Encryption

T_B T_B at sympatico.ca
Thu Feb 10 17:04:26 PST 2005


"Robert Connolly" <robert at linuxfromscratch.org> wrote in message
news:200502101400.02890.robert at linuxfromscratch.org...
> Is that previous patch for the book still good? Or are there tweaks. I'd
like
> to add it.
>
Robert: It was fortunate that HLFS migrated to 2.6.10 kernel, grsec was
updated to support the 2.6.20 kernel, and loop-AES-v3.0b
(http://sourceforge.net/projects/loop-aes/) was released to suppot the
2.6.10 kernel and util-linux-2.12p.  Fortunately there are not enough
differences between 2.12p and 2.12q so the util-linux mods still work.

The loop-AES-v3.0b.tar.bz2 package has two files of interest here -
kernel-2.6.10.diff and util-linux-2.12p.diff which are the patch files that
are needed to be applied.  There is also a README that gives some further
direction on using and adding loop-AES into the kernel.

When building the kernel, I apply these two lines after your other patches,
so it looks like this:

        patch -Np1 -i ../linux-2.6.10-frandom-1.patch &&
        patch -Np1 -i ../linux-2.6.10-as3.patch &&
        sed -e 's/EXTRAVERSION = -as2/EXTRAVERSION = -as3/' \
          -e 's/NAME=Woozy Numbat + fixes/NAME=Rocket/' \
          ../linux-2.6.10-grsec-2.1.1-as2-200501242254.patch \
          | patch -Np1 &&

        rm include/linux/loop.h drivers/block/loop.c &&
        patch -Np1 -i ../linux-2.6.10-loop_AES-3.0b.patch &&

        make mrproper &&
        make menuconfig

(Check the README file for specific kernel parameters that must be turned on
to enable this)
( linux-2.6.10-loop_AES-3.0b.patch is my renamed version of the
kernel-2.6.10.diff file from the distribution package)

With regard to util-linux, again I apply the patch after all the others you
have.  Thus, its build looks like this:

         # First apply this patch. This is needed regardless whether you
will
         # link Util-linux statically or not because our GCC compiles PIC by
         # default. Also reset the path to 'adjtime' and create the
directory.
         #
         patch -Np1 -i ../util-linux-2.12q-fPIC-1.patch &&
         sed -i 's at etc/adjtime at var/lib/hwclock/adjtime at g' hwclock/hwclock.c
&&
         install -d /var/lib/hwclock &&
         #
         # This patch fixes a problem util-linux has with newer
libc-linux-headers.
         #
         patch -Np1 -i ../util-linux-2.12q-cramfs-1.patch &&
         #
         # This patch adds /sbin/nologin, which is a replacement for
/bin/false. It
         # displays a polite reason for disallowing login.
         #
         patch -Np1 -i ../util-linux-2.12q-nologin-1.patch &&
         #
         # This patch adds loop_AES support
         #
         patch -Np1 -i ../util-linux-2.12q-loop_AES-3.0b.patch &&
         #
         # Configure util-linux.

(util-linux-2.12q-loop_AES-3.0b.patch is my renamed version of the
util-linux-2.12p.diff file from the distribution package)

I will attach the patch files to separate messages for those who are
interested.

Regards
Bill








More information about the hlfs-dev mailing list