provides transparent encryption of block devices using the kernel crypto API. -Parameters: <cipher> <key> <iv_offset> <device path> <offset> +Parameters: <cipher> <key> <iv_offset> <device path> \ + <offset> [<#opt_params> <opt_params>] <cipher> Encryption cipher and an optional IV generation mode. @@ -37,6 +38,24 @@ Parameters: <cipher> <key> <iv_offset> <device path> <offset> <offset> Starting sector within the device where the encrypted data begins. +<#opt_params> + Number of optional parameters. If there are no optional parameters, + the optional paramaters section can be skipped or #opt_params can be zero. + Otherwise #opt_params is the number of following arguments. + + Example of optional parameters section: + 1 allow_discards + +allow_discards + Block discard requests (a.k.a. TRIM) are passed through the crypt device. + The default is to ignore discard requests. + + WARNING: Assess the specific security risks carefully before enabling this + option. For example, allowing discards on encrypted devices may lead to + the leak of information about the ciphertext device (filesystem type, + used space etc.) if the discarded blocks can be located easily on the + device later. + Example scripts =============== LUKS (Linux Unified Key Setup) is now the preferred way to set up disk |