[dm-crypt] LUKS1 devmapper device mount issue

Amith Kumar Ramachandra amitnr at gmail.com
Fri Apr 8 22:46:55 CEST 2016


Hi!

 I am working on an armv8 embedded platform running 3.18 linux kernel. I am
setting up disk encryption on a peripheral MMC card using cryptsetup-1.6.3
version.

I am able to get through the first couple of steps of cryptsetup
(luksFormat and luksOpen) without any issue. Commands here below:

cryptsetup -v -y -c "aes-cbc-essiv:sha256" luksFormat /dev/mmcblk1p1
--batch-mode --debug
cryptsetup luksOpen /dev/mmcblk1p1 data --debug

I can see the device /dev/mapper/data getting created as expected. I dumped
its status and it looks fine from what I can see:

root at p2382_t186:~# dmsetup info /dev/mapper/data
Name:              data
State:             ACTIVE
Read Ahead:        256
Tables present:    LIVE
Open count:        0
Event number:      0
Major, minor:      254, 1
Number of targets: 1
UUID: CRYPT-LUKS1-ff6bc36961ab46948c702456fa8b722b-data

But when I format the device as ext4 and mount it at /mnt, I don't see the
device mounted. The mount command itself did not fail. It gives me success
(verified both from the return status and kernel dmesg logs) but the LUKS1
device is not getting mounted.

However, when I create a crypt device using dmsetup, I am able to see and
mount the volume1 device as expected.

echo 0 `blockdev --getsize /dev/mmcblk1p1` crypt aes-cbc-essiv:sha256
0123456789abcdef0123456789abcdef 0 /dev/mmcblk1p1 0 | dmsetup create volume1

I have attached the debug logs if you are interested.

Could you pls let me know what I might be missing?

Appreciate your help!
Thanks,
Amith
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20160408/a55638c6/attachment.html>
-------------- next part --------------

cryptsetup -v -y -c "aes-cbc-essiv:sha256" luksFormat /dev/mmcblk1p1 --batch-mode --debug
# cryptsetup 1.6.3 processing "cryptsetup -v -y -c aes-cbc-essiv:sha256 luksFormat /dev/mmcblk1p1 --batch-mode --debug"
# Running command luksFormat.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/mmcblk1p1 context.
# Trying to open and read device /dev/mmcblk1p1.
# Initialising device-mapper backend library.
# Timeout set to 0 miliseconds.
# Iteration time set to 1000 miliseconds.
# Interactive passphrase entry requested.
Enter passphrase:
Verify passphrase:
p1 as type LUKS1.
# Crypto backend (gcrypt 1.6.2) initialized.
# Topology: IO (512/0), offset = 0; Required alignment is 1048576 bytes.
# Checking if cipher aes-cbc-essiv:sha256 is usable.
# Calculated device size is 1 sectors (RW), offset 0.
# Detected kernel Linux 3.18.21-tegra aarch64.
# dm version   OF   [16384] (*1)
# dm versions   OF   [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.28.0.
# Device-mapper backend running with UDEV support disabled.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-3214
# dm create temporary-cryptsetup-3214 CRYPT-TEMP-temporary-cryptsetup-3214 OF   [16384] (*1)
# dm reload temporary-cryptsetup-3214  OFRW    [16384] (*1)
# Cookie value is not set while trying to call DM_DEVICE_RESUME ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm resume temporary-cryptsetup-3214  OFRW    [16384] (*1)
# temporary-cryptsetup-3214: Stacking NODE_ADD (254,1) 0:6 0660
# temporary-cryptsetup-3214: Stacking NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-3214: Processing NODE_ADD (254,1) 0:6 0660
# Created /dev/mapper/temporary-cryptsetup-3214
# temporary-cryptsetup-3214: Processing NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-3214 (254:1): read ahead is 256
# temporary-cryptsetup-3214: retaining kernel read ahead of 256 (requested 256)
# Cookie value is not set while trying to call DM_DEVICE_REMOVE ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm remove temporary-cryptsetup-3214  OFT    [16384] (*1)
# temporary-cryptsetup-3214: Stacking NODE_DEL
# temporary-cryptsetup-3214: Processing NODE_DEL
# Removed /dev/mapper/temporary-cryptsetup-3214
# Generating LUKS header version 1 using hash sha1, aes, cbc-essiv:sha256, MK 32 bytes
# Crypto backend (gcrypt 1.6.2) initialized.
# KDF pbkdf2, hash sha1: 1048576 iterations per second.
# Data offset 4096, UUID ff6bc369-61ab-4694-8c70-2456fa8b722b, digest iterations 128000
# Updating LUKS header of size 1024 on device /dev/mmcblk1p1
# Key length 32, device size 15659008 sectors, header size 2050 sectors.
# Reading LUKS header of size 1024 from device /dev/mmcblk1p1
# Key length 32, device size 15659008 sectors, header size 2050 sectors.
# Adding new keyslot -1 using volume key.
# Calculating data for key slot 0
# Crypto backend (gcrypt 1.6.2) initialized.
# KDF pbkdf2, hash sha1: 546133 iterations per second.
# Key slot 0 use 266666 password iterations.
# Using hash sha1 for AF in key slot 0, 4000 stripes
# Updating key slot 0 [0x1000] area.
# Calculated device size is 250 sectors (RW), offset 8.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-3214
# dm create temporary-cryptsetup-3214 CRYPT-TEMP-temporary-cryptsetup-3214 OF   [16384] (*1)
# dm reload temporary-cryptsetup-3214  OFW    [16384] (*1)
# Cookie value is not set while trying to call DM_DEVICE_RESUME ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm resume temporary-cryptsetup-3214  OFW    [16384] (*1)
# temporary-cryptsetup-3214: Stacking NODE_ADD (254,1) 0:6 0660
# temporary-cryptsetup-3214: Stacking NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-3214: Processing NODE_ADD (254,1) 0:6 0660
# Created /dev/mapper/temporary-cryptsetup-3214
# temporary-cryptsetup-3214: Processing NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-3214 (254:1): read ahead is 256
# temporary-cryptsetup-3214: retaining kernel read ahead of 256 (requested 256)
# Cookie value is not set while trying to call DM_DEVICE_REMOVE ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm remove temporary-cryptsetup-3214  OFT    [16384] (*1)
device-mapper: remove ioctl on temporary-cryptsetup-3214 failed: Device or resource busy
# Cookie value is not set while trying to call DM_DEVICE_REMOVE ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm remove temporary-cryptsetup-3214  OFT    [16384] (*2)
# temporary-cryptsetup-3214: Stacking NODE_DEL
# temporary-cryptsetup-3214: Processing NODE_DEL
# Removed /dev/mapper/temporary-cryptsetup-3214
# Key slot 0 was enabled in LUKS header.
# Updating LUKS header of size 1024 on device /dev/mmcblk1p1
# Key length 32, device size 15659008 sectors, header size 2050 sectors.
# Reading LUKS header of size 1024 from device /dev/mmcblk1p1
# Key length 32, device size 15659008 sectors, header size 2050 sectors.
# Releasing crypt device /dev/mmcblk1p1 context.
# Releasing device-mapper backend.
# Unlocking memory.
Command successful.




