[Bug 1238275] [NEW] cryptsetup should support block devices without filesystems

Roel Brook rainmaker52 at gmail.com
Thu Oct 10 21:32:00 UTC 2013 

Public bug reported:

With the rise of newer filesystems, there are devices which may not
actually contain a filesystem, but are used, i.e. as a caching device.

Case in point; I have a HDD and a SSD (a combination which is getting more and more common). My HDD contains a ZFS filesystem, the SSD is used as a "cache".
The same holds true for systems such as bcache.

However, to be safe, one may wish to encrypt these filesystems.
Encrypting the cache is then also a good thing, as the cache may contain
data equally sensitive.

However, when using a LUKS encrypted volume, the initramfs "cryptsetup"
(in local-top) script checks the output from blkid, and errors out if
the the device cannot be found in blkid.

I propose an extra option passed via /etc/initramfs-
tools/conf.d/cryptroot. I called the option "ignorefs", but feel free to
propose a different name.

A patch is attached to this bug report.

** Affects: cryptsetup (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: patch

** Patch added: "cryptsetup.patch"
   https://bugs.launchpad.net/bugs/1238275/+attachment/3873067/+files/cryptsetup.patch

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1238275

Title:
  cryptsetup should support block devices without filesystems

Status in “cryptsetup” package in Ubuntu:
  New

Bug description:
  With the rise of newer filesystems, there are devices which may not
  actually contain a filesystem, but are used, i.e. as a caching device.

  Case in point; I have a HDD and a SSD (a combination which is getting more and more common). My HDD contains a ZFS filesystem, the SSD is used as a "cache".
  The same holds true for systems such as bcache.

  However, to be safe, one may wish to encrypt these filesystems.
  Encrypting the cache is then also a good thing, as the cache may
  contain data equally sensitive.

  However, when using a LUKS encrypted volume, the initramfs
  "cryptsetup" (in local-top) script checks the output from blkid, and
  errors out if the the device cannot be found in blkid.

  I propose an extra option passed via /etc/initramfs-
  tools/conf.d/cryptroot. I called the option "ignorefs", but feel free
  to propose a different name.

  A patch is attached to this bug report.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1238275/+subscriptions

More information about the foundations-bugs mailing list