[PATCH] linux: add in labels for block2mtd
Daniel Golle
daniel at makrotopia.org
Tue Nov 29 09:37:53 PST 2022
On Tue, Nov 29, 2022 at 12:05:51PM -0500, Peter Naulls wrote:
> On 11/29/22 11:50, Daniel Golle wrote:
>
> >
> > There is nothing wrong with that use-case, and it can even be
> > interesting for other downstream users. Encrypted rootfs_data is
> > generally a good idea, especially when rootfs_data is used to store
> > private key material (think: VPN keys) or other kind of credentials.
> >
> > I was more wondering why you are using JFFS2 on a block device, instead
> > of e.g. using F2FS or EXT4 which are intended for block devices.
>
> Our flash is NOR. We will probably move to NAND in the next iteration of
> hardware, but this is what we have for now.
>
> I'm open to other ways to make it work, but this is the arrangement that
> I was able to make work in my research and testing, and that a colleague
> used successfully on a non-OpenWrt system.
Ok, that makes sense then. So basically you are basically using
mtd->mtdblock->cryptsetup/luks->block2mtd->jffs2
I thought you are on a device with actual block storage.
For your case I also can't come up with anything better which works
out-of-the-box for NOR flash. Supporting fscrypt in JFFS2 would be more
elegant, but that's a bit more demanding than just using what is
already there and works...
More information about the openwrt-devel
mailing list