[dm-crypt] LUKS1 devmapper device mount issue

Amith Kumar Ramachandra amitnr at gmail.com
Sun Apr 10 07:15:54 CEST 2016


Hi Michael,
 Thanks for getting back.

>>Exactly how are you creating a file system on ("formatting") the
>>device? Show us the command(s) and output, ideally in debug or
>>verbose mode (for mke2fs, that's -v).

root at tegra-t18x:~# mke2fs /dev/mapper/data -v mke2fs 1.42.9 (28-Dec-2013)
fs_types for mke2fs.conf resolution: 'ext2' Filesystem label= OS type:
Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks,
Stripe width=0 blocks 489600 inodes, 1956864 blocks 97843 blocks (5.00%)
reserved for the super user First data block=0 Maximum filesystem
blocks=2004877312 60 block groups 32768 blocks per group, 32768 fragments
per group 8160 inodes per group Superblock backups stored on blocks: 32768,
98304, 163840, 229376, 294912, 819200, 884736, 1605632 Allocating group
tables: done Writing inode tables: done Writing superblocks and filesystem
accounting information: done


After formatting the file system, I tried mounting it here
root at tegra-t18x:~# mount /dev/mapper/data /mnt/

But you can see /dev/mapper/data doesn't show up in the list of mounted
devices

root at tegra-t18x:~# mount /dev/mmcblk0p1 on / type ext4
(rw,relatime,data=ordered) proc on /proc type proc (rw,relatime) sysfs on
/sys type sysfs (rw,nosuid,nodev,noexec,relatime) udev on /dev type
devtmpfs (rw,relatime,size=7297612k,nr_inodes=1824403,mode=755) tmpfs on
/dev/shm type tmpfs (rw,nosuid,nodev) devpts on /dev/pts type devpts
(rw,relatime,gid=5,mode=620) tmpfs on /run type tmpfs
(rw,nosuid,nodev,mode=755) tmpfs on /sys/fs/cgroup type tmpfs
(ro,nosuid,nodev,noexec,mode=755) cgroup on /sys/fs/cgroup/systemd type
cgroup
(rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/debug type cgroup
(rw,nosuid,nodev,noexec,relatime,debug) cgroup on
/sys/fs/cgroup/cpu,cpuacct type cgroup
(rw,nosuid,nodev,noexec,relatime,cpu,cpuacct) cgroup on
/sys/fs/cgroup/freezer type cgroup
(rw,nosuid,nodev,noexec,relatime,freezer) debugfs on /sys/kernel/debug type
debugfs (rw,relatime) tmpfs on /tmp type tmpfs (rw) configfs on
/sys/kernel/config type configfs (rw,relatime) fusectl on
/sys/fs/fuse/connections type fusectl (rw,relatime) tmpfs on /var/volatile
type tmpfs (rw,relatime) tmpfs on /run/user/0 type tmpfs
(rw,nosuid,nodev,relatime,size=805528k,mode=700)


>>Also, for completeness, show us how they relate to the luksCreate, luksOpen and dmsetup info

root at tegra-t18x:~# dmsetup info
Name:              data
State:             ACTIVE
Read Ahead:        256
Tables present:    LIVE
Open count:        0
Event number:      0
Major, minor:      254, 0
Number of targets: 1
UUID: CRYPT-LUKS1-80230cc9085d4edca0425d1fe5fa3486-data


>>You may want to throw in a luksDump (on the raw device) too, for good measure.

root at tegra-t18x:~# cryptsetup luksDump /dev/mmcblk1p1
LUKS header information for /dev/mmcblk1p1

Version:        1
Cipher name:    aes
Cipher mode:    cbc-essiv:sha256
Hash spec:      sha1
Payload offset: 4096
MK bits:        256
MK digest:      6b 22 6f 94 98 6a 9c ce c5 4e b4 8c 72 d8 0c 56 e1 c9 09 db
MK salt:        2a de 67 32 3f 3d 05 46 13 92 6f e7 6b 40 50 38
                d2 91 13 10 09 d0 62 07 d3 85 0b 77 61 bc 69 58
MK iterations:  128000
UUID:           80230cc9-085d-4edc-a042-5d1fe5fa3486

Key Slot 0: ENABLED
        Iterations:             266666
        Salt:                   98 76 2d 90 e2 a3 de 16 f8 43 5a be c6 93 5b 0b
                                74 b9 bf 9a e8 4a 9f 8b c1 e6 a1 27 59 0c 0c 22
        Key material offset:    8
        AF stripes:             4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
root at tegra-t18x:~#


>>If relevant, you may also want to show us the relevant portions of
your /etc/crypttab

I do not have /etc/crypttab entries on my platform


>>It's possible that /proc/mounts (after you have tried
to mount the file system) could be of interest as well.

I have shared the outuput of /proc/mounts above.


I dumped ldd dmsetup and I see dmsetup uses almost the same set and
version of libraries cryptsetup uses. seems a mystery dmsetup created
devmapper device on formatting mounts fine but not crypsetup created
.....


Amith


On Fri, Apr 8, 2016 at 1:46 PM, Amith Kumar Ramachandra <amitnr at gmail.com>
wrote:

> Hi!
>
>  I am working on an armv8 embedded platform running 3.18 linux kernel. I
> am setting up disk encryption on a peripheral MMC card using
> cryptsetup-1.6.3 version.
>
> I am able to get through the first couple of steps of cryptsetup
> (luksFormat and luksOpen) without any issue. Commands here below:
>
> cryptsetup -v -y -c "aes-cbc-essiv:sha256" luksFormat /dev/mmcblk1p1
> --batch-mode --debug
> cryptsetup luksOpen /dev/mmcblk1p1 data --debug
>
> I can see the device /dev/mapper/data getting created as expected. I
> dumped its status and it looks fine from what I can see:
>
> root at p2382_t186:~# dmsetup info /dev/mapper/data
> Name:              data
> State:             ACTIVE
> Read Ahead:        256
> Tables present:    LIVE
> Open count:        0
> Event number:      0
> Major, minor:      254, 1
> Number of targets: 1
> UUID: CRYPT-LUKS1-ff6bc36961ab46948c702456fa8b722b-data
>
> But when I format the device as ext4 and mount it at /mnt, I don't see the
> device mounted. The mount command itself did not fail. It gives me success
> (verified both from the return status and kernel dmesg logs) but the LUKS1
> device is not getting mounted.
>
> However, when I create a crypt device using dmsetup, I am able to see and
> mount the volume1 device as expected.
>
> echo 0 `blockdev --getsize /dev/mmcblk1p1` crypt aes-cbc-essiv:sha256
> 0123456789abcdef0123456789abcdef 0 /dev/mmcblk1p1 0 | dmsetup create volume1
>
> I have attached the debug logs if you are interested.
>
> Could you pls let me know what I might be missing?
>
> Appreciate your help!
> Thanks,
> Amith
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20160409/9bd51259/attachment-0001.html>


More information about the dm-crypt mailing list