AptiviLinux 6.15 will offer inline crypto for Device Mapper
The upcoming version of Linux has just earned new code for improvements to the Device Mapper feature due to how this pull request was merged. The following changes were made to the device mapper feature:
- dm-crypt: switch to using the crc32 library
- dm-verity, dm-integrity, dm-crypt: documentation improvement
- dm-vdo fixes
- dm-stripe: enable inline crypto passthrough
- dm-integrity: set ti->error on memory allocation failure
- dm-bufio: remove unused return value
- dm-verity: do forward error correction on metadata I/O errors
- dm: fix unconditional IO throttle caused by REQ_PREFLUSH
- dm cache: prevent BUG_ON by blocking retries on failed device resumes
- dm cache: support shrinking the origin device
- dm: restrict dm device size to 2^63-512 bytes
- dm-delay: support zoned devices
- dm-verity: support block number limits for different ioprio classes
- dm-integrity: fix non-constant-time tag verification (security bug)
- dm-verity, dm-ebs: fix prefetch-vs-suspend race
The crypto API that DM (until this pull request) used had caused extra overhead, and performance improvements and other general improvements, including a security bug fix, were needed. For zoned storage devices, dm-delay now supports such storage devices.
For a security bug, however, it involved fixing non-constant-time tag verification in the dm-integrity module that is part of the core feature, dm. This way, it fixes edge cases that could lead to this security bug.
As for the crypto, the dm feature now uses the common CRC32 library that is optimized for each architecture to improve performance and to reduce the overhead in relation to the checksum calculation.
Android devices, such as Samsung Galaxy S25, use this feature to verify that both the software and the bootloader has not been tampered with.
#Crypto #DeviceManager #Kernel #Linux #LinuxKernel #news #Samsung #Tech #update
Solid Tech
WinFuture.de
TryCatchDebug.net
GTech Booster
Hackernoon
me·ta·phil, der
Evelyn ☕