Im trying to recompile the Knoppix kernel for reasons related to crypto loopback.
the /usr/src/linux* directory say the kernel is a vanilla 2.4.20 kernel with only xfs & commandline mods but the .config file has none of the options needed for crypto, e.g.; CONFIG_CRYPTO=m etc.

since you have to patch the vanilla kernel with the patch-int stuff etc is there a a copy of the patched kernel source used for Knoppix available? and the real config file?[/i]

I tried this too. I couldn't get the patches to work so I simply downloaded the kernel source and rebuilt the kernel with the correct options set. It took about 20 builds to get everything to finally work. Keep in mind that only a certain version of the kernel would fly with the crypto modules. I have a 1.5 TB crypto volume. It's cool. The problem is that since the crypto work is all done in software, that volume is very, very, very slow. If you delete large files, the system slows down to a crawl to the point where the mouse cursor can take 10 seconds to react to a mouse movement.

I tried this too. I couldn't get the patches to work so I simply downloaded the kernel source and rebuilt the kernel with the correct options set. It took about 20 builds to get everything to finally work. Keep in mind that only a certain version of the kernel would fly with the crypto modules.

:?: there doesnt appear to be any info anywhere as to which crypto modules work with which kernels. If that were true it might explain why explain why I cant get crypto working (& which is why I wanted to rebuild the knoppix version of the kernel). I dont think aes is built into the kernel.

AFAIK the knoppix kernel source (with patches applied by the knoppix team) isnt available on this site & that would be helpful as a sanity check.

I did this. I just downloaded the kernel source, applied the patch, copied the .config to the source dir, ran "make oldconfig", and then built the kernel and modules.

Then you have to add the modules to /lib/modules and the kernel to the miniroot.gz.

--Two solutions (actually three)

1. Faster processor (maybe dual Athlons)
2. More RAM
3. shrink the volume

3comedy: delete all that pr0n and it will speed up just fine! ;-)


I tried this too. I couldn't get the patches to work so I simply downloaded the kernel source and rebuilt the kernel with the correct options set. It took about 20 builds to get everything to finally work. Keep in mind that only a certain version of the kernel would fly with the crypto modules. I have a 1.5 TB crypto volume. It's cool. The problem is that since the crypto work is all done in software, that volume is very, very, very slow. If you delete large files, the system slows down to a crawl to the point where the mouse cursor can take 10 seconds to react to a mouse movement.

-

3comedy: delete all that pr0n and it will speed up just fine! ;-)


Im sceptical; 1.5Tb porn? thats way more than me, I'd like to see that.
no really I'd like to see that :D

I did this. I just downloaded the kernel source, applied the patch, copied the .config to the source dir, ran "make oldconfig", and then built the kernel and modules.

Then you have to add the modules to /lib/modules and the kernel to the miniroot.gz.

But that was my point: the .config file contains no crypto related options in it, so after you patch the kernel with the international patch how is the .config helping you to select, for example, cryptoapi, cryptoloop, cipher-aes etc. :?:
After I do all the patching cipher module building etc etc All I get after doing losetup ... is ioctl: LOOP_SET_STATUS: Invalid argument
Can you tell me the kernel you used and what patches you used to get functioning loopback crypto.

I did this. I just downloaded the kernel source, applied the patch, copied the .config to the source dir, ran "make oldconfig", and then built the kernel and modules.

Then you have to add the modules to /lib/modules and the kernel to the miniroot.gz.

But that was my point: the .config file contains no crypto related options in it, so after you patch the kernel with the international patch how is the .config helping you to select, for example, cryptoapi, cryptoloop, cipher-aes etc. :?:
After I do all the patching cipher module building etc etc All I get after doing losetup ... is ioctl: LOOP_SET_STATUS: Invalid argument
Can you tell me the kernel you used and what patches you used to get functioning loopback crypto.

