Lines Matching full:the
5 The dm-integrity target emulates a block device that has additional
9 writing the sector and the integrity tag must be atomic - i.e. in case of
12 To guarantee write atomicity, the dm-integrity target uses journal, it
13 writes sector data and integrity tags into a journal, commits the journal
14 and then copies the data and integrity tags to their respective location.
16 The dm-integrity target can be used with the dm-crypt target - in this
17 situation the dm-crypt target creates the integrity data and passes them
18 to the dm-integrity target via bio_integrity_payload attached to the bio.
19 In this mode, the dm-crypt and dm-integrity targets provide authenticated
20 disk encryption - if the attacker modifies the encrypted device, an I/O
23 The dm-integrity target can also be used as a standalone target, in this
24 mode it calculates and verifies the integrity tag internally. In this
25 mode, the dm-integrity target can be used to detect silent data
26 corruption on the disk or in the I/O path.
29 instead of a journal. If a bit in the bitmap is 1, the corresponding
30 region's data and integrity tags are not synchronized - if the machine
31 crashes, the unsynchronized regions will be recalculated. The bitmap mode
32 is faster than the journal mode, because we don't have to write the data
34 when the machine crashes, it may not be detected.
36 When loading the target for the first time, the kernel driver will format
37 the device. But it will only format the device if the superblock contains
38 zeroes. If the superblock is neither valid nor zeroed, the dm-integrity
41 To use the target for the first time:
43 1. overwrite the superblock with zeroes
44 2. load the dm-integrity target with one-sector size, the kernel driver
45 will format the device
46 3. unload the dm-integrity target
47 4. read the "provided_data_sectors" value from the superblock
48 5. load the dm-integrity target with the target size
50 6. if you want to use dm-integrity with dm-crypt, load the dm-crypt target
51 with the size "provided_data_sectors"
56 1. the underlying block device
58 2. the number of reserved sector at the beginning of the device - the
61 3. the size of the integrity tag (if "-" is used, the size is taken from
62 the internal-hash algorithm)
69 separately. In case of crash, it is possible that the data
72 data and integrity tags are written to the
74 either both data and tag or none of them are written. The
75 journaled mode degrades write throughput twice because the
78 synchronization, the driver maintains a bitmap of dirty
82 checksums are not checked and writes to the device are not
83 allowed. This mode is useful for data recovery if the
84 device cannot be activated in any of the other standard
87 5. the number of additional arguments
92 The size of journal, this argument is used only if formatting the
93 device. If the device is already formatted, the value from the
97 The number of interleaved sectors. This values is rounded down to
98 a power of two. If the device is already formatted, the value from
99 the superblock is used.
102 Don't interleave the data and metadata on the device. Use a
106 The number of sectors in one buffer. The value is rounded down to
109 The tag area is accessed using buffers, the buffer size is
110 configurable. The large buffer size means that the I/O size will
114 The journal watermark in percents. When the size of the journal
115 exceeds this watermark, the thread that flushes the journal will
119 Commit time in milliseconds. When this time passes, the journal is
120 written. The journal is also written immediatelly if the FLUSH
123 internal_hash:algorithm(:key) (the key is optional)
125 When this argument is used, the dm-integrity target won't accept
126 integrity tags from the upper target, but it will automatically
127 generate and verify the integrity tags.
130 will protect the data against accidental corruption.
133 cryptographic authentication of the data without encryption.
135 When this argument is not used, the integrity tags are accepted
136 from an upper layer target, such as dm-crypt. The upper layer
137 target should check the validity of the integrity tags.
140 Recalculate the integrity tags automatically. It is only valid
143 journal_crypt:algorithm(:key) (the key is optional)
144 Encrypt the journal using given algorithm to make sure that the
145 attacker can't read the journal. You can use a block cipher here
149 The journal contains history of last writes to the block device,
150 an attacker reading the journal could see the last sector nubmers
151 that were written. From the sector numbers, the attacker can infer
152 the size of files that were written. To protect against this
153 situation, you can encrypt the journal.
155 journal_mac:algorithm(:key) (the key is optional)
156 Protect sector numbers in the journal from accidental or malicious
162 mode, the integrity of journal entries is checked when replaying
163 the journal. Thus, modified sector number would be detected at
167 The size of a data block in bytes. The larger the block size the
170 specified the default block size is 512 bytes.
173 In the bitmap mode, this parameter specifies the number of
177 The bitmap flush interval in milliseconds. The metadata buffers
181 Use a smaller padding of the tag area that is more
186 Allow block discard requests (a.k.a. TRIM) for the integrity device.
189 The journal mode (D/J), buffer_sectors, journal_watermark, commit_time and
190 allow_discards can be changed when reloading the target (load an inactive
191 table and swap the tables with suspend and resume). The other arguments
192 should not be changed when reloading the target because the layout of disk
193 data depend on them and the reloaded target would be non-functional.
198 1. the number of integrity mismatches
199 2. provided data sectors - that is the number of sectors that the user
201 3. the current recalculating position (or '-' if we didn't recalculate)
204 The layout of the formatted block device:
208 storing LUKS metadata or for other purpose), the size of the reserved
209 area is specified in the target arguments
212 * magic string - identifies that the device was formatted
216 * the number of journal sections
217 * provided data sectors - the number of sectors that this target
218 provides (i.e. the size of the device minus the size of all
219 metadata and padding). The user of this target should not send
220 bios that access data beyond the "provided data sectors" limit.
227 - journal area contains the bitmap of dirty
232 The journal is divided into sections, each section contains:
238 * logical sector (specifies where the data and tag should
241 * integrity tag (the size is specified in the superblock)
245 * mac (8-bytes), all the macs in 8 metadata sectors form a
247 numbers in the journal section, to protect against a
248 possibility that the attacker tampers with sector
249 numbers in the journal.
252 * data area (the size is variable; it depends on how many journal
253 entries fit into the metadata area)
255 - every sector in the data area contains:
257 * data (504 bytes of data, the last 8 bytes are stored in
258 the journal entry)
261 To test if the whole journal section was written correctly, every
262 512-byte sector of the journal ends with 8-byte commit id. If the
264 assumed that the section was written correctly. If the commit id
265 doesn't match, the section was written partially and it should not
272 sector in the data area
273 * data area - it contains data sectors. The number of data sectors
275 in the superblock.