[dm-crypt] inconsistency in opening multiple mappers on the same device

Javier Juan Martínez Cabezón tazok.id0 at gmail.com
Fri Jun 1 12:52:36 CEST 2012


On 01/06/12 00:12, .. ink .. wrote:
> I read the announcement of 1.4.3 and decided to do a simple test on
> opening multiple mappers on the same device and this is what i found
> out:
> 
> test using cryptsetup 1.4.3
> 
> [root at mtz ink]# echo -n xxx | cryptsetup create zzz xxx
> [root at mtz ink]# echo -n xxx | cryptsetup create zzz xxx
> Device zzz already exists.
> [root at mtz ink]# echo -n xxx | cryptsetup create yyy xxx
> 
> [root at mtz ink]# ls -l /dev/mapper/
> total 0
> crw------- 1 root root 10, 236 May 29 14:46 control
> lrwxrwxrwx 1 root root       7 May 31 18:01 yyy -> ../dm-1
> lrwxrwxrwx 1 root root       7 May 31 18:01 zzz -> ../dm-0
> 
> [root at mtz ink]# zuluCrypt-cli -P -d /dev/mapper/zzz
> /home/ink/xxx
> [root at mtz ink]# zuluCrypt-cli -P -d /dev/mapper/yyy
> /home/ink/xxx
> [root at mtz ink]#
> 
> It looks like by default, cryptsetup does not allow opening more than
> one mapper on the same device bu it only checks the mapper name, not
> the device behind the mapper and hence it allows opening of multiple
> mappers on the same device as long as they use a different mapper
> name.
> 
> The same behavior is there in luks based volume
> 
> Also,shouldnt  the error say mapper name since the check is on the
> mapper,not the device behind the mapper.
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

The default behaviour is to forbid it. As Milan said you need --shared
flag to "avoid" it.

Please check note issue 123 and Milan answer about the "safety" of
--shared use.

You shall create linear mappings under raw cryptsetup created devices
and work under this linear mappings and not with the cryptsetup raw
created one when using --shared flag.


More information about the dm-crypt mailing list