Yes, that's why you :

make oldconfig

which uses the .config you supply ( i.e. you've put the .config from knoppix into your kernel directory where you are compiling ) and it just asks for the new options.

Hmm, although that error, LOOP_SET_STATUS, looks like a modprobe / mount error. You may not be using the correct mount options. I.e. are you doing losetup with all the crypto options?

As far as I know, the loopback device for crypto is a dropped in replacement (loop.o) which is built seperately from the kernel. There is no options in the kernel build tree for that.

As far as I know, the loopback device for crypto is a dropped in replacement (loop.o) which is built seperately from the kernel. There is no options in the kernel build tree for that.

You can build it into the kernel. And yep, I think it is called loop.o when it's compiled as a module. The Knoppix compressed loop is cloop.o .

As far as I know, the loopback device for crypto is a dropped in replacement (loop.o) which is built seperately from the kernel. There is no options in the kernel build tree for that.

You can build it into the kernel. And yep, I think it is called loop.o when it's compiled as a module. The Knoppix compressed loop is cloop.o .

In that case, it would mean copying the related files(there are a number of them like AES etc.) to the kernel tree under block/ ?

Either way, I still don't think there is an option specifically for it as it is to the kernel just a loopback.

As far as I know, the loopback device for crypto is a dropped in replacement (loop.o) which is built seperately from the kernel. There is no options in the kernel build tree for that.

You can build it into the kernel. And yep, I think it is called loop.o when it's compiled as a module. The Knoppix compressed loop is cloop.o .

In that case, it would mean copying the related files(there are a number of them like AES etc.) to the kernel tree under block/ ?

Either way, I still don't think there is an option specifically for it as it is to the kernel just a loopback.

There is an option for losetup - man losetup
- losetup [ -e encryption ] [options] loop_device file


With the patch I used ( internation kernel patch ) it patched the kernel tree, and so did put files in the kernel tree. You have the option of building the cyphers as modules or into the kernel.

-

3comedy: delete all that pr0n and it will speed up just fine! ;-)


Im sceptical; 1.5Tb porn? thats way more than me, I'd like to see that.
no really I'd like to see that :D

Yes. It is a lot of skin. That's what happens when you have a quadruple T1 connection to the internet and 5 computers running 24/7 to do all the crawling & downloading. :D

I'm down to about 2.8 GB free on the 1.5TB volume. I've been burning to CD to free up the space (I'm on CD #4292) since buying 1.5TB worth of disk space isn't too fun anymore. I also have a 3 foot stack of 80 GB and 120 GB hard drives that are full. I may have to switch to burning DVDs since the CD idea isn't working out too well. I'm working on my web utilities to put it all on-line, allowing people to search by name, description, category, and even rating, but I'm not quite done and we've a little off topic... 8)

In case anyone with a similar problem googles into this post Im posting the solution.
What I had failed to do was to grab the very latest util-linux from kernel.org. I thought I had the latest one in Knoppix but in fact if you use the internation crypto patch there is a second patch that has to be applied to util-linux (which contains losetup & mount etc). This is found in the latest loop-AES-v*.tar.gz. Read the README in that file and follow all the instructions. You have to ensure the following: CONFIG_MODULES=y and CONFIG_BLK_DEV_LOOP=n. Once I'd done that & patched the util-liinux source and rebuilt it, the problem below went away and loopback crypto worked fine. HTH



I did this. I just downloaded the kernel source, applied the patch, copied the .config to the source dir, ran "make oldconfig", and then built the kernel and modules.

Then you have to add the modules to /lib/modules and the kernel to the miniroot.gz.

But that was my point: the .config file contains no crypto related options in it, so after you patch the kernel with the international patch how is the .config helping you to select, for example, cryptoapi, cryptoloop, cipher-aes etc. :?:
After I do all the patching cipher module building etc etc All I get after doing losetup ... is ioctl: LOOP_SET_STATUS: Invalid argument
Can you tell me the kernel you used and what patches you used to get functioning loopback crypto.