root at p2382_t186:~# cryptsetup luksOpen /dev/mmcblk1p1 data --debug
# cryptsetup 1.6.3 processing "cryptsetup luksOpen /dev/mmcblk1p1 data --debug"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/mmcblk1p1 context.
# Trying to open and read device /dev/mmcblk1p1.
# Initialising device-mapper backend library.
# Trying to load LUKS1 crypt type from device /dev/mmcblk1p1.
# Crypto backend (gcrypt 1.6.2) initialized.
# Reading LUKS header of size 1024 from device /dev/mmcblk1p1
# Key length 32, device size 15659008 sectors, header size 2050 sectors.
# Timeout set to 0 miliseconds.
# Password retry count set to 3.
# Password verification disabled.
# Iteration time set to 1000 miliseconds.
# Activating volume data [keyslot -1] using [none] passphrase.
# Detected kernel Linux 3.18.21-tegra aarch64.
# dm version   OF   [16384] (*1)
# dm versions   OF   [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.28.0.
# Device-mapper backend running with UDEV support disabled.
# dm status data  OF   [16384] (*1)
# Interactive passphrase entry requested.
Enter passphrase for /dev/mmcblk1p1:
# Trying to open key slot 0 [ACTIVE_LAST].
# Reading key slot 0 area.
# Calculated device size is 250 sectors (RW), offset 8.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-3256
# dm create temporary-cryptsetup-3256 CRYPT-TEMP-temporary-cryptsetup-3256 OF   [16384] (*1)
# dm reload temporary-cryptsetup-3256  OFRW    [16384] (*1)
# Cookie value is not set while trying to call DM_DEVICE_RESUME ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm resume temporary-cryptsetup-3256  OFRW    [16384] (*1)
# temporary-cryptsetup-3256: Stacking NODE_ADD (254,1) 0:6 0660
# temporary-cryptsetup-3256: Stacking NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-3256: Processing NODE_ADD (254,1) 0:6 0660
# Created /dev/mapper/temporary-cryptsetup-3256
# temporary-cryptsetup-3256: Processing NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-3256 (254:1): read ahead is 256
# temporary-cryptsetup-3256: retaining kernel read ahead of 256 (requested 256)
# Cookie value is not set while trying to call DM_DEVICE_REMOVE ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm remove temporary-cryptsetup-3256  OFT    [16384] (*1)
device-mapper: remove ioctl on temporary-cryptsetup-3256 failed: Device or resource busy
# Cookie value is not set while trying to call DM_DEVICE_REMOVE ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm remove temporary-cryptsetup-3256  OFT    [16384] (*2)
# temporary-cryptsetup-3256: Stacking NODE_DEL
# temporary-cryptsetup-3256: Processing NODE_DEL
# Removed /dev/mapper/temporary-cryptsetup-3256
Key slot 0 unlocked.
# Calculated device size is 15654912 sectors (RW), offset 4096.
# DM-UUID is CRYPT-LUKS1-ff6bc36961ab46948c702456fa8b722b-data
# dm create data CRYPT-LUKS1-ff6bc36961ab46948c702456fa8b722b-data OF   [16384] (*1)
# dm reload data  OFW    [16384] (*1)
# Cookie value is not set while trying to call DM_DEVICE_RESUME ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm resume data  OFW    [16384] (*1)
# data: Stacking NODE_ADD (254,1) 0:6 0660
# data: Stacking NODE_READ_AHEAD 256 (flags=1)
# data: Processing NODE_ADD (254,1) 0:6 0660
# Created /dev/mapper/data
# data: Processing NODE_READ_AHEAD 256 (flags=1)
# data (254:1): read ahead is 256
# data: retaining kernel read ahead of 256 (requested 256)
# Releasing crypt device /dev/mmcblk1p1 context.
# Releasing device-mapper backend.
# Unlocking memory.
Command successful.


More information about the dm-crypt mailing list