[BitVisor-users-en:33] Re: Fwd: Transparent hypervisor based encryption
Takahiro Shinagawa
shina at ecc.u-tokyo.ac.jp
Tue Jan 31 13:19:03 JST 2017
Hi Aleksey,
I'm not sure why encryption is not working, but BitVisor fully supports
AHCI with DMA. Showing defconfig (except the encryption key) may help
solve the problem.
By the way, how do you boot BitVisor and Linux in efi mode?
Regards,
Takahiro Shinagawa
On 2017/01/28 17:10, Aleksey M wrote:
> Hello.
>
> I try to use bitvisor for hypervisor based encryption. I have fully
> encrypted disk that pluged into ahci capable controller. In my defconfig
> i have set encryption key, host and device id and all, enabled storage
> encryption during `make config`. I start my system in efi mode. And
> indeed grub boot loader successfuly loaded from inside encrypted disk
> and successfully load linux and initramfs. But when linux kernel get
> control it see underlying encrypted disk directly, not transparantly
> encrypted.
>
> So may be someone faced this situation before. Is this possible? My
> guess that initial boot process uses legacy PIO mechanism for
> communication with drive and linux kernel uses native AHCI DMA
> mechanism. May be in bitvisor just not implemented completely correct
> handling of DMA read and write interception.
>
> Thanx.
>
> Aleksey M.
>
>
>
> _______________________________________________
> BitVisor-users-en mailing list
> BitVisor-users-en at bitvisor.org
> https://www.bitvisor.org/mailman/listinfo/bitvisor-users-en
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3715 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.bitvisor.org/archives/bitvisor-users-en/attachments/20170131/2b441652/attachment.p7s>
More information about the BitVisor-users-en
mailing list