crypto: enforce that LUKS stripes is always a fixed value - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Daniel P. Berrangé <berrange@redhat.com>	2022-05-10 14:27:33 +0100
committer	Daniel P. Berrangé <berrange@redhat.com>	2022-10-27 12:55:27 +0100
commit	f1195961f36b19ce9008dabf11ee8362803bcd92 (patch)
tree	6111a083fda6ed1a8395dc6eaf481412ad2a701f /docs/devel/secure-coding-practices.rst
parent	c1d8634c207defb547a57515729233e47f65718f (diff)
download	focaccia-qemu-f1195961f36b19ce9008dabf11ee8362803bcd92.tar.gz focaccia-qemu-f1195961f36b19ce9008dabf11ee8362803bcd92.zip

crypto: enforce that LUKS stripes is always a fixed value

Although the LUKS stripes are encoded in the keyslot header and so
potentially configurable, in pratice the cryptsetup impl mandates
this has the fixed value 4000. To avoid incompatibility apply the
same enforcement in QEMU too. This also caps the memory usage for
key material when QEMU tries to open a LUKS volume.

Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

Diffstat (limited to 'docs/devel/secure-coding-practices.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: