Thread: cryptography in 2.4.24 kernels
View Single Post

   
  #3 (permalink)  
Old 01-17-2008, 05:30 PM
Karl-Heinz Herrmann
 
Posts: n/a
Default Re: cryptography in 2.4.24 kernels
Andreas Janssen <andreas.janssen@bigfoot.com> writes:
> Karl-Heinz Herrmann (<kh1@khherrmann.de>) wrote:
> > If I grab a recent patch for the cryptographic stuff like
> > patch-int-2.4.21.0 it won't patch clean. Most of the ciphers go in ok,
> > but the biggest trouble is crypto.h -- it should not exist according
> > to the patch and the patch version and the kernel version disagree
> > heavily on defines and subroutine names.
>
> Maybe this doesn't work because the patch doesn't know about the new
> cryptoapi that was backported from 2.6 and integrated in 2.4.22.

Sure -- but I can't locate anything crypto which *is* supposed to be
patched into 2.4.24.

> Get only the cryptoloop patch. I think the latest is for 2.4.22, but it
> works with newer kernels as well, at least for me. Activate cryptoloop
> support. It seems as if it doesn't matter whether you activete the new
> crypto support. Get the cryptoapi archive from kerneli.org and compile
> the cryptoapi and cipher modules seperately from your kernel (make
> modules KDIR=/usr/src/... and make modules_install KDIR=/usr/src/...).
> That works for me.

I tried to locate any crytoloop patch which is meant for 2.4.22 -- no
luck whatsoever. The only packages I could locate are cryptoloop-0.0.1
or cryptoloop-0.0.1-pre[14]. I tried patching them into an unpatched
2.4.25-pre4 and it wouldn't compile. cryptoapi-0.1.0
(cryptoapi-0.1.0-pre4) does provide a different selection in the
kernel config but also won't compile patched into the kernel. As
module it was complaining about the missing cryptoloop.

> Or use the cryptoloop patch with the new cryptoapi that is already in
> the kernel. In that case, make sure your mount and losetup support the
> new api. I also don't know if your old container files are compatible
> to the new system.

Well -- I tried once again using patch-int-2.4.21.0 and assuming that
it would replace all the kernel cryptoapi code I checked with
--dry-run which files exist already and moved them out of the
way. Then remained one major Conflict with include/linux/crypto.h --
where I also chose the patch version instead of merging them. This
finally did compile and I've a working cryptoloop again. It even is
able to read my old encrypted file. Maybe it helps somebody else to
get it working.


K.-H.




Reply With Quote