Building the loop module in prevents using loop-aes with the default kernel

Bug #372781 reported by James Westby on 2009-05-06
This bug affects 5 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)

Bug Description


Jaunty has CONFIG_BLK_DEV_LOOP=y, which prevents you from loading
the loop-aes modules if you build them externally, so in order to use them
you must build your own kernel as well.

See for the report.



Changed in linux (Ubuntu):
importance: Undecided → Medium
status: New → Triaged
szamcsi (akos-frohner) wrote :


See also the discussion at loop-aes-source:

2.6.28-12.43 and 2.6.28-13.44 have been released since this bug has been opened,
so please enable loop as module again!


Andres Mujica (andres.mujica) wrote :

i'm marking this bug as dupe from bug #342902. As the irc logs, mailing list shows at this moment the config change proposed is not an option.

however as stated at that bug the latest karmic update for loop-aes-source seems to solve the issue. (in fact i've tested compilation and it went OK with Karmic kernel, waiting for a Jaunty test, and we can ask for a backport)

Andres Mujica (andres.mujica) wrote :

ohh, well the compilation went ok, but as the normal loop is inside the kernel there's no way that the loop_aes module can be loaded.

digging around a bit, it seems to be a problem with almost all major distributions. Seems that gentoo is the only one that this is possible now.

However, as the bug #322902 comment 10 reflects, i don't believe this change can be made. (remember the 10 seconds promise at UDS)

i'm unlinking the bug, and let at it's previous state. sorry for the noise.

szamcsi (akos-frohner) wrote :

Grepping through kernel configurations of Debian:




Same for RHEL4 and RHEL5.

The only one that I found, which made the same choice of not building loop
as a module is Fedora 11: kernel-

So I think Gentoo is not the only one making this possible.

This bug hit me especially hard today when I upgraded to 9.04 because I am running a loop-aes encrypted root partition. Right now I am running 9.04 but booting on an old 2.6.27 kernel because I haven't quite got my custom kernel to decrypt my root partition yet.

Would it make any sense for those of us affected to collectively create on a package website that we can add to our sources.list that contains a properly compiled kernel, or maybe even one with loop-aes complied into it? That way we all don't have to build our own kernels. Or would downloading binary linux kernels with encryption from an anonymous group of people on the internet totally defeat the purpose of having security?

I will also be seriously looking into alternative distributions to move to.

szamcsi (akos-frohner) wrote :

Hi Russel,

FYI I keep maintaining a patched build of the kernel for modular loop device at
and also a binary build of the loop-aes module for each new ABI version. You would have to judge
yourself if you trust the binary. Otherwise please let me know if you are rather interested in the
patches for the source!


Notch-1 (n1-notch-1) wrote :

Beside of the kernel configuration issue (very unpleasant), there is still the compilation error (the original bug), even in karmic! In order to get loop-aes to work i need to manually download v3.2h from sourceforge...
I understand that you refuse to fix the kernel configuration thing (or even discuss it...), but this leaded to forgot the original problem: the module compilation error, that still persist.
So please upgrade loop-aes-source to 3.2h (right now is 3.2f on karmic and 3.2c on jaunty, both affected by the bug), this way after the kernel recompilation i can at least use the repository version... make one of the steps clean, at least, please :D

Notch-1 (n1-notch-1) wrote :

sorry, the last comment fits better in, remove it with this one if you can.

Jeremy Foshee (jeremyfoshee) wrote :

This bug report was marked as Triaged a while ago but has not had any updated comments for quite some time. Please let us know if this issue remains in the current Ubuntu release, . If the issue remains, click on the current status under the Status column and change the status back to "New". Thanks.

[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers